Class: Arachni::Framework
- Includes:
- Mixins::Observable, Module::Utilities, UI::Output
- Defined in:
- lib/framework.rb
Overview
Arachni::Framework class
The Framework class ties together all the components.<br/> It should be wrapped by a UI class.
It’s the brains of the operation, it bosses the rest of the classes around.<br/> It runs the audit, loads modules and reports and runs them according to user options.
@author: Tasos “Zapotek” Laskos
<[email protected]>
<[email protected]>
@version: 0.2.2
Direct Known Subclasses
Constant Summary collapse
- REVISION =
the version of this class
'0.2.1'
Instance Attribute Summary collapse
-
#auditmap ⇒ Object
readonly
Returns the value of attribute auditmap.
- #http ⇒ Arachni::HTTP readonly
-
#modules ⇒ Arachni::Module::Manager
readonly
Module manager.
-
#opts ⇒ Options
readonly
Instance options.
-
#page_queue ⇒ Queue<Arachni::Parser::Page>
readonly
Holds candidate pages to be audited.
-
#plugins ⇒ Arachni::Plugin::Manager
readonly
Plugin manager.
-
#reports ⇒ Arachni::Report::Manager
readonly
Report manager.
-
#sitemap ⇒ Object
readonly
Returns the value of attribute sitemap.
-
#spider ⇒ Arachni::Spider
readonly
Spider.
Instance Method Summary collapse
-
#audit ⇒ Object
Audits the site.
- #audit_queue ⇒ Object
-
#audit_store(fresh = false) ⇒ AuditStore
Returns the results of the audit as an AuditStore instance.
-
#initialize(opts) ⇒ Framework
constructor
Initializes system components.
-
#lsmod ⇒ Array<Hash>
Returns an array of hashes with information about all available modules.
-
#lsplug ⇒ Array<Hash>
Returns an array of hashes with information about all available reports.
-
#lsrep ⇒ Array<Hash>
Returns an array of hashes with information about all available reports.
- #pause! ⇒ Object
- #paused? ⇒ Boolean
- #plugin_store(plugin, obj) ⇒ Object
- #resume! ⇒ Object
-
#revision ⇒ String
Returns the revision of the Framework (this) class.
-
#run(&block) ⇒ Object
Runs the system.
- #running? ⇒ Boolean
- #stats(refresh_time = false) ⇒ Object
-
#version ⇒ String
Returns the version of the framework.
Methods included from Mixins::Observable
Methods included from Module::Utilities
#exception_jail, #get_path, #normalize_url, #read_file, #seed
Methods included from UI::Output
#buffer, #debug!, #debug?, #flush_buffer, #mute!, #muted?, #only_positives!, #only_positives?, #print_debug, #print_debug_backtrace, #print_debug_pp, #print_error, #print_error_backtrace, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, #unmute!, #verbose!, #verbose?
Constructor Details
#initialize(opts) ⇒ Framework
Initializes system components.
129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 |
# File 'lib/framework.rb', line 129 def initialize( opts ) Encoding.default_external = "BINARY" Encoding.default_internal = "BINARY" @opts = opts @modules = Arachni::Module::Manager.new( @opts ) @reports = Arachni::Report::Manager.new( @opts ) @plugins = Arachni::Plugin::Manager.new( self ) @page_queue = Queue.new ( ) prepare_user_agent( ) # deep clone the redundancy rules to preserve their counter # for the reports @orig_redundant = @opts.redundant.deep_clone @running = false @paused = [] @plugin_store = {} @current_url = '' end |
Dynamic Method Handling
This class handles dynamic methods through the method_missing method in the class Arachni::Mixins::Observable
Instance Attribute Details
#auditmap ⇒ Object (readonly)
Returns the value of attribute auditmap.
109 110 111 |
# File 'lib/framework.rb', line 109 def auditmap @auditmap end |
#modules ⇒ Arachni::Module::Manager (readonly)
Returns module manager.
91 92 93 |
# File 'lib/framework.rb', line 91 def modules @modules end |
#opts ⇒ Options (readonly)
Instance options
81 82 83 |
# File 'lib/framework.rb', line 81 def opts @opts end |
#page_queue ⇒ Queue<Arachni::Parser::Page> (readonly)
Holds candidate pages to be audited.
Pages in the queue are pushed in by the trainer, the queue doesn’t hold pages returned by the spider.
Plug-ins can push their own pages to be audited if they wish to…
121 122 123 |
# File 'lib/framework.rb', line 121 def page_queue @page_queue end |
#plugins ⇒ Arachni::Plugin::Manager (readonly)
Returns plugin manager.
96 97 98 |
# File 'lib/framework.rb', line 96 def plugins @plugins end |
#reports ⇒ Arachni::Report::Manager (readonly)
Returns report manager.
86 87 88 |
# File 'lib/framework.rb', line 86 def reports @reports end |
#sitemap ⇒ Object (readonly)
Returns the value of attribute sitemap.
108 109 110 |
# File 'lib/framework.rb', line 108 def sitemap @sitemap end |
#spider ⇒ Arachni::Spider (readonly)
Returns spider.
101 102 103 |
# File 'lib/framework.rb', line 101 def spider @spider end |
Instance Method Details
#audit ⇒ Object
Audits the site.
Runs the spider, analyzes each page as it appears and passes it to (#run_mods} to be audited.
239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 |
# File 'lib/framework.rb', line 239 def audit wait_if_paused @spider = Arachni::Spider.new( @opts ) @sitemap ||= [] @auditmap ||= [] # initiates the crawl @spider.run { |page| @sitemap |= @spider.pages @page_queue << page audit_queue if !@opts.spider_first } audit_queue if( @opts.http_harvest_last ) harvest_http_responses( ) end end |
#audit_queue ⇒ Object
266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 |
# File 'lib/framework.rb', line 266 def audit_queue # this will run until no new elements appear for the given page while( !@page_queue.empty? && page = @page_queue.pop ) # audit the page exception_jail{ run_mods( page ) } # run all the queued HTTP requests and harvest the responses http.run # check to see if the page was updated page = http.trainer.page # and push it in the queue to be audited as well @page_queue << page if page end end |
#audit_store(fresh = false) ⇒ AuditStore
Returns the results of the audit as an AuditStore instance
293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 |
# File 'lib/framework.rb', line 293 def audit_store( fresh = false ) # restore the original redundacy rules and their counters @opts.redundant = @orig_redundant opts = @opts.to_h opts['mods'] = @modules.keys if( !fresh && @store ) return @store else return @store = AuditStore.new( { :version => version( ), :revision => REVISION, :options => opts, :sitemap => @sitemap ? @sitemap.sort : ['N/A'], :issues => @modules.results( ).deep_clone, :plugins => @plugin_store }, self ) end end |
#lsmod ⇒ Array<Hash>
Returns an array of hashes with information about all available modules
338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 |
# File 'lib/framework.rb', line 338 def lsmod mod_info = [] @modules.available( ).each { |name| path = @modules.name_to_path( name ) next if !lsmod_match?( path ) info = @modules[name].info( ) info[:mod_name] = name info[:name] = info[:name].strip info[:description] = info[:description].strip if( !info[:dependencies] ) info[:dependencies] = [] end info[:author] = info[:author].strip info[:version] = info[:version].strip info[:path] = path.strip mod_info << info } # unload all modules @modules.clear( ) return mod_info end |
#lsplug ⇒ Array<Hash>
Returns an array of hashes with information about all available reports
401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 |
# File 'lib/framework.rb', line 401 def lsplug plug_info = [] @plugins.available( ).each { |plugin| info = @plugins[plugin].info info[:plug_name] = plugin info[:path] = @plugins.name_to_path( plugin ) plug_info << info } @plugins.clear( ) return plug_info end |
#lsrep ⇒ Array<Hash>
Returns an array of hashes with information about all available reports
377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 |
# File 'lib/framework.rb', line 377 def lsrep rep_info = [] @reports.available( ).each { |report| info = @reports[report].info info[:rep_name] = report info[:path] = @reports.name_to_path( report ) rep_info << info } @reports.clear( ) return rep_info end |
#pause! ⇒ Object
429 430 431 432 |
# File 'lib/framework.rb', line 429 def pause! @paused << caller return true end |
#paused? ⇒ Boolean
425 426 427 |
# File 'lib/framework.rb', line 425 def paused? !@paused.empty? end |
#plugin_store(plugin, obj) ⇒ Object
314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 |
# File 'lib/framework.rb', line 314 def plugin_store( plugin, obj ) name = '' @plugins.each_pair { |k, v| if plugin.class.name == v.name name = k break end } return if @plugin_store[name] @plugin_store[name] = { :results => obj }.merge( plugin.class.info ) end |
#resume! ⇒ Object
434 435 436 437 |
# File 'lib/framework.rb', line 434 def resume! @paused.delete( caller ) return true end |
#revision ⇒ String
Returns the revision of the Arachni::Framework (this) class
453 454 455 |
# File 'lib/framework.rb', line 453 def revision REVISION end |
#run(&block) ⇒ Object
Runs the system
It parses the instanse options and runs the audit
169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 |
# File 'lib/framework.rb', line 169 def run( &block ) @running = true @opts.start_datetime = Time.now # run all plugins @plugins.run # catch exceptions so that if something breaks down or the user opted to # exit the reports will still run with whatever results # Arachni managed to gather begin # start the audit audit( ) rescue Exception end clean_up! begin block.call if block rescue Exception end # run reports if( @opts.reports && !@opts.reports.empty? ) exception_jail{ @reports.run( audit_store( ) ) } end return true end |
#running? ⇒ Boolean
421 422 423 |
# File 'lib/framework.rb', line 421 def running? @running end |
#stats(refresh_time = false) ⇒ Object
200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 |
# File 'lib/framework.rb', line 200 def stats( refresh_time = false ) req_cnt = http.request_count res_cnt = http.response_count @auditmap ||= [] @sitemap ||= [] if !refresh_time || @auditmap.size == @sitemap.size @opts.delta_time ||= Time.now - @opts.start_datetime else @opts.delta_time = Time.now - @opts.start_datetime end curr_avg = 0 if http.curr_res_cnt > 0 curr_avg = (http.curr_res_cnt / http.curr_res_time).to_i.to_s end return { :requests => req_cnt, :responses => res_cnt, :time => audit_store.delta_time, :avg => ( res_cnt / @opts.delta_time ).to_i.to_s, :sitemap_size => @sitemap.size, :auditmap_size => @auditmap.size, :curr_res_time => http.curr_res_time, :curr_res_cnt => http.curr_res_cnt, :curr_avg => curr_avg, :average_res_time => http.average_res_time, :max_concurrency => http.max_concurrency, :current_page => @current_url } end |