Class: Memorandom::Plugins::URLParams

Inherits:

Memorandom::PluginTemplate

Object
Memorandom::PluginTemplate
Memorandom::Plugins::URLParams

Defined in:: lib/memorandom/plugins/url_params.rb

Constant Summary collapse

@@description =

"This plugin looks for interesting URL parameters and POST data"

@@confidence =

0.50

Instance Attribute Summary

Attributes inherited from Memorandom::PluginTemplate

#hits, #scanner

Instance Method Summary collapse

#scan(buffer, source_offset) ⇒ Object

Scan takes a buffer and an offset of where this buffer starts in the source.

Methods inherited from Memorandom::PluginTemplate

#confidence, confidence, #description, description, #initialize, #report_hit, #reset

Constructor Details

This class inherits a constructor from Memorandom::PluginTemplate

Instance Method Details

#scan(buffer, source_offset) ⇒ `Object`

Scan takes a buffer and an offset of where this buffer starts in the source

# File 'lib/memorandom/plugins/url_params.rb', line 9

def scan(buffer, source_offset)
  buffer.scan(
    /[%a-z0-9_\-=\&]*(?:sid|session|sess|user|usr|login|pass|secret|token)[%a-z0-9_\-=\&]*=[%a-z0-9_\-=&]+/mi
  ).each do |m|
    # This may hit an earlier identical match, but thats ok
    last_offset = buffer.index(m)
    report_hit(:type => 'URLParams', :data => m, :offset => source_offset + last_offset)
    last_offset += m.length
  end
end

Class: Memorandom::Plugins::URLParams

Constant Summary collapse

Instance Attribute Summary

Attributes inherited from Memorandom::PluginTemplate

Instance Method Summary collapse

Methods inherited from Memorandom::PluginTemplate

Constructor Details

Instance Method Details

#scan(buffer, source_offset) ⇒ Object

#scan(buffer, source_offset) ⇒ `Object`