class API_Fuzzer::CsrfCheck

Constants

VALID_CSRF_HEADERS
VALID_CSRF_PARAMS

Public Class Methods

fuzz_csrf() click to toggle source
# File lib/API_Fuzzer/csrf_check.rb, line 25
def fuzz_csrf
  @vulnerabilities << API_Fuzzer::Vulnerability.new(
    type: 'MEDIUM',
    value: 'No Cross-site request forgery protection found in API',
    description: "Cross-site request forgery vulnerability in GET #{@url}"
  ) if @methods.map(&:downcase).include?(:get)
end
scan(options = {}) click to toggle source
# File lib/API_Fuzzer/csrf_check.rb, line 10
def scan(options = {})
  @url = options[:url] || nil
  @params = options[:params] || {}
  @cookies = options[:cookies] || {}
  @methods = options[:method] || [:get]
  @headers = options[:headers] || {}
  @json = options[:json] || false
  @vulnerabilities = []

  fuzz_csrf
  @vulnerabilities.uniq { |vuln| vuln.description }
rescue Exception => e
  Rails.logger.info e.message
end
validate_csrf() click to toggle source
# File lib/API_Fuzzer/csrf_check.rb, line 33
def validate_csrf
  params = @params
  headers = request.headers
  matched_headers = headers.keys.select { |header| VALID_CSRF_HEADERS.any? { |exp| header.match(exp) } }
  matched_param = params.keys.select { |param| VALID_CSRF_PARAMS.any? { |exp| param.match(exp) } }
end