class API_Fuzzer::XxeCheck
Public Class Methods
scan(options = {})
click to toggle source
# File lib/API_Fuzzer/xxe_check.rb, line 8 def self.scan(options = {}) @url = options[:url] || nil @params = options[:params] @scan_hash = options[:scan] @cookies = options[:cookies] || {} @headers = options[:headers] || {} fuzz_xml_params end
Private Class Methods
fuzz_xml_params()
click to toggle source
# File lib/API_Fuzzer/xxe_check.rb, line 19 def self.fuzz_xml_params return unless @params body = params_serialize.gsub(/\>\s*[a-zA-Z0-9]*\s*\<\//, '>&xxe;<') payload = <<-XXEPAYLOAD <!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM "http://127.0.0.1:3000/ping/#{@scan_hash}" >]> XXEPAYLOAD payload << body API_Fuzzer::Request.send_api_request( url: @url, params: payload, body: true, method: :post, headers: @headers, cookies: @cookies ) end
params_serialize()
click to toggle source
# File lib/API_Fuzzer/xxe_check.rb, line 39 def self.params_serialize body = [] @params.keys.each do |key, value| body << "#{key}=#{value}" end body.join('&') end