Class: Cross::Engine
Overview
Engine is the cross class using Mechanize to inject canary and check for output
Instance Attribute Summary collapse
-
#agent ⇒ Object
readonly
Returns the value of attribute agent.
-
#options ⇒ Object
Returns the value of attribute options.
-
#results ⇒ Object
readonly
Returns the value of attribute results.
-
#target ⇒ Object
readonly
Returns the value of attribute target.
Instance Method Summary collapse
- #create_log_filename(target) ⇒ Object
-
#inject ⇒ Object
return :links=>links, :message=>” end.
-
#start(options = {:exploit_url=>false, :debug=>false, :oneshot=>false, :sample_post=>"", :parameter_to_tamper=>"", :auth=>{:username=>nil, :password=>nil}, :target=>""}) ⇒ Object
Starts the engine.
Instance Attribute Details
#agent ⇒ Object (readonly)
Returns the value of attribute agent.
13 14 15 |
# File 'lib/cross/engine.rb', line 13 def agent @agent end |
#options ⇒ Object
Returns the value of attribute options.
14 15 16 |
# File 'lib/cross/engine.rb', line 14 def @options end |
#results ⇒ Object (readonly)
Returns the value of attribute results.
15 16 17 |
# File 'lib/cross/engine.rb', line 15 def results @results end |
#target ⇒ Object (readonly)
Returns the value of attribute target.
16 17 18 |
# File 'lib/cross/engine.rb', line 16 def target @target end |
Instance Method Details
#create_log_filename(target) ⇒ Object
19 20 21 22 23 24 25 |
# File 'lib/cross/engine.rb', line 19 def create_log_filename(target) begin return "cross_#{URI.parse(target).hostname.gsub('.', '_')}_#{Time.now.strftime("%Y%m%d")}.log" rescue return "cross_#{Time.now.strftime("%Y%m%d")}.log" end end |
#inject ⇒ Object
return :links=>links, :message=>” end
59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
# File 'lib/cross/engine.rb', line 59 def inject start if @agent.nil? $logger.log "Authenticating to the app using #{@options[:auth][:username]}:#{@options[:auth][:password]}" if debug? && authenticate? @agent.add_auth(@target, @options[:auth][:username], @options[:auth][:password]) if authenticate? if @options[:exploit_url] # You ask to exploit the url, so I won't check for form values theurl= Codesake::Core::Url.new(@target) attack_url(theurl, Cross::Attack::XSS.rand) if oneshot? if ! oneshot? Cross::Attack::XSS.each do |pattern| attack_url(theurl, pattern) end end else begin page = @agent.get(@target) rescue Mechanize::UnauthorizedError $logger.err 'Authentication failed. Giving up.' return false rescue Mechanize::ResponseCodeError $logger.err 'Server gave back 404. Giving up.' return false rescue Net::HTTP::Persistent::Error => e $logger.err e. return false end if page.forms.size == 0 $logger.log "no forms found, please try to exploit #{@target} with the -u flag" return false else $logger.log "#{page.forms.size} form(s) found" if debug? end attack_form(page, Cross::Attack::XSS.rand) if oneshot? if ! oneshot? Cross::Attack::XSS.each do |pattern| attack_form(page, pattern) end end end @results.empty? end |
#start(options = {:exploit_url=>false, :debug=>false, :oneshot=>false, :sample_post=>"", :parameter_to_tamper=>"", :auth=>{:username=>nil, :password=>nil}, :target=>""}) ⇒ Object
Starts the engine
28 29 30 31 32 33 34 35 |
# File 'lib/cross/engine.rb', line 28 def start( = {:exploit_url=>false, :debug=>false, :oneshot=>false, :sample_post=>"", :parameter_to_tamper=>"", :auth=>{:username=>nil, :password=>nil}, :target=>""}) @agent = Mechanize.new {|a| a.log = Logger.new(create_log_filename([:target]))} @agent.user_agent = "cross v#{Cross::VERSION}" @agent.agent.http.verify_mode = OpenSSL::SSL::VERIFY_NONE @options = @target = [:target] @results = [] end |