module Arachni::Element::Cookie::Capabilities::Mutable
Extends {Arachni::Element::Capabilities::Mutable} with {Cookie}-specific functionality.
@author Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>
Public Instance Methods
each_extensive_mutation( mutation ) { |c| ... }
click to toggle source
# File lib/arachni/element/cookie/capabilities/mutable.rb, line 75 def each_extensive_mutation( mutation ) return if orphan? (auditor.page.links | auditor.page.forms).each do |e| next if e.inputs.empty? c = e.dup c.affected_input_name = "Mutation for the '#{name}' cookie" c.auditor = auditor c.audit_options[:submit] ||= {} c.audit_options[:submit][:cookies] = mutation.inputs.dup c.inputs = Arachni::Options.input.fill( c.inputs.dup ) yield c end end
each_mutation( payload, options = {} ) { |element| ... }
click to toggle source
Overrides {Arachni::Element::Capabilities::Mutable#each_mutation} to handle cookie-specific limitations and the {Arachni::OptionGroups::Audit#cookies_extensively} option.
@param (see Arachni::Element::Capabilities::Mutable#each_mutation
) @return (see Arachni::Element::Capabilities::Mutable#each_mutation
) @yield (see Arachni::Element::Capabilities::Mutable#each_mutation
) @yieldparam (see Arachni::Element::Capabilities::Mutable#each_mutation
)
@see Arachni::Element::Capabilities::Mutable#each_mutation
Calls superclass method
Arachni::Element::Capabilities::Mutable#each_mutation
# File lib/arachni/element/cookie/capabilities/mutable.rb, line 29 def each_mutation( payload, options = {}, &block ) options = prepare_mutation_options( options ) parameter_names = options.delete( :parameter_names ) with_extra_parameter = options.delete( :with_extra_parameter ) extensively = options[:extensively] extensively = Arachni::Options.audit.cookies_extensively? if extensively.nil? super( payload, options ) do |element| yield element next if !extensively element.each_extensive_mutation( element, &block ) end if with_extra_parameter if valid_input_name?( EXTRA_NAME ) each_formatted_payload( payload, options[:format] ) do |format, formatted_payload| element = self.dup element.affected_input_name = EXTRA_NAME element.inputs = { EXTRA_NAME => formatted_payload } element.format = format yield element if block_given? end else print_debug_level_2 'Extra name not supported as input name by' << " #{audit_id}: #{payload.inspect}" end end if parameter_names if valid_input_name_data?( payload ) element = self.dup element.affected_input_name = FUZZ_NAME element.inputs = { payload => FUZZ_NAME_VALUE } element.seed = payload yield element if block_given? else print_debug_level_2 'Payload not supported as input name by' << " #{audit_id}: #{payload.inspect}" end end nil end
Private Instance Methods
prepare_mutation_options( options )
click to toggle source
Calls superclass method
Arachni::Element::Capabilities::Mutable#prepare_mutation_options
# File lib/arachni/element/cookie/capabilities/mutable.rb, line 94 def prepare_mutation_options( options ) options = super( options ) options.delete( :with_raw_payloads ) options end