Class: Arachni::Browser::Javascript::TaintTracer

Inherits:

Proxy

• Object
• Proxy
• Arachni::Browser::Javascript::TaintTracer

Defined in:

lib/arachni/browser/javascript/taint_tracer.rb,
lib/arachni/browser/javascript/taint_tracer/frame.rb,
lib/arachni/browser/javascript/taint_tracer/sink/base.rb,
lib/arachni/browser/javascript/taint_tracer/sink/data_flow.rb,
lib/arachni/browser/javascript/taint_tracer/sink/execution_flow.rb,
lib/arachni/browser/javascript/taint_tracer/frame/called_function.rb

Overview

Provides access to the `TaintTracer` JS interface, with extra Ruby-side functionality to format results of functions that return sink data.

Author:

• Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Defined Under Namespace

Classes: Frame, Sink

Instance Attribute Summary

Attributes inherited from Proxy

#javascript, #stub

Instance Method Summary

• #class ⇒ Object
• #data_flow_sinks ⇒ Array<Sink::DataFlow>

  JS data flow sink data.

• #debugging_data ⇒ Array<Sink::ExecutionFlow>

  JS debugging information.

• #execution_flow_sinks ⇒ Array<Sink::ExecutionFlow>

  JS execution flow sink data.

• #flush_data_flow_sinks ⇒ Array<Sink::DataFlow>

  Returns and clears #data_flow_sinks.

• #flush_execution_flow_sinks ⇒ Array<Sink::ExecutionFlow>

  Returns and clears #execution_flow_sinks.

• #initialize(javascript) ⇒ TaintTracer constructor

  A new instance of TaintTracer.

Methods inherited from Proxy

#call, #function?, function?, #js_object, mutex, #respond_to?

Constructor Details

#initialize(javascript) ⇒ TaintTracer

Returns a new instance of TaintTracer.

Parameters:

• javascript (Javascript) —

  Active Arachni::Browser::Javascript interface.

# File 'lib/arachni/browser/javascript/taint_tracer.rb', line 26

def initialize( javascript )
    super javascript, 'TaintTracer'
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method in the class Arachni::Browser::Javascript::Proxy

Instance Method Details

#class ⇒ Object

# File 'lib/arachni/browser/javascript/taint_tracer.rb', line 67

def class
    TaintTracer
end

#data_flow_sinks ⇒ Array<Sink::DataFlow>

Returns JS data flow sink data.

Returns:

• (Array<Sink::DataFlow>) —

  JS data flow sink data.

# File 'lib/arachni/browser/javascript/taint_tracer.rb', line 30

#debugging_data ⇒ Array<Sink::ExecutionFlow>

Returns JS debugging information.

Returns:

• (Array<Sink::ExecutionFlow>) —

  JS debugging information.

# File 'lib/arachni/browser/javascript/taint_tracer.rb', line 46

#execution_flow_sinks ⇒ Array<Sink::ExecutionFlow>

Returns JS execution flow sink data.

Returns:

• (Array<Sink::ExecutionFlow>) —

  JS execution flow sink data.

# File 'lib/arachni/browser/javascript/taint_tracer.rb', line 51

#flush_data_flow_sinks ⇒ Array<Sink::DataFlow>

Returns and clears #data_flow_sinks.

Returns:

• (Array<Sink::DataFlow>) —

  Returns and clears #data_flow_sinks.

# File 'lib/arachni/browser/javascript/taint_tracer.rb', line 40

%w(data_flow_sinks flush_data_flow_sinks).each do |m|
    define_method m do
        prepare_data_flow_sink_data call( m )
    end
end

#flush_execution_flow_sinks ⇒ Array<Sink::ExecutionFlow>

Returns and clears #execution_flow_sinks.

Returns:

• (Array<Sink::ExecutionFlow>) —

  Returns and clears #execution_flow_sinks.

# File 'lib/arachni/browser/javascript/taint_tracer.rb', line 61

%w(debugging_data execution_flow_sinks flush_execution_flow_sinks).each do |m|
    define_method m do
        prepare_execution_flow_sink_data call( m )
    end
end