cms_scanner 0.11.0 → 0.12.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/cms_scanner/finders/finder/breadth_first_dictionary_attack.rb +9 -6
  3. data/lib/cms_scanner/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 16c22d4a89bddefca45e7f32b260f99c92469ad5f67ea66d1483bc27cb8b603c
4
- data.tar.gz: 92fada2aa2d2c5109df300bffb72c2c44dec947fd2fb07d1dcc6ef106775042e
3
+ metadata.gz: 7a8c1343f1468a7f2c486b3a4e01ab78908a3148463a06f1368e53e748a6c269
4
+ data.tar.gz: 9613a2df1e556a49a8f6dc9c7e934c2cd35a7aed0fbba4d42c22300901dd6b6b
5
5
  SHA512:
6
- metadata.gz: b0191381badb3aeece273fc5da0b7384efbb29cc041cb3b21d5562e98263775cae3d748b895086e3f8f7d277bf34906b74ac6fcec610ff662a85835c1616b5e1
7
- data.tar.gz: 4e41d6e2909160e17025141c6921c3a2e020943a571dd652cca9803c5801a5a56bb3105da82ebdeb44f42043a22504b14dbe0a02819fc683e223dabec9e95359
6
+ metadata.gz: 7e7c1b97e79859d7bc38a3b9022ddc461ed0d9a91d275255f1f2430998ae46a2c591514165d6e21e6e6304b1f032eb8e9bf5f581bdc8e49f0dba43dceb640573
7
+ data.tar.gz: 25745b31c7217ce451cf30833fc180f2416af4cb5842cece2c0e73f543d8a9a021cbd5d03fcef8a2e3e06f29868987dd2fa02723d1fe98e0d22e9460105ad7da
data/lib/cms_scanner/finders/finder/breadth_first_dictionary_attack.rb CHANGED
@@ -6,20 +6,22 @@ module CMSScanner
6
6
  # Module to provide an easy way to perform password attacks
7
7
  module BreadthFirstDictionaryAttack
8
8
  # @param [ Array<CMSScanner::Model::User> ] users
9
- # @param [ Array<String> ] passwords
9
+ # @param [ String ] wordlist_path
10
10
  # @param [ Hash ] opts
11
11
  # @option opts [ Boolean ] :show_progression
12
12
  #
13
13
  # @yield [ CMSScanner::User ] When a valid combination is found
14
14
  #
15
15
  # Due to Typhoeus threads shenanigans, in rare cases the progress-bar might
16
- # be incorrect updated, hence the 'rescue ProgressBar::InvalidProgressError'
16
+ # be incorrectly updated, hence the 'rescue ProgressBar::InvalidProgressError'
17
17
  #
18
18
  # TODO: Make rubocop happy about metrics etc
19
19
  #
20
20
  # rubocop:disable all
21
- def attack(users, passwords, opts = {})
22
- create_progress_bar(total: users.size * passwords.size, show_progression: opts[:show_progression])
21
+ def attack(users, wordlist_path, opts = {})
22
+ wordlist = File.open(wordlist_path)
23
+
24
+ create_progress_bar(total: users.size * wordlist.count, show_progression: opts[:show_progression])
23
25
 
24
26
  queue_count = 0
25
27
  # Keep the number of requests sent for each users
@@ -28,7 +30,8 @@ module CMSScanner
28
30
 
29
31
  users.each { |u| user_requests_count[u.username] = 0 }
30
32
 
31
- passwords.each do |password|
33
+ File.foreach(wordlist) do |password|
34
+ password.chomp!
32
35
  remaining_users = users.select { |u| u.password.nil? }
33
36
 
34
37
  break if remaining_users.empty?
@@ -47,7 +50,7 @@ module CMSScanner
47
50
  user.password = password
48
51
 
49
52
  begin
50
- progress_bar.total -= passwords.size - user_requests_count[user.username]
53
+ progress_bar.total -= wordlist.count - user_requests_count[user.username]
51
54
  rescue ProgressBar::InvalidProgressError
52
55
  end
53
56
 
data/lib/cms_scanner/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  # Version
4
4
  module CMSScanner
5
- VERSION = '0.11.0'
5
+ VERSION = '0.12.0'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.0
4
+ version: 0.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-15 00:00:00.000000000 Z
11
+ date: 2020-07-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: get_process_mem