cms_scanner 0.0.41.10 → 0.0.42.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/app.rb +23 -4
- data/app/controllers/core.rb +8 -6
- data/app/controllers/core/cli_options.rb +2 -0
- data/app/controllers/interesting_findings.rb +2 -0
- data/app/finders/interesting_findings.rb +2 -0
- data/app/finders/interesting_findings/fantastico_fileslist.rb +6 -8
- data/app/finders/interesting_findings/headers.rb +3 -1
- data/app/finders/interesting_findings/robots_txt.rb +5 -7
- data/app/finders/interesting_findings/search_replace_db_2.rb +8 -10
- data/app/finders/interesting_findings/xml_rpc.rb +8 -6
- data/app/formatters/cli.rb +2 -0
- data/app/formatters/cli_no_color.rb +2 -0
- data/app/formatters/cli_no_colour.rb +2 -0
- data/app/formatters/json.rb +2 -0
- data/app/models/fantastico_fileslist.rb +16 -12
- data/app/models/headers.rb +29 -25
- data/app/models/interesting_finding.rb +44 -40
- data/app/models/robots_txt.rb +18 -14
- data/app/models/user.rb +25 -21
- data/app/models/version.rb +45 -41
- data/app/models/xml_rpc.rb +58 -54
- data/lib/cms_scanner.rb +5 -85
- data/lib/cms_scanner/browser.rb +2 -0
- data/lib/cms_scanner/browser/actions.rb +13 -13
- data/lib/cms_scanner/browser/options.rb +2 -0
- data/lib/cms_scanner/cache/file_store.rb +2 -0
- data/lib/cms_scanner/cache/typhoeus.rb +2 -0
- data/lib/cms_scanner/controller.rb +2 -0
- data/lib/cms_scanner/controllers.rb +3 -1
- data/lib/cms_scanner/errors.rb +11 -0
- data/lib/cms_scanner/errors/http.rb +52 -51
- data/lib/cms_scanner/errors/scan.rb +10 -6
- data/lib/cms_scanner/exit_code.rb +2 -0
- data/lib/cms_scanner/finders.rb +2 -0
- data/lib/cms_scanner/finders/base_finders.rb +2 -0
- data/lib/cms_scanner/finders/finder.rb +3 -1
- data/lib/cms_scanner/finders/finder/breadth_first_dictionary_attack.rb +3 -1
- data/lib/cms_scanner/finders/finder/enumerator.rb +44 -15
- data/lib/cms_scanner/finders/finder/fingerprinter.rb +9 -21
- data/lib/cms_scanner/finders/finder/smart_url_checker.rb +2 -0
- data/lib/cms_scanner/finders/finder/smart_url_checker/findings.rb +2 -0
- data/lib/cms_scanner/finders/finding.rb +2 -0
- data/lib/cms_scanner/finders/findings.rb +2 -0
- data/lib/cms_scanner/finders/independent_finder.rb +2 -0
- data/lib/cms_scanner/finders/independent_finders.rb +2 -0
- data/lib/cms_scanner/finders/same_type_finder.rb +2 -0
- data/lib/cms_scanner/finders/same_type_finders.rb +2 -0
- data/lib/cms_scanner/finders/unique_finder.rb +2 -0
- data/lib/cms_scanner/finders/unique_finders.rb +2 -0
- data/lib/cms_scanner/formatter.rb +2 -0
- data/lib/cms_scanner/formatter/buffer.rb +3 -1
- data/lib/cms_scanner/helper.rb +2 -0
- data/lib/cms_scanner/numeric.rb +2 -0
- data/lib/cms_scanner/progressbar_null_output.rb +2 -0
- data/lib/cms_scanner/public_suffix/domain.rb +2 -0
- data/lib/cms_scanner/references.rb +2 -0
- data/lib/cms_scanner/scan.rb +86 -0
- data/lib/cms_scanner/target.rb +2 -0
- data/lib/cms_scanner/target/hashes.rb +2 -0
- data/lib/cms_scanner/target/platform.rb +2 -0
- data/lib/cms_scanner/target/platform/php.rb +4 -2
- data/lib/cms_scanner/target/scope.rb +2 -0
- data/lib/cms_scanner/target/server.rb +2 -0
- data/lib/cms_scanner/target/server/apache.rb +2 -0
- data/lib/cms_scanner/target/server/generic.rb +2 -0
- data/lib/cms_scanner/target/server/iis.rb +2 -0
- data/lib/cms_scanner/target/server/nginx.rb +2 -0
- data/lib/cms_scanner/typhoeus/hydra.rb +2 -0
- data/lib/cms_scanner/typhoeus/response.rb +2 -0
- data/lib/cms_scanner/version.rb +3 -1
- data/lib/cms_scanner/vulnerability.rb +2 -0
- data/lib/cms_scanner/web_site.rb +34 -2
- metadata +4 -6
- data/app/controllers.rb +0 -2
- data/app/finders.rb +0 -1
- data/app/formatters.rb +0 -4
- data/app/models.rb +0 -7
data/lib/cms_scanner/helper.rb
CHANGED
data/lib/cms_scanner/numeric.rb
CHANGED
@@ -0,0 +1,86 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module CMSScanner
|
4
|
+
# Scan
|
5
|
+
class Scan
|
6
|
+
attr_reader :run_error
|
7
|
+
|
8
|
+
def initialize
|
9
|
+
controllers << NS::Controller::Core.new
|
10
|
+
|
11
|
+
exit_hook
|
12
|
+
|
13
|
+
yield self if block_given?
|
14
|
+
end
|
15
|
+
|
16
|
+
# @return [ Controllers ]
|
17
|
+
def controllers
|
18
|
+
@controllers ||= NS::Controllers.new
|
19
|
+
end
|
20
|
+
|
21
|
+
def run
|
22
|
+
controllers.run
|
23
|
+
rescue OptParseValidator::NoRequiredOption => e
|
24
|
+
@run_error = e
|
25
|
+
|
26
|
+
formatter.output('@usage', msg: e.message)
|
27
|
+
rescue NoMemoryError, ScriptError, SecurityError, SignalException, StandardError, SystemStackError => e
|
28
|
+
@run_error = e
|
29
|
+
|
30
|
+
formatter.output('@scan_aborted',
|
31
|
+
reason: e.is_a?(Interrupt) ? 'Canceled by User' : e.message,
|
32
|
+
trace: e.backtrace,
|
33
|
+
verbose: controllers.first.parsed_options[:verbose] ||
|
34
|
+
run_error_exit_code == NS::ExitCode::EXCEPTION)
|
35
|
+
ensure
|
36
|
+
Browser.instance.hydra.abort
|
37
|
+
|
38
|
+
formatter.beautify
|
39
|
+
end
|
40
|
+
|
41
|
+
# Used for convenience
|
42
|
+
# @See Formatter
|
43
|
+
def formatter
|
44
|
+
controllers.first.formatter
|
45
|
+
end
|
46
|
+
|
47
|
+
# @return [ Hash ]
|
48
|
+
def datastore
|
49
|
+
controllers.first.datastore
|
50
|
+
end
|
51
|
+
|
52
|
+
# Hook to be able to have an exit code returned
|
53
|
+
# depending on the findings / errors
|
54
|
+
# :nocov:
|
55
|
+
def exit_hook
|
56
|
+
# Avoid hooking the exit when rspec is running, otherwise it will always return 0
|
57
|
+
# and Travis won't detect failed builds. Couldn't find a better way, even though
|
58
|
+
# some people managed to https://github.com/rspec/rspec-core/pull/410
|
59
|
+
return if defined?(RSpec)
|
60
|
+
|
61
|
+
at_exit do
|
62
|
+
exit(run_error_exit_code) if run_error
|
63
|
+
|
64
|
+
controller = controllers.first
|
65
|
+
|
66
|
+
# The parsed_option[:url] must be checked to avoid raising erros when only -h/-v are given
|
67
|
+
exit(NS::ExitCode::VULNERABLE) if controller.parsed_options[:url] && controller.target.vulnerable?
|
68
|
+
exit(NS::ExitCode::OK)
|
69
|
+
end
|
70
|
+
end
|
71
|
+
# :nocov:
|
72
|
+
|
73
|
+
# @return [ Integer ] The exit code related to the run_error
|
74
|
+
def run_error_exit_code
|
75
|
+
return NS::ExitCode::CLI_OPTION_ERROR if run_error.is_a?(OptParseValidator::Error) ||
|
76
|
+
run_error.is_a?(OptionParser::ParseError)
|
77
|
+
|
78
|
+
return NS::ExitCode::INTERRUPTED if run_error.is_a?(Interrupt)
|
79
|
+
|
80
|
+
return NS::ExitCode::ERROR if run_error.is_a?(NS::Error::Standard) ||
|
81
|
+
run_error.is_a?(CMSScanner::Error::Standard)
|
82
|
+
|
83
|
+
NS::ExitCode::EXCEPTION
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
data/lib/cms_scanner/target.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module CMSScanner
|
2
4
|
class Target < WebSite
|
3
5
|
module Platform
|
@@ -14,9 +16,9 @@ module CMSScanner
|
|
14
16
|
#
|
15
17
|
# @return [ Boolean ]
|
16
18
|
def log_file?(path, pattern, params = {})
|
17
|
-
# Only the first 700 bytes of the file are retrieved to avoid getting
|
19
|
+
# Only the first 700 bytes of the file are retrieved to avoid getting entire log file
|
18
20
|
# which can be huge (~ 2Go)
|
19
|
-
res =
|
21
|
+
res = head_and_get(path, [200], get: params.merge(headers: { 'Range' => 'bytes=0-700' }))
|
20
22
|
|
21
23
|
res.body =~ pattern ? true : false
|
22
24
|
end
|
data/lib/cms_scanner/version.rb
CHANGED
data/lib/cms_scanner/web_site.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
module CMSScanner
|
2
4
|
# WebSite Implementation
|
3
5
|
class WebSite
|
@@ -6,13 +8,14 @@ module CMSScanner
|
|
6
8
|
# @param [ String ] site_url
|
7
9
|
# @param [ Hash ] opts
|
8
10
|
def initialize(site_url, opts = {})
|
9
|
-
self.url = site_url
|
11
|
+
self.url = +site_url
|
10
12
|
@opts = opts
|
11
13
|
end
|
12
14
|
|
13
15
|
def url=(site_url)
|
14
16
|
# Add a trailing slash to the site url
|
15
|
-
|
17
|
+
# Making also sure the site_url is unfrozen
|
18
|
+
+site_url << '/' if site_url[-1, 1] != '/'
|
16
19
|
|
17
20
|
# Use the validator to ensure the site_url has a correct format
|
18
21
|
OptParseValidator::OptURL.new([]).validate(site_url)
|
@@ -98,5 +101,34 @@ module CMSScanner
|
|
98
101
|
res.effective_url == url ? nil : res.effective_url
|
99
102
|
end
|
100
103
|
# :nocov:
|
104
|
+
|
105
|
+
# @return [ Hash ] The Typhoeus params to use to perform head requests
|
106
|
+
def head_or_get_params
|
107
|
+
@head_or_get_params ||= if NS::Browser.head(homepage_url).code == 405
|
108
|
+
{ method: :get, maxfilesize: 1 }
|
109
|
+
else
|
110
|
+
{ method: :head }
|
111
|
+
end
|
112
|
+
end
|
113
|
+
|
114
|
+
# Perform a HEAD request to the path provided, then if its response code
|
115
|
+
# is in the array of codes given, a GET is done and the response returned. Otherwise the
|
116
|
+
# HEAD response is returned.
|
117
|
+
#
|
118
|
+
# @param [ String ] path
|
119
|
+
# @param [ Array<String> ] codes
|
120
|
+
# @param [ Hash ] params The requests params
|
121
|
+
# @option params [ Hash ] :head Request params for the HEAD
|
122
|
+
# @option params [ hash ] :get Request params for the GET
|
123
|
+
#
|
124
|
+
# @return [ Typhoeus::Response ]
|
125
|
+
def head_and_get(path, codes = [200], params = {})
|
126
|
+
url_to_get = url(path)
|
127
|
+
head_params = (params[:head] || {}).merge(head_or_get_params)
|
128
|
+
|
129
|
+
head_res = NS::Browser.forge_request(url_to_get, head_params).run
|
130
|
+
|
131
|
+
codes.include?(head_res.code) ? NS::Browser.get(url_to_get, params[:get] || {}) : head_res
|
132
|
+
end
|
101
133
|
end
|
102
134
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cms_scanner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.42.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- WPScanTeam
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-03-
|
11
|
+
date: 2019-03-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nokogiri
|
@@ -230,23 +230,19 @@ files:
|
|
230
230
|
- LICENSE
|
231
231
|
- README.md
|
232
232
|
- app/app.rb
|
233
|
-
- app/controllers.rb
|
234
233
|
- app/controllers/core.rb
|
235
234
|
- app/controllers/core/cli_options.rb
|
236
235
|
- app/controllers/interesting_findings.rb
|
237
|
-
- app/finders.rb
|
238
236
|
- app/finders/interesting_findings.rb
|
239
237
|
- app/finders/interesting_findings/fantastico_fileslist.rb
|
240
238
|
- app/finders/interesting_findings/headers.rb
|
241
239
|
- app/finders/interesting_findings/robots_txt.rb
|
242
240
|
- app/finders/interesting_findings/search_replace_db_2.rb
|
243
241
|
- app/finders/interesting_findings/xml_rpc.rb
|
244
|
-
- app/formatters.rb
|
245
242
|
- app/formatters/cli.rb
|
246
243
|
- app/formatters/cli_no_color.rb
|
247
244
|
- app/formatters/cli_no_colour.rb
|
248
245
|
- app/formatters/json.rb
|
249
|
-
- app/models.rb
|
250
246
|
- app/models/fantastico_fileslist.rb
|
251
247
|
- app/models/headers.rb
|
252
248
|
- app/models/interesting_finding.rb
|
@@ -279,6 +275,7 @@ files:
|
|
279
275
|
- lib/cms_scanner/cache/typhoeus.rb
|
280
276
|
- lib/cms_scanner/controller.rb
|
281
277
|
- lib/cms_scanner/controllers.rb
|
278
|
+
- lib/cms_scanner/errors.rb
|
282
279
|
- lib/cms_scanner/errors/http.rb
|
283
280
|
- lib/cms_scanner/errors/scan.rb
|
284
281
|
- lib/cms_scanner/exit_code.rb
|
@@ -305,6 +302,7 @@ files:
|
|
305
302
|
- lib/cms_scanner/progressbar_null_output.rb
|
306
303
|
- lib/cms_scanner/public_suffix/domain.rb
|
307
304
|
- lib/cms_scanner/references.rb
|
305
|
+
- lib/cms_scanner/scan.rb
|
308
306
|
- lib/cms_scanner/target.rb
|
309
307
|
- lib/cms_scanner/target/hashes.rb
|
310
308
|
- lib/cms_scanner/target/platform.rb
|
data/app/controllers.rb
DELETED
data/app/finders.rb
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
require_relative 'finders/interesting_findings'
|
data/app/formatters.rb
DELETED
data/app/models.rb
DELETED
@@ -1,7 +0,0 @@
|
|
1
|
-
require_relative 'models/interesting_finding'
|
2
|
-
require_relative 'models/robots_txt'
|
3
|
-
require_relative 'models/fantastico_fileslist'
|
4
|
-
require_relative 'models/headers'
|
5
|
-
require_relative 'models/xml_rpc'
|
6
|
-
require_relative 'models/version'
|
7
|
-
require_relative 'models/user'
|