ldap_injection.rb in arachni-1.4

- old
+ new

@@ -1,17 +1,16 @@
 =begin
-    Copyright 2010-2015 Tasos Laskos <tasos.laskos@arachni-scanner.com>
+    Copyright 2010-2016 Tasos Laskos <tasos.laskos@arachni-scanner.com>
 
     This file is part of the Arachni Framework project and is subject to
     redistribution and commercial restrictions. Please see the Arachni Framework
     web site for more information on licensing and terms of use.
 =end
 
 # LDAP injection check.
 #
 # @author Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
-# @version 0.1.3
 #
 # @see http://cwe.mitre.org/data/definitions/90.html
 # @see http://projects.webappsec.org/w/page/13246947/LDAP-Injection
 # @see https://www.owasp.org/index.php/LDAP_injection
 class Arachni::Checks::LdapInjection < Arachni::Check::Base
@@ -21,12 +20,12 @@
     end
 
     def run
         # This string will hopefully force the webapp to output LDAP error messages.
         audit( '#^($!@$)(()))******',
-            format:    [Format::APPEND],
-            substring: self.class.error_strings
+            format:     [Format::APPEND],
+            signatures: self.class.error_strings
         )
     end
 
     def self.info
         {
@@ -35,10 +34,10 @@
 It tries to force the web application to return LDAP error messages, in order to
 discover failures in user input validation.
 },
             elements:    ELEMENTS_WITH_INPUTS,
             author:      'Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>',
-            version:     '0.1.3',
+            version:     '0.1.4',
 
             issue:       {
                 name:            %q{LDAP Injection},
                 description:     %q{
 Lightweight Directory Access Protocol (LDAP) is used by web applications to access