Module: Arachni::Module::ElementDB

Includes:
Utilities
Included in:
Trainer
Defined in:
lib/arachni/module/element_db.rb

Overview

Holds a database of all auditable elements of the current page,<br/> including elements that have appeared dynamically during the audit.

The database is updated by the Trainer.

For each page that is audited the database is reset.

@author: Tasos “Zapotek” Laskos

<[email protected]>
<[email protected]>

@version: 0.2.1

Instance Method Summary collapse

Methods included from Utilities

#exception_jail, #get_path, #hash_keys_to_str, #normalize_url, #read_file, #seed, #uri_decode, #uri_encode, #uri_parse, #uri_parser, #url_sanitize

Instance Method Details

Returns:

  • (Boolean) 


155
156
157
158
159
160
161
 
# File 'lib/arachni/module/element_db.rb', line 155

def cookie_in_jar?( cookie )
    @@cookies.each {
        |c|
        return true if c.raw['name'] == cookie.raw['name']
    }
    return false
end

#init_cookies(cookies) ⇒ Object

Initializes @@cookies with the cookies found during the crawl/analysis



62
63
64
 
# File 'lib/arachni/module/element_db.rb', line 62

def init_cookies( cookies )
  @@cookies = cookies
end

#init_forms(forms) ⇒ Object

Initializes @@forms with the cookies found during the crawl/analysis



48
49
50
 
# File 'lib/arachni/module/element_db.rb', line 48

def init_forms( forms )
  @@forms |= forms.map { |form| form.id }
end

#init_links(links) ⇒ Object

Initializes @@links with the links found during the crawl/analysis



55
56
57
 
# File 'lib/arachni/module/element_db.rb', line 55

def init_links( links )
  @@links |= links.map { |link| link.id }
end

#update_cookies(cookies) ⇒ Object

Updates @@cookies wth new cookies that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

Parameters:

  • cookies (Array<Element::Cookie>) 


128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
 
# File 'lib/arachni/module/element_db.rb', line 128

def update_cookies( cookies )
    return [], 0 if cookies.size == 0

    cookie_cnt = 0
    @new_cookies ||= []

    cookies.each_with_index {
        |cookie|

        @@cookies.each_with_index {
            |page_cookie, i|

            if( page_cookie.raw['name'] == cookie.raw['name'] )
                @@cookies[i] = cookie
            elsif !cookie_in_jar?( cookie )
                @new_cookies << cookie
                cookie_cnt += 1
            end
        }
    }

    @@cookies.flatten!
    @@cookies |= @new_cookies

    return [ @@cookies, cookie_cnt ]
end

#update_forms(forms) ⇒ Object

Updates @@forms wth new forms that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

Parameters:

  • forms (Array<Element::Form>) 


72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
 
# File 'lib/arachni/module/element_db.rb', line 72

def update_forms( forms )

    return [], 0 if forms.size == 0

    form_cnt = 0
    new_forms ||= []

    forms.each {
        |form|

        next if form.action.include?( seed )
        next if form.auditable.size == 0

        if !@@forms.include?( form.id )
            @@forms << form.id
            new_forms << form
            form_cnt += 1
        end
    }

    return new_forms, form_cnt
end

#update_links(links) ⇒ Object

Updates @@links wth new links that may have dynamically appeared<br/> after analyzing the HTTP responses during the audit.

Parameters:

  • links (Array<Element::Link>) 


101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
 
# File 'lib/arachni/module/element_db.rb', line 101

def update_links( links )
  return [], 0 if links.size == 0

  link_cnt = 0
  new_links ||= []
  links.each {
      |link|

      next if !link
      next if link.action.include?( seed )

      if !@@links.include?( link.id )
          @@links    << link.id
          new_links << link
          link_cnt += 1
      end
  }

  return new_links, link_cnt
end