Class: Arachni::Parser::Element::Form

Inherits:
Base show all
Includes:
Module::Utilities
Defined in:
lib/parser/elements.rb

Constant Summary collapse

FORM_VALUES_ORIGINAL = 
'__original_values__'
FORM_VALUES_SAMPLE = 
'__sample_values__'

Instance Attribute Summary

Attributes inherited from Base

#action, #auditable, #method, #raw, #url

Attributes inherited from Element::Auditable

#altered, #opts

Instance Method Summary collapse

Methods included from Module::Utilities

#exception_jail, #get_path, #normalize_url, #read_file, #seed

Methods inherited from Element::Auditable

#audit, #auditor, #debug?, #get_status_str, #info, #injection_sets, #print_debug, #print_error, #print_status, reset, #skip?, #submit

Constructor Details

#initialize(url, raw = {}) ⇒ Form

Returns a new instance of Form.



151
152
153
154
155
156
157
158
 
# File 'lib/parser/elements.rb', line 151

def initialize( url, raw = {} )
    super( url, raw )

    @action = @raw['attrs']['action']
    @method = @raw['attrs']['method']

    @auditable = simple['auditable'] || {}
end

Instance Method Details

#http_request(url, opts) ⇒ Object 



160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
 
# File 'lib/parser/elements.rb', line 160

def http_request( url, opts )


    params   = opts[:params]
    altered  = opts[:altered]

    curr_opts = opts.dup
    if( altered == FORM_VALUES_ORIGINAL )
        orig_id = audit_id( FORM_VALUES_ORIGINAL )

        return if !opts[:redundant] && audited?( orig_id )
        audited( orig_id )

        print_debug( 'Submitting form with original values;' +
            ' overriding trainer option.' )
        opts[:train] = true
        print_debug_trainer( opts )
    end

    if( altered == FORM_VALUES_SAMPLE )
        sample_id = audit_id( FORM_VALUES_SAMPLE )

        return if !opts[:redundant] && audited?( sample_id )
        audited( sample_id )

        print_debug( 'Submitting form with sample values;' +
            ' overriding trainer option.' )
        opts[:train] = true
        print_debug_trainer( opts )
    end


    if( @method.downcase != 'get' )
        return @auditor.http.post( url, opts )
    else
        return @auditor.http.get( url, opts )
    end
end

#idObject 



199
200
201
202
203
204
205
206
207
208
209
210
211
 
# File 'lib/parser/elements.rb', line 199

def id

    id = simple['attrs'].to_s

    auditable.map {
        |name, value|
        next if name.substring?( seed )
        id +=  name
    }

    return id

end

#simpleObject 



213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
 
# File 'lib/parser/elements.rb', line 213

def simple

    form = Hash.new

    return form if !@raw || !@raw['auditable'] || @raw['auditable'].empty?

    form['attrs'] = @raw['attrs']
    form['auditable'] = {}
    @raw['auditable'].each {
        |item|
        if( !item['name'] ) then next end
        form['auditable'][item['name']] = item['value']
    }

    return form.dup
end

#typeObject 



230
231
232
 
# File 'lib/parser/elements.rb', line 230

def type
    Arachni::Module::Auditor::Element::FORM
end