Class: Arachni::Checks::AllowedMethods

# File 'components/checks/passive/allowed_methods.rb', line 47

def self.info
    {
        name:        'Allowed methods',
        description: %q{Checks for supported HTTP methods.},
        elements:    [Element::Server],
        author:      'Tasos "Zapotek" Laskos <[email protected]>',
        version:     '0.2',

        issue:       {
            name:            %q{Allowed HTTP methods},
            description:     %q{
There are a number of HTTP methods that can be used on a webserver (`OPTIONS`,
`HEAD`, `GET`, `POST`, `PUT`, `DELETE` etc.).  Each of these methods perform a
different function and each have an associated level of risk when their use is
permitted on the webserver.

A client can use the `OPTIONS` method within a request to query a server to
determine which methods are allowed.

Cyber-criminals will almost always perform this simple test as it will give a
very quick indication of any high-risk methods being permitted by the server.

Arachni discovered that several methods are supported by the server.
},
            references:  {
                'Apache.org' => 'http://httpd.apache.org/docs/2.2/mod/core.html#limitexcept'
            },
            tags:            %w(http methods options),
            severity:        Severity::INFORMATIONAL,
            remedy_guidance: %q{
It is recommended that a whitelisting approach be taken to explicitly permit the
HTTP methods required by the application and block all others.

Typically the only HTTP methods required for most applications are `GET` and
`POST`. All other methods perform actions that are rarely required or perform
actions that are inherently risky.

These risky methods (such as `PUT`, `DELETE`, etc) should be protected by strict
limitations, such as ensuring that the channel is secure (SSL/TLS enabled) and
only authorised and trusted clients are permitted to use them.
}
        }
    }
end

.ran ⇒ `Object`



21
22
23

# File 'components/checks/passive/allowed_methods.rb', line 21

def self.ran
    @ran = true
end

.ran? ⇒ `Boolean`

Returns:

(Boolean)



17
18
19

# File 'components/checks/passive/allowed_methods.rb', line 17

def self.ran?
    !!@ran
end

Instance Method Details

#check_and_log(response) ⇒ `Object`

# File 'components/checks/passive/allowed_methods.rb', line 36

def check_and_log( response )
    methods = response.headers['Allow']
    return if !methods || methods.empty?

    log vector: Element::Server.new( response.url ), proof: methods,
        response: response

    # inform the user that we have a match
    print_ok( methods )
end

#clean_up ⇒ `Object`



32
33
34

# File 'components/checks/passive/allowed_methods.rb', line 32

def clean_up
    self.class.ran
end

#run ⇒ `Object`

# File 'components/checks/passive/allowed_methods.rb', line 25

def run
    return if self.class.ran?

    print_status 'Checking...'
    http.request( page.url, method: :options ) { |response| check_and_log( response ) }
end

Class: Arachni::Checks::AllowedMethods

Overview

Constant Summary

Constants included from Arachni::Check::Auditor

Constants included from Arachni

Instance Attribute Summary

Attributes included from Arachni::Check::Auditor

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Arachni::Check::Base

Methods included from Arachni::Check::Auditor

Methods inherited from Arachni::Component::Base

Methods included from Arachni::Component::Output

Methods included from UI::Output

Methods included from Arachni::Component::Utilities

Methods included from Utilities

Methods included from Arachni

Constructor Details

Class Method Details

.info ⇒ Object

.ran ⇒ Object

.ran? ⇒ Boolean

Instance Method Details

#check_and_log(response) ⇒ Object

#clean_up ⇒ Object

#run ⇒ Object

.info ⇒ `Object`

.ran ⇒ `Object`

.ran? ⇒ `Boolean`

#check_and_log(response) ⇒ `Object`

#clean_up ⇒ `Object`

#run ⇒ `Object`