Class: Arachni::Trainer

Inherits:

Object

Object
Arachni::Trainer

show all

Includes:: ElementFilter, Module::Output, Utilities

Defined in:: lib/arachni/trainer.rb

Overview

Trainer class

Analyzes key HTTP responses looking for new auditable elements.

Author:

Tasos Laskos <[email protected]>

Constant Summary collapse

MAX_TRAININGS_PER_URL =

Instance Method Summary collapse

#initialize(framework) ⇒ Trainer constructor

A new instance of Trainer.
#on_new_page(&block) ⇒ Object
#page=(page) ⇒ Object (also: #init)

Sets the current working page and inits the element DB.
#push(res) ⇒ Object

Passes the response on for analysis.

Constructor Details

#initialize(framework) ⇒ `Trainer`

Returns a new instance of Trainer.

Parameters:

framework (Arachni::Framework)

# File 'lib/arachni/trainer.rb', line 37

def initialize( framework )
    @framework  = framework
    @updated    = false

    @on_new_page_blocks = []
    @trainings_per_url  = Hash.new( 0 )

    # get us setup using the page that is being audited as a seed page
    framework.on_audit_page { |page| self.page = page }

    HTTP.add_on_complete do |response|
        next if !response.request.train?

        if response.redirection? && response.location.is_a?( String )
            reference_url = @page ? @page.url : @framework.opts.url
            HTTP.get( to_absolute( response.location, reference_url ) ) do |res|
                push res
            end
            next
        end

        push response
    end
end

Instance Method Details

#on_new_page(&block) ⇒ `Object`



119
120
121

# File 'lib/arachni/trainer.rb', line 119

def on_new_page( &block )
    @on_new_page_blocks << block
end

#page=(page) ⇒ `Object` Also known as: init

Sets the current working page and inits the element DB.

Parameters:

page (Arachni::Page)

# File 'lib/arachni/trainer.rb', line 113

def page=( page )
    init_db_from_page( page )
    @page = page.deep_clone
end

#push(res) ⇒ `Object`

Passes the response on for analysis.

If the response contains new elements it creates a new page with those elements and pushes it a buffer.

These new pages can then be retrieved by flushing the buffer (#flush).

Parameters:

res (Typhoeus::Response)

# File 'lib/arachni/trainer.rb', line 72

def push( res )
    if !@page
        print_debug 'No seed page assigned yet.'
        return
    end

    if @framework.link_count_limit_reached?
        print_verbose 'Link count limit reached, skipping analysis.'
        return false
    end

    @parser = Parser.new( res )

    return false if !@parser.text?

    skip_message = nil
    if @trainings_per_url[@parser.url] >= MAX_TRAININGS_PER_URL
        skip_message = "Reached maximum trainings (#{MAX_TRAININGS_PER_URL})"
    elsif redundant_path?( @parser.url )
        skip_message = 'Matched redundancy filters'
    elsif skip_resource?( res )
        skip_message = 'Matched exclusion criteria'
    end

    if skip_message
        print_verbose "#{skip_message}, skipping: #{@parser.url}"
        return false
    end

    analyze( res )
    true
rescue => e
    print_error( e.to_s )
    print_error_backtrace( e )
end

Class: Arachni::Trainer

Overview

Constant Summary collapse

Instance Method Summary collapse

Methods included from Utilities

Methods included from ElementFilter

Methods included from Module::Output

Methods included from UI::Output

Constructor Details

#initialize(framework) ⇒ Trainer

Instance Method Details

#on_new_page(&block) ⇒ Object

#page=(page) ⇒ Object Also known as: init

#push(res) ⇒ Object

#initialize(framework) ⇒ `Trainer`

#on_new_page(&block) ⇒ `Object`

#page=(page) ⇒ `Object` Also known as: init

#push(res) ⇒ `Object`