Class: Arachni::Plugin::Base Abstract

Inherits:

Component::Base

• Object
• Component::Base
• Arachni::Plugin::Base

Includes:

Component, MonitorMixin

Defined in:

lib/arachni/plugin/base.rb

Overview

This class is abstract.

An abstract class which all plugins must extend.

Author:

• Tasos "Zapotek" Laskos tasos.laskos@arachni-scanner.com

Direct Known Subclasses

Arachni::Plugins::AutoLogin, Arachni::Plugins::AutoThrottle, Arachni::Plugins::BeepNotify, Arachni::Plugins::BrowserClusterJobMonitor, Arachni::Plugins::ContentTypes, Arachni::Plugins::CookieCollector, Arachni::Plugins::Discovery, Arachni::Plugins::EmailNotify, Arachni::Plugins::Exec, Arachni::Plugins::FormDicattack, Arachni::Plugins::HTTPDicattack, Arachni::Plugins::HeadersCollector, Arachni::Plugins::HealthMap, Arachni::Plugins::LoginScript, Arachni::Plugins::Metrics, Arachni::Plugins::PageDump, Arachni::Plugins::Proxy, Arachni::Plugins::RateLimiter, Arachni::Plugins::RestrictToDOMState, Arachni::Plugins::Script, Arachni::Plugins::TimingAttacks, Arachni::Plugins::UncommonHeaders, Arachni::Plugins::Uniformity, Arachni::Plugins::VectorCollector, Arachni::Plugins::VectorFeed, Arachni::Plugins::WAFDetector, Arachni::Plugins::WebhookNotify

Constant Summary

Constants included from Arachni

BANNER, Cookie, Form, Header, JSON, Link, LinkTemplate, NestedCookie, Severity, UIForm, UIInput, VERSION, WEBSITE, WIKI, XML

Instance Attribute Summary

• #framework ⇒ Framework readonly
• #options ⇒ Hash readonly

  Plugin options.

Class Method Summary

• .distributable ⇒ Object

  Should the plug-in be distributed across all instances or only run by the master prior to any distributed operations?.

• .distributable? ⇒ Boolean

  Only used when in Grid mode.

• .gems ⇒ Array

  Should return an array of plugin related gem dependencies.

• .info ⇒ Hash abstract

  REQUIRED.

• .is_distributable ⇒ Object

  Should the plug-in be distributed across all instances or only run by the master prior to any distributed operations?.

• .merge(results) ⇒ Object

  Merges an array of results as gathered by the plug-in when ran by multiple instances.

Instance Method Summary

• #browser_cluster ⇒ Object
• #clean_up ⇒ Object abstract

  Gets called right after #run and is used for generic clean-up.

• #framework_abort ⇒ Object

  Aborts the #framework.

• #framework_pause ⇒ Object

  Pauses the #framework.

• #framework_resume ⇒ Object

  Resumes the #framework.

• #http ⇒ Object
• #info ⇒ Object
• #initialize(framework, options) ⇒ Base constructor

  A new instance of Base.

• #prepare ⇒ Object abstract

  Gets called right after the plugin is initialized and is used to prepare its data or setup hooks.

• #register_results(results) ⇒ Object

  Registers the plugin's results to Data::Plugins.

• #restore(state = nil) ⇒ Object abstract

  Gets called instead of #prepare when restoring a suspended plugin.

• #run ⇒ Object abstract

  Gets called right after #prepare and delivers the plugin payload.

• #session ⇒ Object
• #suspend ⇒ Object abstract

  Gets called right before killing the plugin and should return state data to be stored and passed to #restore.

• #wait_while_framework_running ⇒ Object

  Will block until the scan finishes.

• #with_browser(&block) ⇒ Object

Methods inherited from Component::Base

author, description, fullname, #shortname, shortname, shortname=, version

Methods included from Component::Output

#depersonalize_output, #depersonalize_output?, #intercept_print_message

Methods included from UI::Output

#caller_location, #debug?, #debug_level, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #error_buffer, #error_log_fd, #error_logfile, #has_error_log?, #included, #log_error, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_exception, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #set_error_logfile, #unmute, #verbose?, #verbose_off, #verbose_on

Methods included from Component::Utilities

#read_file

Methods included from Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Methods included from Arachni

URI, collect_young_objects, #get_long_win32_filename, jruby?, null_device, profile?, windows?

Constructor Details

#initialize(framework, options) ⇒ Base

Returns a new instance of Base.

Parameters:

• framework (Framework)
• options (Hash) —

  Options to pass to the plugin.

# File 'lib/arachni/plugin/base.rb', line 32

def initialize( framework, options )
    @framework = framework
    @options   = options
end

Instance Attribute Details

#framework ⇒ Framework (readonly)

Returns:

• (Framework)

# File 'lib/arachni/plugin/base.rb', line 27

def framework
  @framework
end

#options ⇒ Hash (readonly)

Returns Plugin options.

Returns:

• (Hash) —

  Plugin options.

# File 'lib/arachni/plugin/base.rb', line 24

def options
  @options
end

Class Method Details

.distributable ⇒ Object

Should the plug-in be distributed across all instances or only run by the master prior to any distributed operations?

# File 'lib/arachni/plugin/base.rb', line 127

def self.distributable
    @distributable = true
end

.distributable? ⇒ Boolean

Note:

OPTIONAL

Only used when in Grid mode.

Should the plug-in be distributed across all instances or only run by the master prior to any distributed operations?

For example, if a plug-in dynamically modifies the framework options in any way and wants these changes to be identical across instances this method should return false.

Returns:

• (Boolean)

# File 'lib/arachni/plugin/base.rb', line 121

def self.distributable?
    @distributable ||= false
end

.gems ⇒ Array

Should return an array of plugin related gem dependencies.

Returns:

• (Array)

# File 'lib/arachni/plugin/base.rb', line 148

def self.gems
    []
end

.info ⇒ Hash

This method is abstract.

REQUIRED

Returns:

• (Hash)

# File 'lib/arachni/plugin/base.rb', line 156

def self.info
    {
        name:        'Abstract plugin class',
        description: %q{Abstract plugin class.},
        author:      'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
        version:     '0.1',
        options:     [
            #                       option name        required?       description                        default
            # Options::Bool.new( 'print_framework', [ false, 'Do you want to print the framework?', false ] ),
            # Options::String.new( 'my_name_is',    [ false, 'What\'s you name?', 'Tasos' ] ),
        ],
        # specify an execution priority group
        # plug-ins will be separated in groups based on this number
        # and lowest will be first
        #
        # if this option is omitted the plug-in will be run last
        #
        priority:    0
    }
end

.is_distributable ⇒ Object

Should the plug-in be distributed across all instances or only run by the master prior to any distributed operations?

# File 'lib/arachni/plugin/base.rb', line 133

def self.is_distributable
    distributable
end

.merge(results) ⇒ Object

Note:

REQUIRED if distributable? returns true and the plugin registers results.

Merges an array of results as gathered by the plug-in when ran by multiple instances.

# File 'lib/arachni/plugin/base.rb', line 142

def self.merge( results )
end

Instance Method Details

#browser_cluster ⇒ Object

# File 'lib/arachni/plugin/base.rb', line 188

def browser_cluster
    framework.browser_cluster
end

#clean_up ⇒ Object

This method is abstract.

Note:

OPTIONAL

Gets called right after #run and is used for generic clean-up.

# File 'lib/arachni/plugin/base.rb', line 78

def clean_up
end

#framework_abort ⇒ Object

Aborts the #framework.

# File 'lib/arachni/plugin/base.rb', line 99

def framework_abort
    Thread.new do
        framework.abort
    end
end

#framework_pause ⇒ Object

Pauses the #framework.

# File 'lib/arachni/plugin/base.rb', line 94

def framework_pause
    @pause_id ||= framework.pause( false )
end

#framework_resume ⇒ Object

Resumes the #framework.

# File 'lib/arachni/plugin/base.rb', line 106

def framework_resume
    return if !@pause_id
    framework.resume @pause_id
end

#http ⇒ Object

# File 'lib/arachni/plugin/base.rb', line 184

def http
    framework.http
end

#info ⇒ Object

# File 'lib/arachni/plugin/base.rb', line 176

def info
    self.class.info
end

#prepare ⇒ Object

This method is abstract.

Note:

OPTIONAL

Gets called right after the plugin is initialized and is used to prepare its data or setup hooks.

This method should not block as the system will wait for it to return prior to progressing.

# File 'lib/arachni/plugin/base.rb', line 46

def prepare
end

#register_results(results) ⇒ Object

Registers the plugin's results to Data::Plugins.

Parameters:

• results (Object)

# File 'lib/arachni/plugin/base.rb', line 199

def register_results( results )
    Data.plugins.store( self, results )
end

#restore(state = nil) ⇒ Object

This method is abstract.

Note:

OPTIONAL

Gets called instead of #prepare when restoring a suspended plugin. If no #restore method has been defined, #prepare will be called instead.

Parameters:

• state (Object) (defaults to: nil) —

  State to restore.

See Also:

• #suspend

# File 'lib/arachni/plugin/base.rb', line 58

def restore( state = nil )
end

#run ⇒ Object

This method is abstract.

Note:

REQUIRED

Gets called right after #prepare and delivers the plugin payload.

This method will be ran in its own thread, in parallel to any other system operation. However, once its job is done, the system will wait for this method to return prior to exiting.

# File 'lib/arachni/plugin/base.rb', line 70

def run
end

#session ⇒ Object

# File 'lib/arachni/plugin/base.rb', line 180

def session
    framework.session
end

#suspend ⇒ Object

This method is abstract.

Note:

OPTIONAL

Gets called right before killing the plugin and should return state data to be stored and passed to #restore.

Returns:

• (Object) —

  State to store.

See Also:

• #restore

# File 'lib/arachni/plugin/base.rb', line 90

def suspend
end

#wait_while_framework_running ⇒ Object

Will block until the scan finishes.

# File 'lib/arachni/plugin/base.rb', line 204

def wait_while_framework_running
    sleep 0.1 while framework.running?
end

#with_browser(&block) ⇒ Object

# File 'lib/arachni/plugin/base.rb', line 192

def with_browser( &block )
    browser_cluster.with_browser( &block )
end