Class: Watobo::Modules::Passive::Detect_code

Inherits:
PassiveCheck
  • Object
show all
Defined in:
modules/passive/detect_code.rb

Constant Summary

Constants included from Constants

Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED

Instance Method Summary collapse

Constructor Details

#initialize(project) ⇒ Detect_code

Returns a new instance of Detect_code.



30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# File 'modules/passive/detect_code.rb', line 30

def initialize(project)
    @project = project
  super(project)
  
  @info.update(
    :check_name => 'Detect Code Snippets',    # name of check which briefly describes functionality, will be used for tree and progress views
    :description => "Detects code snippets which may reveal sensitive information.",   # description of checkfunction
    :author => "Andreas Schmidt", # author of check
    :version => "0.9"   # check version
    )
    
  @finding.update(
    :threat => 'Code snippets may reveal internal information like database passwords.',        # thread of vulnerability, e.g. loss of information
    :class => "Code Snippets",    # vulnerability class, e.g. Stored XSS, SQL-Injection, ...
    :type => FINDING_TYPE_HINT         # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN 
  )
  
 
  @pattern_list = []
  @pattern_list << ['<\?php', "PHP" ]
  @pattern_list << [ '<!--[^>]*select ', "COMMENT" ]
  @pattern_list << [ '\/\*[^(\*\/)]*select ', "COMMENT" ]
  @pattern_list << [ '\/\/[^(\*\/\n)]*select ', "COMMENT" ]
  @pattern_list << [ 'sample code', "COMMENT" ]
      @pattern_list << [ '<%[^<%]*%>', "ASP" ]
  
  
end

Instance Method Details

#do_test(chat) ⇒ Object



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# File 'modules/passive/detect_code.rb', line 59

def do_test(chat)
  begin
    #  puts "running module: #{Module.nesting[0].name}"
    #   puts "body" + chat.response.body.join
    return if chat.response.nil? or chat.response.body.nil?
    if chat.response.content_type =~ /text/ then
    
      @pattern_list.each do |pat, type|
        #   puts "+check pattern #{pat}"
        if  chat.response.body =~ /(#{pat})/i then
          #   puts "!!! MATCH !!!"
          
          match = $1
          path = "/" + chat.request.path
          addFinding(  
          :proof_pattern => "#{Regexp.quote(match)}", 
          :chat => chat,
          :title => "[#{type}] - #{path}"
          )
        end
    end
    end
  rescue => bang
    #raise
    puts "ERROR!! #{Module.nesting[0].name}"
    puts bang
    puts bang.backtrace if $DEBUG
  end
end