RubyDoc.info: Module: BscanHelper – Documentation for bscan (1.4.5)

#do_scan(msg, trg, inj) ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 60

def do_scan msg, trg, inj
  @bscan.activity[0]=true
  @bscan.Log 2, "#{@mid}do_scan Scanning: #{trg}"
#    msg.url = trg
  path = $1 if trg =~ /\/\/[^\/]+(\/.*)/
  path = '/' if (not path) or (path.length < 1)
  req = msg.req_str.sub(/(GET|POST|)\s*(.+)\s*HTTP/, "\\1 #{path} HTTP")
  
  send_req req, msg.getProtocol, inj
  
end

#esc(exp) ⇒ `Object`



109
110
111

# File 'lib/bscan/utils/bscan_helper.rb', line 109

def esc exp
  Regexp.escape exp
end

#get_url_host_port(req, proto) ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 72

def get_url_host_port req,proto
  host,port = $1.split(/\s*:\s*/,2) if req =~ /host\s*:\s*([^\s]+)\s*\r?\n/i
  if not port
    port = '80' if proto == 'http'
    port = '443' if proto == 'https'
  end  
  path = $2 if req =~/(GET|POST|)\s+(.+)\s+HTTP/
  ["#{proto}://#{host}:#{port}"+path,host,port.to_i]
end

#open_in_path(file, pathonly = false) ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 40

def open_in_path file,pathonly=false
  io = nil
  files = search_path_file(file)
  files.each do |p|
      if File.file?(p)
        return p if pathonly
        io = File.open(p,"r") 
        return io if io
      end
  end
  raise "Can't find file in: #{files.join(':')}"
end

#prop(nm) ⇒ `Object`



27
28
29

# File 'lib/bscan/utils/bscan_helper.rb', line 27

def prop nm
    @prop_pref + nm   
end

#search_path ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 31

def search_path
    path = []
    path << File.expand_path('.') << File.expand_path(File.join('.','lib')) << File.expand_path(File.join('~','.bscan')) << File.expand_path(File.join('etc','bscan')) << $:
end

#search_path_file(file) ⇒ `Object`



36
37
38

# File 'lib/bscan/utils/bscan_helper.rb', line 36

def search_path_file file
  Pathname.new(file).absolute? ? [file] : search_path.map! {|p| File.join(p,file)}
end

#send_only(req, proto, inj) ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 82

def send_only req, proto, inj
  begin
   trg,host,port = get_url_host_port req,proto
   https = proto == "https" ? true : false
   start = Time.now   
   @bscan.Log 2, "#{@mid}send_req make_req: '#{trg}' '#{host}' '#{port}'\n#{req}"
   rsp = @bscan.make_request(host, port, https, req)
   rt = Time.now - start
   return [rsp,rt,trg,host,port] 
 rescue Exception => e
   @bscan.Log 0, "#{@mid}send_req Exception: #{e.message}"
   @bscan.Log 0, e.backtrace.join("\n")
 end 
end

#send_req(req, proto, inj) ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 99

def send_req req, proto, inj
    rsp,rt,trg,host,port = send_only req, proto, inj
    https = proto == "https" ? true : false
    if not @bscan.modules_only
      @bscan.Log 2, "#{@mid}send_req do_passive: '#{trg}' '#{host}' '#{port}'\n#{req}\n#{rsp}"
      @bscan.do_passive_scan(host, port, https, req, rsp) 
    end
    verify_response trg, req, rsp, inj, rt
end

#set_len(r) ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 53

def set_len r
    mbody = r.match(/(\r?\n\r?\n)/)
    body_pos = mbody.end(0)
    r.sub!(/content-length\s*:\s*\d+/i, "Content-Length: "+(r.length-body_pos).to_s)
end

#verify_response(u, req, rsp, inj, time) ⇒ `Object`

# File 'lib/bscan/utils/bscan_helper.rb', line 113

def verify_response u, req, rsp, inj, time
 
 @bscan.Log 2, "#{@mid}verify_response: #{u} #{inj} #{time} #{req} #{rsp}"

  st = $1 if rsp =~ /^\s*HTTP.*\s+(\d+)\s+/
  st ||= '0'
  st = st.to_i
  issue = nil
  if (st >= 500 and @config[prop('check_status')]=='true')
    issue = Issue.new "#{@mid.chop}: Unexpected Error", u, "Medium", "Retest", req, rsp
  end
  mt = @config[prop('check_rsp_max_time')]
  mt = mt.to_i if mt
  if (mt and mt > 0 and time > mt)
    issue = Issue.new "#{@mid.chop}: Long Response Time", u, "Medium", "Retest", req, rsp, "Response time is longer that #{mt}"
  end
  if (rsp =~ /#{esc(inj)}/  and @config[prop('check_replay')]=='true')
    issue = Issue.new "#{@mid.chop}: Possible XSS", u, "High", "Retest", req, rsp, "The following input has been replayed in a response #{inj}"
  end
  
  @bscan.write_issue_state issue if issue
end

Module: BscanHelper

Defined Under Namespace

Instance Method Summary collapse

Instance Method Details

#do_scan(msg, trg, inj) ⇒ `Object`

#esc(exp) ⇒ `Object`

#get_url_host_port(req, proto) ⇒ `Object`

#open_in_path(file, pathonly = false) ⇒ `Object`

#prop(nm) ⇒ `Object`

#search_path ⇒ `Object`

#search_path_file(file) ⇒ `Object`

#send_only(req, proto, inj) ⇒ `Object`

#send_req(req, proto, inj) ⇒ `Object`

#set_len(r) ⇒ `Object`

#verify_response(u, req, rsp, inj, time) ⇒ `Object`

Module: BscanHelper

Defined Under Namespace

Instance Method Summary collapse

Instance Method Details

#do_scan(msg, trg, inj) ⇒ Object

#esc(exp) ⇒ Object

#get_url_host_port(req, proto) ⇒ Object

#open_in_path(file, pathonly = false) ⇒ Object

#prop(nm) ⇒ Object

#search_path ⇒ Object

#search_path_file(file) ⇒ Object

#send_only(req, proto, inj) ⇒ Object

#send_req(req, proto, inj) ⇒ Object

#set_len(r) ⇒ Object

#verify_response(u, req, rsp, inj, time) ⇒ Object

#do_scan(msg, trg, inj) ⇒ `Object`

#esc(exp) ⇒ `Object`

#get_url_host_port(req, proto) ⇒ `Object`

#open_in_path(file, pathonly = false) ⇒ `Object`

#prop(nm) ⇒ `Object`

#search_path ⇒ `Object`

#search_path_file(file) ⇒ `Object`

#send_only(req, proto, inj) ⇒ `Object`

#send_req(req, proto, inj) ⇒ `Object`

#set_len(r) ⇒ `Object`

#verify_response(u, req, rsp, inj, time) ⇒ `Object`