=begin Arachni Copyright (c) 2010-2012 Tasos "Zapotek" Laskos This is free software; you can copy and distribute and modify this program under the term of the GPL v2.0 License (See LICENSE file for details) =end module Arachni module Modules # # Unvalidated redirect audit module. # # It audits links, forms and cookies, injects URLs and checks # the Location header field to determnine whether the attack was successful. # # # @author: Tasos "Zapotek" Laskos # # # @version: 0.1.3 # # @see http://www.owasp.org/index.php/Top_10_2010-A10-Unvalidated_Redirects_and_Forwards # class UnvalidatedRedirect < Arachni::Module::Base def run [ 'www.arachni-boogie-woogie.com', 'http://www.arachni-boogie-woogie.com', ].each { |url| audit( url ) { |res, opts| log( opts, res ) if( res.headers_hash['Location'] == url ) } } end def self.info { :name => 'UnvalidatedRedirect', :description => %q{Injects URLs and checks the Location header field to determnine whether the attack was successful.}, :elements => [ Issue::Element::FORM, Issue::Element::LINK, Issue::Element::COOKIE, Issue::Element::HEADER ], :author => 'Tasos "Zapotek" Laskos ', :version => '0.1.3', :references => { 'OWASP Top 10 2010' => 'http://www.owasp.org/index.php/Top_10_2010-A10-Unvalidated_Redirects_and_Forwards' }, :targets => { 'Generic' => 'all' }, :issue => { :name => %q{Unvalidated redirect}, :description => %q{The web application redirects users to unvalidated URLs.}, :tags => [ 'unvalidated', 'redirect', 'injection', 'header', 'location' ], :cwe => '819', :severity => Issue::Severity::MEDIUM, :cvssv2 => '', :remedy_guidance => '', :remedy_code => '', } } end end end end