Class: Relevance::Tarantula::Crawler

Inherits:

Object

• Object
• Relevance::Tarantula::Crawler

Extended by:

Forwardable

Includes:

Relevance::Tarantula

Defined in:

lib/relevance/tarantula/crawler.rb

Defined Under Namespace

Classes: CrawlTimeout

Instance Attribute Summary

• #crawl_end_times ⇒ Object readonly

  Returns the value of attribute crawl_end_times.

• #crawl_queue ⇒ Object

  Returns the value of attribute crawl_queue.

• #crawl_start_times ⇒ Object readonly

  Returns the value of attribute crawl_start_times.

• #crawl_timeout ⇒ Object

  Returns the value of attribute crawl_timeout.

• #failures ⇒ Object readonly

  Returns the value of attribute failures.

• #form_signatures_queued ⇒ Object

  Returns the value of attribute form_signatures_queued.

• #fuzzers ⇒ Object

  Returns the value of attribute fuzzers.

• #handlers ⇒ Object

  Returns the value of attribute handlers.

• #links_queued ⇒ Object

  Returns the value of attribute links_queued.

• #log_grabber ⇒ Object

  Returns the value of attribute log_grabber.

• #max_url_length ⇒ Object

  Returns the value of attribute max_url_length.

• #proxy ⇒ Object

  Returns the value of attribute proxy.

• #referrers ⇒ Object readonly

  Returns the value of attribute referrers.

• #reporters ⇒ Object

  Returns the value of attribute reporters.

• #response_code_handler ⇒ Object

  Returns the value of attribute response_code_handler.

• #skip_uri_patterns ⇒ Object

  Returns the value of attribute skip_uri_patterns.

• #successes ⇒ Object readonly

  Returns the value of attribute successes.

• #test_name ⇒ Object

  Returns the value of attribute test_name.

• #times_to_crawl ⇒ Object

  Returns the value of attribute times_to_crawl.

• #transform_url_patterns ⇒ Object

  Returns the value of attribute transform_url_patterns.

Instance Method Summary

• #blip(number = 0) ⇒ Object
• #crawl(url = "/") ⇒ Object
• #crawl_the_queue(number = 0) ⇒ Object
• #do_crawl(number) ⇒ Object
• #elasped_time_for_pass(num) ⇒ Object
• #finished? ⇒ Boolean
• #follow(method, url, data = nil) ⇒ Object
• #generate_reports ⇒ Object
• #grab_log! ⇒ Object
• #handle_form_results(form, response) ⇒ Object
• #handle_link_results(link, result) ⇒ Object
• #initialize ⇒ Crawler constructor

  A new instance of Crawler.

• #links_completed_count ⇒ Object
• #links_remaining_count ⇒ Object
• #make_result(options) ⇒ Object
• #method_missing(meth, *args) ⇒ Object
• #queue_form(form, referrer = nil) ⇒ Object
• #queue_link(dest, referrer = nil) ⇒ Object
• #report_dir ⇒ Object
• #report_results ⇒ Object
• #save_result(result) ⇒ Object
• #should_skip_form_submission?(fs) ⇒ Boolean
• #should_skip_link?(link) ⇒ Boolean
• #should_skip_url?(url) ⇒ Boolean
• #submit(method, action, data) ⇒ Object
• #timeout_if_too_long(number = 0) ⇒ Object
• #total_links_count ⇒ Object
• #transform_url(url) ⇒ Object

Methods included from Relevance::Tarantula

#log, #rails_root, #tarantula_home, #verbose

Constructor Details

#initialize ⇒ Crawler

Returns a new instance of Crawler.

# File 'lib/relevance/tarantula/crawler.rb', line 18

def initialize
  @max_url_length = 1024
  @successes = []
  @failures = []
  @handlers = [@response_code_handler = Result]
  @links_queued = Set.new
  @form_signatures_queued = Set.new
  @crawl_queue = []
  @crawl_start_times, @crawl_end_times = [], []
  @crawl_timeout = 20.minutes
  @referrers = {}
  @skip_uri_patterns = [
    /^javascript/,
    /^mailto/,
    /^http/,
  ]
  self.transform_url_patterns = [
    [/#.*$/, '']
  ]
  @reporters = [Relevance::Tarantula::IOReporter.new($stderr)]
  @decoder = HTMLEntities.new
  @times_to_crawl = 1
  @fuzzers = [Relevance::Tarantula::FormSubmission]
  
  @stdout_tty = $stdout.tty?
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(meth, *args) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 45

def method_missing(meth, *args)
  super unless Result::ALLOW_NNN_FOR =~ meth.to_s
  @response_code_handler.send(meth, *args)
end

Instance Attribute Details

#crawl_end_times ⇒ Object (readonly)

Returns the value of attribute crawl_end_times.

# File 'lib/relevance/tarantula/crawler.rb', line 16

def crawl_end_times
  @crawl_end_times
end

#crawl_queue ⇒ Object

Returns the value of attribute crawl_queue.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def crawl_queue
  @crawl_queue
end

#crawl_start_times ⇒ Object (readonly)

Returns the value of attribute crawl_start_times.

# File 'lib/relevance/tarantula/crawler.rb', line 16

def crawl_start_times
  @crawl_start_times
end

#crawl_timeout ⇒ Object

Returns the value of attribute crawl_timeout.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def crawl_timeout
  @crawl_timeout
end

#failures ⇒ Object (readonly)

Returns the value of attribute failures.

# File 'lib/relevance/tarantula/crawler.rb', line 16

def failures
  @failures
end

#form_signatures_queued ⇒ Object

Returns the value of attribute form_signatures_queued.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def form_signatures_queued
  @form_signatures_queued
end

#fuzzers ⇒ Object

Returns the value of attribute fuzzers.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def fuzzers
  @fuzzers
end

#handlers ⇒ Object

Returns the value of attribute handlers.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def handlers
  @handlers
end

#links_queued ⇒ Object

Returns the value of attribute links_queued.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def links_queued
  @links_queued
end

#log_grabber ⇒ Object

Returns the value of attribute log_grabber.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def log_grabber
  @log_grabber
end

#max_url_length ⇒ Object

Returns the value of attribute max_url_length.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def max_url_length
  @max_url_length
end

#proxy ⇒ Object

Returns the value of attribute proxy.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def proxy
  @proxy
end

#referrers ⇒ Object (readonly)

Returns the value of attribute referrers.

# File 'lib/relevance/tarantula/crawler.rb', line 16

def referrers
  @referrers
end

#reporters ⇒ Object

Returns the value of attribute reporters.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def reporters
  @reporters
end

#response_code_handler ⇒ Object

Returns the value of attribute response_code_handler.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def response_code_handler
  @response_code_handler
end

#skip_uri_patterns ⇒ Object

Returns the value of attribute skip_uri_patterns.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def skip_uri_patterns
  @skip_uri_patterns
end

#successes ⇒ Object (readonly)

Returns the value of attribute successes.

# File 'lib/relevance/tarantula/crawler.rb', line 16

def successes
  @successes
end

#test_name ⇒ Object

Returns the value of attribute test_name.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def test_name
  @test_name
end

#times_to_crawl ⇒ Object

Returns the value of attribute times_to_crawl.

# File 'lib/relevance/tarantula/crawler.rb', line 12

def times_to_crawl
  @times_to_crawl
end

#transform_url_patterns ⇒ Object

Returns the value of attribute transform_url_patterns.

# File 'lib/relevance/tarantula/crawler.rb', line 16

def transform_url_patterns
  @transform_url_patterns
end

Instance Method Details

#blip(number = 0) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 242

def blip(number = 0)
  unless verbose
    print "\r #{links_completed_count} of #{total_links_count} links completed               " if @stdout_tty
    timeout_if_too_long(number)
  end
end

#crawl(url = "/") ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 56

def crawl(url = "/")
  orig_links_queued = @links_queued.dup
  orig_form_signatures_queued = @form_signatures_queued.dup
  orig_crawl_queue = @crawl_queue.dup
  @times_to_crawl.times do |num|
    queue_link url
    
    begin 
      do_crawl num
    rescue CrawlTimeout => e
      puts
      puts e.message
    end
    
    puts "#{(num+1).ordinalize} crawl" if @times_to_crawl > 1

    if num + 1 < @times_to_crawl
      @links_queued = orig_links_queued
      @form_signatures_queued = orig_form_signatures_queued
      @crawl_queue = orig_crawl_queue
      @referrers = {}
    end
  end
rescue Interrupt
  $stderr.puts "CTRL-C"
ensure
  report_results
end

#crawl_the_queue(number = 0) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 97

def crawl_the_queue(number = 0)
  while (request = @crawl_queue.pop)
    request.crawl
    blip(number)
  end
end

#do_crawl(number) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 89

def do_crawl(number)
  while (!finished?)
    @crawl_start_times << Time.now
    crawl_the_queue(number)
    @crawl_end_times << Time.now
  end
end

#elasped_time_for_pass(num) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 129

def elasped_time_for_pass(num)
  Time.now - crawl_start_times[num]
end

#finished? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/relevance/tarantula/crawler.rb', line 85

def finished?
  @crawl_queue.empty?
end

#follow(method, url, data = nil) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 121

def follow(method, url, data=nil)
  proxy.send(method, url, data)
end

#generate_reports ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 211

def generate_reports
  errors = []
  reporters.each do |reporter|
    begin
      reporter.finish_report(test_name)
    rescue RuntimeError => e
      errors << e
    end
  end
  unless errors.empty?
    raise errors.map(&:message).join("\n")
  end
end

#grab_log! ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 133

def grab_log!
  @log_grabber && @log_grabber.grab!
end

#handle_form_results(form, response) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 145

def handle_form_results(form, response)
  handlers.each do |h|
    save_result h.handle(Result.new(:method => form.method,
                                   :url => form.action,
                                   :response => response,
                                   :log => grab_log!,
                                   :referrer => form.action,
                                   :data => form.data.inspect,
                                   :test_name => test_name).freeze)
  end
end

#handle_link_results(link, result) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 110

def handle_link_results(link, result)
  handlers.each do |h|
    begin
      save_result h.handle(result)
    rescue Exception => e
      log "error handling #{link} #{e.message}"
      # TODO: pass to results
    end
  end
end

#links_completed_count ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 238

def links_completed_count
    total_links_count - links_remaining_count
end

#links_remaining_count ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 234

def links_remaining_count
  @crawl_queue.size
end

#make_result(options) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 137

def make_result(options)
  defaults = {
    :log       => grab_log!,
    :test_name => test_name      
  }
  Result.new(defaults.merge(options)).freeze
end

#queue_form(form, referrer = nil) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 194

def queue_form(form, referrer = nil)
  fuzzers.each do |fuzzer|
    fuzzer.mutate(Form.new(form, self, referrer)).each do |fs|
      # fs = fuzzer.new(Form.new(form, self, referrer))
      fs.action = transform_url(fs.action)
      return if should_skip_form_submission?(fs)
      @referrers[fs.action] = referrer if referrer
      @crawl_queue << fs
      @form_signatures_queued << fs.signature
    end
  end
end

#queue_link(dest, referrer = nil) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 186

def queue_link(dest, referrer = nil)
  dest = Link.new(dest, self, referrer)
  return if should_skip_link?(dest)
  @crawl_queue << dest
  @links_queued << dest
  dest
end

#report_dir ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 207

def report_dir
  File.join(rails_root, "tmp", "tarantula")
end

#report_results ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 225

def report_results
  puts "Crawled #{total_links_count} links and forms."
  generate_reports
end

#save_result(result) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 104

def save_result(result)
  reporters.each do |reporter|
    reporter.report(result)
  end
end

#should_skip_form_submission?(fs) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/relevance/tarantula/crawler.rb', line 173

def should_skip_form_submission?(fs)
  should_skip_url?(fs.action) || @form_signatures_queued.member?(fs.signature)
end

#should_skip_link?(link) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/relevance/tarantula/crawler.rb', line 169

def should_skip_link?(link)
  should_skip_url?(link.href) || @links_queued.member?(link)
end

#should_skip_url?(url) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/relevance/tarantula/crawler.rb', line 157

def should_skip_url?(url)
  return true if url.blank?
  if @skip_uri_patterns.any? {|pattern| pattern =~ url}
    log "Skipping #{url}"
    return true
  end
  if url.length > max_url_length
    log "Skipping long url #{url}"
    return true
  end
end

#submit(method, action, data) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 125

def submit(method, action, data)
  proxy.send(method, action, data)
end

#timeout_if_too_long(number = 0) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 249

def timeout_if_too_long(number = 0)
  if elasped_time_for_pass(number) > crawl_timeout
    raise CrawlTimeout, "Exceeded crawl timeout of #{crawl_timeout} seconds - skipping to the next crawl..."
  end
end

#total_links_count ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 230

def total_links_count
  @links_queued.size + @form_signatures_queued.size
end

#transform_url(url) ⇒ Object

# File 'lib/relevance/tarantula/crawler.rb', line 177

def transform_url(url)
  return unless url
  url = @decoder.decode(url)
  @transform_url_patterns.each do |pattern|
    url = pattern[url]
  end
  url
end