Class: Arachni::Check::Base Abstract
- Inherits:
-
Arachni::Component::Base
- Object
- Arachni::Component::Base
- Arachni::Check::Base
- Includes:
- Auditor
- Defined in:
- lib/arachni/check/base.rb
Overview
Base check class to be extended by all checks.
Defines basic structure and provides utilities to checks.
Constant Summary
Constants included from Auditor
Auditor::Format, Auditor::OPTIONS
Constants included from Arachni
BANNER, Arachni::Cookie, Form, Header, Link, LinkTemplate, Severity, VERSION, WEBSITE, WIKI
Instance Attribute Summary
Attributes included from Auditor
Class Method Summary collapse
-
.elements ⇒ Array<Symbol>
Targeted element types.
-
.has_platforms? ⇒ Bool
‘true` if the check can benefit from knowing the platform beforehand, `false` otherwise.
-
.info ⇒ Object
abstract
REQUIRED.
-
.platforms ⇒ Array<Symbol>
Targeted platforms.
-
.prefer(*args) ⇒ Array
Schedules self to be run after the specified checks and prevents auditing elements that have been previously logged by any of these checks.
-
.preferred ⇒ Array
Names of checks which should be preferred over this one.
Instance Method Summary collapse
- #browser_cluster ⇒ Arachni::BrowserCluster
-
#clean_up ⇒ Object
abstract
OPTIONAL.
-
#initialize(page, framework) ⇒ Base
constructor
A new instance of Base.
-
#plugins ⇒ Arachni::Plugin::Manager
Provides access to the plugin manager.
- #preferred ⇒ Object
-
#prepare ⇒ Object
abstract
OPTIONAL.
-
#run ⇒ Object
abstract
REQUIRED.
- #session ⇒ Arachni::Session
Methods included from Auditor
#audit, #audit_differential, #audit_taint, #audit_timeout, #audited, #audited?, #each_candidate_dom_element, #each_candidate_element, has_timeout_candidates?, #http, included, #log, #log_issue, #log_remote_file, #log_remote_file_if_exists, #match_and_log, #max_issues, reset, #skip?, timeout_audit_run, #trace_taint, #with_browser, #with_browser_cluster
Methods inherited from Arachni::Component::Base
author, description, fullname, #shortname, shortname, shortname=, version
Methods included from Arachni::Component::Utilities
Methods included from Utilities
#available_port, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_document, #cookies_from_file, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_document, #forms_from_response, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_document, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite
Methods included from Arachni::Component::Output
#depersonalize_output, #depersonalize_output?, #intercept_print_message
Methods included from UI::Output
#debug?, #debug_off, #debug_on, #disable_only_positives, #included, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #unmute, #verbose?, #verbose_on
Methods included from Arachni
URI, jruby?, null_device, profile?, windows?
Constructor Details
#initialize(page, framework) ⇒ Base
Returns a new instance of Base.
26 27 28 |
# File 'lib/arachni/check/base.rb', line 26 def initialize( page, framework ) super end |
Class Method Details
.elements ⇒ Array<Symbol>
Returns Targeted element types.
154 155 156 |
# File 'lib/arachni/check/base.rb', line 154 def elements [info[:elements]].flatten.compact end |
.has_platforms? ⇒ Bool
Returns ‘true` if the check can benefit from knowing the platform beforehand, `false` otherwise.
142 143 144 |
# File 'lib/arachni/check/base.rb', line 142 def has_platforms? platforms.any? end |
.info ⇒ Object
REQUIRED
Provides information about the check. Don’t take this lightly and don’t ommit any of the info.
89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 |
# File 'lib/arachni/check/base.rb', line 89 def self.info { name: 'Base check abstract class', description: %q{Provides an abstract class the check should implement.}, # # Arachni needs to know what elements the check plans to audit # before invoking it. # If a page doesn't have any of those elements # there's no point in instantiating the check. # # If you want the check to run no-matter what, leave the array # empty. # # elements: [ # Element::Form, # Element::Link # Element::Cookie # Element::Header # ], elements: [], author: 'Tasos "Zapotek" Laskos <[email protected]>', version: '0.1', references: { 'Title' => 'http://ref.url' }, issue: { name: %q{Serious issue}, description: %q{This issue is a serious issue and you should consider it seriously}, # CWE ID number cwe: 0, # # Severity can be: # # Severity::HIGH # Severity::MEDIUM # Severity::LOW # Severity::INFORMATIONAL # severity: Severity::HIGH, remedy_guidance: %q{Paint it blue and throw it in the sea.}, remedy_code: %q{sudo rm -rf /} } } end |
.platforms ⇒ Array<Symbol>
Returns Targeted platforms.
148 149 150 |
# File 'lib/arachni/check/base.rb', line 148 def platforms [info[:platforms]].flatten.compact end |
.prefer(*args) ⇒ Array
Schedules self to be run after the specified checks and prevents auditing elements that have been previously logged by any of these checks.
162 163 164 |
# File 'lib/arachni/check/base.rb', line 162 def prefer( *args ) @preferred = args.flatten.compact end |
.preferred ⇒ Array
Returns Names of checks which should be preferred over this one.
170 171 172 |
# File 'lib/arachni/check/base.rb', line 170 def preferred @preferred ||= [] end |
Instance Method Details
#browser_cluster ⇒ Arachni::BrowserCluster
75 76 77 |
# File 'lib/arachni/check/base.rb', line 75 def browser_cluster framework.browser_cluster if framework end |
#plugins ⇒ Arachni::Plugin::Manager
Provides access to the plugin manager
You can use it to gain access to the instances of running plugins like so:
p plugins.get( 'profiler' )
# => #<Thread:0x000000025b2ff0 sleep>
p plugins.get( 'profiler' )[:instance]
# => #<Arachni::Plugins::Profiler>
65 66 67 |
# File 'lib/arachni/check/base.rb', line 65 def plugins framework.plugins if framework end |
#preferred ⇒ Object
79 80 81 |
# File 'lib/arachni/check/base.rb', line 79 def preferred self.class.preferred end |
#prepare ⇒ Object
OPTIONAL
It provides you with a way to setup your check’s data and methods.
35 36 |
# File 'lib/arachni/check/base.rb', line 35 def prepare end |
#run ⇒ Object
REQUIRED
This is used to deliver the check’s payload whatever it may be.
43 44 |
# File 'lib/arachni/check/base.rb', line 43 def run end |
#session ⇒ Arachni::Session
70 71 72 |
# File 'lib/arachni/check/base.rb', line 70 def session framework.session if framework end |