Sha256: 6815e1cb85f07a61923ee147a843aaed250a5f6811ec3195ddd62db4b31b4830
Contents?: true
Size: 1.45 KB
Versions: 3
Compression:
Stored size: 1.45 KB
Contents
=begin
Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
This file is part of the Arachni Framework project and is subject to
redistribution and commercial restrictions. Please see the Arachni Framework
web site for more information on licensing and terms of use.
=end
# Looks for HTML "object" tags.
#
# @author Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
# @version 0.1.3
class Arachni::Checks::HtmlObjects < Arachni::Check::Base
def self.regexp
@regexp ||= /<object(?:.*?)>(?:.*?)<\/object>/im
end
def run
match_and_log( self.class.regexp ) { |m| m && !m.empty? }
end
def self.info
description = %q{Logs the existence of HTML object tags.
Since Arachni can't execute things like Java Applets and Flash
this serves as a heads-up to the penetration tester to review
the objects in question using a different method.}
{
name: 'HTML objects',
description: description,
elements: [ Element::Body ],
author: 'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
version: '0.1.3',
issue: {
name: %q{HTML object},
cwe: 200,
description: description,
severity: Severity::INFORMATIONAL
},
max_issues: 25
}
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| arachni-1.2.1 | components/checks/passive/grep/html_objects.rb |
| arachni-1.2 | components/checks/passive/grep/html_objects.rb |
| arachni-1.1 | components/checks/passive/grep/html_objects.rb |