Class: Yawast::Scanner::Plugins::Http::Generic
- Inherits:
-
Object
- Object
- Yawast::Scanner::Plugins::Http::Generic
- Defined in:
- lib/scanner/plugins/http/generic.rb
Class Method Summary collapse
Class Method Details
.check_options(uri) ⇒ Object
58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 |
# File 'lib/scanner/plugins/http/generic.rb', line 58 def self.(uri) begin req = Yawast::Shared::Http.get_http(uri) req.use_ssl = uri.scheme == 'https' headers = Yawast::Shared::Http.get_headers res = req.request(Options.new('/', headers)) unless res['Public'].nil? Yawast::Utilities.puts_info "Public HTTP Verbs (OPTIONS): #{res['Public']}" Yawast::Shared::Output.log_value 'http', 'options', 'public', res['Public'] puts '' end unless res['Allow'].nil? Yawast::Utilities.puts_info "Allow HTTP Verbs (OPTIONS): #{res['Allow']}" Yawast::Shared::Output.log_value 'http', 'options', 'allow', res['Allow'] puts '' end end end |
.check_propfind(uri) ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
# File 'lib/scanner/plugins/http/generic.rb', line 8 def self.check_propfind(uri) begin req = Yawast::Shared::Http.get_http(uri) req.use_ssl = uri.scheme == 'https' headers = Yawast::Shared::Http.get_headers res = req.request(Propfind.new('/', headers)) if res.code.to_i <= 400 && res.body.length.positive? && res['Content-Type'] == 'text/xml' Yawast::Utilities.puts_warn 'Possible Info Disclosure: PROPFIND Enabled' puts "\t\t\"curl -X PROPFIND #{uri}\"" puts '' Yawast::Shared::Output.log_hash 'vulnerabilities', 'http_propfind_enabled', {vulnerable: true, body: res.body, code: res.code, content_type: res['Content-Type'], length: res.body.length} else Yawast::Shared::Output.log_hash 'vulnerabilities', 'http_propfind_enabled', {vulnerable: false, body: res.body, code: res.code, content_type: res['Content-Type'], length: res.body.length} end end end |
.check_trace(uri) ⇒ Object
34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/scanner/plugins/http/generic.rb', line 34 def self.check_trace(uri) begin req = Yawast::Shared::Http.get_http(uri) req.use_ssl = uri.scheme == 'https' headers = Yawast::Shared::Http.get_headers res = req.request(Trace.new('/', headers)) if res.body.include?('TRACE / HTTP/1.1') && res.code == '200' Yawast::Utilities.puts_warn 'HTTP TRACE Enabled' puts "\t\t\"curl -X TRACE #{uri}\"" puts '' Yawast::Shared::Output.log_hash 'vulnerabilities', 'http_trace_enabled', {vulnerable: true, body: res.body, code: res.code} else Yawast::Shared::Output.log_hash 'vulnerabilities', 'http_trace_enabled', {vulnerable: false, body: res.body, code: res.code} end end end |