Module: Arachni::Element::Capabilities::Mutable

Included in:

Auditable

Defined in:

lib/arachni/element/capabilities/mutable.rb

Defined Under Namespace

Modules: Format

Constant Summary

MUTATION_OPTIONS =

Default formatting and permutation options

{
    #
    # Formatting of the injection strings.
    #
    # A new set of audit inputs will be generated
    # for each value in the array.
    #
    # Values can be OR'ed bitfields of all available constants
    # of {Format}.
    #
    format:     [ Format::STRAIGHT, Format::APPEND,
                 Format::NULL, Format::APPEND | Format::NULL ],


    # skip mutation with default/original values (for {Arachni::Element::Form} elements)
    skip_orig:  false,

    # flip injection value and input name
    param_flip: false,

    # array of parameter names remain untouched
    skip:       [],

    #
    # nil:   use system settings (!Options.fuzz_methods)
    # true:  don't create mutations with other methods (GET/POST)
    # false: create mutations with other methods (GET/POST)
    #
    respect_method: nil
}

Instance Attribute Summary

• #altered ⇒ String

  Name of the altered/mutated parameter.

Instance Method Summary

• #altered_value ⇒ String

  Value of the altered input.

• #altered_value=(value) ⇒ Object
• #immutables ⇒ Set

  Names of input vectors to be excluded from #mutations.

• #mutated? ⇒ Bool

  true if the element has been mutated, false otherwise.

• #mutations(injection_str, opts = {}) ⇒ Array

  Injects the injection_str in self’s values according to formatting options and returns an array of permutations of self.

• #mutations_for(*args) ⇒ Object

  alias for #mutations.

• #original? ⇒ Bool

  true if the element has not been mutated, false otherwise.

• #permutations(*args) ⇒ Object

  alias for #mutations.

• #permutations_for(*args) ⇒ Object

  alias for #mutations.

Instance Attribute Details

#altered ⇒ String

Returns name of the altered/mutated parameter.

Returns:

• (String) —

  name of the altered/mutated parameter

# File 'lib/arachni/element/capabilities/mutable.rb', line 27

def altered
  @altered
end

Instance Method Details

#altered_value ⇒ String

Returns value of the altered input.

Returns:

• (String) —

  value of the altered input

# File 'lib/arachni/element/capabilities/mutable.rb', line 91

def altered_value
    self[altered].to_s
end

#altered_value=(value) ⇒ Object

Parameters:

• value (String) —

  sets the value for the altered input

# File 'lib/arachni/element/capabilities/mutable.rb', line 96

def altered_value=( value )
    self[altered] = value
end

#immutables ⇒ Set

Returns names of input vectors to be excluded from #mutations.

Returns:

• (Set) —

  names of input vectors to be excluded from #mutations.

# File 'lib/arachni/element/capabilities/mutable.rb', line 111

def immutables
    @immutables ||= Set.new
end

#mutated? ⇒ Bool

Returns true if the element has been mutated, false otherwise.

Returns:

• (Bool) —

  true if the element has been mutated, false otherwise.

# File 'lib/arachni/element/capabilities/mutable.rb', line 106

def mutated?
    !original?
end

#mutations(injection_str, opts = {}) ⇒ Array

Injects the injection_str in self’s values according to formatting options and returns an array of permutations of self.

Vector names in #immutables will be excluded.

Parameters:

• injection_str (String) —

  the string to inject

• opts (Hash) (defaults to: {}) —

  MUTATION_OPTIONS

Returns:

• (Array)

See Also:

• #immutables

# File 'lib/arachni/element/capabilities/mutable.rb', line 128

def mutations( injection_str, opts = {} )
    opts = MUTATION_OPTIONS.merge( opts )
    hash = auditable.dup

    var_combo = []
    return [] if !hash || hash.empty?

    chash = hash.dup
    hash.keys.each do |k|
        # don't audit parameter flips
        next if hash[k] == seed || immutables.include?( k )

        chash = Module::KeyFiller.fill( chash )
        opts[:format].each do |format|
            str = format_str( injection_str, chash[k], format )

            elem = self.dup
            elem.altered = k.dup
            elem.auditable = chash.merge( { k => str } )
            var_combo << elem
        end

    end

    if opts[:param_flip]
        elem = self.dup

        # when under HPG mode element auditing is strictly regulated
        # and when we flip params we essentially create a new element
        # which won't be on the whitelist
        elem.override_instance_scope

        elem.altered = 'Parameter flip'
        elem[injection_str] = seed
        var_combo << elem
    end

    opts[:respect_method] = !Options.fuzz_methods? if opts[:respect_method].nil?

    # add the same stuff with different methods
    if !opts[:respect_method]
        var_combo |= var_combo.map do |f|
            c = f.dup
            c.method = (f.method.to_s.downcase == 'get' ? 'post' : 'get')
            c
        end
    end

    print_debug_injection_set( var_combo, opts )
    var_combo.uniq
end

#mutations_for(*args) ⇒ Object

alias for #mutations

# File 'lib/arachni/element/capabilities/mutable.rb', line 181

def mutations_for( *args )
    mutations( *args )
end

#original? ⇒ Bool

Returns true if the element has not been mutated, false otherwise.

Returns:

• (Bool) —

  true if the element has not been mutated, false otherwise.

# File 'lib/arachni/element/capabilities/mutable.rb', line 101

def original?
    self.altered.nil?
end

#permutations(*args) ⇒ Object

alias for #mutations

# File 'lib/arachni/element/capabilities/mutable.rb', line 185

def permutations( *args )
    mutations( *args )
end

#permutations_for(*args) ⇒ Object

alias for #mutations

# File 'lib/arachni/element/capabilities/mutable.rb', line 189

def permutations_for( *args )
    permutations( *args )
end