Sha256: 028161f9a04ea0c3345ddd3679c48d6a71945e2de89d1aeebefa163c2906ed39
Contents?: true
Size: 1.73 KB
Versions: 7
Compression:
Stored size: 1.73 KB
Contents
=begin
Copyright 2010-2013 Tasos Laskos <tasos.laskos@gmail.com>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
=end
module Arachni
module Platform::Fingerprinters
#
# Identifies ASPX resources.
#
# @author Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
#
# @version 0.1
#
class ASPX < Platform::Fingerprinter
EXTENSION = 'aspx'
SESSION_COOKIE = 'asp.net_sessionid'
X_POWERED_BY = 'asp.net'
VIEWSTATE = 'viewstate'
HEADER_FIELDS = %w(x-aspnet-version x-aspnetmvc-version)
def run
if extension == EXTENSION ||
# Session ID in URL, like:
# http://blah.com/(S(yn5cby55lgzstcen0ng2b4iq))/stuff.aspx
uri.path =~ /\/\(s\([a-z0-9]+\)\)\//i ||
cookies.include?( SESSION_COOKIE )
return update_platforms
end
page.forms.each do |form|
form.auditable.each do |k, v|
return update_platforms if k.downcase.include? VIEWSTATE
end
end
if server_or_powered_by_include?( X_POWERED_BY ) ||
(headers.keys & HEADER_FIELDS).any?
update_platforms
end
end
def update_platforms
platforms << :asp << :aspx << :windows
end
end
end
end
Version data entries
7 entries across 7 versions & 1 rubygems