Class: Arachni::Checks::AllowedMethods
- Inherits:
-
Arachni::Check::Base
- Object
- Arachni::Component::Base
- Arachni::Check::Base
- Arachni::Checks::AllowedMethods
- Defined in:
- components/checks/passive/allowed_methods.rb
Overview
Allowed HTTP methods recon check.
Constant Summary
Constants included from Arachni::Check::Auditor
Arachni::Check::Auditor::DOM_ELEMENTS_WITH_INPUTS, Arachni::Check::Auditor::ELEMENTS_WITH_INPUTS, Arachni::Check::Auditor::FILE_SIGNATURES, Arachni::Check::Auditor::FILE_SIGNATURES_PER_PLATFORM, Arachni::Check::Auditor::Format, Arachni::Check::Auditor::SOURCE_CODE_SIGNATURES_PER_PLATFORM
Constants included from Arachni
BANNER, Arachni::Cookie, Form, Header, JSON, Link, LinkTemplate, NestedCookie, Severity, UIForm, UIInput, VERSION, WEBSITE, WIKI, XML
Instance Attribute Summary
Attributes included from Arachni::Check::Auditor
Class Method Summary collapse
Instance Method Summary collapse
Methods inherited from Arachni::Check::Base
#browser_cluster, elements, exempt_platforms, has_exempt_platforms?, has_platforms?, #initialize, platforms, #plugins, prefer, #preferred, preferred, #prepare, #session, supports_platforms?
Methods included from Arachni::Check::Auditor
#audit, #audit_differential, #audit_signature, #audit_timeout, #audited, #audited?, #buffered_audit, #each_candidate_dom_element, #each_candidate_element, has_timeout_candidates?, #http, #initialize, #log, #log_issue, #log_remote_file, #log_remote_file_if_exists, #match_and_log, #max_issues, #preferred, reset, #skip?, timeout_audit_run, #trace_taint, #with_browser, #with_browser_cluster
Methods inherited from Arachni::Component::Base
author, description, fullname, #shortname, shortname, shortname=, version
Methods included from Arachni::Component::Output
#depersonalize_output, #depersonalize_output?, #intercept_print_message
Methods included from UI::Output
#caller_location, #debug?, #debug_level, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #error_buffer, #error_log_fd, #error_logfile, #has_error_log?, #included, #log_error, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_exception, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #set_error_logfile, #unmute, #verbose?, #verbose_off, #verbose_on
Methods included from Arachni::Component::Utilities
Methods included from Utilities
#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite
Methods included from Arachni
URI, collect_young_objects, #get_long_win32_filename, jruby?, null_device, profile?, windows?
Constructor Details
This class inherits a constructor from Arachni::Check::Base
Class Method Details
.info ⇒ Object
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
# File 'components/checks/passive/allowed_methods.rb', line 47 def self.info { name: 'Allowed methods', description: %q{Checks for supported HTTP methods.}, elements: [Element::Server], author: 'Tasos "Zapotek" Laskos <[email protected]>', version: '0.2', issue: { name: %q{Allowed HTTP methods}, description: %q{ There are a number of HTTP methods that can be used on a webserver (`OPTIONS`, `HEAD`, `GET`, `POST`, `PUT`, `DELETE` etc.). Each of these methods perform a different function and each have an associated level of risk when their use is permitted on the webserver. A client can use the `OPTIONS` method within a request to query a server to determine which methods are allowed. Cyber-criminals will almost always perform this simple test as it will give a very quick indication of any high-risk methods being permitted by the server. Arachni discovered that several methods are supported by the server. }, references: { 'Apache.org' => 'http://httpd.apache.org/docs/2.2/mod/core.html#limitexcept' }, tags: %w(http methods options), severity: Severity::INFORMATIONAL, remedy_guidance: %q{ It is recommended that a whitelisting approach be taken to explicitly permit the HTTP methods required by the application and block all others. Typically the only HTTP methods required for most applications are `GET` and `POST`. All other methods perform actions that are rarely required or perform actions that are inherently risky. These risky methods (such as `PUT`, `DELETE`, etc) should be protected by strict limitations, such as ensuring that the channel is secure (SSL/TLS enabled) and only authorised and trusted clients are permitted to use them. } } } end |
.ran ⇒ Object
21 22 23 |
# File 'components/checks/passive/allowed_methods.rb', line 21 def self.ran @ran = true end |
.ran? ⇒ Boolean
17 18 19 |
# File 'components/checks/passive/allowed_methods.rb', line 17 def self.ran? !!@ran end |
Instance Method Details
#check_and_log(response) ⇒ Object
36 37 38 39 40 41 42 43 44 45 |
# File 'components/checks/passive/allowed_methods.rb', line 36 def check_and_log( response ) methods = response.headers['Allow'] return if !methods || methods.empty? log vector: Element::Server.new( response.url ), proof: methods, response: response # inform the user that we have a match print_ok( methods ) end |
#clean_up ⇒ Object
32 33 34 |
# File 'components/checks/passive/allowed_methods.rb', line 32 def clean_up self.class.ran end |
#run ⇒ Object
25 26 27 28 29 30 |
# File 'components/checks/passive/allowed_methods.rb', line 25 def run return if self.class.ran? print_status 'Checking...' http.request( page.url, method: :options ) { |response| check_and_log( response ) } end |