Basic Modules

Basic modules are those that send altered or entirely new requests to the crawler and register callbacks to handle the responses. The callbacks can generate alerts, store information in the knowledge base, or schedule additional requests. Basic modules are written in Javascript.

Introduction

The Vega crawler analyzes pages, extracting URIs and processing forms. Vega decomposes the path structure of URIs and analyzes them to determine if they are directories or files. Each path part is stored with identified type information, as a PathState node, in a tree-like data structure. URIs that accept GET or POST parameters are further decomposed into derivative path state nodes, one for each parameter, and each with a parameter index.

Basic modules that have been selected to run are run once on each path state node.

Every basic module must declare two things: a module object, and an initialize() function. Callback functions must be defined if requests are submitted to the Vega crawler.

Module Object

    var module = {
      name: "Shell Injection Checks",
      category: "Injection Modules"
    };

The module object contains has two properties:

name A string name for the module. category A string name for the category it is to be grouped in.

Initialization Function

The function initialize() is the entry point for the module. Modules are invoked by Vega on path state nodes.

    initialize(ctx)

The initialize() function is passed one parameter, the context object. The context includes the path state and exposes the Vega API. Basic modules create requests and submit them to the crawler, along with the callback function that will run when the response is returned.

Context

The Vega API for modules is exposed through the Basic Module Context Object object, which also serves to store information about the instance of a module per path-state node, i.e. across multiple requests and responses. This includes:

  • Sending requests
  • Tracking responses
  • Comparing page similarity
  • Generating alerts

Design of a Basic Module

Basic modules can queue additional requests to be sent and register callbacks to handle the responses. These can be entirely new requests or fuzzing of parametric or non-parametric path state nodes. The API for this is documented in the BasicModule Context wiki page. The callback functions perform the analysis of the vulnerability check and can generate an alert, if appropriate to do so.

Home > API > Basic-Modules

Have feedback on Vega? Our documentation? Please tell us.