Class: Arachni::Module::Base Abstract
- Extended by:
- Utilities
- Defined in:
- lib/arachni/module/base.rb
Overview
Base module class to be extended by all modules.
Defines basic structure and provides utilities to modules.
Constant Summary
Constants included from Auditor
Auditor::Format, Auditor::OPTIONS
Constants included from Arachni
BANNER, Cookie, Form, Header, Link, Severity, VERSION, WEBSITE, WIKI
Instance Attribute Summary
Attributes included from Auditor
Class Method Summary collapse
-
.info ⇒ Object
abstract
REQUIRED.
-
.prefer(*args) ⇒ Array
Schedules self to be run after the specified modules and prevents auditing elements that have been previously logged by any of these modules.
-
.preferred ⇒ Array
Names of modules which should be preferred over this one.
Instance Method Summary collapse
-
#clean_up ⇒ Object
abstract
OPTIONAL.
- #initialize(page, framework = nil) ⇒ Base constructor
-
#plugins ⇒ Arachni::PluginManager
Provides access to the plugin manager.
- #preferred ⇒ Object
-
#prepare ⇒ Object
abstract
OPTIONAL.
-
#run ⇒ Object
abstract
REQUIRED.
- #session ⇒ Object
Methods included from Utilities
cookie_encode, cookies_from_document, cookies_from_file, cookies_from_response, exception_jail, exclude_path?, extract_domain, form_decode, form_encode, form_parse_request_body, forms_from_document, forms_from_response, get_path, hash_keys_to_str, html_decode, html_encode, include_path?, links_from_document, links_from_response, normalize_url, page_from_response, page_from_url, parse_query, parse_set_cookie, parse_url_vars, path_in_domain?, path_too_deep?, remove_constants, seed, skip_path?, to_absolute, uri_decode, uri_encode, uri_parse, uri_parser, url_sanitize
Methods included from Auditor
#audit, #audit_rdiff, #audit_taint, #audit_timeout, #audited, #audited?, #candidate_elements, current_timeout_audit_operations_cnt, #http, #log, #log_issue, #log_remote_file, #log_remote_file_if_exists, #match_and_log, on_timing_attacks, #override_instance_scope?, #register_results, #remote_file_exist?, reset, running_timeout_attacks?, #skip?, timeout_audit_blocks, timeout_audit_operations_cnt, timeout_audit_run, timeout_loaded_modules
Methods included from Output
#fancy_name, #print_bad, #print_debug, #print_error, #print_info, #print_line, #print_ok, #print_status, #print_verbose
Methods included from UI::Output
#debug?, #debug_off, #debug_on, #disable_only_positives, #flush_buffer, #mute, #muted?, old_reset_output_options, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_pp, #print_error, #print_error_backtrace, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #set_buffer_cap, #uncap_buffer, #unmute, #verbose, #verbose?
Methods included from Arachni
Constructor Details
Class Method Details
.info ⇒ Object
REQUIRED
Provides information about the module. Don’t take this lightly and don’t ommit any of the info.
114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 |
# File 'lib/arachni/module/base.rb', line 114 def self.info { name: 'Base module abstract class', description: %q{Provides an abstract class the modules should implement.}, # # Arachni needs to know what elements the module plans to audit # before invoking it. # If a page doesn't have any of those elements # there's no point in instantiating the module. # # If you want the module to run no-matter what, leave the array # empty. # # elements: [ # Element::FORM, # Element::LINK, # Element::COOKIE, # Element::HEADER # ], elements: [], author: 'Tasos "Zapotek" Laskos <[email protected]>', version: '0.1', references: { 'Title' => 'http://ref.url' }, targets: %W(Generic), issue: { name: %q{Serious issue}, description: %q{This issue is a serious issue and you should consider it seriously}, # CWE ID number cwe: '', # # Severity can be: # # Severity::HIGH # Severity::MEDIUM # Severity::LOW # Severity::INFORMATIONAL # severity: Severity::HIGH, cvssv2: '', # CVSSV2 score remedy_guidance: %q{Paint it blue and throw it in the sea.}, remedy_code: %q{sudo rm -rf /} } } end |
.prefer(*args) ⇒ Array
Schedules self to be run after the specified modules and prevents auditing elements that have been previously logged by any of these modules.
168 169 170 |
# File 'lib/arachni/module/base.rb', line 168 def self.prefer( *args ) @preferred = args.flatten.compact end |
.preferred ⇒ Array
Returns names of modules which should be preferred over this one.
177 178 179 |
# File 'lib/arachni/module/base.rb', line 177 def self.preferred @preferred ||= [] end |
Instance Method Details
#clean_up ⇒ Object
OPTIONAL
This is called after run() has finished executing,
82 83 |
# File 'lib/arachni/module/base.rb', line 82 def clean_up end |
#plugins ⇒ Arachni::PluginManager
Provides access to the plugin manager
You can use it to gain access to the instances of running plugins like so:
p plugins.get( 'profiler' )
# => #<Thread:0x000000025b2ff0 sleep>
p plugins.get( 'profiler' )[:instance]
# => #<Arachni::Plugins::Profiler>
98 99 100 |
# File 'lib/arachni/module/base.rb', line 98 def plugins framework.plugins if framework end |
#preferred ⇒ Object
180 181 182 |
# File 'lib/arachni/module/base.rb', line 180 def preferred self.class.preferred end |
#prepare ⇒ Object
OPTIONAL
It provides you with a way to setup your module’s data and methods.
62 63 |
# File 'lib/arachni/module/base.rb', line 62 def prepare end |
#run ⇒ Object
REQUIRED
This is used to deliver the module’s payload whatever it may be.
72 73 |
# File 'lib/arachni/module/base.rb', line 72 def run end |
#session ⇒ Object
102 103 104 |
# File 'lib/arachni/module/base.rb', line 102 def session framework.session if framework end |