Class: Watobo::Modules::Passive::Cookie_options

Inherits:
PassiveCheck
  • Object
show all
Defined in:
modules/passive/cookie_options.rb

Constant Summary

Constants included from Constants

Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED

Instance Method Summary collapse

Constructor Details

#initialize(project) ⇒ Cookie_options

Returns a new instance of Cookie_options.


51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# File 'modules/passive/cookie_options.rb', line 51

def initialize(project)
  
  @project = project
  super(project)
  @info.update(
               :check_name => 'Cookie Security',    # name of check which briefly describes functionality, will be used for tree and progress views
  :description => 'Cookies especially Session Cookies should be set only over a secure channel. Additionally there should be set some security options.',   # description of checkfunction
  :author => "Andreas Schmidt", # author of check
  :version => "0.9"   # check version
  )
  
  @finding.update(
                  :threat => 'Cookies used in this application are not secured by special Cookie Options like Secure or HTTPOnly. If Cookie Security is not in place, sensitive cookie information may be revealed.',        # thread of vulnerability, e.g. loss of information
  :class => "Cookie Security",# vulnerability class, e.g. Stored XSS, SQL-Injection, ...
  :type => FINDING_TYPE_VULN,         # e.g. Hints, Info, Vuln 
  :rating=> VULN_RATING_MEDIUM  # [Symbol] Critical, High, Medium, Low, Info
  )
end

Instance Method Details

#do_test(chat) ⇒ Object


70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# File 'modules/passive/cookie_options.rb', line 70

def do_test(chat)
  begin
    # puts "running module: #{Module.nesting[0].name}"
    if chat.response.headers.each do |h|
        if h =~ /(^Set-Cookie.*)/ then
          dummy = h.split(";")
          cookie = dummy.shift
          options = dummy.join(";")
          
          if (chat.request.proto =~ /https/i and options !~ /secure/i) or options !~ /httponly/i then
            cookie.gsub!(/=.*/,"")
            addFinding( :proof_pattern => options, 
                       :check_pattern => "Set-Cookie:.*", 
            :chat => chat, 
            :title => 'Security Options',
            :unique => cookie)
          end
        end
      end
    end
  rescue
    puts "ERROR!! #{Module.nesting[0].name}"
  end
end