Class: Workers::Vulns
- Inherits:
-
Object
- Object
- Workers::Vulns
- Includes:
- Ronin::App, Sidekiq::Worker
- Defined in:
- workers/vulns.rb
Overview
Vulnerabilities scanner worker.
Constant Summary collapse
- Params =
Dry::Schema::JSON() do required(:url).filled(:string) optional(:lfi).hash do optional(:os).maybe(Types::Vulns::LFI::OSType) optional(:depth).maybe(:integer) optional(:filter_bypass).maybe(Types::Vulns::LFI::FilterBypassType) end optional(:rfi).hash do optional(:filter_bypass).maybe(Types::Vulns::RFI::FilterBypassType) optional(:test_script_url).maybe(:string) end optional(:sqli).hash do optional(:escape_quote).maybe(:bool) optional(:escape_parens).maybe(:bool) optional(:terminate).maybe(:bool) end optional(:ssti).hash do optional(:escape).maybe(Types::Vulns::SSTI::EscapeType) end optional(:command_injection).hash do optional(:escape_quote).maybe(:string) optional(:escape_operator).maybe(:string) optional(:terminate).maybe(:string) end optional(:open_redirect).hash do optional(:test_url).maybe(:string) end before(:value_coercer) do |result| result.to_h.map do |_, value| value.is_a?(Hash) ? value.compact! : value end end end
Constants included from Ronin::App
Ronin::App::ROOT, Ronin::App::VERSION
Instance Method Summary collapse
- #perform(params) ⇒ Object
-
#validate(params) ⇒ Hash{Symbol => Object}
Validates the given job params.
Instance Method Details
#perform(params) ⇒ Object
79 80 81 82 83 84 85 86 |
# File 'workers/vulns.rb', line 79 def perform(params) kwargs = validate(params) url = kwargs.delete(:url) Ronin::Vulns::URLScanner.scan(url, **kwargs) do |vuln| Ronin::Vulns::Importer.import(vuln) end end |
#validate(params) ⇒ Hash{Symbol => Object}
Validates the given job params.
100 101 102 103 104 105 106 107 108 |
# File 'workers/vulns.rb', line 100 def validate(params) result = Params.call(params) if result.failure? raise(ArgumentError,"invalid nmap params (#{params.inspect}): #{result.errors.inspect}") end return result.to_h end |