class Rex::Parser::WapitiDocument

Public Instance Methods

end_element(name=nil) click to toggle source
# File lib/rex/parser/wapiti_nokogiri.rb, line 37
def end_element(name=nil)
  block = @block
  case name
  when "timestamp"
    @state[:timestamp] = @text.strip
    @text = nil
  when "url"
    @state[:url] = @text.strip
    @text = nil
  when "addr"
    @state[:host] = @text.strip
    @text = nil
  when "port"
    @state[:port] = @text.strip
    @text = nil
  when "parameter"
    @state[:parameter] = @text.strip
    @text = nil
  when "info"
    @state[:info] = @text.strip
    @text = nil
  when "bug"
    report_vuln
  end
end
report_vuln(&block) click to toggle source
# File lib/rex/parser/wapiti_nokogiri.rb, line 63
def report_vuln(&block)
  proto = @state[:url].split(":")[0]
  path = '/' + (@state[:url].split("/")[3..(@state[:url].split("/").length - 1)].join('/'))

  web_vuln_info = {}
  web_vuln_info[:web_site] = proto + "://" + @state[:host] + ":" + @state[:port]
  web_vuln_info[:path] = path
  web_vuln_info[:query] = @state[:url].split("?")[1]

  #if the URL contains the parameter found to be vulnerable, it is probably a GET
  #if it does not contains the parameter, it is probably a POST
  if @state[:url].index(@state[:parameter])
    web_vuln_info[:method] = "GET"
  else
    web_vuln_info[:method] = "POST"
  end

  @state[:parameter].split("&").each do |param|
    if param.index("%27") #apostrophe
      web_vuln_info[:pname] = param.split('=')[0] #sql injection
      break
    elsif param.index("alert")
      web_vuln_info[:pname] = param.split('=')[0] #xss
    end
  end

  web_vuln_info[:host] = @state[:host]
  web_vuln_info[:port] = @state[:port]
  web_vuln_info[:ssl] = (proto =~ /https/)
  web_vuln_info[:proof] = ""
  web_vuln_info[:risk] = ""
  web_vuln_info[:params] = @state[:parameter]
  web_vuln_info[:category] = "imported"
  web_vuln_info[:confidence] = 90
  web_vuln_info[:name] = @state[:info]

  db.emit(:web_vuln, web_vuln_info[:name], &block) if block
  vuln = db_report(:web_vuln, web_vuln_info)
end
start_element(name=nil,attrs=[]) click to toggle source
# File lib/rex/parser/wapiti_nokogiri.rb, line 10
def start_element(name=nil,attrs=[])
  attrs = normalize_attrs(attrs)
  block = @block
  @state[:current_tag][name] = true

  case name
  when "timestamp"
    @state[:has_text] = true
  when "url"
    @state[:has_text] = true
  when "addr"
    @state[:has_text] = true
  when "port"
    @state[:has_text] = true
  when "parameter"
    @state[:has_text] = true
  when "info"
    @state[:has_text] = true
  when "description"
    @state[:has_text] = true
  when "solution"
    @state[:has_text] = true
  when "title"
    @state[:has_text] = true
  end
end