Class: Platform::Fingerprinters::ASPXMVC

Inherits:
Arachni::Platform::Fingerprinter show all
Defined in:
components/fingerprinters/frameworks/aspx_mvc.rb

Overview

Identifies ASP.NET MVC resources.

Author:

Version:

  • 0.1

Constant Summary collapse

ANTI_CSRF_NONCE =
'__requestverificationtoken'
HEADER_FIELDS =
%w(x-aspnetmvc-version)

Instance Attribute Summary

Attributes inherited from Arachni::Platform::Fingerprinter

#page

Instance Method Summary collapse

Methods inherited from Arachni::Platform::Fingerprinter

#cookies, #extension, #headers, #html?, #initialize, #parameters, #platforms, #powered_by, #server, #server_or_powered_by_include?, #uri

Methods included from Arachni::Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Constructor Details

This class inherits a constructor from Arachni::Platform::Fingerprinter

Instance Method Details

#runObject



21
22
23
24
25
26
27
28
29
30
31
32
33
34
# File 'components/fingerprinters/frameworks/aspx_mvc.rb', line 21

def run
    # Naive but enough, I think.
    if html? && page.body =~ /input.*#{ANTI_CSRF_NONCE}/i
        return update_platforms
    end

    if (headers.keys & HEADER_FIELDS).any?
        return update_platforms
    end

    if cookies.include?( ANTI_CSRF_NONCE )
        update_platforms
    end
end

#update_platformsObject



36
37
38
# File 'components/fingerprinters/frameworks/aspx_mvc.rb', line 36

def update_platforms
    platforms << :asp << :aspx << :windows << :aspx_mvc
end