/checks/http/content/content.rb

https://github.com/intrigueio/intrigue-ident · Ruby · 63 lines · 62 code · 1 blank · 0 comment · 0 complexity · 189340f808f1c56793fd4a0ca458ab04 MD5 · raw file 

    

  1. module Intrigue
    2. 

  2. module Ident
    3. 

  3. module Check
    4. 

  4. class Content < Intrigue::Ident::Check::Base
    5. 

  5. 

  6.   def generate_checks(url)
    7. 

  7.     [
    8. 

  8.       {
    9. 

  9.         type: "content",
    10. 

  10.         name:"MurmurHash Page Content",
    11. 

  11.         dynamic_result: lambda { |d| _body_raw_binary_checksum_mmh3(d) },
    12. 

  12.         paths: [ { path: "#{url}", follow_redirects: true } ],
    13. 

  13.       },
    14. 

  14.       {
    15. 

  15.         type: "content",
    16. 

  16.         name:"MurmurHash Favicon",
    17. 

  17.         dynamic_result: lambda { |d| _body_raw_binary_checksum_mmh3(d) },
    18. 

  18.         paths: [ { path: "#{url}/favicon.ico", follow_redirects: false } ],
    19. 

  19.       },
    20. 

  20.       {
    21. 

  21.         type: "content",
    22. 

  22.         name:"Location-Based Redirect",
    23. 

  23.         dynamic_result: lambda { |d| _first_header_capture(d,/^location:(.*)$/i) },
    24. 

  24.         paths: [ { path: "#{url}", follow_redirects: false } ],
    25. 

  25.       },
    26. 

  26.       {
    27. 

  27.         type: "content",
    28. 

  28.         name:"Directory Listing Detected",
    29. 

  29.         dynamic_result: lambda { |d| (
    30. 

  30.           _first_title_match(d,/Index of \//) ||
    31. 

  31.           _first_body_match(d, /<h1>Index of \//) ||
    32. 

  32.           _first_body_match(d, /\[To Parent Directory\]/) ) ? true : false },
    33. 

  33.         issues: ["directory_listing_detected"],
    34. 

  34.         paths: [ { path: "#{url}", follow_redirects: true } ],
    35. 

  35.       },
    36. 

  36.       {
    37. 

  37.         type: "content",
    38. 

  38.         name:"Form Detected",
    39. 

  39.         dynamic_result: lambda { |d| _first_body_match(d,/\<form/) ? true : false },
    40. 

  40.         paths: [ { path: "#{url}", follow_redirects: true } ],
    41. 

  41.       },
    42. 

  42.       {
    43. 

  43.         type: "content",
    44. 

  44.         name:"File Upload Form Detected",
    45. 

  45.         dynamic_result: lambda { |d| _first_body_match(d,/enctype=\"multipart\/form-data/) ? true : false },
    46. 

  46.         paths: [ { path: "#{url}", follow_redirects: true } ],
    47. 

  47.       },
    48. 

  48.       {
    49. 

  49.         type: "content",
    50. 

  50.         name:"Email Addresses Detected",
    51. 

  51.         dynamic_result: lambda { |d|
    52. 

  52.         email_address_regex = /\A([\w+\-].?)+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\z/i
    53. 

  53.           captures = _all_body_captures(d,email_address_regex) || []
    54. 

  54.           captures.select{|e| !(e =~ /\.png$/) }.compact
    55. 

  55.         },
    56. 

  56.         paths: [ { path: "#{url}", follow_redirects: true } ],
    57. 

  57.       }
    58. 

  58.     ]
    59. 

  59.   end
    60. 

  60. end
    61. 

  61. end
    62. 

  62. end
    63. 

  63. end
    64.