Class: Arachni::Element::Body

Inherits:

Base

• Object
• Base
• Arachni::Element::Body

Includes:

Capabilities::WithAuditor

Defined in:

lib/arachni/element/body.rb

Overview

Author:

• Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Instance Attribute Summary

Attributes included from Capabilities::WithAuditor

#auditor

Attributes inherited from Base

#initialization_options, #page

Instance Method Summary

• #initialize(url) ⇒ Body constructor

  A new instance of Body.

• #match_and_log(patterns, &block) ⇒ Object

  Matches an array of regular expressions against a string and logs the result as an issue.

Methods included from Capabilities::WithAuditor

#dup, #marshal_dump, #orphan?, #prepare_for_report, #remove_auditor

Methods inherited from Base

#==, #action, #dup, from_rpc_data, #hash, #id, #marshal_dump, #marshal_load, #persistent_hash, #prepare_for_report, #reset, #to_h, #to_hash, #to_rpc_data, type, #type, #url, #url=

Methods included from Utilities

#available_port, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_document, #cookies_from_file, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_document, #forms_from_response, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_document, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Methods included from Capabilities::WithScope

#scope

Constructor Details

#initialize(url) ⇒ Body

Returns a new instance of Body.

# File 'lib/arachni/element/body.rb', line 17

def initialize( url )
    super url: url
    @initialization_options = url
end

Instance Method Details

#match_and_log(patterns, &block) ⇒ Object

Matches an array of regular expressions against a string and logs the result as an issue.

Parameters:

• patterns (Array<Regexp>) —

  Array of regular expressions to be tested.

• block (Block) —

  Block to verify matches before logging, must return ‘true`/`false`.

# File 'lib/arachni/element/body.rb', line 29

def match_and_log( patterns, &block )
    elements = auditor.class.info[:elements]
    elements = auditor.class::OPTIONS[:elements] if !elements || elements.empty?

    return if !elements.include?( Body )

    [patterns].flatten.each do |pattern|
        auditor.page.body.scan( pattern ).flatten.uniq.compact.each do |proof|
            next if block_given? && !block.call( proof )

            auditor.log(
                signature: pattern,
                proof:     proof,
                vector:    self
            )
        end
    end
end