Class: Arachni::Plugins::TimingAttacks
- Inherits:
-
Arachni::Plugin::Base
- Object
- Component::Base
- Arachni::Plugin::Base
- Arachni::Plugins::TimingAttacks
- Defined in:
- components/plugins/defaults/meta/remedies/timing_attacks.rb
Overview
Provides a notice for issues uncovered by timing attacks when the affected audited pages returned unusually high response times to begin with.
Constant Summary collapse
- TAG =
Look for issue by tag name.
'timing'
- TIME_THRESHOLD =
Response times of a page must be greater or equal to this in order to be considered.
0.6
- REMARK =
'This issue was discovered using a timing-attack but the audited ' + 'page was exhibiting unusually high response times to begin with. ' + 'This could be an indication that the logged issue is a false positive.'
Constants included from Arachni
BANNER, Cookie, Form, Header, JSON, Link, LinkTemplate, NestedCookie, Severity, UIForm, UIInput, VERSION, WEBSITE, WIKI, XML
Instance Attribute Summary
Attributes inherited from Arachni::Plugin::Base
Class Method Summary collapse
Instance Method Summary collapse
Methods inherited from Arachni::Plugin::Base
#browser_cluster, #clean_up, distributable, distributable?, #framework_abort, #framework_pause, #framework_resume, gems, #http, #info, #initialize, is_distributable, merge, #register_results, #session, #wait_while_framework_running, #with_browser
Methods inherited from Component::Base
author, description, fullname, #shortname, shortname, shortname=, version
Methods included from Component::Output
#depersonalize_output, #depersonalize_output?, #intercept_print_message
Methods included from UI::Output
#caller_location, #debug?, #debug_level, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #error_buffer, #error_log_fd, #error_logfile, #has_error_log?, #included, #log_error, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_exception, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #set_error_logfile, #unmute, #verbose?, #verbose_off, #verbose_on
Methods included from Component::Utilities
Methods included from Utilities
#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite
Methods included from Arachni
URI, collect_young_objects, #get_long_win32_filename, jruby?, null_device, profile?, windows?
Constructor Details
This class inherits a constructor from Arachni::Plugin::Base
Class Method Details
.info ⇒ Object
77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 |
# File 'components/plugins/defaults/meta/remedies/timing_attacks.rb', line 77 def self.info { name: 'Timing attack anomalies', description: %q{ Analyzes the scan results and logs issues that used timing attacks while the affected web pages demonstrated an unusually high response time; a situation which renders the logged issues inconclusive or (possibly) false positives. Pages with high response times usually include heavy-duty processing which makes them prime targets for Denial-of-Service attacks. }, author: 'Tasos "Zapotek" Laskos <[email protected]>', version: '0.3.1', tags: %w(anomaly timing attacks meta) } end |
Instance Method Details
#prepare ⇒ Object
28 29 30 31 |
# File 'components/plugins/defaults/meta/remedies/timing_attacks.rb', line 28 def prepare @times = {} @counter = {} end |
#restore(data) ⇒ Object
33 34 35 |
# File 'components/plugins/defaults/meta/remedies/timing_attacks.rb', line 33 def restore( data ) @times, @counter = *data end |
#run ⇒ Object
37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 |
# File 'components/plugins/defaults/meta/remedies/timing_attacks.rb', line 37 def run # Run for each response as it arrives. http.on_complete do |response| # We don't care about non OK responses. next if response.code != 200 url = response.parsed_url.up_to_path.persistent_hash @counter[url] ||= @times[url] ||= 0 # Add up all request times for a specific path. @times[url] += response.time # Add up all requests for each path. @counter[url] += 1 end wait_while_framework_running avg = {} # Calculate average request time for each path. @times.each_pair { |url, time| avg[url] = time / @counter[url] } Data.issues.each do |issue| response_time = avg[uri_parse( issue.vector.action ).up_to_path.persistent_hash] next if !issue..( TAG ) || !response_time || response_time < TIME_THRESHOLD issue.add_remark :meta_analysis, REMARK # Requires manual verification. issue.trusted = false end end |
#suspend ⇒ Object
73 74 75 |
# File 'components/plugins/defaults/meta/remedies/timing_attacks.rb', line 73 def suspend [@times, @counter] end |