Class: Watobo::Plugin::Catalog::Check

Inherits:

ActiveCheck

Object
Session
ActiveCheck
Watobo::Plugin::Catalog::Check

Defined in:: plugins/catalog/catalog.rb

Constant Summary

Constants included from Constants

Instance Attribute Summary collapse

#db_files ⇒ Object writeonly

Sets the attribute db_files.
#path ⇒ Object writeonly

Sets the attribute path.
#var_files ⇒ Object writeonly

Sets the attribute var_files.

Instance Method Summary collapse

#generateChecks(chat) ⇒ Object
#initialize(project) ⇒ Check constructor

A new instance of Check.
#loadChecks(path) ⇒ Object
#loadDBFiles(path, *opts) ⇒ Object
#loadVars(path) ⇒ Object
#reset ⇒ Object

Methods included from CheckInfoMixin::InfoMethods

#check_group, #check_name

Constructor Details

#initialize(project) ⇒ `Check`

Returns a new instance of Check.

# File 'plugins/catalog/catalog.rb', line 154

def initialize(project)
  super(project, project.getScanPreferences())

 

  @path = nil

  @dbvars = Hash.new

  @catalog_checks = []

  @db_files = %w( db_tests )
  @var_files = %w( db_variables )

  @threat_list = [ "File Upload", "Interesting File", "Misconfiguration", "Information Disclosure", "Injection (XSS/Script/HTML)",
    "Remote File Retrieval", "Denial of Service", "Remote File Retrieval", "Command Execution", "SQL Injection",
    "Authentication Bypass", "Software Identification", "Remote source inclusion" ]

end

Instance Attribute Details

#db_files=(value) ⇒ `Object` (writeonly)

Sets the attribute db_files

Parameters:

value —

the value to set the attribute db_files to.



48
49
50

# File 'plugins/catalog/catalog.rb', line 48

def db_files=(value)
  @db_files = value
end

#path=(value) ⇒ `Object` (writeonly)

Sets the attribute path

Parameters:

value —

the value to set the attribute path to.



50
51
52

# File 'plugins/catalog/catalog.rb', line 50

def path=(value)
  @path = value
end

#var_files=(value) ⇒ `Object` (writeonly)

Sets the attribute var_files

Parameters:

value —

the value to set the attribute var_files to.



49
50
51

# File 'plugins/catalog/catalog.rb', line 49

def var_files=(value)
  @var_files = value
end

Instance Method Details

#generateChecks(chat) ⇒ `Object`

# File 'plugins/catalog/catalog.rb', line 178

def generateChecks(chat)
  begin
    loadChecks(@path) do |dbid, osvdb, threat, uri, method, match, or_match, and_match, fail, or_fail, summary, post_data, headers|

      checker = proc {
        test_request = nil
        test_response = nil
       
        test = chat.copyRequest
        test.replaceFileExt(uri.gsub(/^\//,''))

        if method !~ /get/i then
          test.replaceMethod(method)
        end

        if method =~ /post/i then
          test.addHeader("Content-Length", "0")
        end
                       
        status, test_request, test_response = fileExists?(test, :default => true)
       
        
        unless test_request.nil? or test_response.nil? then
          test_result = false
          response = test_response.join
          if status == true
            
            if ( (match.empty? and or_match.empty?) or ( match != "" and response =~ /#{Regexp.quote(match)}/i) or ( or_match != "" and response =~ /#{Regexp.quote(or_match)}/i )) then
              test_result = true
              if and_match != "" then
                test_result = false
                test_result = true if response =~ /#{Regexp.quote(and_match)}/i

              end
            end
            test_result = false if fail != "" and response =~ /#{Regexp.quote(fail)}/i
            test_result = false if or_fail != "" and response =~ /#{Regexp.quote(or_fail)}/i

            if test_result then
              path = test_request.path
              addFinding(  test_request, test_response,
              :test_item => uri,
              :proof_pattern => "#{Regexp.quote(match)}",
              :check_pattern => "#{Regexp.quote(uri)}",
              :chat => chat,
              :threat => "#{summary}",
              :title => "[#{uri}] - #{path}"

              )
            end
          end
        end
        [ test_request, test_response ]
      }
      yield checker
    end
  rescue => bang
    puts "!error in module #{Module.nesting[0].name}"
    puts bang
  end
end

#loadChecks(path) ⇒ `Object`

# File 'plugins/catalog/catalog.rb', line 118

def loadChecks(path)
  begin
    puts "=== Initialize Catalog Scanner ==="
    loadVars(path)
    loadDBFiles(path)
    # setup regex
    dummy = []
    pattern = nil
    count = 0
    @dbvars.each_key do |k| dummy << k; end
    pattern = "(#{dummy.join("|")})" if dummy.length > 0
    @catalog_checks.each do |dbid, osvdb, threat, uri, method, match, or_match, and_match, fail, or_fail, summary, post_data, headers|

      if pattern and uri =~ /(#{pattern})/
        key = $1
        @dbvars[key].each do |v|
            new_uri = uri.gsub(/#{key}/, v)
            if new_uri =~ /#{pattern}/
              @catalog_checks << [ dbid, osvdb, threat, new_uri, method, match, or_match, and_match, fail, or_fail, summary, post_data, headers ]
            else
              yield dbid, osvdb, threat, new_uri, method, match, or_match, and_match, fail, or_fail, summary, post_data, headers
            end
      
        end
      else
        yield dbid, osvdb, threat, uri, method, match, or_match, and_match, fail, or_fail, summary, post_data, headers
      end
    end
  rescue => bang
    puts bang
    puts bang.backtrace if $DEBUG
  end
end

#loadDBFiles(path, *opts) ⇒ `Object`

# File 'plugins/catalog/catalog.rb', line 93

def loadDBFiles(path, *opts)
  dbpath = Dir.getwd
  dbpath = path if not path.nil?
  @catalog_checks.clear

  @db_files.each do |file|
    # puts "* loading db file #{file}.."
    fname = File.join( dbpath, file)
    if File.exists?(fname)
      File.open(fname) { |fh|
        fh.each do |line|
          next if line.strip =~ /^#/                  
          fields = line.split("\",")
          fields.map!{ |f| f.gsub!(/^"/,'') }
          fields.first.gsub!(/^\"/,"")
          fields.last.gsub!(/\"?/,"")
          @catalog_checks.push fields
        end
      }
      else
      puts "* file (#{fname}) does not exist. Please check path and name."
    end
  end
end

#loadVars(path) ⇒ `Object`

# File 'plugins/catalog/catalog.rb', line 67

def loadVars(path)
  dbpath = Dir.getwd
  dbpath = path if not path.nil?
  @dbvars.clear
  @var_files.each do |file|
    # puts "* loading var-file #{file}"
    fname = File.join( dbpath, file)
    if File.exists?(fname)
      File.open(fname) { |fh|
        fh.each do |line|
          if line.strip =~ /^[^#]/ and line =~ /=/
            key,vars = line.split("=")
            key.strip!

            @dbvars[key] = vars.strip.split(" ")
          end
        end
      }
    else
      puts "* file (#{fname}) does not exist. Please check path and name."
    end
    # puts "* db vars total: #{@dbvars.length}"
  end
  @dbvars["@RFIURL"] = [ "http://cirt.net/rfiinc.txt" ] unless @dbvars.has_key? "@RFIURL"
end

#reset ⇒ `Object`



174
175
176

# File 'plugins/catalog/catalog.rb', line 174

def reset()
  @catalog_checks.clear
end

Class: Watobo::Plugin::Catalog::Check

Constant Summary

Constants included from Constants

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from CheckInfoMixin::InfoMethods

Constructor Details

#initialize(project) ⇒ Check

Instance Attribute Details

#db_files=(value) ⇒ Object (writeonly)

#path=(value) ⇒ Object (writeonly)

#var_files=(value) ⇒ Object (writeonly)

Instance Method Details

#generateChecks(chat) ⇒ Object

#loadChecks(path) ⇒ Object

#loadDBFiles(path, *opts) ⇒ Object

#loadVars(path) ⇒ Object

#reset ⇒ Object

#initialize(project) ⇒ `Check`

#db_files=(value) ⇒ `Object` (writeonly)

#path=(value) ⇒ `Object` (writeonly)

#var_files=(value) ⇒ `Object` (writeonly)

#generateChecks(chat) ⇒ `Object`

#loadChecks(path) ⇒ `Object`

#loadDBFiles(path, *opts) ⇒ `Object`

#loadVars(path) ⇒ `Object`

#reset ⇒ `Object`