Class: Watobo::Modules::Passive::Hotspots
- Inherits:
-
PassiveCheck
- Object
- PassiveCheck
- Watobo::Modules::Passive::Hotspots
- Defined in:
- modules/passive/hotspots.rb
Constant Summary
Constants included from Constants
Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED
Instance Method Summary collapse
- #do_test(chat) ⇒ Object
-
#initialize(project) ⇒ Hotspots
constructor
A new instance of Hotspots.
Constructor Details
#initialize(project) ⇒ Hotspots
Returns a new instance of Hotspots.
29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'modules/passive/hotspots.rb', line 29 def initialize(project) @project = project super(project) @info.update( :check_name => 'Active Content References', # name of check which briefly describes functionality, will be used for tree and progress views :description => "Detects all references to active content pages, e.g. php, asp.", # description of checkfunction :author => "Andreas Schmidt", # author of check :version => "0.9" # check version ) @finding.update( :threat => 'References to active content pages have been found. Sometimes old and/or vulnerable functions are revealed. With this information you can also estimate if all parts of the application are covered.', # thread of vulnerability, e.g. loss of information :class => "Hotspots", # vulnerability class, e.g. Stored XSS, SQL-Injection, ... :type => FINDING_TYPE_INFO, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN :measure => "Check if these references are only pointing to \"good\" functions." ) @pattern_list = %w( php asp aspx jsp cgi ) @known_functions = [] end |
Instance Method Details
#do_test(chat) ⇒ Object
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 |
# File 'modules/passive/hotspots.rb', line 54 def do_test(chat) begin # puts "running module: #{Module.nesting[0].name}" if chat.response.content_type =~ /(text|script)/ and chat.response.status !~ /404/ then if chat.response.each do |chunk| chunk.split(/\n/).each do |line| @pattern_list.each do |ext| if line =~ /([\w%\/\\\.:-]*\.#{ext})[^\w]/ then match = $1 hotspot = Watobo::Utils::URL.create_url(chat, match) if not @known_functions.include?(match) then addFinding( :proof_pattern => match, :title => hotspot, :chat => chat, :fid => Digest::MD5.hexdigest("#{self}#{hotspot}") ) @known_functions.push match end end end end end end end rescue => bang # raise puts "ERROR!! #{Module.nesting[0].name}" puts bang end end |