Class: Arachni::Framework

Inherits:
Object show all
Includes:
Parts::Audit, Parts::Browser, Parts::Check, Parts::Data, Parts::Platform, Parts::Plugin, Parts::Report, Parts::Scope, Parts::State, UI::Output, Utilities
Defined in:
lib/arachni/framework.rb,
lib/arachni/framework/parts/data.rb,
lib/arachni/framework/parts/audit.rb,
lib/arachni/framework/parts/check.rb,
lib/arachni/framework/parts/scope.rb,
lib/arachni/framework/parts/state.rb,
lib/arachni/framework/parts/plugin.rb,
lib/arachni/framework/parts/report.rb,
lib/arachni/framework/parts/browser.rb,
lib/arachni/framework/parts/platform.rb

Overview

The Framework class ties together all the subsystems.

It's the brains of the operation, it bosses the rest of the subsystems around. It loads checks, reports and plugins and runs them according to user options.

Author:

  • Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>

Direct Known Subclasses

RPC::Server::Framework

Defined Under Namespace

Modules: Parts Classes: Error

Constant Summary collapse

AUDIT_PAGE_MAX_TRIES =

How many times to request a page upon failure.

5

Instance Attribute Summary collapse

Attributes included from Parts::Audit

#failures, #http, #session, #trainer

Attributes included from Parts::Check

#checks

Attributes included from Parts::Plugin

#plugins

Attributes included from Parts::Report

#reporters

Instance Method Summary collapse

Methods included from Parts::State

#abort, #abort?, #aborted?, #aborting?, #clean_up, #done?, included, #pause, #pause?, #paused?, #pausing?, #reset, #reset_trainer, #restore, #resume, #running?, #scanning?, #snapshot_path, #state, #status, #status_messages, #suspend, #suspend?, #suspended?

Methods included from Parts::Data

#data, #page_queue_total_size, #push_to_page_queue, #push_to_url_queue, #sitemap, #url_queue_total_size

Methods included from Parts::Audit

#after_page_audit, #audit_page, #on_effective_page_audit, #on_page_audit

Methods included from Support::Mixins::Observable

included

Methods included from Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Methods included from UI::Output

#debug?, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #included, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #unmute, #verbose?, #verbose_on

Methods included from Parts::Platform

#list_platforms

Methods included from Parts::Check

#list_checks

Methods included from Parts::Plugin

#list_plugins

Methods included from Parts::Report

#list_reporters, #report, #report_as

Methods included from Parts::Browser

#browser_cluster, #browser_cluster_job_skip_states, #host_has_browser?, #use_browsers?, #wait_for_browser_cluster?

Methods included from Parts::Scope

#accepts_more_pages?, #crawl?, #page_limit_reached?

Constructor Details

#initialize(options = Options.instance, &block) ⇒ Framework

Returns a new instance of Framework.

Parameters:



84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# File 'lib/arachni/framework.rb', line 84

def initialize( options = Options.instance, &block )
    Encoding.default_external = 'BINARY'
    Encoding.default_internal = 'BINARY'

    @options = options

    # Initialize the Parts.
    super()

    # Little helper to run a piece of code and reset the framework to be
    # ready to be reused.
    if block_given?
        begin
            block.call self
        ensure
            clean_up
            reset
        end
    end
end

Instance Attribute Details

#optionsOptions (readonly)

Returns System options.

Returns:



79
80
81
# File 'lib/arachni/framework.rb', line 79

def options
  @options
end

Instance Method Details

#inspectObject



151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
# File 'lib/arachni/framework.rb', line 151

def inspect
    stats = statistics

    s = "#<#{self.class} (#{status}) "

    s << "runtime=#{stats[:runtime]} "
    s << "found-pages=#{stats[:found_pages]} "
    s << "audited-pages=#{stats[:audited_pages]} "
    s << "issues=#{Data.issues.size} "

    if @current_url
        s << "current_url=#{@current_url.inspect} "
    end

    s << "checks=#{@checks.keys.join(',')} "
    s << "plugins=#{@plugins.keys.join(',')}"
    s << '>'
end

#run(&block) ⇒ Object

Starts the scan.

Parameters:



109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# File 'lib/arachni/framework.rb', line 109

def run( &block )
    prepare
    handle_signals
    return if aborted?

    # Catch exceptions so that if something breaks down or the user opted to
    # exit the reporters will still run with whatever results Arachni managed
    # to gather.
    exception_jail( false ){ audit }

    return if aborted? || suspended?

    clean_up
    exception_jail( false ){ block.call } if block_given?
    state.status = :done

    true
end

#statisticsHash

Returns Framework statistics:

Returns:



140
141
142
143
144
145
146
147
148
149
# File 'lib/arachni/framework.rb', line 140

def statistics
    {
        http:            http.statistics,
        browser_cluster: BrowserCluster.statistics,
        runtime:         @start_datetime ? Time.now - @start_datetime : 0,
        found_pages:     sitemap.size,
        audited_pages:   state.audited_page_count,
        current_page:    @current_url
    }
end

#versionString

Returns the version of the framework.

Returns:

  • (String)

    Returns the version of the framework.



172
173
174
# File 'lib/arachni/framework.rb', line 172

def version
    Arachni::VERSION
end