cms_scanner 0.0.40.2 → 0.0.40.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/core.rb +9 -6
  3. data/app/models/interesting_finding.rb +5 -0
  4. data/app/views/cli/core/finished.erb +3 -0
  5. data/app/views/json/core/finished.erb +7 -1
  6. data/app/views/json/interesting_findings/findings.erb +1 -0
  7. data/lib/cms_scanner.rb +36 -2
  8. data/lib/cms_scanner/target/platform/php.rb +3 -3
  9. data/lib/cms_scanner/typhoeus/response.rb +12 -1
  10. data/lib/cms_scanner/version.rb +1 -1
  11. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3835b59c723b4b5f73240e16295345892c5945cf
4
- data.tar.gz: 7dee21423e396897ab18747d271889f957a48ae5
3
+ metadata.gz: 01e63c37ec8c7413a1b6126e934cdd523cb6fd54
4
+ data.tar.gz: b50738731d6a0c9886d304c56c716760f6602dc4
5
5
  SHA512:
6
- metadata.gz: d5ea0f55099c3e1b8657921c60ace4f0c1588c8e9edeb634842796028df1b22da2e63516b7e90b48ef5739b2a93fe723a9786aed7aebc21747e9649b4775a8c5
7
- data.tar.gz: 42740280effe12021ae733597f850229d06d6204df5ce1582b088e247f34c61821e4b857a207d98bda81618ab0f5e0798864882f21a1bd5d52fc531e038afeca
6
+ metadata.gz: 01fe765af31f1c9eda786feca8898c7c852e65666a667582a842e516b9dbfa4d1494137708bd0893c83cd13d356599daaa6d1ec9496494348ad3424df42fd7b5
7
+ data.tar.gz: c9a9a25b7ae82f9d21fa526f0206f330d697e0390e1de70ed443f228b9edb96f5ea96ca69a6317b34fedb7675d7ad843c6a967c90bd70f584be41ee9a1aa1f15
data/app/controllers/core.rb CHANGED
@@ -65,12 +65,15 @@ module CMSScanner
65
65
  end
66
66
 
67
67
  def after_scan
68
- @stop_time = Time.now
69
- @elapsed = @stop_time - @start_time
70
- @used_memory = memory_usage - @start_memory
71
- @requests_done = CMSScanner.total_requests
72
-
73
- output('finished')
68
+ @stop_time = Time.now
69
+ @elapsed = @stop_time - @start_time
70
+ @used_memory = memory_usage - @start_memory
71
+
72
+ output('finished',
73
+ cached_requests: NS.cached_requests,
74
+ requests_done: NS.total_requests,
75
+ data_sent: NS.total_data_sent,
76
+ data_received: NS.total_data_received)
74
77
  end
75
78
  end
76
79
  end
data/app/models/interesting_finding.rb CHANGED
@@ -31,6 +31,11 @@ module CMSScanner
31
31
  @to_s || url
32
32
  end
33
33
 
34
+ # @return [ String ]
35
+ def type
36
+ @type ||= self.class.to_s.demodulize.underscore
37
+ end
38
+
34
39
  # @return [ Boolean ]
35
40
  def ==(other)
36
41
  self.class == other.class && to_s == other.to_s
data/app/views/cli/core/finished.erb CHANGED
@@ -1,4 +1,7 @@
1
1
  <%= info_icon %> Finished: <%= @stop_time.asctime %>
2
2
  <%= info_icon %> Requests Done: <%= @requests_done %>
3
+ <%= info_icon %> Cached Requests: <%= @cached_requests %>
4
+ <%= info_icon %> Data Sent: <%= @data_sent.bytes_to_human %>
5
+ <%= info_icon %> Data Received: <%= @data_received.bytes_to_human %>
3
6
  <%= info_icon %> Memory used: <%= @used_memory.bytes_to_human %>
4
7
  <%= info_icon %> Elapsed time: <%= Time.at(@elapsed).utc.strftime('%H:%M:%S') %>
data/app/views/json/core/finished.erb CHANGED
@@ -1,4 +1,10 @@
1
1
  "stop_time": <%= @stop_time.to_i %>,
2
2
  "elapsed": <%= @elapsed.to_i %>,
3
3
  "requests_done": <%= @requests_done.to_i %>,
4
- "used_memory": <%= @used_memory.to_i %>,
4
+ "cached_requests": <%= @cached_requests.to_i %>,
5
+ "data_sent": <%= @data_sent.to_i %>,
6
+ "data_sent_humanised": <%= @data_sent.bytes_to_human.to_json %>,
7
+ "data_received": <%= @data_received.to_i %>,
8
+ "data_received_humanised": <%= @data_received.bytes_to_human.to_json %>,
9
+ "used_memory": <%= @used_memory.to_i %>,
10
+ "used_memory_humanised": <%= @used_memory.bytes_to_human.to_json %>,
data/app/views/json/interesting_findings/findings.erb CHANGED
@@ -5,6 +5,7 @@
5
5
  {
6
6
  "url": <%= finding.url.to_s.to_json %>,
7
7
  "to_s": <%= finding.to_s.to_json %>,
8
+ "type": <%= finding.type.to_json %>,
8
9
  "found_by": <%= finding.found_by.to_s.to_json %>,
9
10
  "confidence": <%= finding.confidence.to_json %>,
10
11
  "confirmed_by": {
data/lib/cms_scanner.rb CHANGED
@@ -40,11 +40,15 @@ module CMSScanner
40
40
  APP_DIR = Pathname.new(__FILE__).dirname.join('..', 'app').expand_path
41
41
  NS = self
42
42
 
43
- # Number of requests performed to display at the end of the scan
43
+ # Number of requests performed and data sent/received to display at the end of the scan
44
44
  Typhoeus.on_complete do |response|
45
+ self.cached_requests += 1 if response.cached?
46
+
45
47
  next if response.cached?
46
48
 
47
49
  self.total_requests += 1
50
+ self.total_data_sent += response.request_size
51
+ self.total_data_received += response.size
48
52
 
49
53
  NS::Browser.instance.trottle!
50
54
  end
@@ -52,16 +56,46 @@ module CMSScanner
52
56
  # Module to be able to use these class methods when the CMSScanner
53
57
  # is included in another module
54
58
  module ClassMethods
59
+ # @return [ Integer ]
60
+ def cached_requests
61
+ @@cached_requests ||= 0
62
+ end
63
+
64
+ # @param [ Integer ] value
65
+ def cached_requests=(value)
66
+ @@cached_requests = value
67
+ end
68
+
55
69
  # @return [ Integer ]
56
70
  def total_requests
57
71
  @@total_requests ||= 0
58
72
  end
59
73
 
60
- # @param [ Integer ]
74
+ # @param [ Integer ] value
61
75
  def total_requests=(value)
62
76
  @@total_requests = value
63
77
  end
64
78
 
79
+ # @return [ Integer ]
80
+ def total_data_sent
81
+ @@total_data_sent ||= 0
82
+ end
83
+
84
+ # @param [ Integer ] value
85
+ def total_data_sent=(value)
86
+ @@total_data_sent = value
87
+ end
88
+
89
+ # @return [ Integer ]
90
+ def total_data_received
91
+ @@total_data_received ||= 0
92
+ end
93
+
94
+ # @param [ Integer ] value
95
+ def total_data_received=(value)
96
+ @@total_data_received = value
97
+ end
98
+
65
99
  # The lowercase name of the scanner
66
100
  # Mainly used in directory paths like the default cookie-jar file and
67
101
  # path to load the cli options from files
data/lib/cms_scanner/target/platform/php.rb CHANGED
@@ -3,9 +3,9 @@ module CMSScanner
3
3
  module Platform
4
4
  # Some PHP specific implementation
5
5
  module PHP
6
- DEBUG_LOG_PATTERN = /\[[^\]]+\] PHP (?:Warning|Error|Notice):/
7
- FPD_PATTERN = /Fatal error:.+? in (.+?) on/
8
- ERROR_LOG_PATTERN = /PHP Fatal error/i
6
+ DEBUG_LOG_PATTERN = /\[[^\]]+\] PHP (?:Warning|Error|Notice):/.freeze
7
+ FPD_PATTERN = /Fatal error:.+? in (.+?) on/.freeze
8
+ ERROR_LOG_PATTERN = /PHP Fatal error/i.freeze
9
9
 
10
10
  # @param [ String ] path
11
11
  # @param [ Regexp ] pattern
data/lib/cms_scanner/typhoeus/response.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  module Typhoeus
2
2
  # Custom Response class
3
3
  class Response
4
- # @return [ Nokogiri::HTML ] The response's body parsed by Nokogiri::HTML
4
+ # @return [ Nokogiri::XML ] The response's body parsed by Nokogiri::HTML
5
5
  def html
6
6
  @html ||= Nokogiri::HTML(body.encode('UTF-8', invalid: :replace, undef: :replace))
7
7
  end
@@ -10,5 +10,16 @@ module Typhoeus
10
10
  def xml
11
11
  @xml ||= Nokogiri::XML(body.encode('UTF-8', invalid: :replace, undef: :replace))
12
12
  end
13
+
14
+ # Override of the original to ensure an integer is returned
15
+ # @return [ Integer ]
16
+ def request_size
17
+ super || 0
18
+ end
19
+
20
+ # @return [ Integer ]
21
+ def size
22
+ (body.nil? ? 0 : body.size) + (response_headers.nil? ? 0 : response_headers.size)
23
+ end
13
24
  end
14
25
  end
data/lib/cms_scanner/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # Version
2
2
  module CMSScanner
3
- VERSION = '0.0.40.2'.freeze
3
+ VERSION = '0.0.40.3'.freeze
4
4
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.40.2
4
+ version: 0.0.40.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-10-20 00:00:00.000000000 Z
11
+ date: 2018-11-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -212,14 +212,14 @@ dependencies:
212
212
  requirements:
213
213
  - - "~>"
214
214
  - !ruby/object:Gem::Version
215
- version: 0.59.2
215
+ version: 0.60.0
216
216
  type: :development
217
217
  prerelease: false
218
218
  version_requirements: !ruby/object:Gem::Requirement
219
219
  requirements:
220
220
  - - "~>"
221
221
  - !ruby/object:Gem::Version
222
- version: 0.59.2
222
+ version: 0.60.0
223
223
  - !ruby/object:Gem::Dependency
224
224
  name: simplecov
225
225
  requirement: !ruby/object:Gem::Requirement