Class: Watobo::Modules::Active::Apache::Mod_status

Inherits:
ActiveCheck
  • Object
show all
Defined in:
modules/active/Apache/mod_status.rb

Constant Summary

Constants included from Constants

Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED

Instance Method Summary collapse

Methods included from CheckInfoMixin::InfoMethods

#check_group, #check_name

Constructor Details

#initialize(project, prefs = {}) ⇒ Mod_status

Returns a new instance of Mod_status.



48
49
50
51
52
53
54
55
56
 
# File 'modules/active/Apache/mod_status.rb', line 48

def initialize(project, prefs={})
  super(project, prefs)

 

  @status_checks = ['/server-status/', '/server_status/', '/serverstatus/', '/mod-status/', '/mod_status/', '/modstatus', 'status']

  @checked_sites = Hash.new
end

Instance Method Details

#generateChecks(chat) ⇒ Object 



58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
 
# File 'modules/active/Apache/mod_status.rb', line 58

def generateChecks(chat)
 
  if not @checked_sites.has_key?(chat.request.site)
    @checked_sites[chat.request.site] = :checked
    @status_checks.each do |status_path|
      checker = proc {
       
        test_request = nil
        test_response = nil

        # IMPORTANT!!!
        # use copyRequest(chat) for cloning the original request
        test = chat.copyRequest
        test.setDir(status_path)

        status, test_request, test_response = fileExists?(test, :default => true)

        if test_response.status =~ /200/ and test_response.join =~ /Apache Server Status for/i then

          addFinding( test_request, test_response,
          :check_pattern => "#{status_path}",
          :proof_pattern => "Apache Server Status for",
          :test_item => status_path,
          :chat => chat,
          :title => "[Server] - Server-Status page",
          :rating => VULN_RATING_LOW
          )

        elsif test_response.status =~ /403/ then

          addFinding( test_request, test_response,
          :threat  => "Mod-status is installed but access is denied",
          :measure      => "Disable the mod_status module if not needed",
          :check_pattern => "#{status_path}",
          :proof_pattern => "403 Forbidden",
          :test_item => status_path,
          :type    => FINDING_TYPE_INFO,
          :class => "Information",
          :chat => chat,
          :title => "[Server] - Server-Status page",
          :rating => VULN_RATING_LOW
          )

        elsif test_response.status =~ /401/ then

          addFinding( test_request, test_response,
          :threat  => "Mod-status is installed but access is password protected",
          :measure      => "Disable the mod_status module if not needed",
          :check_pattern => "#{status_path}",
          :proof_pattern => "401 Unauthorized",
          :test_item => status_path,
          :type    => FINDING_TYPE_HINT,
          :class => "Information",
          :chat => chat,
          :title => "[Server] - Server-Status page",
          :rating => VULN_RATING_LOW
          )

        end

        [ test_request, test_response ]
      }
      yield checker
    end
  end
end

#resetObject 



44
45
46
 
# File 'modules/active/Apache/mod_status.rb', line 44

def reset()
  @checked_sites.clear
end