Class: Watobo::Modules::Passive::Possible_login
- Inherits:
-
PassiveCheck
- Object
- PassiveCheck
- Watobo::Modules::Passive::Possible_login
- Defined in:
- modules/passive/possible_login.rb
Constant Summary
Constants included from Constants
Constants::AC_GROUP_APACHE, Constants::AC_GROUP_DOMINO, Constants::AC_GROUP_ENUMERATION, Constants::AC_GROUP_FILE_INCLUSION, Constants::AC_GROUP_FLASH, Constants::AC_GROUP_GENERIC, Constants::AC_GROUP_JBOSS, Constants::AC_GROUP_JOOMLA, Constants::AC_GROUP_SAP, Constants::AC_GROUP_SQL, Constants::AC_GROUP_TYPO3, Constants::AC_GROUP_XSS, Constants::AUTH_TYPE_BASIC, Constants::AUTH_TYPE_DIGEST, Constants::AUTH_TYPE_NONE, Constants::AUTH_TYPE_NTLM, Constants::CHAT_SOURCE_AUTO_SCAN, Constants::CHAT_SOURCE_FUZZER, Constants::CHAT_SOURCE_INTERCEPT, Constants::CHAT_SOURCE_MANUAL, Constants::CHAT_SOURCE_MANUAL_SCAN, Constants::CHAT_SOURCE_PROXY, Constants::CHAT_SOURCE_UNDEF, Constants::DEFAULT_PORT_HTTP, Constants::DEFAULT_PORT_HTTPS, Constants::FINDING_TYPE_HINT, Constants::FINDING_TYPE_INFO, Constants::FINDING_TYPE_UNDEFINED, Constants::FINDING_TYPE_VULN, Constants::FIRST_TIME_FILE, Constants::GUI_REGULAR_FONT_SIZE, Constants::GUI_SMALL_FONT_SIZE, Constants::ICON_PATH, Constants::LOG_DEBUG, Constants::LOG_INFO, Constants::SCAN_CANCELED, Constants::SCAN_FINISHED, Constants::SCAN_PAUSED, Constants::SCAN_STARTED, Constants::TE_CHUNKED, Constants::TE_COMPRESS, Constants::TE_DEFLATE, Constants::TE_GZIP, Constants::TE_IDENTITY, Constants::TE_NONE, Constants::VULN_RATING_CRITICAL, Constants::VULN_RATING_HIGH, Constants::VULN_RATING_INFO, Constants::VULN_RATING_LOW, Constants::VULN_RATING_MEDIUM, Constants::VULN_RATING_UNDEFINED
Instance Method Summary collapse
- #do_test(chat) ⇒ Object
-
#initialize(project) ⇒ Possible_login
constructor
A new instance of Possible_login.
Constructor Details
#initialize(project) ⇒ Possible_login
Returns a new instance of Possible_login.
31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# File 'modules/passive/possible_login.rb', line 31 def initialize(project) @project = project super(project) @info.update( :check_name => 'Detect Logins', # name of check which briefly describes functionality, will be used for tree and progress views :description => "Detect possible and also unencrypted logins.", # description of checkfunction :author => "Andreas Schmidt", # author of check :version => "0.9" # check version ) @finding.update( :threat => 'If login credentials are sent over an unencrypted channel, an attacker may eavesdrop these information.' # thread of vulnerability, e.g. loss of information ) @check_name = "Detect Logins" @description = "maybe usefull?" @possible_login_patterns=%w[ (username) (password) (passwd) (pass) (uid) (userid) ] end |
Instance Method Details
#do_test(chat) ⇒ Object
54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 |
# File 'modules/passive/possible_login.rb', line 54 def do_test(chat) begin # puts "running module: #{Module.nesting[0].name}" all_parms = chat.request.post_parms if all_parms # puts all_parms # resource = "/" + chat.request.resource all_parms.each do |parm| @possible_login_patterns.each do |pattern| # puts "Testing pattern #{pattern} on postparms\r\n#{parm}" if parm =~ /#{pattern}/i match = $1 addFinding( :class => "Logins", # vulnerability class, e.g. Stored XSS, SQL-Injection, ... :type => FINDING_TYPE_HINT, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN :check_pattern => "#{parm}", :chat => chat, :title => "#{chat.request.path_ext}" #:debug => true ) # check for unecrypted transfer if not chat.request.proto =~ /https/i addFinding( :class => "Unencrypted Logins", # vulnerability class, e.g. Stored XSS, SQL-Injection, ... :type => FINDING_TYPE_VULN, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN :check_pattern => "#{chat.request.proto}", :chat => chat, :rating => VULN_RATING_HIGH, :title => "#{chat.request.path_ext}" # :debug => true ) end # also check if session id has been redefined puts "* check session managment" = chat.request..select do |rc| = true chat.response. do |nc| if rc =~ /^#{nc.name}/ rc_name, rc_value = rc.split("=") = false unless rc_value == nc.value end puts ":#{rc} - #{nc.name} - #{}" end puts ":#{rc} >> #{}" end puts "old cookies (#{.length})" .map do |c| addFinding( :class => "Session Managment", # vulnerability class, e.g. Stored XSS, SQL-Injection, ... :type => FINDING_TYPE_VULN, # FINDING_TYPE_HINT, FINDING_TYPE_INFO, FINDING_TYPE_VULN :check_pattern => "#{c}", :chat => chat, :rating => VULN_RATING_MEDIUM, :title => "#{chat.request.path_ext}", :threat => "Session Cookie has not been renewed after login. Session-Fixation attacks may be possible." # :debug => true ) end return true end end end end rescue => bang puts "ERROR!! #{Module.nesting[0].name}" puts bang puts bang.backtrace if $DEBUG end end |