Class: Watobo::Modules::Passive::In_script_parameter
- Inherits:
-
PassiveCheck
- Object
- PassiveCheck
- Watobo::Modules::Passive::In_script_parameter
- Defined in:
- modules/passive/in_script_parameter.rb
Constant Summary
Constants included from Constants
Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED
Instance Method Summary collapse
- #do_test(chat) ⇒ Object
-
#initialize(project) ⇒ In_script_parameter
constructor
A new instance of In_script_parameter.
- #showError(chatid, message) ⇒ Object
Constructor Details
#initialize(project) ⇒ In_script_parameter
Returns a new instance of In_script_parameter.
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'modules/passive/in_script_parameter.rb', line 31 def initialize(project) @project = project super(project) @info.update( :check_name => 'Parameters in Script', # name of check which briefly describes functionality, will be used for tree and progress views :description => "Checks if parameter values are used within script-tags.", # description of checkfunction :author => "Andreas Schmidt", # author of check :version => "0.9" # check version ) @finding.update( :threat => 'Parameter value may be exploitable for XSS.', # thread of vulnerability, e.g. loss of information :class => "Script-Parameters", # vulnerability class, e.g. Stored XSS, SQL-Injection, ... :type => FINDING_TYPE_HINT # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN ) end |
Instance Method Details
#do_test(chat) ⇒ Object
56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'modules/passive/in_script_parameter.rb', line 56 def do_test(chat) begin parm_values = [] minlen = 3 return true unless chat.response.content_type =~ /(text|script)/ chat.request.get_parm_names.each do |parm| pv = Regexp.quote(chat.request.get_parm_value(parm)) parm_values.push pv unless pv.strip.empty? or pv.strip.length < minlen end chat.request.post_parm_names.each do |parm| pv = chat.request.post_parm_value(parm) parm_values.push pv unless pv.strip.empty? or pv.strip.length < minlen end parm_values.each do |parm_value| pattern = Regexp.quote(CGI.unescape(parm_value)) if chat.response.body =~ /<script[^<\/]*#{pattern}/i then # puts "* Found: Parameter within script" addFinding( :check_pattern => "#{parm_value}", :proof_pattern => "#{parm_value}", :chat=>chat, :title =>"[#{parm_value}] - #{chat.request.path}" ) end end rescue => bang # raise showError(chat.id, bang) end end |
#showError(chatid, message) ⇒ Object
50 51 52 53 54 |
# File 'modules/passive/in_script_parameter.rb', line 50 def showError(chatid, ) puts "!!! Error" puts "Chat: [#{chatid}]" puts end |