Class: Arachni::Plugins::HeadersCollector

Inherits:
Arachni::Plugin::Base show all
Defined in:
components/plugins/headers_collector.rb

Overview

Author:

Constant Summary

Constants included from Arachni

BANNER, Cookie, Form, Header, JSON, Link, LinkTemplate, NestedCookie, Severity, UIForm, UIInput, VERSION, WEBSITE, WIKI, XML

Instance Attribute Summary

Attributes inherited from Arachni::Plugin::Base

#framework, #options

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Arachni::Plugin::Base

#browser_cluster, #clean_up, distributable, distributable?, #framework_abort, #framework_pause, #framework_resume, gems, #http, #info, #initialize, is_distributable, #register_results, #session, #wait_while_framework_running, #with_browser

Methods inherited from Component::Base

author, description, fullname, #shortname, shortname, shortname=, version

Methods included from Component::Output

#depersonalize_output, #depersonalize_output?, #intercept_print_message

Methods included from UI::Output

#caller_location, #debug?, #debug_level, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #error_buffer, #error_log_fd, #error_logfile, #has_error_log?, #included, #log_error, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_exception, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #set_error_logfile, #unmute, #verbose?, #verbose_off, #verbose_on

Methods included from Component::Utilities

#read_file

Methods included from Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Methods included from Arachni

URI, collect_young_objects, #get_long_win32_filename, jruby?, null_device, profile?, windows?

Constructor Details

This class inherits a constructor from Arachni::Plugin::Base

Class Method Details

.infoObject



78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'components/plugins/headers_collector.rb', line 78

def self.info
    {
        name:        'Headers collector',
        description: %q{
Intercepts HTTP responses and logs headers whose name matches the specified criteria.

**NOTE**:

* Header names will be lower-case.
* If no patterns have been provided, all response headers will be logged.
},
        author:      'Tasos "Zapotek" Laskos <[email protected]>',
        version:     '0.1',
        options:     [
            Options::String.new( :include,
                description: 'Include headers whose name matches the pattern.'
            ),
            Options::String.new( :exclude,
                description: 'Exclude headers whose name matches the pattern.'
            )
        ]
    }
end

.merge(results) ⇒ Object



64
65
66
67
68
69
70
71
72
73
74
75
76
# File 'components/plugins/headers_collector.rb', line 64

def self.merge( results )
    merged = Hash.new do |h, url|
        h[url] = {}
    end

    results.each do |headers_per_url|
        headers_per_url.each do |url, headers|
            merged[url].merge! headers
        end
    end

    {}.merge( merged )
end

Instance Method Details

#collect?(name) ⇒ Boolean

Returns:

  • (Boolean)


54
55
56
57
58
59
60
61
62
# File 'components/plugins/headers_collector.rb', line 54

def collect?( name )
    return false if @exclude_pattern && @exclude_pattern =~ name

    if @include_pattern
        return @include_pattern =~ name
    end

    true
end

#prepareObject



14
15
16
17
18
19
20
21
22
23
24
25
26
# File 'components/plugins/headers_collector.rb', line 14

def prepare
    if options[:include]
        @include_pattern = Regexp.new( options[:include] )
    end

    if options[:exclude]
        @exclude_pattern = Regexp.new( options[:exclude] )
    end

    @headers_per_url = Hash.new do |h, url|
        h[url] = {}
    end
end

#restore(headers) ⇒ Object



28
29
30
31
# File 'components/plugins/headers_collector.rb', line 28

def restore( headers )
    prepare
    @headers_per_url.merge!( headers )
end

#runObject



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# File 'components/plugins/headers_collector.rb', line 37

def run
    http.on_complete do |response|
        next if response.scope.out?

        headers = response.headers.select { |name, _| collect?( name.to_s.downcase ) }
        next if headers.empty?

        @headers_per_url[response.url].merge! headers
    end

    wait_while_framework_running

    # The merge is here to remove the default hash Proc which cannot be
    # serialized.
    register_results( {}.merge( @headers_per_url ) )
end

#suspendObject



33
34
35
# File 'components/plugins/headers_collector.rb', line 33

def suspend
    @headers_per_url
end