Class: Watobo::Modules::Passive::Disclosure_ipaddr
- Inherits:
-
PassiveCheck
- Object
- PassiveCheck
- Watobo::Modules::Passive::Disclosure_ipaddr
- Defined in:
- modules/passive/disclosure_ipaddr.rb
Constant Summary
Constants included from Constants
Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::AUTH_TYPE_UNKNOWN, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED
Instance Method Summary collapse
- #do_test(chat) ⇒ Object
-
#initialize(project) ⇒ Disclosure_ipaddr
constructor
A new instance of Disclosure_ipaddr.
Constructor Details
#initialize(project) ⇒ Disclosure_ipaddr
Returns a new instance of Disclosure_ipaddr.
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 |
# File 'modules/passive/disclosure_ipaddr.rb', line 30 def initialize(project) @project = project super(project) @info.update( :check_name => 'IP Adress Disclosure', # name of check which briefly describes functionality, will be used for tree and progress views :description => 'Looks for (internal) IP adresses.', # description of checkfunction :author => "Andreas Schmidt", # author of check :version => "0.9" # check version ) @finding.update( :threat => 'Internal information may be revealed, which could help an attacker to prepare further attacks', # thread of vulnerability, e.g. loss of information :class => "IP Adress Disclosure",# vulnerability class, e.g. Stored XSS, SQL-Injection, ... :type => FINDING_TYPE_INFO, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN :measure => "Remove all information which reveal internal information." ) @pattern = '[^\d\.](\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})[^(\d\.)]+?' @known_ips = [] end |
Instance Method Details
#do_test(chat) ⇒ Object
52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 |
# File 'modules/passive/disclosure_ipaddr.rb', line 52 def do_test(chat) begin # puts "running module: #{Module.nesting[0].name}" return false if chat.response.nil? return false unless chat.response.has_body? if chat.response.content_type =~ /text/ then body = chat.response.body.unpack("C*").pack("C*") body.scan(/#{@pattern}/) { |match| ip_addr = match.first octets = ip_addr.split('.') isIP = true octets.each do |o| isIP = false if o.to_i > 255 end if isIP then title = "IP: #{ip_addr}" dummy = chat.request.site + ":" + ip_addr if not @known_ips.include?(dummy) addFinding( :proof_pattern => ip_addr, :chat => chat, :title => title) @known_ips.push dummy end end } end rescue => bang # raise puts "ERROR!! #{Module.nesting[0].name}" puts bang end end |