class Pentest::Payload

Attributes

injection[RW]
params[RW]
penetration_confidence[RW]
penetration_message[RW]
penetration_type[RW]
values[RW]

Public Class Methods

new(data = {}) click to toggle source
# File lib/pentest/payload.rb, line 7
def initialize(data = {})
  @route = data.fetch(:route)
  @params = data.fetch(:params, [])
  @values = data.fetch(:values, [])
  @injection = data.fetch(:injection, '')
  @injection_point = data.fetch(:injection_point, nil)

  @penetration_confidence = nil
  @penetration_message = nil
  @penetration_type = nil
end

Public Instance Methods

params_hash() click to toggle source
# File lib/pentest/payload.rb, line 19
def params_hash
  @params.zip(@values).to_h
end
to_s(index) click to toggle source
# File lib/pentest/payload.rb, line 23
def to_s(index)
  path_parameters = {}
  query_parameters = []

  vulnerability_name = @penetration_type.upcase
  if @penetration_confidence == :preattack
    vulnerability_name = "POSSIBLE #{vulnerability_name}"
  end

  lines = []

  lines << Term::ANSIColor.red("#{index + 1}. #{vulnerability_name} FOUND")

  lines << ''

  lines << '=== Payload ==='

  params_hash.each_with_index do |(param, value), index|
    if @route.required_parts.include? param[0]
      path_parameters[param[0]] = value
    else
      if @injection_point == index
        if @penetration_confidence == :attack
          query_parameters << [param, Term::ANSIColor.red(URI.encode(@injection))]
        else
          query_parameters << [param, Term::ANSIColor.red('[malicious payload]')]
        end
      else
        query_parameters << [param, URI.encode(value)]
      end
    end
  end

  lines << "#{@route.verb} #{@route.format(path_parameters)}"

  query_parameters.each_with_index do |(param, value), index|
    key = if param.size == 1
      param[0]
    else
      "#{param[0]}[#{param[1]}]"
    end

    lines << "#{' ' * @route.verb.size} #{index == 0 ? '?' : '&'}#{key}=#{value}"
  end

  lines << ''

  lines << '=== Proof of Penetration ==='
  lines << @penetration_message

  lines.join("\n")
end