Module: Arachni::Utilities

Extended by:

Utilities

Included in:

Element::Base, Element::Capabilities::Auditable, Framework, HTTP, HTTP::CookieJar, Mixins::Observable, Module::Base, Module::Base, Module::Manager, Module::Trainer, Module::Utilities, Parser, Plugin::Manager, Plugin::Manager, RPC::Server::Dispatcher, RPC::Server::Framework, RPC::Server::Instance, Report::Manager, Report::Manager, Session, Spider, Arachni::UI::CLI, Arachni::UI::RPC, Arachni::UI::Web::Server, URI, URI, Utilities

Defined in:

lib/arachni/utilities.rb

Overview

Includes some useful methods for the system, the modules etc…

Author:

• Tasos “Zapotek” Laskos <tasos.laskos@gmail.com>

Instance Method Summary

• #cookie_encode(*args) ⇒ Object
• #cookies_from_document(*args) ⇒ Object
• #cookies_from_file(*args) ⇒ Object
• #cookies_from_response(*args) ⇒ Object
• #exception_jail(raise_exception = true, &block) ⇒ Object

  Wraps the “block” in exception handling code and runs it.

• #exclude_path?(url) ⇒ Bool

  Decides whether the given url matches any framework exclusion rules.

• #extract_domain(url) ⇒ String

  Domain name.

• #form_decode(*args) ⇒ Object
• #form_encode(*args) ⇒ Object
• #form_parse_request_body(*args) ⇒ Object (also: #parse_request_body)
• #forms_from_document(*args) ⇒ Object
• #forms_from_response(*args) ⇒ Object
• #get_path(url) ⇒ String

  Path full URL up to the path component (no resource, query etc.).

• #hash_keys_to_str(hash) ⇒ Hash

  Recursively converts a Hash’s keys to strings.

• #html_decode(str) ⇒ Object (also: #html_unescape)
• #html_encode(str) ⇒ Object (also: #html_escape)
• #include_path?(url) ⇒ Bool

  Decides whether the given url matches any framework inclusion rules.

• #links_from_document(*args) ⇒ Object
• #links_from_response(*args) ⇒ Object
• #normalize_url(url) ⇒ Object
• #page_from_response(*args) ⇒ Object
• #page_from_url(*args, &block) ⇒ Object
• #parse_query(*args) ⇒ Object
• #parse_set_cookie(*args) ⇒ Object
• #parse_url_vars(*args) ⇒ Object
• #path_in_domain?(url, reference = Options.url) ⇒ Bool

  Compares 2 urls in order to decide whether or not they belong to the same domain.

• #path_too_deep?(url) ⇒ Bool

  true is the path exceeds the framework limit, false otherwise.

• #remove_constants(mod, skip = [], children_only = true) ⇒ Object
• #seed ⇒ String

  Random HEX (SHA2) string.

• #skip_path?(path) ⇒ Bool

  Decides whether or not the provided path should be skipped based on: * #include_path? * #exclude_path? * #path_too_deep? * #path_in_domain?.

• #to_absolute(relative_url, reference_url = Options.instance.url.to_s) ⇒ Object
• #uri_decode(url) ⇒ Object
• #uri_encode(string, bad_characters = nil) ⇒ Object
• #uri_parse(url) ⇒ Object
• #uri_parser ⇒ URI::Parser

  Cached URI parser.

• #url_sanitize(url) ⇒ Object

Instance Method Details

#cookie_encode(*args) ⇒ Object

See Also:

• Element::Cookie.encode

# File 'lib/arachni/utilities.rb', line 99

def cookie_encode( *args )
    Cookie.encode( *args )
end

#cookies_from_document(*args) ⇒ Object

See Also:

• Element::Cookie.from_document

# File 'lib/arachni/utilities.rb', line 85

def cookies_from_document( *args )
    Cookie.from_document( *args )
end

#cookies_from_file(*args) ⇒ Object

See Also:

• Element::Cookie.from_file

# File 'lib/arachni/utilities.rb', line 94

def cookies_from_file( *args )
    Cookie.from_file( *args )
end

#cookies_from_response(*args) ⇒ Object

See Also:

• Element::Cookie.from_response

# File 'lib/arachni/utilities.rb', line 80

def cookies_from_response( *args )
    Cookie.from_response( *args )
end

#exception_jail(raise_exception = true, &block) ⇒ Object

Wraps the “block” in exception handling code and runs it.

Parameters:

• raise_exception (Bool) (defaults to: true) —

  re-raise exception

• block (Block) —

  to call

# File 'lib/arachni/utilities.rb', line 275

def exception_jail( raise_exception = true, &block )
    block.call
rescue Exception => e
    begin
        print_error e.inspect
        print_error_backtrace e
        print_error
        print_error 'Parent:'
        print_error  self.class.to_s
        print_error
        print_error 'Block:'
        print_error block.to_s
        print_error
        print_error 'Caller:'
        ::Kernel.caller.each { |l| print_error l }
        print_error '-' * 80
    rescue
    end
    raise e if raise_exception
end

#exclude_path?(url) ⇒ Bool

Decides whether the given url matches any framework exclusion rules.

Parameters:

• url (String)

Returns:

• (Bool)

# File 'lib/arachni/utilities.rb', line 212

def exclude_path?( url )
    uri_parse( url ).exclude?( Options.exclude )
end

#extract_domain(url) ⇒ String

Returns domain name.

Parameters:

• url (String)

Returns:

• (String) —

  domain name

See Also:

• Arachni::URI#domain

# File 'lib/arachni/utilities.rb', line 175

def extract_domain( url )
    uri_parse( url ).domain
end

#form_decode(*args) ⇒ Object

See Also:

• Element::Form.decode

# File 'lib/arachni/utilities.rb', line 51

def form_decode( *args )
    Form.decode( *args )
end

#form_encode(*args) ⇒ Object

See Also:

• Element::Form.encode

# File 'lib/arachni/utilities.rb', line 46

def form_encode( *args )
    Form.encode( *args )
end

#form_parse_request_body(*args) ⇒ Object Also known as: parse_request_body

See Also:

• Element::Form.parse_request_body

# File 'lib/arachni/utilities.rb', line 56

def form_parse_request_body( *args )
    Form.parse_request_body( *args )
end

#forms_from_document(*args) ⇒ Object

See Also:

• Element::Form.from_document

# File 'lib/arachni/utilities.rb', line 41

def forms_from_document( *args )
    Form.from_document( *args )
end

#forms_from_response(*args) ⇒ Object

See Also:

• Element::Form.from_response

# File 'lib/arachni/utilities.rb', line 36

def forms_from_response( *args )
    Form.from_response( *args )
end

#get_path(url) ⇒ String

Returns path full URL up to the path component (no resource, query etc.).

Parameters:

• url (String)

Returns:

• (String) —

  path full URL up to the path component (no resource, query etc.)

See Also:

• Arachni::URI#up_to_path

# File 'lib/arachni/utilities.rb', line 164

def get_path( url )
    uri_parse( url ).up_to_path
end

#hash_keys_to_str(hash) ⇒ Hash

Recursively converts a Hash’s keys to strings

Parameters:

• hash (Hash)

Returns:

• (Hash)

# File 'lib/arachni/utilities.rb', line 260

def hash_keys_to_str( hash )
    nh = {}
    hash.each_pair do |k, v|
        nh[k.to_s] = v
        nh[k.to_s] = hash_keys_to_str( v ) if v.is_a? Hash
    end
    nh
end

#html_decode(str) ⇒ Object Also known as: html_unescape

# File 'lib/arachni/utilities.rb', line 112

def html_decode( str )
    ::CGI.unescapeHTML( str.to_s )
end

#html_encode(str) ⇒ Object Also known as: html_escape

# File 'lib/arachni/utilities.rb', line 117

def html_encode( str )
    ::CGI.escapeHTML( str.to_s )
end

#include_path?(url) ⇒ Bool

Decides whether the given url matches any framework inclusion rules.

Parameters:

• url (String)

Returns:

• (Bool)

# File 'lib/arachni/utilities.rb', line 223

def include_path?( url )
    uri_parse( url ).include?( Options.include )
end

#links_from_document(*args) ⇒ Object

See Also:

• Element::Link.from_document

# File 'lib/arachni/utilities.rb', line 67

def links_from_document( *args )
    Link.from_document( *args )
end

#links_from_response(*args) ⇒ Object

See Also:

• Element::Link.from_response

# File 'lib/arachni/utilities.rb', line 62

def links_from_response( *args )
    Link.from_response( *args )
end

#normalize_url(url) ⇒ Object

See Also:

• Arachni::URI.normalize

# File 'lib/arachni/utilities.rb', line 148

def normalize_url( url )
    URI.normalize( url )
end

#page_from_response(*args) ⇒ Object

See Also:

• Page.from_response

# File 'lib/arachni/utilities.rb', line 104

def page_from_response( *args )
    Page.from_response( *args )
end

#page_from_url(*args, &block) ⇒ Object

# File 'lib/arachni/utilities.rb', line 108

def page_from_url( *args, &block )
    Page.from_url( *args, &block )
end

#parse_query(*args) ⇒ Object

# File 'lib/arachni/utilities.rb', line 75

def parse_query( *args )
    Link.parse_query_vars( *args )
end

#parse_set_cookie(*args) ⇒ Object

# File 'lib/arachni/utilities.rb', line 89

def parse_set_cookie( *args )
    Cookie.parse_set_cookie( *args )
end

#parse_url_vars(*args) ⇒ Object

See Also:

• Element::Link.parse_query_vars

# File 'lib/arachni/utilities.rb', line 72

def parse_url_vars( *args )
    Link.parse_query_vars( *args )
end

#path_in_domain?(url, reference = Options.url) ⇒ Bool

Compares 2 urls in order to decide whether or not they belong to the same domain.

Parameters:

• url (String)
• reference (String) (defaults to: Options.url)

Returns:

• (Bool) —

  true if self is in the same domain as the reference URL, false otherwise

See Also:

• Arachni::URI#in_domain?

# File 'lib/arachni/utilities.rb', line 201

def path_in_domain?( url, reference = Options.url )
    uri_parse( url ).in_domain?( !Options.follow_subdomains, reference )
end

#path_too_deep?(url) ⇒ Bool

Returns true is the path exceeds the framework limit, false otherwise.

Parameters:

• url (String)

Returns:

• (Bool) —

  true is the path exceeds the framework limit, false otherwise

See Also:

• Arachni::URI#too_deep?

# File 'lib/arachni/utilities.rb', line 186

def path_too_deep?( url )
    uri_parse( url ).too_deep?( Options.depth_limit )
end

#remove_constants(mod, skip = [], children_only = true) ⇒ Object

# File 'lib/arachni/utilities.rb', line 296

def remove_constants( mod, skip = [], children_only = true )
    return if skip.include?( mod )
    return if !(mod.is_a?( Class ) || !mod.is_a?( Module )) ||
        !mod.to_s.start_with?( 'Arachni' )

    parent = Object
    mod.to_s.split( '::' )[0..-2].each do |ancestor|
        parent = parent.const_get( ancestor.to_sym )
    end

    mod.constants.each { |m| mod.send( :remove_const, m ) }

    return if children_only
    parent.send( :remove_const, mod.to_s.split( ':' ).last.to_sym )
end

#seed ⇒ String

Returns random HEX (SHA2) string.

Returns:

• (String) —

  random HEX (SHA2) string

# File 'lib/arachni/utilities.rb', line 31

def seed
    @@seed ||= Digest::SHA2.hexdigest( srand( 1000 ).to_s )
end

#skip_path?(path) ⇒ Bool

Decides whether or not the provided path should be skipped based on:

• #include_path?

• #exclude_path?

• #path_too_deep?

• #path_in_domain?

Parameters:

• path (Arachni::URI, ::URI, Hash, String)

Returns:

• (Bool)

# File 'lib/arachni/utilities.rb', line 238

def skip_path?( path )
    return true if !path

    parsed = uri_parse( path )
    begin
        return true if !include_path?( parsed )
        return true if exclude_path?( parsed )
        return true if path_too_deep?( parsed )
        return true if !path_in_domain?( parsed )
        false
    rescue
        true
    end
end

#to_absolute(relative_url, reference_url = Options.instance.url.to_s) ⇒ Object

See Also:

• Arachni::URI.to_absolute

# File 'lib/arachni/utilities.rb', line 143

def to_absolute( relative_url, reference_url = Options.instance.url.to_s )
    URI.to_absolute( relative_url, reference_url )
end

#uri_decode(url) ⇒ Object

See Also:

• Arachni::URI.encode

# File 'lib/arachni/utilities.rb', line 138

def uri_decode( url )
    URI.decode( url )
end

#uri_encode(string, bad_characters = nil) ⇒ Object

See Also:

• Arachni::URI.encode

# File 'lib/arachni/utilities.rb', line 133

def uri_encode( string, bad_characters = nil )
    URI.encode( string, bad_characters )
end

#uri_parse(url) ⇒ Object

See Also:

• Arachni::URI.parse

# File 'lib/arachni/utilities.rb', line 128

def uri_parse( url )
    URI.parse( url )
end

#uri_parser ⇒ URI::Parser

Returns cached URI parser.

Returns:

• (URI::Parser) —

  cached URI parser

# File 'lib/arachni/utilities.rb', line 123

def uri_parser
    URI.parser
end

#url_sanitize(url) ⇒ Object

See Also:

• #normalize_url

# File 'lib/arachni/utilities.rb', line 153

def url_sanitize( url )
    normalize_url( url )
end