Class: Arachni::Issue
Defined Under Namespace
Instance Attribute Summary collapse
-
#_hash ⇒ Object
Returns the value of attribute _hash.
-
#cvssv2 ⇒ String
The CVSS v2 score.
-
#cwe ⇒ String
The CWE ID number of the issue.
-
#cwe_url ⇒ String
The CWE URL of the issue.
-
#description ⇒ String
The description of the issue.
-
#elem ⇒ String
The vulnerable element, link, form or cookie.
-
#headers ⇒ Hash<String, Hash>
The headers exchanged during the attack.
-
#id ⇒ String
The string that identified the issue.
-
#injected ⇒ String
The injected data that revealed the issue.
-
#internal_modname ⇒ Object
Returns the value of attribute internal_modname.
-
#metasploitable ⇒ String
The Metasploit module that can exploit the vulnerability.
-
#method ⇒ String
HTTP method.
-
#mod_name ⇒ String
The module that detected the issue.
-
#name ⇒ String
The name of the issue.
-
#opts ⇒ Object
Returns the value of attribute opts.
-
#references ⇒ Hash
References related to the issue.
-
#regexp ⇒ String
The regexp that identified the issue.
-
#regexp_match ⇒ String
The data that was matched by the regexp.
-
#remedy_code ⇒ String
A code snippet showing the user how to remedy the situation.
-
#remedy_guidance ⇒ String
A brief text informing the user how to remedy the situation.
-
#response ⇒ String
The HTML response of the attack.
-
#severity ⇒ String
To be assigned a constant form Severity.
-
#tags ⇒ Object
Returns the value of attribute tags.
-
#url ⇒ String
The vulnerable URL.
-
#var ⇒ String
The vulnerable HTTP variable.
-
#variations ⇒ Object
Placeholder variable to be populated by AuditStore#prepare_variations.
-
#verification ⇒ Bool
Is manual verification required?.
Instance Method Summary collapse
- #[](k) ⇒ Object
- #[]=(k, v) ⇒ Object
- #each ⇒ Object
- #each_pair ⇒ Object
-
#initialize(opts = {}) ⇒ Issue
constructor
Sets up the instance attributes.
- #remove_instance_var(var) ⇒ Object
- #to_h ⇒ Object
Constructor Details
#initialize(opts = {}) ⇒ Issue
Sets up the instance attributes
232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
# File 'lib/arachni/issue.rb', line 232 def initialize( opts = {} ) @verification = false opts.each { |k, v| begin send( "#{k.to_s.downcase}=", encode( v ) ) rescue Exception => e end } opts[:issue].each { |k, v| begin send( "#{k.to_s.downcase}=", encode( v ) ) rescue Exception => e end } if opts[:issue] if opts[:headers] && opts[:headers][:request] @headers[:request] = {}.merge( opts[:headers][:request] ) end if opts[:headers] && opts[:headers][:response].is_a?( Hash ) @headers[:response] = {}.merge( opts[:headers][:response] ) end if( @cwe ) @cwe_url = "http://cwe.mitre.org/data/definitions/" + @cwe + ".html" end @mod_name = opts[:name] @references = opts[:references] || {} end |
Instance Attribute Details
#_hash ⇒ Object
Returns the value of attribute _hash.
221 222 223 |
# File 'lib/arachni/issue.rb', line 221 def _hash @_hash end |
#cvssv2 ⇒ String
The CVSS v2 score
178 179 180 |
# File 'lib/arachni/issue.rb', line 178 def cvssv2 @cvssv2 end |
#cwe ⇒ String
The CWE ID number of the issue
155 156 157 |
# File 'lib/arachni/issue.rb', line 155 def cwe @cwe end |
#cwe_url ⇒ String
The CWE URL of the issue
162 163 164 |
# File 'lib/arachni/issue.rb', line 162 def cwe_url @cwe_url end |
#description ⇒ String
The description of the issue
141 142 143 |
# File 'lib/arachni/issue.rb', line 141 def description @description end |
#elem ⇒ String
The vulnerable element, link, form or cookie
127 128 129 |
# File 'lib/arachni/issue.rb', line 127 def elem @elem end |
#headers ⇒ Hash<String, Hash>
The headers exchanged during the attack
85 86 87 |
# File 'lib/arachni/issue.rb', line 85 def headers @headers end |
#id ⇒ String
The string that identified the issue
106 107 108 |
# File 'lib/arachni/issue.rb', line 106 def id @id end |
#injected ⇒ String
The injected data that revealed the issue
99 100 101 |
# File 'lib/arachni/issue.rb', line 99 def injected @injected end |
#internal_modname ⇒ Object
Returns the value of attribute internal_modname.
219 220 221 |
# File 'lib/arachni/issue.rb', line 219 def internal_modname @internal_modname end |
#metasploitable ⇒ String
The Metasploit module that can exploit the vulnerability.
ex. exploit/unix/webapp/php_include
215 216 217 |
# File 'lib/arachni/issue.rb', line 215 def @metasploitable end |
#method ⇒ String
HTTP method
134 135 136 |
# File 'lib/arachni/issue.rb', line 134 def method @method end |
#mod_name ⇒ String
The module that detected the issue
64 65 66 |
# File 'lib/arachni/issue.rb', line 64 def mod_name @mod_name end |
#name ⇒ String
The name of the issue
57 58 59 |
# File 'lib/arachni/issue.rb', line 57 def name @name end |
#opts ⇒ Object
Returns the value of attribute opts.
217 218 219 |
# File 'lib/arachni/issue.rb', line 217 def opts @opts end |
#references ⇒ Hash
References related to the issue
148 149 150 |
# File 'lib/arachni/issue.rb', line 148 def references @references end |
#regexp ⇒ String
The regexp that identified the issue
113 114 115 |
# File 'lib/arachni/issue.rb', line 113 def regexp @regexp end |
#regexp_match ⇒ String
The data that was matched by the regexp
120 121 122 |
# File 'lib/arachni/issue.rb', line 120 def regexp_match @regexp_match end |
#remedy_code ⇒ String
A code snippet showing the user how to remedy the situation
192 193 194 |
# File 'lib/arachni/issue.rb', line 192 def remedy_code @remedy_code end |
#remedy_guidance ⇒ String
A brief text informing the user how to remedy the situation
185 186 187 |
# File 'lib/arachni/issue.rb', line 185 def remedy_guidance @remedy_guidance end |
#response ⇒ String
The HTML response of the attack
92 93 94 |
# File 'lib/arachni/issue.rb', line 92 def response @response end |
#severity ⇒ String
To be assigned a constant form Severity
171 172 173 |
# File 'lib/arachni/issue.rb', line 171 def severity @severity end |
#tags ⇒ Object
Returns the value of attribute tags.
220 221 222 |
# File 'lib/arachni/issue.rb', line 220 def @tags end |
#var ⇒ String
The vulnerable HTTP variable
71 72 73 |
# File 'lib/arachni/issue.rb', line 71 def var @var end |
#variations ⇒ Object
Placeholder variable to be populated by AuditStore#prepare_variations
199 200 201 |
# File 'lib/arachni/issue.rb', line 199 def variations @variations end |
#verification ⇒ Bool
Is manual verification required?
206 207 208 |
# File 'lib/arachni/issue.rb', line 206 def verification @verification end |
Instance Method Details
#[](k) ⇒ Object
279 280 281 |
# File 'lib/arachni/issue.rb', line 279 def []( k ) instance_variable_get( "@#{k.to_s}".to_sym ) end |
#[]=(k, v) ⇒ Object
283 284 285 286 287 288 289 290 |
# File 'lib/arachni/issue.rb', line 283 def []=( k, v ) v= encode( v ) begin send( "#{k.to_s}=", v ) rescue instance_variable_set( "@#{k.to_s}".to_sym, v ) end end |
#each ⇒ Object
301 302 303 304 305 306 |
# File 'lib/arachni/issue.rb', line 301 def each self.instance_variables.each { |var| yield( { normalize_name( var ) => instance_variable_get( var ) } ) } end |
#each_pair ⇒ Object
308 309 310 311 312 313 |
# File 'lib/arachni/issue.rb', line 308 def each_pair self.instance_variables.each { |var| yield normalize_name( var ), instance_variable_get( var ) } end |
#remove_instance_var(var) ⇒ Object
315 316 317 |
# File 'lib/arachni/issue.rb', line 315 def remove_instance_var( var ) remove_instance_variable( var ) end |
#to_h ⇒ Object
292 293 294 295 296 297 298 299 |
# File 'lib/arachni/issue.rb', line 292 def to_h h = {} each_pair { |k, v| h[k] = v } h end |