Module: Arachni::Utilities

Overview

Includes some useful methods for the system.

Author:

Instance Method Summary collapse

Instance Method Details

#available_portFixnum

Returns Random available port number.

Returns:

  • (Fixnum)

    Random available port number.



343
344
345
346
# File 'lib/arachni/utilities.rb', line 343

def available_port
    nil while !port_available?( port = rand_port )
    port
end

#bytes_to_kilobytes(bytes) ⇒ Object



398
399
400
# File 'lib/arachni/utilities.rb', line 398

def bytes_to_kilobytes( bytes )
    (bytes / 1024.0 ).round( 3 )
end

#bytes_to_megabytes(bytes) ⇒ Object



394
395
396
# File 'lib/arachni/utilities.rb', line 394

def bytes_to_megabytes( bytes )
    (bytes / 1024.0 / 1024.0).round( 3 )
end

#caller_nameString

Returns Filename (without extension) of the caller.

Returns:

  • (String)

    Filename (without extension) of the caller.



22
23
24
# File 'lib/arachni/utilities.rb', line 22

def caller_name
    File.basename( caller_path( 3 ), '.rb' )
end

#caller_path(offset = 2) ⇒ String

Returns Filepath of the caller.

Returns:

  • (String)

    Filepath of the caller.



28
29
30
# File 'lib/arachni/utilities.rb', line 28

def caller_path( offset = 2 )
    ::Kernel.caller[offset].split( /:(\d+):in/ ).first
end


98
99
100
# File 'lib/arachni/utilities.rb', line 98

def cookie_decode( *args )
    Cookie.decode( *args )
end


93
94
95
# File 'lib/arachni/utilities.rb', line 93

def cookie_encode( *args )
    Cookie.encode( *args )
end

#cookies_from_document(*args) ⇒ Object



78
79
80
# File 'lib/arachni/utilities.rb', line 78

def cookies_from_document( *args )
    Cookie.from_document( *args )
end

#cookies_from_file(*args) ⇒ Object



88
89
90
# File 'lib/arachni/utilities.rb', line 88

def cookies_from_file( *args )
    Cookie.from_file( *args )
end

#cookies_from_response(*args) ⇒ Object



73
74
75
# File 'lib/arachni/utilities.rb', line 73

def cookies_from_response( *args )
    Cookie.from_response( *args )
end

#exception_jail(raise_exception = true, &block) ⇒ Object

Wraps the ‘block` in exception handling code and runs it.

Parameters:

  • raise_exception (Bool) (defaults to: true)

    Re-raise exception?

  • block (Block)


407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
# File 'lib/arachni/utilities.rb', line 407

def exception_jail( raise_exception = true, &block )
    block.call
rescue => e
    if respond_to?( :print_error ) && respond_to?( :print_exception )
        print_exception e
        print_error
        print_error 'Parent:'
        print_error  self.class.to_s
        print_error
        print_error 'Block:'
        print_error block.to_s
        print_error
        print_error 'Caller:'
        ::Kernel.caller.each { |l| print_error l }
        print_error '-' * 80
    end

    raise e if raise_exception

    nil
end

#exclude_path?(url) ⇒ Bool

Decides whether the given ‘url` matches any framework exclusion rules.

Parameters:

Returns:

  • (Bool)

See Also:



208
209
210
# File 'lib/arachni/utilities.rb', line 208

def exclude_path?( url )
    uri_parse( url ).scope.exclude?
end

#follow_protocol?(url, reference = Options.url) ⇒ Bool

Decides whether the given ‘url` has an acceptable protocol.

Parameters:

  • url (String)
  • reference (String) (defaults to: Options.url)

    Reference URL.

Returns:

  • (Bool)

See Also:



250
251
252
# File 'lib/arachni/utilities.rb', line 250

def follow_protocol?( url, reference = Options.url )
    uri_parse( url ).scope.follow_protocol?( reference )
end

#form_decode(*args) ⇒ Object



53
54
55
# File 'lib/arachni/utilities.rb', line 53

def form_decode( *args )
    Form.decode( *args )
end

#form_encode(*args) ⇒ Object



48
49
50
# File 'lib/arachni/utilities.rb', line 48

def form_encode( *args )
    Form.encode( *args )
end

#forms_from_document(*args) ⇒ Object



43
44
45
# File 'lib/arachni/utilities.rb', line 43

def forms_from_document( *args )
    Form.from_document( *args )
end

#forms_from_response(*args) ⇒ Object



38
39
40
# File 'lib/arachni/utilities.rb', line 38

def forms_from_response( *args )
    Form.from_response( *args )
end

#full_and_absolute_url?(url) ⇒ Boolean

Returns:

  • (Boolean)

See Also:



162
163
164
# File 'lib/arachni/utilities.rb', line 162

def full_and_absolute_url?( url )
    Arachni::URI.full_and_absolute?( url.to_s )
end

#generate_tokenObject



359
360
361
# File 'lib/arachni/utilities.rb', line 359

def generate_token
    SecureRandom.hex
end

#get_path(url) ⇒ String

Returns path Full URL up to the path component (no resource, query etc.).

Parameters:

Returns:

  • (String)

    path Full URL up to the path component (no resource, query etc.).

See Also:



172
173
174
# File 'lib/arachni/utilities.rb', line 172

def get_path( url )
    uri_parse( url ).up_to_path
end

#hms_to_seconds(time) ⇒ Object



387
388
389
390
391
392
# File 'lib/arachni/utilities.rb', line 387

def hms_to_seconds( time )
    a = [1, 60, 3600] * 2
    time.split( /[:\.]/ ).map { |t| t.to_i * a.pop }.inject(&:+)
rescue
    0
end

#html_decode(str) ⇒ Object Also known as: html_unescape



112
113
114
# File 'lib/arachni/utilities.rb', line 112

def html_decode( str )
    ::CGI.unescapeHTML( str.to_s )
end

#html_encode(str) ⇒ Object Also known as: html_escape



117
118
119
# File 'lib/arachni/utilities.rb', line 117

def html_encode( str )
    ::CGI.escapeHTML( str.to_s )
end

#include_path?(url) ⇒ Bool

Decides whether the given ‘url` matches any framework inclusion rules.

Parameters:

Returns:

  • (Bool)

See Also:

  • URI.include?
  • Options#include


220
221
222
# File 'lib/arachni/utilities.rb', line 220

def include_path?( url )
    uri_parse( url ).scope.include?
end


68
69
70
# File 'lib/arachni/utilities.rb', line 68

def links_from_document( *args )
    Link.from_document( *args )
end


63
64
65
# File 'lib/arachni/utilities.rb', line 63

def links_from_response( *args )
    Link.from_response( *args )
end

#normalize_url(url) ⇒ Object



157
158
159
# File 'lib/arachni/utilities.rb', line 157

def normalize_url( url )
    URI.normalize( url )
end

#page_from_response(*args) ⇒ Object

See Also:



103
104
105
# File 'lib/arachni/utilities.rb', line 103

def page_from_response( *args )
    Page.from_response( *args )
end

#page_from_url(*args, &block) ⇒ Object

See Also:



108
109
110
# File 'lib/arachni/utilities.rb', line 108

def page_from_url( *args, &block )
    Page.from_url( *args, &block )
end


83
84
85
# File 'lib/arachni/utilities.rb', line 83

def parse_set_cookie( *args )
    Cookie.parse_set_cookie( *args )
end

#path_in_domain?(url, reference = Options.url) ⇒ Bool

Compares 2 urls in order to decide whether or not they belong to the same domain.

Parameters:

  • url (String)
  • reference (String) (defaults to: Options.url)

Returns:

  • (Bool)

    ‘true` if self is in the same domain as the `reference` URL, false otherwise.

See Also:



196
197
198
# File 'lib/arachni/utilities.rb', line 196

def path_in_domain?( url, reference = Options.url )
    uri_parse( url ).scope.in_domain?( reference )
end

#path_too_deep?(url) ⇒ Bool

Returns ‘true` is the path exceeds the framework limit, `false` otherwise.

Parameters:

Returns:

  • (Bool)

    ‘true` is the path exceeds the framework limit, `false` otherwise.

See Also:



182
183
184
# File 'lib/arachni/utilities.rb', line 182

def path_too_deep?( url )
    uri_parse( url ).scope.too_deep?
end

#port_available?(port) ⇒ Bool

Checks whether the port number is available.

Parameters:

  • port (Fixnum)

Returns:

  • (Bool)


368
369
370
371
372
373
374
375
# File 'lib/arachni/utilities.rb', line 368

def port_available?( port )
    begin
        TCPServer.new( '127.0.0.1', port ).close
        true
    rescue
        false
    end
end

#rand_portInteger

Returns Random port within the user specified range.

Returns:

  • (Integer)

    Random port within the user specified range.

See Also:



352
353
354
355
356
357
# File 'lib/arachni/utilities.rb', line 352

def rand_port
    first, last = Options.dispatcher.instance_port_range
    range = (first..last).to_a

    range[ rand( range.last - range.first ) ]
end

#random_seedString

Returns random HEX (SHA2) string.

Returns:

  • (String)

    random HEX (SHA2) string



33
34
35
# File 'lib/arachni/utilities.rb', line 33

def random_seed
    @@random_seed ||= generate_token
end

#redundant_path?(url, update_counters = false) ⇒ Bool

Checks if the provided URL matches a redundant filter and decreases its counter if so.

If a filter’s counter has reached 0 the method returns true.

Parameters:

Returns:

  • (Bool)

    ‘true` if the `url` is redundant, `false` otherwise.

See Also:

  • OptionGroups::Scope#redundant_path_patterns?


235
236
237
# File 'lib/arachni/utilities.rb', line 235

def redundant_path?( url, update_counters = false )
    uri_parse( url ).scope.redundant?( update_counters )
end

#regexp_array_match(regexps, str) ⇒ Object



429
430
431
432
433
434
435
436
437
# File 'lib/arachni/utilities.rb', line 429

def regexp_array_match( regexps, str )
    regexps = [regexps].flatten.compact.
        map { |s| s.is_a?( Regexp ) ? s : Regexp.new( s.to_s ) }
    return true if regexps.empty?

    cnt = 0
    regexps.each { |filter| cnt += 1 if str =~ filter }
    cnt == regexps.size
end

#remove_constants(mod, skip = []) ⇒ Object



439
440
441
442
443
444
445
446
447
448
449
450
451
# File 'lib/arachni/utilities.rb', line 439

def remove_constants( mod, skip = [] )
    return if skip.include?( mod )
    return if !(mod.is_a?( Class ) || mod.is_a?( Module )) ||
        !mod.to_s.start_with?( 'Arachni' )

    parent = Object
    mod.to_s.split( '::' )[0..-2].each do |ancestor|
        parent = parent.const_get( ancestor.to_sym )
    end

    mod.constants.each { |m| mod.send( :remove_const, m ) }
    nil
end

#request_parse_body(*args) ⇒ Object



58
59
60
# File 'lib/arachni/utilities.rb', line 58

def request_parse_body( *args )
    HTTP::Request.parse_body( *args )
end

#seconds_to_hms(seconds) ⇒ String

Returns Time in ‘00:00:00` (`hours:minutes:seconds`) format.

Parameters:

  • seconds (String, Float, Integer)

Returns:

  • (String)

    Time in ‘00:00:00` (`hours:minutes:seconds`) format.



381
382
383
384
385
# File 'lib/arachni/utilities.rb', line 381

def seconds_to_hms( seconds )
    seconds = seconds.to_i
    [seconds / 3600, seconds / 60 % 60, seconds % 60].
        map { |t| t.to_s.rjust( 2, '0' ) }.join( ':' )
end

#skip_page?(page) ⇒ Bool

Determines whether or not the given Page.

Parameters:

Returns:

See Also:



304
305
306
# File 'lib/arachni/utilities.rb', line 304

def skip_page?( page )
    page.scope.out?
end

#skip_path?(path) ⇒ Bool

Note:

Does not call #redundant_path?.

Decides whether or not the provided ‘path` should be skipped based on:

Parameters:

Returns:

  • (Bool)


266
267
268
269
270
271
272
273
# File 'lib/arachni/utilities.rb', line 266

def skip_path?( path )
    return true if !path

    parsed = uri_parse( path.to_s )
    return true if !parsed

    parsed.scope.out?
end

#skip_resource?(resource) ⇒ Bool

Determines whether or not the given ‘resource` should be ignored depending on its type and content.

Parameters:

  • resource (Page, Arachni::HTTP::Response, String)

    If given a:

    * {Page}: both its URL and body will be examined.
    * {Arachni::HTTP::Response}: both its effective URL and body will be examined.
    * {String}: if multi-line it will be treated as a response body,
        otherwise as a path.
    

Returns:

  • (Bool)

    ‘true` if the resource should be ignore,`false` otherwise.

See Also:

  • #skip_path?
  • ignore_page?
  • ignore_response?
  • Options#ignore?


328
329
330
331
332
333
334
335
336
337
338
339
# File 'lib/arachni/utilities.rb', line 328

def skip_resource?( resource )
    case resource
        when Page
            skip_page?( resource )

        when Arachni::HTTP::Response
            skip_response?( resource )

        else
            skip_path? resource.to_s
    end
end

#skip_response?(response) ⇒ Bool

Determines whether or not the given HTTP::Response should be ignored.

Parameters:

Returns:

  • (Bool)

    ‘true` if the `#body` of the given object matches any of the exclusion patterns, `false` otherwise.

See Also:



287
288
289
# File 'lib/arachni/utilities.rb', line 287

def skip_response?( response )
    response.scope.out?
end

#to_absolute(relative_url, reference_url = Options.instance.url.to_s) ⇒ Object



152
153
154
# File 'lib/arachni/utilities.rb', line 152

def to_absolute( relative_url, reference_url = Options.instance.url.to_s )
    URI.to_absolute( relative_url, reference_url )
end

#uri_decode(url) ⇒ Object



138
139
140
# File 'lib/arachni/utilities.rb', line 138

def uri_decode( url )
    URI.decode( url )
end

#uri_encode(*args) ⇒ Object



133
134
135
# File 'lib/arachni/utilities.rb', line 133

def uri_encode( *args )
    URI.encode( *args )
end

#uri_parse(url) ⇒ Object

See Also:



128
129
130
# File 'lib/arachni/utilities.rb', line 128

def uri_parse( url )
    URI.parse( url )
end

#uri_parse_query(url) ⇒ Object



147
148
149
# File 'lib/arachni/utilities.rb', line 147

def uri_parse_query( url )
    URI.parse_query( url )
end

#uri_parserURI::Parser

Returns cached URI parser.

Returns:

  • (URI::Parser)

    cached URI parser



123
124
125
# File 'lib/arachni/utilities.rb', line 123

def uri_parser
    URI.parser
end

#uri_rewrite(*args) ⇒ Object



142
143
144
# File 'lib/arachni/utilities.rb', line 142

def uri_rewrite( *args )
    URI.rewrite( *args )
end