Class: Arachni::UI::CLI::Framework::OptionParser

Inherits:
OptionParser show all
Defined in:
ui/cli/framework/option_parser.rb

Overview

Author:

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods inherited from OptionParser

#on, #options, #parse, #parser, #separator

Methods included from Utilities

#list_checks, #list_platforms, #list_plugins, #list_reporters, #load_profile, #print_banner, #print_issues, #save_profile

Methods included from Support::Mixins::Terminal

#clear_screen, #empty_screen, #flush, #move_to_home, #reprint, #reputs, #restr

Methods included from Arachni::Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Methods included from Output

#caller_location, #debug?, #debug_level, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #error_buffer, #error_log_fd, #error_logfile, #has_error_log?, #included, #log_error, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_exception, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #set_error_logfile, #unmute, #verbose?, #verbose_off, #verbose_on

Constructor Details

#initializeOptionParser

Returns a new instance of OptionParser.


21
22
23
24
25
26
# File 'ui/cli/framework/option_parser.rb', line 21

def initialize
    super

    # Listing components can be handled here but we need a framework for that.
    @framework = Arachni::Framework.new
end

Instance Attribute Details

#frameworkObject (readonly)

Returns the value of attribute framework.


19
20
21
# File 'ui/cli/framework/option_parser.rb', line 19

def framework
  @framework
end

Instance Method Details

#after_parseObject


719
720
721
722
723
724
725
726
727
728
729
# File 'ui/cli/framework/option_parser.rb', line 719

def after_parse
    if @save_profile_path
        save_profile( @save_profile_path )
        exit 0
    end

    options.url = ARGV.shift
rescue Options::Error::InvalidURL => e
    print_bad e
    exit
end

#auditObject


196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
# File 'ui/cli/framework/option_parser.rb', line 196

def audit
    separator ''
    separator 'Audit'

    on( '--audit-links', 'Audit links.' ) do
        options.audit.links = true
    end

    on( '--audit-forms', 'Audit forms.' ) do
        options.audit.forms = true
    end

    on( '--audit-cookies', 'Audit cookies.' ) do
        options.audit.cookies = true
    end

    on( '--audit-nested-cookies', 'Audit nested cookies.' ) do
        options.audit.nested_cookies = true
    end

    on( '--audit-cookies-extensively',
           'Submit all links and forms of the page along with the cookie permutations.',
           '(*WARNING*: This will severely increase the scan-time.)'
    ) do
        options.audit.cookies_extensively = true
    end

    on( '--audit-headers', 'Audit headers.' ) do
        options.audit.headers = true
    end

    on( '--audit-link-template TEMPLATE', Regexp,
        'Regular expression with named captures to use to extract input information from generic paths.',
        "To extract the 'input1' and 'input2' inputs from:",
        '  http://example.com/input1/value1/input2/value2',
        'Use:',
        '  input1/(?<input1>\w+)/input2/(?<input2>\w+)',
        '(Can be used multiple times.)'
    ) do |pattern|
        # We merge this way to enforce validation from the options group.
        options.audit.link_templates |= [pattern]
    end

    on( '--audit-jsons', 'Audit JSON request inputs.' ) do
        options.audit.jsons = true
    end

    on( '--audit-xmls', 'Audit XML request inputs.' ) do
        options.audit.xmls = true
    end

    on( '--audit-ui-inputs', 'Audit orphan <input> elements with events.' ) do
        options.audit.ui_inputs = true
    end

    on( '--audit-ui-forms', 'Audit UI Forms.',
        'Input and button groups that do not belong to a parent <form> element.' ) do
        options.audit.ui_forms = true
    end

    on( '--audit-parameter-names',
        'Inject payloads into parameter names.'
    ) do
        options.audit.parameter_names = true
    end

    on( '--audit-with-raw-payloads',
        'Inject payloads with and without HTTP encoding.'
    ) do
        options.audit.with_raw_payloads = true
    end

    on( '--audit-with-extra-parameter',
        'Inject payloads into extra element parameters.'
    ) do
        options.audit.with_extra_parameter = true
    end

    on( '--audit-with-both-methods',
           'Audit elements with both GET and POST requests.',
           '(*WARNING*: This will severely increase the scan-time.)'
    ) do
        options.audit.with_both_http_methods = true
    end

    on( '--audit-exclude-vector PATTERN', Regexp,
           'Exclude input vectors whose name matches PATTERN.',
           '(Can be used multiple times.)' ) do |name|
        options.audit.exclude_vector_patterns << name
    end

    on( '--audit-include-vector PATTERN', Regexp,
        'Include only input vectors whose name matches PATTERN.',
        '(Can be used multiple times.)' ) do |name|
        options.audit.include_vector_patterns << name
    end
end

#authorized_byObject


28
29
30
31
32
33
34
35
36
# File 'ui/cli/framework/option_parser.rb', line 28

def authorized_by
    on( '--authorized-by EMAIL_ADDRESS',
           'E-mail address of the person who authorized the scan.',
           "(It'll make it easier on the sys-admins during log reviews.)",
           "(Will be used as a value for the 'From' HTTP request header.)"
    ) do |email_address|
        options.authorized_by = email_address
    end
end

794
795
796
# File 'ui/cli/framework/option_parser.rb', line 794

def banner
    "#{super} URL"
end

#browser_clusterObject


577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
# File 'ui/cli/framework/option_parser.rb', line 577

def browser_cluster
    separator ''
    separator 'Browser cluster'

    on( '--browser-cluster-local-storage FILE',
        "Sets the browsers' local storage using the JSON data in FILE."
    ) do |file|
        options.browser_cluster.local_storage = ::JSON.load( IO.read( file ) )
    end

    on( '--browser-cluster-session-storage FILE',
        "Sets the browsers' session storage using the JSON data in FILE."
    ) do |file|
        options.browser_cluster.session_storage = ::JSON.load( IO.read( file ) )
    end

    on( '--browser-cluster-wait-for-element PATTERN:CSS',
        'Wait for element matching CSS to appear when visiting a page whose' <<
        ' URL matches the PATTERN.'
    ) do |rule|
        pattern, css = rule.split( ':', 2 )
        options.browser_cluster.wait_for_elements[ Regexp.new( pattern ) ] =
            css
    end

    on( '--browser-cluster-wait-for-timers',
        'Wait for the maximum setTimeout() on each page.',
        "(Default: #{options.browser_cluster.wait_for_timers})"
    ) do
        options.browser_cluster.wait_for_timers = true
    end

    on( '--browser-cluster-pool-size SIZE', Integer,
        'Amount of browser workers to keep in the pool and put to work.',
        "(Default: #{options.browser_cluster.pool_size})"
    ) do |pool_size|
        options.browser_cluster.pool_size = pool_size
    end

    on( '--browser-cluster-job-timeout SECONDS', Integer,
        'Maximum allowed time for each job.',
        "(Default: #{options.browser_cluster.job_timeout})"
    ) do |job_timeout|
        options.browser_cluster.job_timeout = job_timeout
    end

    on( '--browser-cluster-worker-time-to-live LIMIT', Integer,
        'Re-spawn the browser of each worker every LIMIT jobs.',
        "(Default: #{options.browser_cluster.worker_time_to_live})"
    ) do |worker_time_to_live|
        options.browser_cluster.worker_time_to_live = worker_time_to_live
    end

    on( '--browser-cluster-ignore-images', 'Do not load images.' ) do |ignore_images|
        options.browser_cluster.ignore_images = ignore_images
    end

    on( '--browser-cluster-screen-width', Integer,
        'Browser screen width.',
        "(Default: #{options.browser_cluster.screen_width})"
    ) do |width|
        options.browser_cluster.screen_width = width
    end

    on( '--browser-cluster-screen-height', Integer,
        'Browser screen height.',
        "(Default: #{options.browser_cluster.screen_height})"
    ) do |height|
        options.browser_cluster.screen_height = height
    end
end

#checksObject


450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
# File 'ui/cli/framework/option_parser.rb', line 450

def checks
    separator ''
    separator 'Checks'

    on( '--checks-list [GLOB]',
           'List available checks based on the provided glob.',
           '(If no glob is provided all checks will be listed.)'
    ) do |pattern|
        list_checks( framework.list_checks( pattern ) )
        exit
    end

    on( '--checks CHECK,CHECK2,...',
           'Comma separated list of checks to load.',
           "    Checks are referenced by their filename without the '.rb' extension, use '--checks-list' to list all.",
           "    Use '*' as a check name to load all checks or as a wildcard, like so:",
           '        xss*   to load all XSS checks',
           '        sql_injection*  to load all SQL injection checks',
           '        etc.',
           '',
           '    You can exclude checks by prefixing their name with a minus sign:',
           '        --checks=*,-backup_files,-xss',
           "    The above will load all checks except for the 'backup_files' and 'xss' checks.",
           '',
           '    Or mix and match:',
           '        -xss*   to unload all XSS checks.'
    ) do |checks|
        options.checks |= checks.split( ',' )
    end
end

#daemon_friendlyObject


38
39
40
41
42
43
44
# File 'ui/cli/framework/option_parser.rb', line 38

def daemon_friendly
    on( '--daemon-friendly',
        'Enable this option when running the process in the background.'
    ) do |b|
        @daemon_friendly = b
    end
end

#daemon_friendly?Boolean

Returns:

  • (Boolean)

46
47
48
# File 'ui/cli/framework/option_parser.rb', line 46

def daemon_friendly?
    !!@daemon_friendly
end

#get_timeoutObject


715
716
717
# File 'ui/cli/framework/option_parser.rb', line 715

def get_timeout
    @timeout
end

#httpObject


294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
# File 'ui/cli/framework/option_parser.rb', line 294

def http
    separator ''
    separator 'HTTP'

    on( '--http-user-agent USER_AGENT',
        "Value for the 'User-Agent' HTTP request header.",
        "(Default: #{options.http.user_agent})"
    ) do |user_agent|
        options.http.user_agent = user_agent
    end

    on( '--http-request-concurrency MAX_CONCURRENCY', Integer,
           'Maximum HTTP request concurrency.',
           "(Default: #{options.http.request_concurrency})",
           '(Be careful not to kill your server.)',
           '(*NOTE*: If your scan seems unresponsive try lowering the limit.)'
    ) do |concurrency|
        options.http.request_concurrency = concurrency
    end

    on( '--http-request-timeout TIMEOUT', Integer,
        'HTTP request timeout in milliseconds.',
        "(Default: #{options.http.request_timeout})"
    ) do |username|
        options.http.request_timeout = username
    end

    on( '--http-request-redirect-limit LIMIT', Integer,
        'Maximum amount of redirects to follow for each HTTP request.',
        "(Default: #{options.http.request_redirect_limit})"
    ) do |limit|
        options.http.request_redirect_limit = limit
    end

    on( '--http-request-queue-size QUEUE_SIZE', Integer,
           'Maximum amount of requests to keep in the queue.',
           'Bigger size means better scheduling and better performance,',
           'smaller means less RAM consumption.',
           "(Default: #{options.http.request_queue_size})"
    ) do |size|
        options.http.request_queue_size = size
    end

    on( '--http-request-header NAME=VALUE',
        'Specify custom headers to be included in the HTTP requests.',
        '(Can be used multiple times.)'
    ) do |user_agent|
        header, val = user_agent.split( '=', 2 )
        options.http.request_headers[header] = val
    end

    on( '--http-response-max-size LIMIT', Integer,
           'Do not download response bodies larger than the specified LIMIT, in bytes.',
           "(Default: #{options.http.response_max_size})"
    ) do |size|
        options.http.response_max_size = size
    end

    on( '--http-cookie-jar COOKIE_JAR_FILE',
           'Netscape-styled HTTP cookiejar file.'
    ) do |file|
        options.http.cookie_jar_filepath = file
    end

    on( '--http-cookie-string COOKIE',
           "Cookie representation as a 'Set-Cookie' HTTP response header.",
           'Example: my_cookie=my_value; Path=/, other_cookie=other_value; Path=/test'
    ) do |cookie|
        options.http.cookie_string = cookie
    end

    on( '--http-authentication-username USERNAME',
           'Username for HTTP authentication.' ) do |username|
        options.http.authentication_username = username
    end

    on( '--http-authentication-password PASSWORD',
           'Password for HTTP authentication.' ) do |password|
        options.http.authentication_password = password
    end

    on( "--http-authentication-type #{OptionGroups::HTTP::AUTHENTICATION_TYPES.join(',')}",
        'HTTP authentication type.', '(Default: auto)' ) do |type|
        options.http.authentication_type = type
    end

    on( '--http-proxy ADDRESS:PORT', 'Proxy to use.' ) do |url|
        options.http.proxy = url
        options.http.proxy_host, options.http.proxy_port = url.split( ':', 2 )
    end

    on( '--http-proxy-authentication USERNAME:PASSWORD',
           'Proxy authentication credentials.' ) do |credentials|
        options.http.proxy_username, options.http.proxy_password = credentials.split( ':', 2 )
    end

    on( "--http-proxy-type #{OptionGroups::HTTP::PROXY_TYPES.join(',')}",
           OptionGroups::HTTP::PROXY_TYPES,
           'Proxy type.', '(Default: auto)'
    ) do |type|
        options.http.proxy_type = type
    end

    on( '--http-ssl-verify-peer', 'Verify SSL peer.', '(Default: false)' ) do
        options.http.ssl_verify_peer = true
    end

    on( '--http-ssl-verify-host', 'Verify SSL host.', '(Default: false)' ) do
        options.http.ssl_verify_host = true
    end

    on( '--http-ssl-certificate PATH', 'SSL certificate to use.' ) do |file|
        options.http.ssl_certificate_filepath = file
    end

    on( "--http-ssl-certificate-type #{OptionGroups::HTTP::SSL_CERTIFICATE_TYPES.join(',')}",
        OptionGroups::HTTP::SSL_CERTIFICATE_TYPES,
        'SSL certificate type.'
    ) do |type|
        options.http.ssl_certificate_type = type
    end

    on( '--http-ssl-key PATH', 'SSL private key to use.' ) do |file|
        options.http.ssl_key_filepath = file
    end

    on( "--http-ssl-key-type #{OptionGroups::HTTP::SSL_KEY_TYPES.join(',')}",
        OptionGroups::HTTP::SSL_KEY_TYPES,
        'SSL key type.'
    ) do |type|
        options.http.ssl_key_type = type
    end

    on( '--http-ssl-key-password PASSWORD',
        'Password for the SSL private key.' ) do |pass|
        options.http.ssl_key_password = pass
    end

    on( '--http-ssl-ca PATH',
        'File holding one or more certificates with which to verify the peer.' ) do |file|
        options.http.ssl_ca_filepath = file
    end

    on( '--http-ssl-ca-directory PATH',
        'Directory holding multiple certificate files with which to verify the peer.' ) do |path|
        options.http.ssl_ca_directory = path
    end

    on( "--http-ssl-version #{OptionGroups::HTTP::SSL_VERSIONS.join(',')}",
        OptionGroups::HTTP::SSL_VERSIONS,
        'SSL version to use.'
    ) do |type|
        options.http.ssl_version = type
    end
end

#inputObject


549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
# File 'ui/cli/framework/option_parser.rb', line 549

def input
    separator ''
    separator 'Input'

    on( '--input-value PATTERN:VALUE',
        'PATTERN to match against input names and VALUE to use for them.',
        '(Can be used multiple times.)'
    ) do |rule|
        pattern, value = rule.split( ':', 2 )
        options.input.values[Regexp.new(pattern)] = value
    end

    on( '--input-values-file FILE',
        'YAML file containing a Hash object with regular expressions,' <<
            ' to match against input names, as keys and input values as values.'
    ) do |file|
        options.input.update_values_from_file( file )
    end

    on( '--input-without-defaults', 'Do not use the system default input values.' ) do
        options.input.without_defaults = true
    end

    on( '--input-force', 'Fill-in even non-empty inputs.' ) do
        options.input.force = true
    end
end

#outputObject


50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'ui/cli/framework/option_parser.rb', line 50

def output
    separator ''
    separator 'Output'

    on( '--output-verbose', 'Show verbose output.' ) do
        verbose_on
    end

    on( '--output-debug [LEVEL 1-4]', Integer, 'Show debugging information.' ) do |level|
        debug_on( level || 1 )
    end

    on( '--output-only-positives', 'Only output positive results.' ) do
        only_positives
    end
end

#platformsObject


502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
# File 'ui/cli/framework/option_parser.rb', line 502

def platforms
    separator ''
    separator 'Platforms'

    on( '--platforms-list', 'List available platforms.' ) do
        list_platforms( framework.list_platforms )
        exit
    end

    on( '--platforms-no-fingerprinting',
           'Disable platform fingerprinting.',
           '(By default, the system will try to identify the deployed server-side platforms automatically',
           'in order to avoid sending irrelevant payloads.)'
    ) do
        options.no_fingerprinting = true
    end

    on( '--platforms PLATFORM,PLATFORM2,...',
           'Comma separated list of platforms (by shortname) to audit.',
           '(The given platforms will be used *in addition* to fingerprinting. In order to restrict the audit to',
           "these platforms enable the '--platforms-no-fingerprinting' option.)"
    ) do |platforms|
        options.platforms |= platforms.split( ',' )
    end
end

#pluginsObject


481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
# File 'ui/cli/framework/option_parser.rb', line 481

def plugins
    separator ''
    separator 'Plugins'

    on( '--plugins-list [GLOB]',
           'List available plugins based on the provided glob.',
           '(If no glob is provided all plugins will be listed.)'
    ) do |pattern|
        list_plugins( framework.list_plugins( pattern ) )
        exit
    end

    on( "--plugin 'PLUGIN:OPTION=VALUE,OPTION2=VALUE2'",
           "PLUGIN is the name of the plugin as displayed by '--plugins-list'.",
           "(Plugins are referenced by their filename without the '.rb' extension, use '--plugins-list' to list all.)",
           '(Can be used multiple times.)'
    ) do |plugin|
        prepare_component_options( options.plugins, plugin )
    end
end

#profilesObject


649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
# File 'ui/cli/framework/option_parser.rb', line 649

def profiles
    separator ''
    separator 'Profiles'

    on( '--profile-save-filepath FILEPATH', String,
           'Save the current configuration profile/options to FILEPATH.'
    ) do |filepath|
        @save_profile_path = filepath
    end

    on( '--profile-load-filepath FILEPATH', String,
           'Load a configuration profile from FILEPATH.'
    ) do |filepath|
        load_profile( filepath )
    end
end

#reportObject


666
667
668
669
670
671
672
673
674
675
676
677
# File 'ui/cli/framework/option_parser.rb', line 666

def report
    separator ''
    separator 'Report'

    on( '--report-save-path PATH', String,
        'Directory or file path where to store the scan report.',
        'You can use the generated file to create reports in several ' +
            "formats with the 'arachni_reporter' executable."
    ) do |path|
        options.datastore.report_path = path
    end
end

#scopeObject


67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
# File 'ui/cli/framework/option_parser.rb', line 67

def scope
    separator ''
    separator 'Scope'

    on( '--scope-include-pattern PATTERN', Regexp,
        'Only include resources whose path/action matches PATTERN.',
        '(Can be used multiple times.)'
    ) do |pattern|
        options.scope.include_path_patterns << pattern
    end

    on( '--scope-include-subdomains', 'Follow links to subdomains.',
        "(Default: #{!!options.scope.include_subdomains})"
    ) do
        options.scope.include_subdomains = true
    end

    on( '--scope-exclude-pattern PATTERN', Regexp,
           'Exclude resources whose path/action matches PATTERN.',
           '(Can be used multiple times.)'
    ) do |pattern|
        options.scope.exclude_path_patterns << pattern
    end

    on( '--scope-exclude-file-extensions EXTENSION,EXTENSION2,..',
        'Exclude resources with the specified extensions.'
    ) do |extensions|
        options.scope.exclude_file_extensions = extensions.split(',')
    end

    on( '--scope-exclude-content-pattern PATTERN', Regexp,
           'Exclude pages whose content matches PATTERN.',
           '(Can be used multiple times.)'
    ) do |pattern|
        options.scope.exclude_content_patterns << pattern
    end

    on( '--scope-exclude-binaries',
        'Exclude non text-based pages.',
        '(Binary content can confuse passive checks that perform pattern matching.)'
    ) do
        options.scope.exclude_binaries = true
    end

    on( '--scope-redundant-path-pattern PATTERN:LIMIT',
           'Limit crawl on redundant pages like galleries or catalogs.',
           '(URLs matching PATTERN will be crawled LIMIT amount of times.)',
           '(Can be used multiple times.)'
    ) do |rule|
        pattern, counter = rule.split( ':', 2 )
        options.scope.redundant_path_patterns[ Regexp.new( pattern ) ] =
            Integer( counter )
    end

    on( '--scope-auto-redundant [LIMIT]', Integer,
           'Only follow URLs with identical query parameter names LIMIT amount of times.',
           '(Default: 10)'
    ) do |counter|
        options.scope.auto_redundant_paths = counter || 10
    end

    on( '--scope-directory-depth-limit LIMIT', Integer,
           'Directory depth limit.',
           '(Default: inf)',
           '(How deep Arachni should go into the site structure.)'
    ) do |depth|
        options.scope.directory_depth_limit = depth
    end

    on( '--scope-page-limit LIMIT', Integer,
           'How many pages to crawl and audit.',
           '(Default: inf)'
    ) do |limit|
        options.scope.page_limit = limit
    end

    on( '--scope-extend-paths FILE',
           'Add the paths in FILE to the ones discovered by the crawler.',
           '(Can be used multiple times.)'
    ) do |file|
        options.scope.extend_paths |= paths_from_file( file )
    end

    on( '--scope-restrict-paths FILE',
           'Use the paths in FILE instead of crawling.',
           '(Can be used multiple times.)'
    ) do |file|
        options.scope.restrict_paths |= paths_from_file( file )
    end

    on( '--scope-url-rewrite PATTERN:SUBSTITUTION',
        'Rewrite URLs based on the given PATTERN and SUBSTITUTION.',
        'To convert:  http://example.com/articles/some-stuff/23 to http://example.com/articles.php?id=23',
        'Use:         articles/[\w-]+/(\d+):articles.php?id=\1'
    ) do |rule|
        pattern, substitution = rule.split( ':', 2 )
        options.scope.url_rewrites[ Regexp.new( pattern ) ] =
            substitution
    end

    on( '--scope-https-only', 'Forces the system to only follow HTTPS URLs.',
        "(Default: #{!!options.scope.https_only})"
    ) do
        options.scope.https_only = true
    end

    on( '--scope-dom-depth-limit LIMIT', Integer,
        'How deep to go into the DOM tree of each page, for pages with JavaScript code.',
        "(Default: #{options.scope.dom_depth_limit})",
        "(Setting it to '0' will disable browser analysis.)"
    ) do |limit|
        options.scope.dom_depth_limit = limit
    end

    on( '--scope-dom-event-limit LIMIT', Integer,
        'How many DOM events to trigger for each DOM depth, for pages with JavaScript code.',
        "(Default: #{options.scope.dom_event_limit.nil? ? 'inf' : options.scope.dom_event_limit })",
    ) do |limit|
        options.scope.dom_event_limit = limit
    end

    on( '--scope-dom-event-inheritance-limit LIMIT', Integer,
        'How many elements should inherit the DOM events of their parents.',
        "(Default: #{options.scope.dom_event_inheritance_limit.nil? ? 'inf' : options.scope.dom_event_inheritance_limit })",
    ) do |limit|
        options.scope.dom_event_inheritance_limit = limit
    end
end

#sessionObject


528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
# File 'ui/cli/framework/option_parser.rb', line 528

def session
    separator ''
    separator 'Session'

    on( '--session-check-url URL', String,
           'URL to use to verify that the scanner is still logged in ' <<
               'to the web application.',
           "(Requires 'session-check-pattern'.)"
    ) do |url|
        options.session.check_url = url.to_s
    end

    on( '--session-check-pattern PATTERN', Regexp,
           "Pattern used against the body of the 'session-check-url'" <<
               ' to verify that the scanner is still logged in to the web application.',
           "(Requires 'session-check-url'.)"
    ) do |pattern|
        options.session.check_pattern = pattern
    end
end

#snapshotObject


679
680
681
682
683
684
685
686
687
688
689
# File 'ui/cli/framework/option_parser.rb', line 679

def snapshot
    separator ''
    separator 'Snapshot'

    on( '--snapshot-save-path PATH', String,
        'Directory or file path where to store the snapshot of a suspended scan.',
        'You can use the generated file to resume the scan with the \'arachni_restore\' executable.'
    ) do |path|
        options.snapshot.save_path = path
    end
end

#timeoutObject


691
692
693
694
695
696
697
698
699
700
# File 'ui/cli/framework/option_parser.rb', line 691

def timeout
    separator ''
    separator 'Timeout'

    on( '--timeout HOURS:MINUTES:SECONDS',
        'Stop the scan after the given duration is exceeded.'
    ) do |time|
        @timeout = Arachni::Utilities.hms_to_seconds( time )
    end
end

#timeout_suspendObject


702
703
704
705
706
707
708
709
# File 'ui/cli/framework/option_parser.rb', line 702

def timeout_suspend
    on( '--timeout-suspend',
        'Suspend after the timeout.',
        'You can use the generated file to resume the scan with the \'arachni_restore\' executable.'
    ) do
        @timeout_suspend = true
    end
end

#timeout_suspend?Boolean

Returns:

  • (Boolean)

711
712
713
# File 'ui/cli/framework/option_parser.rb', line 711

def timeout_suspend?
    !!@timeout_suspend
end

#valid_save_path?(path) ⇒ Boolean

Returns:

  • (Boolean)

790
791
792
# File 'ui/cli/framework/option_parser.rb', line 790

def valid_save_path?( path )
    !path || File.directory?( path ) || !path.end_with?( '/' )
end

#validateObject


731
732
733
734
735
736
737
738
# File 'ui/cli/framework/option_parser.rb', line 731

def validate
    validate_timeout
    validate_report_path
    validate_snapshot_save_path
    validate_session
    validate_browser
    validate_url
end

#validate_browserObject


740
741
742
743
744
745
746
747
748
749
# File 'ui/cli/framework/option_parser.rb', line 740

def validate_browser
    if options.browser_cluster.pool_size > 0 &&
      options.scope.dom_depth_limit > 0 &&
      !Browser.has_executable?

        print_bad "Missing chromedriver but configured for a DOM scan."
        print_info "Please install a compatible chromedriver and Chrome version."
        exit 1
    end
end

#validate_report_pathObject


773
774
775
776
777
778
779
# File 'ui/cli/framework/option_parser.rb', line 773

def validate_report_path
    report_path = options.datastore.report_path
    return if valid_save_path?( report_path )

    print_bad "Report path does not exist: #{report_path}"
    exit 1
end

#validate_sessionObject


781
782
783
784
785
786
787
788
# File 'ui/cli/framework/option_parser.rb', line 781

def validate_session
    if (!options.session.check_url && options.session.check_pattern) ||
        (options.session.check_url && !options.session.check_pattern)
        print_bad "Both '--session-check-url' and '--session-check-pattern'" <<
                        ' options are required.'
        exit 1
    end
end

#validate_snapshot_save_pathObject


765
766
767
768
769
770
771
# File 'ui/cli/framework/option_parser.rb', line 765

def validate_snapshot_save_path
    snapshot_path = options.snapshot.save_path
    return if valid_save_path?( snapshot_path )

    print_bad "Snapshot path does not exist: #{snapshot_path}"
    exit 1
end

#validate_timeoutObject


758
759
760
761
762
763
# File 'ui/cli/framework/option_parser.rb', line 758

def validate_timeout
    return if !@timeout || @timeout > 0

    print_bad 'Invalid timeout value.'
    exit 1
end

#validate_urlObject


751
752
753
754
755
756
# File 'ui/cli/framework/option_parser.rb', line 751

def validate_url
    return if options.url

    print_bad 'Missing URL argument.'
    exit 1
end