Class: XspearScan::CallbackXSSSelenium

Inherits:
ScanCallbackFunc show all
Defined in:
lib/XSpear.rb

Instance Method Summary collapse

Methods inherited from ScanCallbackFunc

#initialize

Constructor Details

This class inherits a constructor from XspearScan::ScanCallbackFunc

Instance Method Details

#runObject 



236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
 
# File 'lib/XSpear.rb', line 236

def run
  begin
  options = Selenium::WebDriver::Firefox::Options.new(args: ['-headless'])
  driver = Selenium::WebDriver.for(:firefox, options: options)
  if @method == "GET"
    begin
      driver.get(@url+"?"+@query)
      alert = driver.switch_to().alert()
      if alert.text.to_s == "45"
        driver.quit
        return [true, "found alert/prompt/confirm (45) in selenium!! #{@query}"]
      else
        driver.quit
        return [true, "found alert/prompt/confirm event in selenium #{@query}"]
      end
    rescue Selenium::WebDriver::Error::UnexpectedAlertOpenError => e
      driver.quit
      return [true, "found alert/prompt/confirm error base in selenium #{@query}"]
    rescue => e
      driver.quit
      return [false, "not found alert/prompt/confirm event #{@query}"]
    end
  end
rescue => e
  log('s', "Error Selenium : #{e}")
end
end