Module: Arachni::Module::ElementDB

Includes:

Utilities

Included in:

Trainer

Defined in:

lib/module/element_db.rb

Overview

Holds a database of all auditable elements of the current page,<br/> including elements that have appeared dynamically during the audit.

The database is updated by the Trainer.

For each page that is audited the database is reset.

@author: Tasos “Zapotek” Laskos

<tasos.laskos@gmail.com>
<zapotek@segfault.gr>

@version: 0.2.1

Instance Method Summary

• #init_cookies(cookies) ⇒ Object

  Initializes @@cookies with the cookies found during the crawl/analysis.

• #init_forms(forms) ⇒ Object

  Initializes @@forms with the cookies found during the crawl/analysis.

• #init_links(links) ⇒ Object

  Initializes @@links with the links found during the crawl/analysis.

• #update_cookies(cookies) ⇒ Object

  Updates @@cookies wth new cookies that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

• #update_forms(forms) ⇒ Object

  Updates @@forms wth new forms that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

• #update_links(links) ⇒ Object

  Updates @@links wth new links that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

Methods included from Utilities

#exception_jail, #get_path, #normalize_url, #read_file, #seed

Instance Method Details

#init_cookies(cookies) ⇒ Object

Initializes @@cookies with the cookies found during the crawl/analysis

# File 'lib/module/element_db.rb', line 62

def init_cookies( cookies )
  @@cookies = cookies
end

#init_forms(forms) ⇒ Object

Initializes @@forms with the cookies found during the crawl/analysis

# File 'lib/module/element_db.rb', line 48

def init_forms( forms )
  @@forms |= forms.map { |form| form.id }
end

#init_links(links) ⇒ Object

Initializes @@links with the links found during the crawl/analysis

# File 'lib/module/element_db.rb', line 55

def init_links( links )
  @@links |= links.map { |link| link.id }
end

#update_cookies(cookies) ⇒ Object

Updates @@cookies wth new cookies that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

# File 'lib/module/element_db.rb', line 128

def update_cookies( cookies )
    return [], 0 if cookies.size == 0

    cookie_cnt = 0
    @new_cookies ||= []

    cookies.each_with_index {
        |cookie|

        @@cookies.each_with_index {
            |page_cookie, i|

            if( page_cookie.raw['name'] == cookie.raw['name'] )
                @@cookies[i] = cookie
            else
                @new_cookies << cookie
                cookie_cnt += 1
            end
        }
    }

    @@cookies.flatten!
    @@cookies |= @new_cookies

    return [ @@cookies, cookie_cnt ]
end

#update_forms(forms) ⇒ Object

Updates @@forms wth new forms that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

# File 'lib/module/element_db.rb', line 72

def update_forms( forms )

    return [], 0 if forms.size == 0

    form_cnt = 0
    new_forms ||= []

    forms.each {
        |form|

        next if form.action.include?( seed )
        next if form.auditable.size == 0

        if !@@forms.include?( form.id )
            @@forms << form.id
            new_forms << form
            form_cnt += 1
        end
    }

    return new_forms, form_cnt
end

#update_links(links) ⇒ Object

Updates @@links wth new links that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

# File 'lib/module/element_db.rb', line 101

def update_links( links )
  return [], 0 if links.size == 0

  link_cnt = 0
  new_links ||= []
  links.each {
      |link|

      next if !link
      next if link.action.include?( seed )

      if !@@links.include?( link.id )
          @@links    << link.id
          new_links << link
          link_cnt += 1
      end
  }

  return new_links, link_cnt
end