RubyGems - cms_scanner - Versions diffs - 0.0.41.4 → 0.0.41.5 - Mend

cms_scanner 0.0.41.4 → 0.0.41.5

Files changed (7) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ad670b5c5ef2beb079b31d7b8429c4c38cc60176
-  data.tar.gz: 0bd37bd414a72e1295c5662ff17485d27b6cc121
+  metadata.gz: 9e1ce07cd91015afc42d0501750a05cb073e81d4
+  data.tar.gz: 22763ad0ec70df77f32a99cffa827546f916fa2b
 SHA512:
-  metadata.gz: cf9ce7cafd23dfa33e69c1d2ad62f75ac3c12f27087a62e35876387aabb198351ca5e40dcbd81e9692b41f4043dea2dab629a8a9680d0a4ec607535575234f49
-  data.tar.gz: f5331e465aefb61ecf865d2407ee91f63800ecf74b1119cb7c9e807b878fbb809c0ae2c4f331f527c57730364e32bbc295ab2b13828a55f816e553e4db4cc928
+  metadata.gz: 13a0de39162442d470bcf1b6eb810218903bccfcf6cb323a229ec1c723ee53ffd0c6601117f86912f97747c6be750378244a8233995862b0dc29a167a6baaaa3
+  data.tar.gz: a7d65db216a38b241cbee7150a390ae4a7fe09e14d876c6725b2094a771c9d893153b45c7c3842451a9dbf11d916b6ea5e25913a823ade2586ea98b701472cd8

data/app/controllers/core.rb CHANGED

@@ -41,7 +41,7 @@ module CMSScanner
         when 401
           raise HTTPAuthRequiredError
         when 403
-          raise AccessForbiddenError
+          raise AccessForbiddenError, parsed_options[:random_user_agent]
         when 407
           raise ProxyAuthRequiredError
         end

data/app/models/user.rb CHANGED

@@ -21,7 +21,7 @@ module CMSScanner
     def ==(other)
       return false unless self.class == other.class
-      username == other.username
+      username == other.username && password == other.password
     end
     def to_s

@@ -35,12 +35,22 @@ module CMSScanner
   # Access Forbidden Error
   class AccessForbiddenError < Error
-    # :nocov:
+    attr_reader :random_user_agent_used
+    # @param [ Boolean ] random_user_agent_used
+    def initialize(random_user_agent_used)
+      @random_user_agent_used = random_user_agent_used
+    end
     def to_s
-      'The target is responding with a 403, this might be due to a WAF. ' \
-      'Please re-try with --random-user-agent'
+      msg = if random_user_agent_used
+              'Well... --random-user-agent didn\'t work, you\'re on your own now!'
+            else
+              'Please re-try with --random-user-agent'
+            end
+      "The target is responding with a 403, this might be due to a WAF. #{msg}"
     end
-    # :nocov:
   end
   # HTTP Redirect Error

@@ -10,6 +10,9 @@ module CMSScanner
         #
         # @yield [ CMSScanner::User ] When a valid combination is found
         #
+        # Due to Typhoeus threads shenanigans, in rare cases the progress-bar might
+        # be incorrect updated, hence the 'rescue ProgressBar::InvalidProgressError'
+        #
         # TODO: Make rubocop happy about metrics etc
         #
         # rubocop:disable all
@@ -35,14 +38,15 @@ module CMSScanner
               request.on_complete do |res|
                 progress_bar.title = "Trying #{user.username} / #{password}"
-                progress_bar.increment
+                progress_bar.increment rescue ProgressBar::InvalidProgressError
                 if valid_credentials?(res)
                   user.password = password
-                  yield user
+                  progress_bar.total -= passwords.size - user_requests_count[user.username] rescue ProgressBar::InvalidProgressError
-                  progress_bar.total -= passwords.size - user_requests_count[user.username]
+                  yield user
                 elsif errored_response?(res)
                   output_error(res)
                 end

@@ -1,4 +1,4 @@
 # Version
 module CMSScanner
-  VERSION = '0.0.41.4'.freeze
+  VERSION = '0.0.41.5'.freeze
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cms_scanner
 version: !ruby/object:Gem::Version
-  version: 0.0.41.4
+  version: 0.0.41.5
 platform: ruby
 authors:
 - WPScanTeam
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-03-07 00:00:00.000000000 Z
+date: 2019-03-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri