Class: Arachni::RPC::Server::Framework

Inherits:

Framework

• Object
• Framework
• Arachni::RPC::Server::Framework

Includes:

Module::Utilities

Defined in:

lib/arachni/rpc/server/framework.rb

Overview

Wraps the framework of the local instance and the frameworks of all remote slaves (when in High Performance Grid mode) into a neat, little, easy to handle package.

@author: Tasos “Zapotek” Laskos

<tasos.laskos@gmail.com>
<zapotek@segfault.gr>

@version: 0.1

Constant Summary

MAX_CONCURRENCY =

20

MIN_PAGES_PER_INSTANCE =

30

Constants inherited from Framework

Framework::REVISION

Instance Attribute Summary

• #instances ⇒ Object readonly

  Returns the value of attribute instances.

• #modules ⇒ Object readonly

  Returns the value of attribute modules.

• #opts ⇒ Object readonly

  Returns the value of attribute opts.

• #plugins ⇒ Object readonly

  Returns the value of attribute plugins.

Attributes inherited from Framework

#auditmap, #page_queue_size, #page_queue_total_size, #reports, #sitemap, #spider, #url_queue_size, #url_queue_total_size

Instance Method Summary

• #busy?(include_slaves = true, &block) ⇒ Boolean

  Returns true if the system is scanning, false if #run hasn’t been called yet or if the scan has finished.

• #clean_up!(&block) ⇒ Object

  If the scan needs to be aborted abruptly this method takes care of any unfinished business (like running plug-ins).

• #get_plugin_store ⇒ Hash

  Returns the results of the plug-ins.

• #high_performance? ⇒ Bool

  Returns true if running in HPG (High Performance Grid) mode and we’re the master, false otherwise.

• #initialize(opts) ⇒ Framework constructor

  A new instance of Framework.

• #issues ⇒ Array<Arachni::Issue>

  Returns a array containing summaries of all discovered issues (i.e. no variations).

• #issues_as_hash ⇒ Array<Hash>

  Returns the return value of #issues as an Array of hashes.

• #lsplug ⇒ Array<Hash>

  Returns an array containing information about all available plug-ins.

• #master ⇒ String

  Returns the master’s URL.

• #output(&block) ⇒ Object

  Returns the merged output of all running instances.

• #pause! ⇒ Object

  Pauses the running scan on a best effort basis.

• #progress_data(opts = {}, &block) ⇒ Object

  Returns aggregated progress data and helps to limit the amount of calls required in order to get an accurate depiction of a scan’s progress and includes: o output messages o discovered issues o overall statistics o overall scan status o statistics of all instances individually.

• #register_issues(issues, token) ⇒ Bool

  Registers an array holding Issue objects with the local instance.

• #report ⇒ Hash (also: #audit_store_as_hash, #auditstore_as_hash)

  Returns the results of the audit as a hash.

• #restrict_to_elements!(elements, token = nil) ⇒ Bool

  Restricts the scope of the audit to individual elements.

• #resume! ⇒ Object

  Resumes a paused scan right away.

• #run ⇒ Bool

  Starts the audit.

• #serialized_auditstore ⇒ String

  YAML representation of #auditstore.

• #serialized_report ⇒ String

  YAML representation of #report.

• #set_master(url, token) ⇒ Bool

  Sets the URL and authentication token required to connect to our master.

• #status ⇒ String

  Returns the status of the instance as a string.

• #update_page_queue!(pages, token = nil) ⇒ Bool

  Updates the page queue with the provided pages.

Methods included from Module::Utilities

#exception_jail, #get_path, #hash_keys_to_str, #normalize_url, #read_file, #seed, #uri_decode, #uri_encode, #uri_parse, #uri_parser, #url_sanitize

Methods inherited from Framework

#audit, #audit_page_queue, #audit_queue, #audit_store, #audit_store_sitemap, #http, #lsmod, #lsrep, #paused?, #plugin_store, #prepare, #push_to_page_queue, #push_to_url_queue, #revision, #running?, #stats, #version

Methods included from Mixins::Observable

#method_missing

Methods included from UI::Output

#buffer, #debug!, #debug?, #flush_buffer, #mute!, #muted?, #only_positives!, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_pp, #print_error, #print_error_backtrace, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, #uncap_buffer!, #unmute!, #verbose!, #verbose?

Constructor Details

#initialize(opts) ⇒ Framework

Returns a new instance of Framework.

# File 'lib/arachni/rpc/server/framework.rb', line 52

def initialize( opts )
    super( opts )

    @modules = Arachni::RPC::Server::Module::Manager.new( opts )
    @plugins = Arachni::RPC::Server::Plugin::Manager.new( self )

    # holds all running instances
    @instances = []

    @crawling_done = nil
    @override_sitemap = []

    # if we're a slave this var will hold the URL of our master
    @master_url = ''

    @local_token = gen_token
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Arachni::Mixins::Observable

Instance Attribute Details

#instances ⇒ Object (readonly)

Returns the value of attribute instances.

# File 'lib/arachni/rpc/server/framework.rb', line 47

def instances
  @instances
end

#modules ⇒ Object (readonly)

Returns the value of attribute modules.

# File 'lib/arachni/rpc/server/framework.rb', line 47

def modules
  @modules
end

#opts ⇒ Object (readonly)

Returns the value of attribute opts.

# File 'lib/arachni/rpc/server/framework.rb', line 47

def opts
  @opts
end

#plugins ⇒ Object (readonly)

Returns the value of attribute plugins.

# File 'lib/arachni/rpc/server/framework.rb', line 47

def plugins
  @plugins
end

Instance Method Details

#busy?(include_slaves = true, &block) ⇒ Boolean

Returns true if the system is scanning, false if #run hasn’t been called yet or if the scan has finished.

Parameters:

• include_slaves (Bool) (defaults to: true) —

  take slave status into account too? <br/> If so, it will only return false if slaves are done too.

• &block (Proc) —

  block to which to pass the result

Returns:

• (Boolean)

# File 'lib/arachni/rpc/server/framework.rb', line 89

def busy?( include_slaves = true, &block )

    busyness = [ extended_running? ]

    if @instances.empty? || !include_slaves
        block.call( busyness[0] ) if block_given?
        return
    end

    ::EM::Iterator.new( @instances, @instances.size ).map( proc {
        |instance, iter|
        connect_to_instance( instance ).framework.busy? {
            |res|
            iter.return( res )
        }
    }, proc {
        |res|
        busyness << res
        busyness.flatten!
        block.call( !busyness.reject{ |is_busy| !is_busy }.empty? )
    })
end

#clean_up!(&block) ⇒ Object

If the scan needs to be aborted abruptly this method takes care of any unfinished business (like running plug-ins).

Should be called before grabbing the #auditstore, especially when running in HPG mode as it will take care of merging the plug-in results of all instances.

Parameters:

• &block (Proc) —

  block to be called once the cleanup has finished

# File 'lib/arachni/rpc/server/framework.rb', line 304

def clean_up!( &block )
    old_clean_up!( true )

    if @instances.empty?
        block.call if block_given?
        return
    end

    ::EM::Iterator.new( @instances, @instances.size ).map( proc {
        |instance, iter|
        instance_conn = connect_to_instance( instance )

        instance_conn.framework.clean_up! {
            instance_conn.framework.get_plugin_store {
                |res|
                iter.return( !res.rpc_exception? ?  res : nil )
            }
        }

    }, proc {
        |results|
        results.compact!
        results << get_plugin_store
        update_plugin_results!( results )
        block.call
    })
end

#get_plugin_store ⇒ Hash

Returns the results of the plug-ins

Returns:

• (Hash) —

  plugin name => result

# File 'lib/arachni/rpc/server/framework.rb', line 75

def get_plugin_store
    @plugin_store
end

#high_performance? ⇒ Bool

Returns true if running in HPG (High Performance Grid) mode and we’re the master, false otherwise.

Returns:

• (Bool)

# File 'lib/arachni/rpc/server/framework.rb', line 140

def high_performance?
    @opts.grid_mode == 'high_performance'
end

#issues ⇒ Array<Arachni::Issue>

Returns a array containing summaries of all discovered issues (i.e. no variations).

Returns:

• (Array<Arachni::Issue>)

# File 'lib/arachni/rpc/server/framework.rb', line 575

def issues
    audit_store.issues.map {
        |issue|
        tmp_issue = issue.deep_clone
        tmp_issue.variations = []
        tmp_issue
    }
end

#issues_as_hash ⇒ Array<Hash>

Returns the return value of #issues as an Array of hashes

Returns:

• (Array<Hash>)

See Also:

• #issues

# File 'lib/arachni/rpc/server/framework.rb', line 591

def issues_as_hash
    issues.map { |i| i.to_h }
end

#lsplug ⇒ Array<Hash>

Returns an array containing information about all available plug-ins.

Returns:

• (Array<Hash>)

# File 'lib/arachni/rpc/server/framework.rb', line 117

def lsplug
    plug_info = []

    super.each {
        |plugin|

        plugin[:options] = [plugin[:options]].flatten.compact.map {
            |opt|
            opt.to_h.merge( 'type' => opt.type )
        }

        plug_info << plugin
    }

    return plug_info
end

#master ⇒ String

Returns the master’s URL

Returns:

• (String)

# File 'lib/arachni/rpc/server/framework.rb', line 361

def master
    @master_url
end

#output(&block) ⇒ Object

Returns the merged output of all running instances.

This is going probably to be wildly out of sync and lack A LOT of messages.

It’s here to give the notion of scan progress to the end-user rather than provide an accurate depiction of the actual progress.

Parameters:

• &block (Proc) —

  block to which to pass the result

# File 'lib/arachni/rpc/server/framework.rb', line 375

def output( &block )

    buffer = flush_buffer

    if @instances.empty?
        block.call( buffer )
        return
    end

    ::EM::Iterator.new( @instances, MAX_CONCURRENCY ).map( proc {
        |instance, iter|
        connect_to_instance( instance ).service.output {
            |out|
            iter.return( out )
        }
    }, proc {
        |out|
        block.call( (buffer | out).flatten )
    })
end

#pause! ⇒ Object

Pauses the running scan on a best effort basis.

# File 'lib/arachni/rpc/server/framework.rb', line 335

def pause!
    super
    ::EM::Iterator.new( @instances, @instances.size ).each {
        |instance, iter|
        connect_to_instance( instance ).framework.pause!{ iter.next }
    }
    return true
end

#progress_data(opts = {}, &block) ⇒ Object

Returns aggregated progress data and helps to limit the amount of calls required in order to get an accurate depiction of a scan’s progress and includes:

o output messages
o discovered issues
o overall statistics
o overall scan status
o statistics of all instances individually

Parameters:

• opts (Hash) (defaults to: {}) —

  contains info about what data to return:

  • :messages – include output messages

  • :slaves – include slave data

  • :issues – include issue summaries

  Uses an implicit include for the above (i.e. nil will be considered true).

  • :as_hash – if set to true will convert issues to hashes before returning

• &block (Proc) —

  block to which to pass the result

# File 'lib/arachni/rpc/server/framework.rb', line 439

def progress_data( opts= {}, &block )

    if opts[:messages].nil?
        include_messages = true
    else
        include_messages = opts[:messages]
    end

    if opts[:slaves].nil?
        include_slaves = true
    else
        include_slaves = opts[:slaves]
    end

    if opts[:issues].nil?
        include_issues = true
    else
        include_issues = opts[:issues]
    end

    if opts[:as_hash]
        as_hash = true
    else
        as_hash = opts[:as_hash]
    end

    data = {
        'stats'     => {},
        'status'    => status,
        'busy'      => extended_running?
    }

    data['messages']  = flush_buffer if include_messages

    if include_issues
        data['issues'] = as_hash ? issues_as_hash : issues
    end

    data['instances'] = {} if include_slaves

    stats = []
    stat_hash = {}
    stats( true, true ).each {
        |k, v|
        stat_hash[k.to_s] = v
    }

    if @opts.datastore[:dispatcher_url] && include_slaves
        data['instances'][self_url] = stat_hash.dup
        data['instances'][self_url]['url'] = self_url
        data['instances'][self_url]['status'] = status
    end

    stats << stat_hash

    if @instances.empty? || !include_slaves
        data['stats'] = merge_stats( stats )
        data['instances'] = data['instances'].values if include_slaves
        block.call( data )
        return
    end

    ::EM::Iterator.new( @instances, MAX_CONCURRENCY ).map( proc {
        |instance, iter|
        connect_to_instance( instance ).framework.progress_data( opts ) {
            |tmp|
            if !tmp.rpc_exception?
                tmp['url'] = instance['url']
                iter.return( tmp )
            else
                iter.return( nil )
            end
        }
    }, proc {
        |slave_data|

        slave_data.compact!
        slave_data.each {
            |slave|
            data['messages']  |= slave['messages'] if include_messages
            data['issues']    |= slave['issues'] if include_issues

            if include_slaves
                url = slave['url']
                data['instances'][url]           = slave['stats']
                data['instances'][url]['url']    = url
                data['instances'][url]['status'] = slave['status']
            end

            stats << slave['stats']
        }

        if include_slaves
            sorted_data_instances = {}
            data['instances'].keys.sort.each {
                |url|
                sorted_data_instances[url] = data['instances'][url]
            }
            data['instances'] = sorted_data_instances.values
        end

        data['stats'] = merge_stats( stats )
        block.call( data )
    })
end

#register_issues(issues, token) ⇒ Bool

Registers an array holding Issue objects with the local instance.

Primarily used by slaves to register issues they find on the spot.

Parameters:

• issues (Array<Arachni::Issue>)
• token (String) —

  privileged token, prevents this method from being called by 3rd parties.

Returns:

• (Bool) —

  true on success, false on invalid token or if not in HPG mode

# File 'lib/arachni/rpc/server/framework.rb', line 668

def register_issues( issues, token )
    return false if high_performance? && !valid_token?( token )

    @modules.class.register_results( issues )
    return true
end

#report ⇒ Hash Also known as: audit_store_as_hash, auditstore_as_hash

Returns the results of the audit as a hash.

Returns:

• (Hash)

# File 'lib/arachni/rpc/server/framework.rb', line 550

def report
    audit_store.to_h
end

#restrict_to_elements!(elements, token = nil) ⇒ Bool

Restricts the scope of the audit to individual elements.

Parameters:

• elements (Array) —

  list of element IDs

• token (String) (defaults to: nil) —

  privileged token, prevents this method from being called by 3rd parties.

Returns:

• (Bool) —

  true on success, false on invalid token

# File 'lib/arachni/rpc/server/framework.rb', line 611

def restrict_to_elements!( elements, token = nil )
    return false if high_performance? && !valid_token?( token )

    ::Arachni::Element::Auditable.restrict_to_elements!( elements )
    return true
end

#resume! ⇒ Object

Resumes a paused scan right away.

# File 'lib/arachni/rpc/server/framework.rb', line 347

def resume!
    super
    ::EM::Iterator.new( @instances, @instances.size ).each {
        |instance, iter|
        connect_to_instance( instance ).framework.resume!{ iter.next }
    }
    return true
end

#run ⇒ Bool

Starts the audit.

Returns:

• (Bool) —

  false if already running, true otherwise

# File 'lib/arachni/rpc/server/framework.rb', line 149

def run
    # return if we're already running
    return false if extended_running?

    # EventMachine.add_periodic_timer( 1 ) do
        # print "Arachni::RPC::Client::Handler objects: "
        # puts ObjectSpace.each_object( Arachni::RPC::Client::Handler ) {}
#
        # print "Arachni::RPC::Server::Proxy objects: "
        # puts ObjectSpace.each_object( Arachni::RPC::Server::Proxy ) {}
#
        # puts "Active connections: #{::EM.connection_count}"
        # puts '--------------------------------------------'
    # end

    @extended_running = true
    ::EM.defer {

        #
        # if we're in HPG mode do fancy stuff like distributing and balancing workload
        # as well as starting slave instances and deal with some lower level
        # operations of the local instance like running plug-ins etc...
        #
        # otherwise just run the local instance, nothing special...
        #
        if high_performance?

            #
            # We're in HPG (High Performance Grid) mode,
            # things are going to get weird...
            #

            # we'll need analyze the pages prior to assigning
            # them to each instance at the element level so as to gain
            # more granular control over the assigned workload
            #
            # put simply, we'll need to perform some magic in order
            # to prevent different instances from auditing the same elements
            # and wasting bandwidth
            #
            # for example: search forms, logout links and the like will
            # most likely exist on most pages of the site and since each
            # instance is assigned a set of URLs/pages to audit they will end up
            # with common elements so we have to prevent instances from
            # performing identical checks.
            #
            # interesting note: should previously unseen elements dynamically
            # appear during the audit they will override these restrictions
            # and each instance will audit them at will.
            #
            pages = ::Arachni::Database::Hash.new

            # prepare the local instance (runs plugins and start the timer)
            prepare

            # we need to take our cues from the local framework as some
            # plug-ins may need the system to wait for them to finish
            # before moving on.
            sleep( 0.2 ) while paused?

            # start the crawl and extract all paths
            Arachni::Spider.new( @opts ).run {
                |page|
                @override_sitemap << page.url
                pages[page.url] = page
            }
            @crawling_done = true

            # the plug-ins may have update the framework page queue
            # so we need to distribute these pages as well
            page_a = []
            page_q = @page_queue
            while !page_q.empty? && page = page_q.pop
                page_a << page
                pages[page.url] = page
            end

            # get the Dispatchers with unique Pipe IDs
            # in order to take advantage of line aggregation
            prefered_dispatchers {
                |pref_dispatchers|

                # split the URLs of the pages in equal chunks
                chunks    = split_urls( pages.keys, pref_dispatchers )
                chunk_cnt = chunks.size

                if chunk_cnt > 0
                    # split the page array into chunks that will be distributed
                    # across the instances
                    page_chunks = page_a.chunk( chunk_cnt )

                    # assign us our fair share of plug-in discovered pages
                    update_page_queue!( page_chunks.pop, @local_token )

                    # remove duplicate elements across the (per instance) chunks
                    # while spreading them out evenly
                    elements = distribute_elements( chunks, pages )

                    # empty out the Hash and remove temporary files
                    pages.clear

                    # restrict the local instance to its assigned elements
                    restrict_to_elements!( elements.pop, @local_token )

                    # set the URLs to be audited by the local instance
                    @opts.restrict_paths = chunks.pop

                    chunks.each_with_index {
                        |chunk, i|

                        # spawn a remote instance, assign a chunk of URLs
                        # and elements to it and run it
                        spawn( chunk, page_chunks[i], elements[i], pref_dispatchers[i] ) {
                            |inst|
                            @instances << inst
                        }
                    }
                end

                # start the local instance
                Thread.new {
                    # ap 'AUDITING'
                    audit

                    # ap 'OLD CLEAN UP'
                    old_clean_up!

                    # ap 'DONE'
                    @extended_running = false
                }
            }
        else
            # start the local instance
            Thread.new {
                # ap 'AUDITING'
                super
                # ap 'DONE'
                @extended_running = false
            }
        end
    }

    return true
end

#serialized_auditstore ⇒ String

Returns YAML representation of #auditstore.

Returns:

• (String) —

  YAML representation of #auditstore

# File 'lib/arachni/rpc/server/framework.rb', line 559

def serialized_auditstore
    audit_store.to_yaml
end

#serialized_report ⇒ String

Returns YAML representation of #report.

Returns:

• (String) —

  YAML representation of #report

# File 'lib/arachni/rpc/server/framework.rb', line 566

def serialized_report
    audit_store.to_h.to_yaml
end

#set_master(url, token) ⇒ Bool

Sets the URL and authentication token required to connect to our master.

Parameters:

• url (String) —

  master’s URL in ‘hostname:port’ form

• token (String) —

  master’s authentication token

Returns:

• (Bool) —

  true on success, false if this is the master of the HPG (in which case this is not applicable).

# File 'lib/arachni/rpc/server/framework.rb', line 627

def set_master( url, token )
    return false if high_performance?

    @master_url = url
    @master = connect_to_instance( { 'url' => url, 'token' => token } )

    @modules.class.do_not_store!
    @modules.class.on_register_results {
        |results|
        report_issues_to_master( results )
    }

    return true
end

#status ⇒ String

Returns the status of the instance as a string.

Possible values are:

o crawling
o paused
o done
o busy

Returns:

• (String)

# File 'lib/arachni/rpc/server/framework.rb', line 407

def status
    if( !@crawling_done && master.empty? && high_performance?) ||
        ( master.empty? && !high_performance? && stats[:current_page].empty? )
        return 'crawling'
    elsif paused?
        return 'paused'
    elsif !extended_running?
        return 'done'
    else
        return 'busy'
    end
end

#update_page_queue!(pages, token = nil) ⇒ Bool

Updates the page queue with the provided pages.

Parameters:

• pages (Array) —

  list of pages

• token (String) (defaults to: nil) —

  privileged token, prevents this method from being called by 3rd parties.

Returns:

• (Bool) —

  true on success, false on invalid token

# File 'lib/arachni/rpc/server/framework.rb', line 651

def update_page_queue!( pages, token = nil )
    return false if high_performance? && !valid_token?( token )
    pages.each { |page| @page_queue << page }
    return true
end