Module: Arachni::Utilities

Extended by:

Utilities

Included in:

Browser, Browser::Javascript, BrowserCluster, Component::Manager, Component::Manager, Component::Utilities, Element::Base, Element::Base, Element::Capabilities::Auditable, Framework, HTTP::Client, HTTP::Client::Dynamic404Handler, HTTP::CookieJar, HTTP::Request, Page, Parser, Platform::Fingerprinter, Platform::Manager, Platform::Manager, Plugins::Proxy::TemplateScope, Processes::Dispatchers, Processes::Instances, RPC::Server::Dispatcher, RPC::Server::Instance, Report, Session, Support::Mixins::Observable, Trainer, Arachni::UI::CLI::Framework, Arachni::UI::CLI::Reporter, Arachni::UI::CLI::Reproduce, Arachni::UI::CLI::Utilities, URI, URI, Utilities

Defined in:

lib/arachni/utilities.rb

Overview

Includes some useful methods for the system.

Class Method Summary

• .available_port_mutex ⇒ Object

Instance Method Summary

• #available_port ⇒ Fixnum

  Random available port number.

• #bytes_to_kilobytes(bytes) ⇒ Object
• #bytes_to_megabytes(bytes) ⇒ Object
• #caller_name ⇒ String

  Filename (without extension) of the caller.

• #caller_path(offset = 2) ⇒ String

  Filepath of the caller.

• #cookie_decode(*args) ⇒ Object
• #cookie_encode(*args) ⇒ Object
• #cookies_from_file(*args) ⇒ Object
• #cookies_from_parser(*args) ⇒ Object
• #cookies_from_response(*args) ⇒ Object
• #exception_jail(raise_exception = true, &block) ⇒ Object

  Wraps the block in exception handling code and runs it.

• #exclude_path?(url) ⇒ Bool

  Decides whether the given url matches any framework exclusion rules.

• #follow_protocol?(url, reference = Options.url) ⇒ Bool

  Decides whether the given url has an acceptable protocol.

• #form_decode(*args) ⇒ Object
• #form_encode(*args) ⇒ Object
• #forms_from_parser(*args) ⇒ Object
• #forms_from_response(*args) ⇒ Object
• #full_and_absolute_url?(url) ⇒ Boolean
• #generate_token ⇒ Object
• #get_path(url) ⇒ String

  Path Full URL up to the path component (no resource, query etc.).

• #hms_to_seconds(time) ⇒ Object
• #html_decode(str) ⇒ Object (also: #html_unescape)
• #html_encode(str) ⇒ Object (also: #html_escape)
• #include_path?(url) ⇒ Bool

  Decides whether the given url matches any framework inclusion rules.

• #links_from_parser(*args) ⇒ Object
• #links_from_response(*args) ⇒ Object
• #normalize_url(url) ⇒ Object
• #page_from_response(*args) ⇒ Object
• #page_from_url(*args, &block) ⇒ Object
• #parse_set_cookie(*args) ⇒ Object
• #path_in_domain?(url, reference = Options.url) ⇒ Bool

  Compares 2 urls in order to decide whether or not they belong to the same domain.

• #path_too_deep?(url) ⇒ Bool

  true is the path exceeds the framework limit, false otherwise.

• #port_available?(port) ⇒ Bool

  Checks whether the port number is available.

• #rand_port ⇒ Integer

  Random port within the user specified range.

• #random_seed ⇒ String

  Random HEX (SHA2) string.

• #redundant_path?(url, update_counters = false) ⇒ Bool

  Checks if the provided URL matches a redundant filter and decreases its counter if so.

• #regexp_array_match(regexps, str) ⇒ Object
• #remove_constants(mod, skip = []) ⇒ Object
• #request_parse_body(*args) ⇒ Object
• #seconds_to_hms(seconds) ⇒ String

  Time in 00:00:00 (hours:minutes:seconds) format.

• #skip_page?(page) ⇒ Bool

  Determines whether or not the given Page.

• #skip_path?(path) ⇒ Bool

  Decides whether or not the provided path should be skipped based on:.

• #skip_resource?(resource) ⇒ Bool

  Determines whether or not the given resource should be ignored depending on its type and content.

• #skip_response?(response) ⇒ Bool

  Determines whether or not the given HTTP::Response should be ignored.

• #to_absolute(relative_url, reference_url = Options.instance.url.to_s) ⇒ Object
• #uri_decode(url) ⇒ Object
• #uri_encode(*args) ⇒ Object
• #uri_parse(url) ⇒ Object
• #uri_parse_query(url) ⇒ Object
• #uri_parser ⇒ URI::Parser

  Cached URI parser.

• #uri_rewrite(*args) ⇒ Object

Class Method Details

.available_port_mutex ⇒ Object

# File 'lib/arachni/utilities.rb', line 358

def self.available_port_mutex
    @available_port_mutex ||= Mutex.new
end

Instance Method Details

#available_port ⇒ Fixnum

# File 'lib/arachni/utilities.rb', line 343

def available_port
    available_port_mutex.synchronize do
        @used_ports ||= Set.new

        loop do
            port = self.rand_port

            if port_available?( port ) && !@used_ports.include?( port )
                @used_ports << port
                return port
            end
        end
    end
end

#bytes_to_kilobytes(bytes) ⇒ Object

# File 'lib/arachni/utilities.rb', line 415

def bytes_to_kilobytes( bytes )
    (bytes / 1024.0 ).round( 3 )
end

#bytes_to_megabytes(bytes) ⇒ Object

# File 'lib/arachni/utilities.rb', line 411

def bytes_to_megabytes( bytes )
    (bytes / 1024.0 / 1024.0).round( 3 )
end

#caller_name ⇒ String

# File 'lib/arachni/utilities.rb', line 22

def caller_name
    File.basename( caller_path( 3 ), '.rb' )
end

#caller_path(offset = 2) ⇒ String

# File 'lib/arachni/utilities.rb', line 28

def caller_path( offset = 2 )
    ::Kernel.caller[offset].split( /:(\d+):in/ ).first
end

#cookie_decode(*args) ⇒ Object

See Also:

• Element::Cookie.decode

# File 'lib/arachni/utilities.rb', line 98

def cookie_decode( *args )
    Cookie.decode( *args )
end

#cookie_encode(*args) ⇒ Object

See Also:

• Element::Cookie.encode

# File 'lib/arachni/utilities.rb', line 93

def cookie_encode( *args )
    Cookie.encode( *args )
end

#cookies_from_file(*args) ⇒ Object

See Also:

• Element::Cookie.from_file

# File 'lib/arachni/utilities.rb', line 88

def cookies_from_file( *args )
    Cookie.from_file( *args )
end

#cookies_from_parser(*args) ⇒ Object

See Also:

• Element::Cookie.from_parser

# File 'lib/arachni/utilities.rb', line 78

def cookies_from_parser( *args )
    Cookie.from_parser(*args )
end

#cookies_from_response(*args) ⇒ Object

See Also:

• Element::Cookie.from_response

# File 'lib/arachni/utilities.rb', line 73

def cookies_from_response( *args )
    Cookie.from_response( *args )
end

#exception_jail(raise_exception = true, &block) ⇒ Object

Wraps the block in exception handling code and runs it.

# File 'lib/arachni/utilities.rb', line 424

def exception_jail( raise_exception = true, &block )
    block.call
rescue => e
    if respond_to?( :print_error ) && respond_to?( :print_exception )
        print_exception e
        print_error
        print_error 'Parent:'
        print_error  self.class.to_s
        print_error
        print_error 'Block:'
        print_error block.to_s
        print_error
        print_error 'Caller:'
        ::Kernel.caller.each { |l| print_error l }
        print_error '-' * 80
    end

    raise e if raise_exception

    nil
end

#exclude_path?(url) ⇒ Bool

Decides whether the given url matches any framework exclusion rules.

See Also:

• URI.exclude?
• OptionGroups::Scope#exclude_path_patterns

# File 'lib/arachni/utilities.rb', line 208

def exclude_path?( url )
    uri_parse( url ).scope.exclude?
end

#follow_protocol?(url, reference = Options.url) ⇒ Bool

Decides whether the given url has an acceptable protocol.

See Also:

• OptionGroups::Scope#https_only
• OptionGroups::Scope#https_only?

# File 'lib/arachni/utilities.rb', line 250

def follow_protocol?( url, reference = Options.url )
    uri_parse( url ).scope.follow_protocol?( reference )
end

#form_decode(*args) ⇒ Object

See Also:

• Element::Form.decode

# File 'lib/arachni/utilities.rb', line 53

def form_decode( *args )
    Form.decode( *args )
end

#form_encode(*args) ⇒ Object

See Also:

• Element::Form.encode

# File 'lib/arachni/utilities.rb', line 48

def form_encode( *args )
    Form.encode( *args )
end

#forms_from_parser(*args) ⇒ Object

See Also:

• Element::Form.from_parser

# File 'lib/arachni/utilities.rb', line 43

def forms_from_parser( *args )
    Form.from_parser(*args )
end

#forms_from_response(*args) ⇒ Object

See Also:

• Element::Form.from_response

# File 'lib/arachni/utilities.rb', line 38

def forms_from_response( *args )
    Form.from_response( *args )
end

#full_and_absolute_url?(url) ⇒ Boolean

See Also:

• Arachni::URI.full_and_absolute?

# File 'lib/arachni/utilities.rb', line 162

def full_and_absolute_url?( url )
    Arachni::URI.full_and_absolute?( url.to_s )
end

#generate_token ⇒ Object

# File 'lib/arachni/utilities.rb', line 374

def generate_token
    SecureRandom.hex
end

#get_path(url) ⇒ String

Returns path Full URL up to the path component (no resource, query etc.).

See Also:

• Arachni::URI#up_to_path

# File 'lib/arachni/utilities.rb', line 172

def get_path( url )
    uri_parse( url ).up_to_path
end

#hms_to_seconds(time) ⇒ Object

# File 'lib/arachni/utilities.rb', line 404

def hms_to_seconds( time )
    a = [1, 60, 3600] * 2
    time.split( /[:\.]/ ).map { |t| t.to_i * a.pop }.inject(&:+)
rescue
    0
end

#html_decode(str) ⇒ Object Also known as: html_unescape

# File 'lib/arachni/utilities.rb', line 112

def html_decode( str )
    ::CGI.unescapeHTML( str.to_s )
end

#html_encode(str) ⇒ Object Also known as: html_escape

# File 'lib/arachni/utilities.rb', line 117

def html_encode( str )
    ::CGI.escapeHTML( str.to_s )
end

#include_path?(url) ⇒ Bool

Decides whether the given url matches any framework inclusion rules.

See Also:

• URI.include?
• Options#include

# File 'lib/arachni/utilities.rb', line 220

def include_path?( url )
    uri_parse( url ).scope.include?
end

#links_from_parser(*args) ⇒ Object

See Also:

• Element::Link.from_parser

# File 'lib/arachni/utilities.rb', line 68

def links_from_parser( *args )
    Link.from_parser(*args )
end

#links_from_response(*args) ⇒ Object

See Also:

• Element::Link.from_response

# File 'lib/arachni/utilities.rb', line 63

def links_from_response( *args )
    Link.from_response( *args )
end

#normalize_url(url) ⇒ Object

See Also:

• Arachni::URI.normalize

# File 'lib/arachni/utilities.rb', line 157

def normalize_url( url )
    URI.normalize( url )
end

#page_from_response(*args) ⇒ Object

See Also:

• Page.from_response

# File 'lib/arachni/utilities.rb', line 103

def page_from_response( *args )
    Page.from_response( *args )
end

#page_from_url(*args, &block) ⇒ Object

See Also:

• Page.from_url

# File 'lib/arachni/utilities.rb', line 108

def page_from_url( *args, &block )
    Page.from_url( *args, &block )
end

#parse_set_cookie(*args) ⇒ Object

See Also:

• Element::Cookie.parse_set_cookie

# File 'lib/arachni/utilities.rb', line 83

def parse_set_cookie( *args )
    Cookie.parse_set_cookie( *args )
end

#path_in_domain?(url, reference = Options.url) ⇒ Bool

Compares 2 urls in order to decide whether or not they belong to the same domain.

See Also:

• URI.in_domain?
• OptionGroups::Scope#include_subdomains

# File 'lib/arachni/utilities.rb', line 196

def path_in_domain?( url, reference = Options.url )
    uri_parse( url ).scope.in_domain?( reference )
end

#path_too_deep?(url) ⇒ Bool

Returns true is the path exceeds the framework limit, false otherwise.

See Also:

• Arachni::URI::Scope#too_deep?

# File 'lib/arachni/utilities.rb', line 182

def path_too_deep?( url )
    uri_parse( url ).scope.too_deep?
end

#port_available?(port) ⇒ Bool

Checks whether the port number is available.

# File 'lib/arachni/utilities.rb', line 383

def port_available?( port )
    begin
        socket = ::Socket.new( :INET, :STREAM, 0 )
        socket.bind( ::Socket.sockaddr_in( port, '127.0.0.1' ) )
        socket.close
        true
    rescue Errno::EADDRINUSE, Errno::EACCES
        false
    end
end

#rand_port ⇒ Integer

Returns Random port within the user specified range.

See Also:

• OptionGroups::Dispatcher#instance_port_range

# File 'lib/arachni/utilities.rb', line 367

def rand_port
    first, last = Options.dispatcher.instance_port_range
    range = (first..last).to_a

    range[ rand( range.last - range.first ) ]
end

#random_seed ⇒ String

# File 'lib/arachni/utilities.rb', line 33

def random_seed
    @@random_seed ||= generate_token
end

#redundant_path?(url, update_counters = false) ⇒ Bool

Checks if the provided URL matches a redundant filter and decreases its counter if so.

If a filter's counter has reached 0 the method returns true.

See Also:

• OptionGroups::Scope#redundant_path_patterns?

# File 'lib/arachni/utilities.rb', line 235

def redundant_path?( url, update_counters = false )
    uri_parse( url ).scope.redundant?( update_counters )
end

#regexp_array_match(regexps, str) ⇒ Object

# File 'lib/arachni/utilities.rb', line 446

def regexp_array_match( regexps, str )
    regexps = [regexps].flatten.compact.
        map { |s| s.is_a?( Regexp ) ? s : Regexp.new( s.to_s ) }
    return true if regexps.empty?

    cnt = 0
    regexps.each { |filter| cnt += 1 if str =~ filter }
    cnt == regexps.size
end

#remove_constants(mod, skip = []) ⇒ Object

# File 'lib/arachni/utilities.rb', line 456

def remove_constants( mod, skip = [] )
    return if skip.include?( mod )
    return if !(mod.is_a?( Class ) || mod.is_a?( Module )) ||
        !mod.to_s.start_with?( 'Arachni' )

    parent = Object
    mod.to_s.split( '::' )[0..-2].each do |ancestor|
        parent = parent.const_get( ancestor.to_sym )
    end

    mod.constants.each { |m| mod.send( :remove_const, m ) }
    nil
end

#request_parse_body(*args) ⇒ Object

See Also:

• HTTP::Request.parse_body

# File 'lib/arachni/utilities.rb', line 58

def request_parse_body( *args )
    HTTP::Request.parse_body( *args )
end

#seconds_to_hms(seconds) ⇒ String

# File 'lib/arachni/utilities.rb', line 398

def seconds_to_hms( seconds )
    seconds = seconds.to_i
    [seconds / 3600, seconds / 60 % 60, seconds % 60].
        map { |t| t.to_s.rjust( 2, '0' ) }.join( ':' )
end

#skip_page?(page) ⇒ Bool

Determines whether or not the given Page.

See Also:

• #skip_path?
• OptionGroups::Audit#exclude_binaries?
• OptionGroups::Scope#exclude_page?
• OptionGroups::Scope#dom_depth_limit

# File 'lib/arachni/utilities.rb', line 304

def skip_page?( page )
    page.scope.out?
end

#skip_path?(path) ⇒ Bool

Note:

Does not call #redundant_path?.

Decides whether or not the provided path should be skipped based on:

• #include_path?
• #exclude_path?
• #path_too_deep?
• #path_in_domain?

# File 'lib/arachni/utilities.rb', line 266

def skip_path?( path )
    return true if !path

    parsed = uri_parse( path.to_s )
    return true if !parsed

    parsed.scope.out?
end

#skip_resource?(resource) ⇒ Bool

Determines whether or not the given resource should be ignored depending on its type and content.

See Also:

• #skip_path?
• ignore_page?
• ignore_response?
• Options#ignore?

# File 'lib/arachni/utilities.rb', line 328

def skip_resource?( resource )
    case resource
        when Page
            skip_page?( resource )

        when Arachni::HTTP::Response
            skip_response?( resource )

        else
            skip_path? resource.to_s
    end
end

#skip_response?(response) ⇒ Bool

Determines whether or not the given HTTP::Response should be ignored.

See Also:

• #skip_path?
• OptionGroups::Scope#exclude_binaries?
• OptionGroups::Scope#exclude_page?

# File 'lib/arachni/utilities.rb', line 287

def skip_response?( response )
    response.scope.out?
end

#to_absolute(relative_url, reference_url = Options.instance.url.to_s) ⇒ Object

See Also:

• Arachni::URI.to_absolute

# File 'lib/arachni/utilities.rb', line 152

def to_absolute( relative_url, reference_url = Options.instance.url.to_s )
    URI.to_absolute( relative_url, reference_url )
end

#uri_decode(url) ⇒ Object

See Also:

• Arachni::URI.encode

# File 'lib/arachni/utilities.rb', line 138

def uri_decode( url )
    URI.decode( url )
end

#uri_encode(*args) ⇒ Object

See Also:

• Arachni::URI.encode

# File 'lib/arachni/utilities.rb', line 133

def uri_encode( *args )
    URI.encode( *args )
end

#uri_parse(url) ⇒ Object

See Also:

• Arachni::URI.parse

# File 'lib/arachni/utilities.rb', line 128

def uri_parse( url )
    URI.parse( url )
end

#uri_parse_query(url) ⇒ Object

See Also:

• Arachni::URI.parse_query

# File 'lib/arachni/utilities.rb', line 147

def uri_parse_query( url )
    URI.parse_query( url )
end

#uri_parser ⇒ URI::Parser

# File 'lib/arachni/utilities.rb', line 123

def uri_parser
    URI.parser
end

#uri_rewrite(*args) ⇒ Object

# File 'lib/arachni/utilities.rb', line 142

def uri_rewrite( *args )
    URI.rewrite( *args )
end