class Arachni::Browser::Javascript::TaintTracer
Provides access to the ‘TaintTracer` JS interface, with extra Ruby-side functionality to format results of functions that return sink data.
@author Tasos “Zapotek” Laskos <tasos.laskos@arachni-scanner.com>
Public Class Methods
new( javascript )
click to toggle source
@param [Javascript] javascript
Active {Javascript} interface.
Calls superclass method
Arachni::Browser::Javascript::Proxy::new
# File lib/arachni/browser/javascript/taint_tracer.rb, line 26 def initialize( javascript ) super javascript, 'TaintTracer' end
Public Instance Methods
class()
click to toggle source
# File lib/arachni/browser/javascript/taint_tracer.rb, line 67 def class TaintTracer end
Private Instance Methods
prepare_data_flow_sink_data( data )
click to toggle source
# File lib/arachni/browser/javascript/taint_tracer.rb, line 73 def prepare_data_flow_sink_data( data ) return {} if !data data.inject({}) do |h, (taint, entries)| h.merge!( taint => (entries.map do |entry| Sink::DataFlow.new( (entry['data'] || {}).my_symbolize_keys( false ).merge( trace: [entry['trace']].flatten.compact. map { |dh| Frame.new dh.my_symbolize_keys( false ) } ) ) end) ) end end
prepare_execution_flow_sink_data( data )
click to toggle source
# File lib/arachni/browser/javascript/taint_tracer.rb, line 89 def prepare_execution_flow_sink_data( data ) return [] if !data data.map do |entry| Sink::ExecutionFlow.new( entry.merge( trace: [entry['trace']].flatten.compact. map { |h| Frame.new h.my_symbolize_keys( false ) } ) ) end end