public class ScriptsActiveScanner extends AbstractAppParamPlugin
AbstractPlugin.AlertBuilder
Plugin.AlertThreshold, Plugin.AttackStrength
CRLF, PATTERN_PARAM
Constructor and Description |
---|
ScriptsActiveScanner() |
Modifier and Type | Method and Description |
---|---|
int |
getCategory()
Gets the category of this scanner.
|
int |
getCweId()
Gets the CWE ID of the issue(s) raised by the scanner.
|
String[] |
getDependency()
Returns no dependencies by default.
|
String |
getDescription()
Default description of this plugin.
|
int |
getId()
Unique Paros ID of this plugin.
|
String |
getName()
Plugin name.
|
String |
getReference()
Reference document provided by this plugin.
|
int |
getRisk()
Gets the highest risk level of the alerts raised by the plugin.
|
String |
getSolution()
Default solution returned by this plugin.
|
int |
getWascId()
Gets the WASC ID of the issue(s) raised by the scanner.
|
void |
init()
Finishes the initialisation of the plugin, subclasses should add any initialisation
logic/code to this method.
|
boolean |
isPage200(HttpMessage msg)
Tells whether or not the message matches
CustomPage.Type.OK_200 definitions. |
boolean |
isPage404(HttpMessage msg)
Tells whether or not the message matches a
CustomPage.Type.NOTFOUND_404 definition. |
boolean |
isPage500(HttpMessage msg)
Tells whether or not the message matches
CustomPage.Type.ERROR_500 definitions. |
boolean |
isPageOther(HttpMessage msg)
Tells whether or not the message matches
CustomPage.Type.OTHER definitions. |
boolean |
isStop()
Check if this test should be stopped.
|
AbstractPlugin.AlertBuilder |
newAlert()
Returns a new alert builder.
|
void |
raiseAlert(int risk,
int confidence,
String name,
String description,
String uri,
String param,
String attack,
String otherInfo,
String solution,
String evidence,
int cweId,
int wascId,
HttpMessage msg)
Deprecated.
(2.9.0) Use
newAlert() to build and raise
alerts. |
void |
raiseAlert(int risk,
int confidence,
String name,
String description,
String uri,
String param,
String attack,
String otherInfo,
String solution,
String evidence,
String reference,
int cweId,
int wascId,
HttpMessage msg)
Deprecated.
(2.9.0) Use
newAlert() to build and raise
alerts. |
void |
scan()
Scans the target server using the message previously set during initialisation.
|
void |
scan(HttpMessage msg,
String param,
String value)
Plugin method that need to be implemented for the specific test.
|
void |
sendAndReceive(HttpMessage msg)
Sends and receives the given
message , always following redirections. |
void |
sendAndReceive(HttpMessage msg,
boolean isFollowRedirect)
Sends and receives the given
message , optionally following redirections. |
void |
sendAndReceive(HttpMessage msg,
boolean isFollowRedirect,
boolean handleAntiCSRF)
Sends and receives the given
message , optionally following redirections and
optionally regenerating anti-CSRF token, if any. |
String |
setParam(HttpMessage msg,
String param,
String value) |
getBuilder, scan, scan, setEscapedParameter, setParameter, setParameters
notifyPluginCompleted
bingo, bingo, bingo, bingo, bingo, bingo, cloneInto, compareTo, createParamIfNotExist, equals, getAlertTags, getAlertThreshold, getAlertThreshold, getAlertThresholdsSupported, getAttackStrength, getAttackStrength, getAttackStrengthsSupported, getBaseMsg, getCodeName, getConfig, getDelayInMs, getHTMLEncode, getKb, getLog, getLogger, getNewMsg, getParent, getProperty, getStatus, getTechSet, getTimeFinished, getTimeStarted, getURLDecode, getURLEncode, hashCode, init, inScope, isAnyInScope, isClientError, isDepreciated, isEnabled, isFileExist, isServerError, isSuccess, isVisible, loadFrom, matchBodyPattern, matchHeaderPattern, run, saveTo, setAlertThreshold, setAttackStrength, setConfig, setDefaultAlertThreshold, setDefaultAttackStrength, setDelayInMs, setEnabled, setProperty, setStatus, setTechSet, setTimeFinished, setTimeStarted, stripOff, targets, writeProgress
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
getExampleAlerts
public int getId()
Plugin
public String getName()
Plugin
public String[] getDependency()
AbstractPlugin
getDependency
in interface Plugin
getDependency
in class AbstractPlugin
public String getDescription()
Plugin
public int getCategory()
Plugin
Category
public String getSolution()
Plugin
public String getReference()
Plugin
public void init()
AbstractPlugin
Called after the plugin has been initialised with the message being scanned. By default it does nothing.
Since 2.5.0 it is no longer abstract.
init
in class AbstractPlugin
AbstractPlugin.init(HttpMessage, HostProcess)
public void scan()
Plugin
scan
in interface Plugin
scan
in class AbstractAppParamPlugin
Plugin.init(HttpMessage, HostProcess)
public void scan(HttpMessage msg, String param, String value)
AbstractAppParamPlugin
scan
in class AbstractAppParamPlugin
msg
- a copy of the HTTP message currently under scanningparam
- the name of the parameter under testingvalue
- the clean value (no escaping is needed)public boolean isStop()
AbstractPlugin
isStop
in class AbstractPlugin
true
if the scanner should stop, false
otherwisepublic String setParam(HttpMessage msg, String param, String value)
public void sendAndReceive(HttpMessage msg) throws org.apache.commons.httpclient.HttpException, IOException
AbstractPlugin
message
, always following redirections.
The following changes are made to the request before being sent:
HttpHeader.IF_MODIFIED_SINCE
and HttpHeader.IF_NONE_MATCH
are removed, to always obtain a fresh response;
HttpHeader.CONTENT_LENGTH
is updated, to match the length of the
request body.
HttpSenderListener
(for example, scripts).
sendAndReceive
in class AbstractPlugin
msg
- the message to be sent and receivedorg.apache.commons.httpclient.HttpException
- if a HTTP error occurredIOException
- if an I/O error occurred (for example, read time out)AbstractPlugin.sendAndReceive(HttpMessage, boolean)
,
AbstractPlugin.sendAndReceive(HttpMessage, boolean, boolean)
public void sendAndReceive(HttpMessage msg, boolean isFollowRedirect) throws org.apache.commons.httpclient.HttpException, IOException
AbstractPlugin
message
, optionally following redirections.
The following changes are made to the request before being sent:
HttpHeader.IF_MODIFIED_SINCE
and HttpHeader.IF_NONE_MATCH
are removed, to always obtain a fresh response;
HttpHeader.CONTENT_LENGTH
is updated, to match the length of the
request body.
HttpSenderListener
(for example, scripts).
sendAndReceive
in class AbstractPlugin
msg
- the message to be sent and receivedisFollowRedirect
- true
if redirections should be followed, false
otherwiseorg.apache.commons.httpclient.HttpException
- if a HTTP error occurredIOException
- if an I/O error occurred (for example, read time out)AbstractPlugin.sendAndReceive(HttpMessage)
,
AbstractPlugin.sendAndReceive(HttpMessage, boolean, boolean)
public void sendAndReceive(HttpMessage msg, boolean isFollowRedirect, boolean handleAntiCSRF) throws org.apache.commons.httpclient.HttpException, IOException
AbstractPlugin
message
, optionally following redirections and
optionally regenerating anti-CSRF token, if any.
The following changes are made to the request before being sent:
HttpHeader.IF_MODIFIED_SINCE
and HttpHeader.IF_NONE_MATCH
are removed, to always obtain a fresh response;
HttpHeader.CONTENT_LENGTH
is updated, to match the length of the
request body.
HttpSenderListener
(for example, scripts).
sendAndReceive
in class AbstractPlugin
msg
- the message to be sent and receivedisFollowRedirect
- true
if redirections should be followed, false
otherwisehandleAntiCSRF
- true
if the anti-CSRF token present in the request should be
handled/regenerated, false
otherwiseorg.apache.commons.httpclient.HttpException
- if a HTTP error occurredIOException
- if an I/O error occurred (for example, read time out)AbstractPlugin.sendAndReceive(HttpMessage)
,
AbstractPlugin.sendAndReceive(HttpMessage, boolean)
public AbstractPlugin.AlertBuilder newAlert()
AbstractPlugin
By default the alert builder sets the following fields of the alert:
Plugin.getId()
Plugin.getName()
AbstractPlugin.getRisk()
Plugin.getDescription()
Plugin.getSolution()
Plugin.getReference()
AbstractPlugin.getCweId()
AbstractPlugin.getWascId()
AbstractPlugin.getAlertTags()
newAlert
in class AbstractPlugin
@Deprecated public void raiseAlert(int risk, int confidence, String name, String description, String uri, String param, String attack, String otherInfo, String solution, String evidence, int cweId, int wascId, HttpMessage msg)
newAlert()
to build and raise
alerts.@Deprecated public void raiseAlert(int risk, int confidence, String name, String description, String uri, String param, String attack, String otherInfo, String solution, String evidence, String reference, int cweId, int wascId, HttpMessage msg)
newAlert()
to build and raise
alerts.public int getRisk()
Plugin
getRisk
in interface Plugin
getRisk
in class AbstractPlugin
Alert.RISK_HIGH
,
Alert.RISK_MEDIUM
,
Alert.RISK_LOW
,
Alert.RISK_INFO
public int getCweId()
Plugin
getCweId
in interface Plugin
getCweId
in class AbstractPlugin
public int getWascId()
Plugin
getWascId
in interface Plugin
getWascId
in class AbstractPlugin
public boolean isPage200(HttpMessage msg)
AbstractPlugin
CustomPage.Type.OK_200
definitions. Falls
back to use Analyser
which analyzes specific behavior and status codes. Checks if the
message matches CustomPage.Type.ERROR_500
or CusotmPage.Type.NOTFOUND_404
first, in case the user is trying to override something.isPage200
in class AbstractPlugin
msg
- the message that will be checkedtrue
if the message matches, false
otherwisepublic boolean isPage404(HttpMessage msg)
AbstractPlugin
CustomPage.Type.NOTFOUND_404
definition.
Falls back to Analyser
. Checks if the message matches CustomPage.Type.OK_200
or CustomPage.Type.ERROR_500
first, in case the user is trying to override something.isPage404
in class AbstractPlugin
msg
- the message that will be checkedtrue
if the message matches, false
otherwisepublic boolean isPage500(HttpMessage msg)
AbstractPlugin
CustomPage.Type.ERROR_500
definitions. Falls
back to simply checking the response status code for "500 - Internal Server Error". Checks if
the message matches CustomPage.Type.OK_200
or CusotmPage.Type.NOTFOUND_404
first, in case the user is trying to override something.isPage500
in class AbstractPlugin
msg
- the message that will be checkedtrue
if the message matches, false
otherwisepublic boolean isPageOther(HttpMessage msg)
AbstractPlugin
CustomPage.Type.OTHER
definitions.isPageOther
in class AbstractPlugin
msg
- the message that will be checkedtrue
if the message matches, false
otherwise