Class: Ronin::DB::CLI::Commands::WebVulns Private

Inherits:

ModelCommand

• Object
• Core::CLI::Command
• Ronin::DB::CLI::Command
• ModelCommand
• Ronin::DB::CLI::Commands::WebVulns

Defined in:

lib/ronin/db/cli/commands/web_vulns.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

Manages all PhoneNumbers in the database.

Usage

ronin-db phone-numbers [options]

Options

    --db NAME                    The database to connect to (Default: default)
    --db-uri URI                 The database URI to connect to
    --db-file PATH               The sqlite3 database file to use
-v, --verbose                    Enables verbose output
-t lfi|rfi|sqli|ssti|open-redirect|reflected-xss|command-injection,
    --with-type                  Searches for all web vulns of the given type
-H, --for-host HOST              Searches for web vulns effecting the host
-d, --for-domain DOMAIN          Searches for web vulns effecting the domain
-p, --for-path PATH              Searches for web vulns effecting the given path
-q, --with-query-param NAME      Searches for web vulns effecting the query param name
    --with-header-name NAME      Searches for web vulns effecting the HTTP header name
-c, --with-cookie-param NAME     Searches for web vulns effecting the cookie param name
-f, --with-form-param NAME       Searches for web vulns effecting the form param name
-M HTTP_METHOD,                  Searches for all web vulns with the HTTP request method
    --with-request-method
-h, --help                       Print help information

Since:

• 0.2.0

Constant Summary

TYPE_NAMES =

This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.

Mapping of web vulnerability types and their printable names.

Since:

• 0.2.0

{
  'lfi'  => 'LFI',
  'rfi'  => 'RFI',
  'sqli' => 'SQLi',
  'ssti' => 'SSTI',

  'open_redirect'     => 'Open Redirect',
  'reflected_xss'     => 'Reflected XSS',
  'command_injection' => 'Command Injection'
}

Constants included from URIMethods

URIMethods::ADAPTER_ALIASES

Instance Attribute Summary

Attributes inherited from ModelCommand

#query_method_calls

Instance Method Summary

• #print_record(web_vuln) ⇒ Object private

  Prints a web vulnerability record from the database.

• #web_vuln_location(web_vuln) ⇒ String^? private

  Determines the location of the web vulnerability.

• #web_vuln_type(web_vuln) ⇒ String private

  Returns the printable vulnerability type for the vulnerability.

Methods inherited from ModelCommand

#db_connect, #initialize, #list, #load_model, #model, model_file, model_name, #query, #run

Methods included from DatabaseOptions

#db_config, #db_connect, included

Methods included from URIMethods

#normalize_adapter, #normalize_sqlite3_path, #parse_uri

Constructor Details

This class inherits a constructor from Ronin::DB::CLI::ModelCommand

Instance Method Details

#print_record(web_vuln) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Prints a web vulnerability record from the database.

Parameters:

• web_vuln (Ronin::DB::WebVuln) —

  The web vulnerability record to print.

Since:

• 0.2.0

# File 'lib/ronin/db/cli/commands/web_vulns.rb', line 220

def print_record(web_vuln)
  type     = web_vuln_type(web_vuln)
  location = web_vuln_location(web_vuln)

  if location
    puts "#{type} on #{web_vuln.url} via #{location}"
  else
    puts "#{type} on #{web_vuln.url}"
  end
end

#web_vuln_location(web_vuln) ⇒ String^?

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Determines the location of the web vulnerability.

Parameters:

• web_vuln (Ronin::DB::WebVuln)

Returns:

• (String, nil)

Since:

• 0.2.0

# File 'lib/ronin/db/cli/commands/web_vulns.rb', line 202

def web_vuln_location(web_vuln)
  if web_vuln.query_param
    "query param '#{web_vuln.query_param}'"
  elsif web_vuln.header_name
    "Header '#{web_vuln.header_name}'"
  elsif web_vuln.cookie_param
    "Cookie param '#{web_vuln.cookie_param}'"
  elsif web_vuln.form_param
    "form param '#{web_vuln.form_param}'"
  end
end

#web_vuln_type(web_vuln) ⇒ String

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns the printable vulnerability type for the vulnerability.

Parameters:

• web_vuln (Ronin::DB::WebVuln)

Returns:

• (String)

Since:

• 0.2.0

# File 'lib/ronin/db/cli/commands/web_vulns.rb', line 189

def web_vuln_type(web_vuln)
  TYPE_NAMES.fetch(web_vuln.type) do
    raise(NotImplementedError,"unknown web vulnerability type: #{web_vuln.type.inspect}")
  end
end