Class: Arachni::Trainer

Inherits:
Object show all
Includes:
Support::Mixins::Observable, UI::Output, Utilities
Defined in:
lib/arachni/trainer.rb

Overview

Trainer class

Analyzes key HTTP responses looking for new auditable elements.

Author:

  • Tasos Laskos <tasos.laskos@arachni-scanner.com>

Constant Summary collapse

MAX_TRAININGS_PER_URL = 
25

Instance Method Summary collapse

Methods included from Support::Mixins::Observable

included

Methods included from Utilities

#available_port, available_port_mutex, #bytes_to_kilobytes, #bytes_to_megabytes, #caller_name, #caller_path, #cookie_decode, #cookie_encode, #cookies_from_file, #cookies_from_parser, #cookies_from_response, #exception_jail, #exclude_path?, #follow_protocol?, #form_decode, #form_encode, #forms_from_parser, #forms_from_response, #full_and_absolute_url?, #generate_token, #get_path, #hms_to_seconds, #html_decode, #html_encode, #include_path?, #links_from_parser, #links_from_response, #normalize_url, #page_from_response, #page_from_url, #parse_set_cookie, #path_in_domain?, #path_too_deep?, #port_available?, #rand_port, #random_seed, #redundant_path?, #regexp_array_match, #remove_constants, #request_parse_body, #seconds_to_hms, #skip_page?, #skip_path?, #skip_resource?, #skip_response?, #to_absolute, #uri_decode, #uri_encode, #uri_parse, #uri_parse_query, #uri_parser, #uri_rewrite

Methods included from UI::Output

#debug?, #debug_level_1?, #debug_level_2?, #debug_level_3?, #debug_level_4?, #debug_off, #debug_on, #disable_only_positives, #included, #mute, #muted?, #only_positives, #only_positives?, #print_bad, #print_debug, #print_debug_backtrace, #print_debug_level_1, #print_debug_level_2, #print_debug_level_3, #print_debug_level_4, #print_error, #print_error_backtrace, #print_exception, #print_info, #print_line, #print_ok, #print_status, #print_verbose, #reroute_to_file, #reroute_to_file?, reset_output_options, #unmute, #verbose?, #verbose_on

Constructor Details

#initialize(framework) ⇒ Trainer

Returns a new instance of Trainer.

Parameters:



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/arachni/trainer.rb', line 31

def initialize( framework )
    super()

    @framework  = framework
    @updated    = false

    @seen_pages = Support::LookUp::HashSet.new

    @trainings_per_url = Hash.new( 0 )

    # get us setup using the page that is being audited as a seed page
    framework.on_page_audit { |page| self.page = page }

    framework.http.on_complete do |response|
        next if response.request.buffered? || !response.request.train?

        if response.redirect?
            reference_url = @page ? @page.url : @framework.options.url
            redirect_url  = to_absolute( response.headers.location, reference_url )

            framework.http.get( redirect_url ) { |res| push res }
            next
        end

        next if response.request.buffered?

        push response
    end
end

Instance Method Details

#on_new_page(&block) ⇒ Object 



24
 
# File 'lib/arachni/trainer.rb', line 24

advertise :on_new_page

#page=(page) ⇒ Object

Sets the current working page and updates the ElementFilter.

Parameters:



88
89
90
91
 
# File 'lib/arachni/trainer.rb', line 88

def page=( page )
    ElementFilter.update_from_page page
    @page = page
end

#push(response) ⇒ Object

Passes the response on for analysis.

If the response contains new elements it creates a new page with those elements and pushes it a buffer.

These new pages can then be retrieved by flushing the buffer (#flush).

Parameters:



69
70
71
72
73
74
75
76
77
78
79
80
81
82
 
# File 'lib/arachni/trainer.rb', line 69

def push( response )
    if !@page
        print_debug 'No seed page assigned yet.'
        return
    end

    return if !analyze_response?( response )

    analyze response
    true
rescue => e
    print_exception e
    nil
end