Module: Ronin::Vulns::CLI::Logging Private
Overview
This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.
Mixin that adds methods for logging discovered web vulnerabilities.
Constant Summary collapse
- VULN_TYPES =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
Known vulnerability types and their printable names.
{ open_redirect: 'Open Redirect', reflected_xss: 'reflected XSS', lfi: 'LFI', rfi: 'RFI', sqli: 'SQLi', ssti: 'SSTI' }
Instance Method Summary collapse
-
#log_vuln(vuln) ⇒ Object
private
Prints a web vulnerability.
-
#vuln_type(vuln) ⇒ String
private
Returns the printable vulnerability type for the vulnerability object.
Instance Method Details
#log_vuln(vuln) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Prints a web vulnerability.
60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
# File 'lib/ronin/vulns/cli/logging.rb', line 60 def log_vuln(vuln) vuln_name = vuln_type(vuln) location = if vuln.query_param "query param '#{vuln.query_param}'" elsif vuln.header_name "Header '#{vuln.header_name}'" elsif vuln. "Cookie param '#{vuln.}'" elsif vuln.form_param "form param '#{vuln.form_param}'" end if location log_info "Found #{vuln_name} on #{vuln.url} via #{location}!" else log_info "Found #{vuln_name} on #{vuln.url}!" end end |
#vuln_type(vuln) ⇒ String
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Returns the printable vulnerability type for the vulnerability object.
50 51 52 |
# File 'lib/ronin/vulns/cli/logging.rb', line 50 def vuln_type(vuln) VULN_TYPES.fetch(vuln.class.vuln_type,'vulnerability') end |