Module: Arachni::Module::Utilities

Extended by:

Utilities

Included in:

Element::Auditable, Framework, HTTP, Arachni::Mixins::Observable, ElementDB, Manager, Trainer, Utilities, Parser, Parser::Element::Form, Plugin::Base, Plugin::Manager, RPC::Server::Dispatcher, RPC::Server::Framework, RPC::Server::Instance, Report::Base, Report::Manager, Spider, UI::CLI, UI::RPC, UI::Web::Server

Defined in:

lib/arachni/module/utilities.rb

Overview

Utilities class

Includes some useful methods for the system, the modules etc…

@author: Tasos “Zapotek” Laskos

<tasos.laskos@gmail.com>
<zapotek@segfault.gr>

@version: 0.1.3

Instance Method Summary

• #exception_jail(raise_exception = true, &block) ⇒ Object

  Wraps the “block” in exception handling code and runs it.

• #get_path(url) ⇒ String

  Gets path from URL.

• #hash_keys_to_str(hash) ⇒ Object
• #normalize_url(url) ⇒ Object
• #read_file(filename, &block) ⇒ Object

  Gets module data files from ‘modules//[modname]/’.

• #seed ⇒ Object
• #uri_decode(*args) ⇒ Object
• #uri_encode(*args) ⇒ Object
• #uri_parse(url) ⇒ Object
• #uri_parser ⇒ Object
• #url_sanitize(url) ⇒ Object

  Decodes URLs to reverse multiple encodes and removes NULL characters.

Instance Method Details

#exception_jail(raise_exception = true, &block) ⇒ Object

Wraps the “block” in exception handling code and runs it.

Parameters:

• (Block)

# File 'lib/arachni/module/utilities.rb', line 157

def exception_jail( raise_exception = true, &block )
    begin
        block.call
    rescue Exception => e
        err_name = !e.to_s.empty? ? e.to_s : e.class.name
        print_error( err_name )
        print_error_backtrace( e )
        raise e if raise_exception
    end
end

#get_path(url) ⇒ String

Gets path from URL

Parameters:

• url (String)

Returns:

• (String) —

  path

# File 'lib/arachni/module/utilities.rb', line 65

def get_path( url )

    uri  = uri_parser.parse( uri_encode( url ) )
    path = uri.path

    if !File.extname( path ).empty?
        path = File.dirname( path )
    end

    path << '/' if path[-1] != '/'
    return uri.scheme + "://" + uri.host + path
end

#hash_keys_to_str(hash) ⇒ Object

# File 'lib/arachni/module/utilities.rb', line 141

def hash_keys_to_str( hash )
    nh = {}
    hash.each_pair {
        |k, v|
        nh[k.to_s] = v
        nh[k.to_s] = hash_keys_to_str( v ) if v.is_a? Hash
    }

    return nh
end

#normalize_url(url) ⇒ Object

# File 'lib/arachni/module/utilities.rb', line 82

def normalize_url( url )

    # make sure we're working with the pure form of the URL
    url = url_sanitize( url )

    begin
        normalized = uri_encode( uri_decode( url.to_s ) ).to_s.gsub( '[', '%5B' ).gsub( ']', '%5D' )
    rescue Exception => e
        # ap e
        # ap e.backtrace
        begin
            normalized = uri_encode( uri_decode( url.to_s ) ).to_s
        rescue Exception => e
            # ap e
            # ap e.backtrace
            normalized = url
        end
    end

    #
    # prevent this: http://example.com#fragment
    # from becoming this: http://example.com%23fragment
    #
    begin
        normalized.gsub!( '%23', '#' )
    rescue

    end

    return normalized
end

#read_file(filename, &block) ⇒ Object

Gets module data files from ‘modules//[modname]/’

Parameters:

• filename (String) —

  filename, without the path

• the (Block) —

  block to be passed each line as it’s read

# File 'lib/arachni/module/utilities.rb', line 120

def read_file( filename, &block )

    # the path of the module that called us
    mod_path = block.source_location[0]

    # the name of the module that called us
    mod_name = File.basename( mod_path, ".rb")

    # the path to the module's data file directory
    path    = File.expand_path( File.dirname( mod_path ) ) +
        '/' + mod_name + '/'

    file = File.open( path + '/' + filename ).each {
        |line|
        yield line.strip
    }

    file.close

end

#seed ⇒ Object

# File 'lib/arachni/module/utilities.rb', line 78

def seed
    @@seed ||= Digest::SHA2.hexdigest( srand( 1000 ).to_s )
end

#uri_decode(*args) ⇒ Object

# File 'lib/arachni/module/utilities.rb', line 42

def uri_decode( *args )
    uri_parser.unescape( *args )
end

#uri_encode(*args) ⇒ Object

# File 'lib/arachni/module/utilities.rb', line 38

def uri_encode( *args )
    uri_parser.escape( *args )
end

#uri_parse(url) ⇒ Object

# File 'lib/arachni/module/utilities.rb', line 34

def uri_parse( url )
    uri_parser.parse( url )
end

#uri_parser ⇒ Object

# File 'lib/arachni/module/utilities.rb', line 30

def uri_parser
    @@uri_parser ||= URI::Parser.new
end

#url_sanitize(url) ⇒ Object

Decodes URLs to reverse multiple encodes and removes NULL characters

# File 'lib/arachni/module/utilities.rb', line 49

def url_sanitize( url )

    while( url =~ /%[a-fA-F0-9]{2}/ )
        url = ( uri_decode( url ).to_s.unpack( 'A*' )[0] )
    end

    return uri_encode( CGI.unescapeHTML( url ) )
end