Class: Platform::Fingerprinters::ASPX

Inherits:

Arachni::Platform::Fingerprinter

Object
Arachni::Platform::Fingerprinter
Platform::Fingerprinters::ASPX

show all

Defined in:: components/fingerprinters/languages/aspx.rb

Overview

Identifies ASPX resources.

Author:

Tasos "Zapotek" Laskos [email protected]

Version:

0.1.1

Constant Summary collapse

EXTENSION =

'aspx'

SESSION_COOKIE =

'asp.net_sessionid'

X_POWERED_BY =

'asp.net'

VIEWSTATE =

'__viewstate'

HEADER_FIELDS =

%w(x-aspnet-version x-aspnetmvc-version)

Instance Attribute Summary

Attributes inherited from Arachni::Platform::Fingerprinter

#page

Instance Method Summary collapse

Methods inherited from Arachni::Platform::Fingerprinter

#cookies, #extension, #headers, #html?, #initialize, #parameters, #platforms, #powered_by, #server, #server_or_powered_by_include?, #uri

Methods included from Arachni::Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Constructor Details

This class inherits a constructor from Arachni::Platform::Fingerprinter

Instance Method Details

#run ⇒ `Object`

# File 'components/fingerprinters/languages/aspx.rb', line 24

def run
    if extension == EXTENSION ||
        # Session ID in URL, like:
        #   http://blah.com/(S(yn5cby55lgzstcen0ng2b4iq))/stuff.aspx
        uri.path =~ /\/\(s\([a-z0-9]+\)\)\//i

        return update_platforms
    end

    # Naive but enough, I think.
    if html? && page.body =~ /input.*#{VIEWSTATE}/i
        return update_platforms
    end

    if server_or_powered_by_include?( X_POWERED_BY ) ||
        (headers.keys & HEADER_FIELDS).any?
        return update_platforms
    end

    if cookies.include?( SESSION_COOKIE )
        update_platforms
    end
end

#update_platforms ⇒ `Object`



48
49
50

# File 'components/fingerprinters/languages/aspx.rb', line 48

def update_platforms
    platforms << :asp << :aspx << :windows
end