cms_scanner 0.10.0 → 0.12.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b99be1a5c9ca5480c3144bd7bf47158131b37d2384d0efdead0af974823e2f91
-  data.tar.gz: ca62945912501cca054acda5c3567428f6d5952ed144f27115ecfd7ac38a8d24
+  metadata.gz: 943549919eeec0dc993e93789c543064401359f1673b030e7520ac49eddd8b67
+  data.tar.gz: db1524123914c10872586742d1b52bb50550391c5b6b2c56ceaae541b9ff27ad
 SHA512:
-  metadata.gz: 92eefec3cc72a884f139077782486ba2bff6716f54566952f0f7d996400deeedc04131f704a2d0e63ba47d9eaaefe2ef8390cc98f411ccb231c876f3ff52c23c
-  data.tar.gz: 559ea905b19ec7657242e6a0ea4977dcc3f34b2e0159fab086496b138c8916df5b5920723ab0ea621c7141752ce6fc96e6191607fc3cd7c082e15ea5c4a4bce2
+  metadata.gz: a70bd9df89f08639549c44c5611bcd1cdab4712d85e02cd2a9b2fe37cb31ab61fe5bb407464686b8abd1a68f7b3986675b17ffe287a967acbe536a6153f5a5c9
+  data.tar.gz: 48e01f3d443bd2b78e0ad4fd5e63c8d80ecc4c3bbc40886b5355d4d604a14d985734d90ed3707a22addf7b45fd8c8bcee8e00898bbe4caf7e3fe2cc0025f4093

data/app/models/fantastico_fileslist.rb

@@ -2,8 +2,16 @@
 
 module CMSScanner
   module Model
-    # FantasticoFileslist
+    # Fantastico is a commercial script library that automates the installation of web applications to a website.
+    # Fantastico scripts are executed from the administration area of a website control panel such as cPanel.
+    # It creates a file named fantastico_fileslist.txt that is publicly available and contains a list of all the
+    # files from the current directory. The contents of this file may expose sensitive information to an attacker.
     class FantasticoFileslist < InterestingFinding
+      # @return [ String ]
+      def to_s
+        @to_s ||= "Fantastico list found: #{url}"
+      end
+
       # @return [ Array<String> ] The interesting files/dirs detected
       def interesting_entries
         results = []
@@ -17,7 +25,9 @@ module CMSScanner
       end
 
       def references
-        @references ||= { url: ['http://www.acunetix.com/vulnerabilities/fantastico-fileslist/'] }
+        @references ||= {
+          url: ['https://web.archive.org/web/20140518040021/http://www.acunetix.com/vulnerabilities/fantastico-fileslist/']
+        }
       end
     end
   end

data/app/models/headers.rb

@@ -19,7 +19,7 @@ module CMSScanner
         entries.each do |header, value|
           next if known_headers.include?(header.downcase)
 
-          results << "#{header}: #{[*value].join(', ')}"
+          results << "#{header}: #{Array(value).join(', ')}"
         end
         results
       end

data/app/models/robots_txt.rb

@@ -4,6 +4,11 @@ module CMSScanner
   module Model
     # Robots.txt
     class RobotsTxt < InterestingFinding
+      # @return [ String ]
+      def to_s
+        @to_s ||= "robots.txt found: #{url}"
+      end
+
       # @todo Better detection, currently everything not empty or / is returned
       #
       # @return [ Array<String> ] The interesting Allow/Disallow rules detected

data/app/models/search_replace_db_2.rb

@@ -4,6 +4,11 @@ module CMSScanner
   module Model
     # SearchReplaceDB2
     class SearchReplaceDB2 < InterestingFinding
+      # @return [ String ]
+      def to_s
+        @to_s ||= "Search Replace DB script found: #{url}"
+      end
+
       def references
         @references ||= { url: ['https://interconnectit.com/products/search-and-replace-for-wordpress-databases/'] }
       end

data/lib/cms_scanner/cache/file_store.rb

@@ -59,7 +59,7 @@ module CMSScanner
       #
       # @return [ String ] The expiration file path associated to the key
       def entry_expiration_path(key)
-        entry_path(key) + '.expiration'
+        "#{entry_path(key)}.expiration"
       end
 
       private

data/lib/cms_scanner/finders/base_finders.rb

@@ -21,14 +21,14 @@ module CMSScanner
 
         return symbols if mode.nil? || mode == :mixed
 
-        symbols.include?(mode) ? [*mode] : []
+        symbols.include?(mode) ? Array(mode) : []
       end
 
       # @param [ CMSScanner::Finders::Finder ] finder
       # @param [ Symbol ] symbol See return values of #symbols_from_mode
       # @param [ Hash ] opts
       def run_finder(finder, symbol, opts)
-        [*finder.send(symbol, opts.merge(found: findings))].compact.each do |found|
+        Array(finder.send(symbol, opts.merge(found: findings))).compact.each do |found|
           findings << found
         end
       end

data/lib/cms_scanner/finders/finder.rb

@@ -57,10 +57,12 @@ module CMSScanner
       # @param [String, Class ] klass
       # @return [ String ]
       def found_by(klass = self.class)
+        labels = %w[aggressive passive]
+
         caller_locations.each do |call|
           label = call.label
 
-          next unless %w[aggressive passive].include? label
+          next unless labels.include? label
 
           title = klass.to_s.demodulize.gsub(/(\d+)[a-z]+/i, '_\0').titleize(keep_id_suffix: true)
 

data/lib/cms_scanner/finders/finder/breadth_first_dictionary_attack.rb

@@ -6,20 +6,22 @@ module CMSScanner
       # Module to provide an easy way to perform password attacks
       module BreadthFirstDictionaryAttack
         # @param [ Array<CMSScanner::Model::User> ] users
-        # @param [ Array<String> ] passwords
+        # @param [ String ] wordlist_path
         # @param [ Hash ] opts
         # @option opts [ Boolean ] :show_progression
         #
         # @yield [ CMSScanner::User ] When a valid combination is found
         #
         # Due to Typhoeus threads shenanigans, in rare cases the progress-bar might
-        # be incorrect updated, hence the 'rescue ProgressBar::InvalidProgressError'
+        # be incorrectly updated, hence the 'rescue ProgressBar::InvalidProgressError'
         #
         # TODO: Make rubocop happy about metrics etc
         #
         # rubocop:disable all
-        def attack(users, passwords, opts = {})
-          create_progress_bar(total: users.size * passwords.size, show_progression: opts[:show_progression])
+        def attack(users, wordlist_path, opts = {})
+          wordlist = File.open(wordlist_path)
+
+          create_progress_bar(total: users.size * wordlist.count, show_progression: opts[:show_progression])
 
           queue_count         = 0
           # Keep the number of requests sent for each users
@@ -28,7 +30,7 @@ module CMSScanner
 
           users.each { |u| user_requests_count[u.username] = 0 }
 
-          passwords.each do |password|
+          File.foreach(wordlist, chomp: true) do |password|
             remaining_users = users.select { |u| u.password.nil? }
 
             break if remaining_users.empty?
@@ -47,7 +49,7 @@ module CMSScanner
                   user.password = password
 
                   begin
-                    progress_bar.total -= passwords.size - user_requests_count[user.username]
+                    progress_bar.total -= wordlist.count - user_requests_count[user.username]
                   rescue ProgressBar::InvalidProgressError
                   end
 
@@ -103,10 +105,12 @@ module CMSScanner
                     'Request timed out.'
                   elsif response.code.zero?
                     "No response from remote server. WAF/IPS? (#{response.return_message})"
-                  elsif /^50/.match?(response.code.to_s)
+                  elsif response.code.to_s.start_with?('50')
                     'Server error, try reducing the number of threads.'
-                  else
+                  elsif NS::ParsedCli.verbose?
                     "Unknown response received Code: #{response.code}\nBody: #{response.body}"
+                  else
+                    "Unknown response received Code: #{response.code}"
                   end
 
           progress_bar.log("Error: #{error}")

data/lib/cms_scanner/finders/finder/enumerator.rb

@@ -55,7 +55,7 @@ module CMSScanner
         # @return [ Typhoeus::Response, nil ]
         def maybe_get_full_response(head_res, opts)
           return head_res unless opts[:check_full_response] == true ||
-                                 [*opts[:check_full_response]].include?(head_res.code)
+                                 Array(opts[:check_full_response]).include?(head_res.code)
 
           full_res = NS::Browser.get(head_res.effective_url, full_request_params)
 

data/lib/cms_scanner/numeric.rb

@@ -8,6 +8,6 @@ class Numeric
     e     = abs.zero? ? abs : (Math.log(abs) / Math.log(1024)).floor
     s     = format('%<s>.3f', s: (abs.to_f / 1024**e))
 
-    s.sub(/\.?0*$/, ' ' + units[e])
+    s.sub(/\.?0*$/, " #{units[e]}")
   end
 end

data/lib/cms_scanner/progressbar_null_output.rb

@@ -17,7 +17,7 @@ module CMSScanner
     def log(string = nil)
       return logs if string.nil?
 
-      logs << string
+      logs << string unless logs.include?(string)
     end
   end
 end

data/lib/cms_scanner/references.rb

@@ -21,9 +21,9 @@ module CMSScanner
         next unless refs.key?(key)
 
         @references[key] = if key == :youtube
-                             [*refs[:youtube]].map { |id| youtube_url(id) }
+                             Array(refs[:youtube]).map { |id| youtube_url(id) }
                            else
-                             [*refs[key]].map(&:to_s)
+                             Array(refs[key]).map(&:to_s)
                            end
       end
     end

data/lib/cms_scanner/target.rb

@@ -18,7 +18,7 @@ module CMSScanner
       super(url, opts)
 
       scope << uri.host
-      [*opts[:scope]].each { |s| scope << s }
+      Array(opts[:scope]).each { |s| scope << s }
     end
 
     # @param [ Hash ] opts
@@ -105,11 +105,11 @@ module CMSScanner
         next unless attr_value && !attr_value.empty?
 
         node_uri = begin
-                     uri.join(attr_value.strip)
-                   rescue StandardError
-                     # Skip potential malformed URLs etc.
-                     next
-                   end
+          uri.join(attr_value.strip)
+        rescue StandardError
+          # Skip potential malformed URLs etc.
+          next
+        end
 
         next unless node_uri.host
 

data/lib/cms_scanner/target/platform/php.rb

@@ -5,7 +5,7 @@ module CMSScanner
     module Platform
       # Some PHP specific implementation
       module PHP
-        DEBUG_LOG_PATTERN = /(?:\[\d{2}\-[a-zA-Z]{3}\-\d{4}\s\d{2}\:\d{2}:\d{2}\s[A-Z]{3}\]|
+        DEBUG_LOG_PATTERN = /(?:\[\d{2}-[a-zA-Z]{3}-\d{4}\s\d{2}:\d{2}:\d{2}\s[A-Z]{3}\]|
                               PHP\s(?:Fatal|Warning|Strict|Error|Notice):)/x.freeze
         FPD_PATTERN       = /Fatal error:.+? in (.+?) on/.freeze
         ERROR_LOG_PATTERN = /PHP Fatal error/i.freeze

data/lib/cms_scanner/target/scope.rb

@@ -53,14 +53,14 @@ module CMSScanner
       domains = [uri.host + uri.path]
 
       domains += if scope.domains.empty?
-                   [*scope.invalid_domains[1..-1]]
+                   Array(scope.invalid_domains[1..-1])
                  else
-                   [*scope.domains[1..-1]].map(&:to_s) + scope.invalid_domains
+                   Array(scope.domains[1..-1]).map(&:to_s) + scope.invalid_domains
                  end
 
-      domains.map! { |d| Regexp.escape(d.gsub(%r{/$}, '')).gsub('\*', '.*').gsub('/', '\\\\\?/') }
+      domains.map! { |d| Regexp.escape(d.delete_suffix('/')).gsub('\*', '.*').gsub('/', '\\\\\?/') }
 
-      domains[0].gsub!(Regexp.escape(uri.host), Regexp.escape(uri.host) + '(?::\\d+)?') if uri.port
+      domains[0].gsub!(Regexp.escape(uri.host), "#{Regexp.escape(uri.host)}(?::\\d+)?") if uri.port
 
       @scope_url_pattern = %r{https?:\\?/\\?/(?:#{domains.join('|')})\\?/?}i
     end

data/lib/cms_scanner/target/server/generic.rb

@@ -41,7 +41,7 @@ module CMSScanner
         def directory_listing?(path = nil, params = {})
           res = NS::Browser.get(url(path), params)
 
-          res.code == 200 && res.body =~ /<h1>Index of/ ? true : false
+          res.code == 200 && res.body.include?('<h1>Index of') ? true : false
         end
 
         # @param [ String ] path

data/lib/cms_scanner/version.rb

@@ -2,5 +2,5 @@
 
 # Version
 module CMSScanner
-  VERSION = '0.10.0'
+  VERSION = '0.12.2'
 end

data/lib/cms_scanner/web_site.rb

@@ -62,7 +62,7 @@ module CMSScanner
 
     # @return [ String ] The URL of an unlikely existant page
     def error_404_url
-      @error_404_url ||= uri.join(Digest::MD5.hexdigest(rand(999_999).to_s)[0..6] + '.html').to_s
+      @error_404_url ||= uri.join("#{Digest::MD5.hexdigest(rand(999_999).to_s)[0..6]}.html").to_s
     end
 
     # Checks if the remote website is up.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cms_scanner
 version: !ruby/object:Gem::Version
-  version: 0.10.0
+  version: 0.12.2
 platform: ruby
 authors:
 - WPScanTeam
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-04-16 00:00:00.000000000 Z
+date: 2021-01-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: get_process_mem
@@ -30,28 +30,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.10.8
+        version: 1.11.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.10.8
+        version: 1.11.0
 - !ruby/object:Gem::Dependency
   name: opt_parse_validator
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.9.0
+        version: 1.9.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.9.0
+        version: 1.9.3
 - !ruby/object:Gem::Dependency
   name: public_suffix
   requirement: !ruby/object:Gem::Requirement
@@ -70,30 +70,42 @@ dependencies:
   name: ruby-progressbar
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.10'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 1.10.0
+        version: '1.12'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.10.0
+        version: '1.10'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '1.12'
 - !ruby/object:Gem::Dependency
   name: typhoeus
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: '1.3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: '1.3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '1.5'
 - !ruby/object:Gem::Dependency
   name: xmlrpc
   requirement: !ruby/object:Gem::Requirement
@@ -170,14 +182,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.9.0
+        version: 3.10.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.9.0
+        version: 3.10.0
 - !ruby/object:Gem::Dependency
   name: rspec-its
   requirement: !ruby/object:Gem::Requirement
@@ -198,42 +210,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.81.0
+        version: 1.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.81.0
+        version: 1.7.0
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: 1.9.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: 1.9.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.2
+        version: 0.21.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.18.2
+        version: 0.21.0
 - !ruby/object:Gem::Dependency
   name: simplecov-lcov
   requirement: !ruby/object:Gem::Requirement
@@ -254,14 +266,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.8.0
+        version: 3.11.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 3.8.0
+        version: 3.11.0
 description: Framework to provide an easy way to implement CMS Scanners
 email:
 - team@wpscan.org