cms_scanner 0.13.3 → 0.13.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/core/cli_options.rb +1 -1
- data/lib/cms_scanner/errors/http.rb +2 -1
- data/lib/cms_scanner/finders/finder/enumerator.rb +1 -1
- data/lib/cms_scanner/formatter.rb +8 -1
- data/lib/cms_scanner/numeric.rb +1 -1
- data/lib/cms_scanner/version.rb +1 -1
- data/lib/cms_scanner/web_site.rb +8 -7
- metadata +43 -17
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4e844a7c12e7e4767678eee8958f7b6c863789f4478553b9260e86dea258c974
|
4
|
+
data.tar.gz: e203a131365c6b7637842c6296918135e3dc97bb6bd8a922214c3629779e622e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4d1f9c65037c59a457dd2fb4370151b0cdc0639d5dcf01d84cfc2fba1b5956ab4761434ee0b85daff31aacf0fd1db0e61c74c34688678a23d72bee7108636ede
|
7
|
+
data.tar.gz: bb9e70348937efab985f82b5baca41e74fdbcfa7620b7fff1ef9f935f8562e8b0d3531bf0a0a2d73aaa1393305999d6bf3b8656f570b2c012d286784c44b40a3
|
@@ -55,7 +55,7 @@ module CMSScanner
|
|
55
55
|
OptPositiveInteger.new(['-t', '--max-threads VALUE', 'The max threads to use'],
|
56
56
|
default: 5),
|
57
57
|
OptPositiveInteger.new(['--throttle MilliSeconds', 'Milliseconds to wait before doing another web request. ' \
|
58
|
-
|
58
|
+
'If used, the max threads will be set to 1.']),
|
59
59
|
OptPositiveInteger.new(['--request-timeout SECONDS', 'The request timeout in seconds'],
|
60
60
|
default: 60),
|
61
61
|
OptPositiveInteger.new(['--connect-timeout SECONDS', 'The connection timeout in seconds'],
|
@@ -64,7 +64,8 @@ module CMSScanner
|
|
64
64
|
|
65
65
|
def to_s
|
66
66
|
"The URL supplied redirects to #{redirect_uri}. Use the --ignore-main-redirect "\
|
67
|
-
|
67
|
+
'option to ignore the redirection and scan the target, or change the --url option ' \
|
68
|
+
'value to the redirected URL.'
|
68
69
|
end
|
69
70
|
end
|
70
71
|
end
|
@@ -62,7 +62,7 @@ module CMSScanner
|
|
62
62
|
return unless valid_response_codes.include?(full_res.code)
|
63
63
|
|
64
64
|
return if target.homepage_or_404?(full_res) ||
|
65
|
-
opts[:exclude_content] && full_res.body&.match(opts[:exclude_content])
|
65
|
+
(opts[:exclude_content] && full_res.body&.match(opts[:exclude_content]))
|
66
66
|
|
67
67
|
full_res
|
68
68
|
end
|
@@ -84,6 +84,8 @@ module CMSScanner
|
|
84
84
|
puts render(tpl, vars, controller_name)
|
85
85
|
end
|
86
86
|
|
87
|
+
ERB_SUPPORTS_KVARGS = ::ERB.instance_method(:initialize).parameters.assoc(:key) # Ruby 2.6+
|
88
|
+
|
87
89
|
# @param [ String ] tpl
|
88
90
|
# @param [ Hash ] vars
|
89
91
|
# @param [ String ] controller_name
|
@@ -93,7 +95,12 @@ module CMSScanner
|
|
93
95
|
|
94
96
|
# '-' is used to disable new lines when -%> is used
|
95
97
|
# See http://www.ruby-doc.org/stdlib-2.1.1/libdoc/erb/rdoc/ERB.html
|
96
|
-
|
98
|
+
# Since ruby 2.6, KVARGS are supported and passing argument is deprecated in ruby 3+
|
99
|
+
if ERB_SUPPORTS_KVARGS
|
100
|
+
ERB.new(File.read(view_path(tpl)), trim_mode: '-').result(binding)
|
101
|
+
else
|
102
|
+
ERB.new(File.read(view_path(tpl)), nil, '-').result(binding)
|
103
|
+
end
|
97
104
|
end
|
98
105
|
|
99
106
|
# @param [ Hash ] vars
|
data/lib/cms_scanner/numeric.rb
CHANGED
@@ -6,7 +6,7 @@ class Numeric
|
|
6
6
|
def bytes_to_human
|
7
7
|
units = %w[B KB MB GB TB]
|
8
8
|
e = abs.zero? ? abs : (Math.log(abs) / Math.log(1024)).floor
|
9
|
-
s = format('%<s>.3f', s: (abs.to_f / 1024**e))
|
9
|
+
s = format('%<s>.3f', s: (abs.to_f / (1024**e)))
|
10
10
|
|
11
11
|
s.sub(/\.?0*$/, " #{units[e]}")
|
12
12
|
end
|
data/lib/cms_scanner/version.rb
CHANGED
data/lib/cms_scanner/web_site.rb
CHANGED
@@ -8,19 +8,20 @@ module CMSScanner
|
|
8
8
|
# @param [ String ] site_url
|
9
9
|
# @param [ Hash ] opts
|
10
10
|
def initialize(site_url, opts = {})
|
11
|
-
self.url =
|
11
|
+
self.url = site_url
|
12
12
|
@opts = opts
|
13
13
|
end
|
14
14
|
|
15
15
|
def url=(site_url)
|
16
|
-
|
17
|
-
# Making also sure the site_url is unfrozen
|
18
|
-
+site_url << '/' if site_url[-1, 1] != '/'
|
16
|
+
new_url = site_url.dup
|
19
17
|
|
20
|
-
#
|
21
|
-
|
18
|
+
# Add a trailing slash to the URL
|
19
|
+
new_url << '/' if new_url[-1, 1] != '/'
|
22
20
|
|
23
|
-
|
21
|
+
# Use the validator to ensure the URL has a correct format
|
22
|
+
OptParseValidator::OptURL.new([]).validate(new_url)
|
23
|
+
|
24
|
+
@uri = Addressable::URI.parse(new_url).normalize
|
24
25
|
end
|
25
26
|
|
26
27
|
# @param [ String ] path Optional path to merge with the uri
|
metadata
CHANGED
@@ -1,15 +1,35 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cms_scanner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.13.
|
4
|
+
version: 0.13.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- WPScanTeam
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-02-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: ethon
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ">="
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0.14'
|
20
|
+
- - "<"
|
21
|
+
- !ruby/object:Gem::Version
|
22
|
+
version: '0.16'
|
23
|
+
type: :runtime
|
24
|
+
prerelease: false
|
25
|
+
version_requirements: !ruby/object:Gem::Requirement
|
26
|
+
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '0.14'
|
30
|
+
- - "<"
|
31
|
+
- !ruby/object:Gem::Version
|
32
|
+
version: '0.16'
|
13
33
|
- !ruby/object:Gem::Dependency
|
14
34
|
name: get_process_mem
|
15
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -28,30 +48,36 @@ dependencies:
|
|
28
48
|
name: nokogiri
|
29
49
|
requirement: !ruby/object:Gem::Requirement
|
30
50
|
requirements:
|
31
|
-
- - "
|
51
|
+
- - ">="
|
32
52
|
- !ruby/object:Gem::Version
|
33
|
-
version: 1.11.
|
53
|
+
version: 1.11.4
|
54
|
+
- - "<"
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: 1.14.0
|
34
57
|
type: :runtime
|
35
58
|
prerelease: false
|
36
59
|
version_requirements: !ruby/object:Gem::Requirement
|
37
60
|
requirements:
|
38
|
-
- - "
|
61
|
+
- - ">="
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: 1.11.4
|
64
|
+
- - "<"
|
39
65
|
- !ruby/object:Gem::Version
|
40
|
-
version: 1.
|
66
|
+
version: 1.14.0
|
41
67
|
- !ruby/object:Gem::Dependency
|
42
68
|
name: opt_parse_validator
|
43
69
|
requirement: !ruby/object:Gem::Requirement
|
44
70
|
requirements:
|
45
71
|
- - "~>"
|
46
72
|
- !ruby/object:Gem::Version
|
47
|
-
version: 1.9.
|
73
|
+
version: 1.9.5
|
48
74
|
type: :runtime
|
49
75
|
prerelease: false
|
50
76
|
version_requirements: !ruby/object:Gem::Requirement
|
51
77
|
requirements:
|
52
78
|
- - "~>"
|
53
79
|
- !ruby/object:Gem::Version
|
54
|
-
version: 1.9.
|
80
|
+
version: 1.9.5
|
55
81
|
- !ruby/object:Gem::Dependency
|
56
82
|
name: public_suffix
|
57
83
|
requirement: !ruby/object:Gem::Requirement
|
@@ -182,14 +208,14 @@ dependencies:
|
|
182
208
|
requirements:
|
183
209
|
- - "~>"
|
184
210
|
- !ruby/object:Gem::Version
|
185
|
-
version: 3.
|
211
|
+
version: 3.11.0
|
186
212
|
type: :development
|
187
213
|
prerelease: false
|
188
214
|
version_requirements: !ruby/object:Gem::Requirement
|
189
215
|
requirements:
|
190
216
|
- - "~>"
|
191
217
|
- !ruby/object:Gem::Version
|
192
|
-
version: 3.
|
218
|
+
version: 3.11.0
|
193
219
|
- !ruby/object:Gem::Dependency
|
194
220
|
name: rspec-its
|
195
221
|
requirement: !ruby/object:Gem::Requirement
|
@@ -210,28 +236,28 @@ dependencies:
|
|
210
236
|
requirements:
|
211
237
|
- - "~>"
|
212
238
|
- !ruby/object:Gem::Version
|
213
|
-
version: 1.
|
239
|
+
version: 1.25.0
|
214
240
|
type: :development
|
215
241
|
prerelease: false
|
216
242
|
version_requirements: !ruby/object:Gem::Requirement
|
217
243
|
requirements:
|
218
244
|
- - "~>"
|
219
245
|
- !ruby/object:Gem::Version
|
220
|
-
version: 1.
|
246
|
+
version: 1.25.0
|
221
247
|
- !ruby/object:Gem::Dependency
|
222
248
|
name: rubocop-performance
|
223
249
|
requirement: !ruby/object:Gem::Requirement
|
224
250
|
requirements:
|
225
251
|
- - "~>"
|
226
252
|
- !ruby/object:Gem::Version
|
227
|
-
version: 1.
|
253
|
+
version: 1.13.0
|
228
254
|
type: :development
|
229
255
|
prerelease: false
|
230
256
|
version_requirements: !ruby/object:Gem::Requirement
|
231
257
|
requirements:
|
232
258
|
- - "~>"
|
233
259
|
- !ruby/object:Gem::Version
|
234
|
-
version: 1.
|
260
|
+
version: 1.13.0
|
235
261
|
- !ruby/object:Gem::Dependency
|
236
262
|
name: simplecov
|
237
263
|
requirement: !ruby/object:Gem::Requirement
|
@@ -266,14 +292,14 @@ dependencies:
|
|
266
292
|
requirements:
|
267
293
|
- - "~>"
|
268
294
|
- !ruby/object:Gem::Version
|
269
|
-
version: 3.
|
295
|
+
version: 3.14.0
|
270
296
|
type: :development
|
271
297
|
prerelease: false
|
272
298
|
version_requirements: !ruby/object:Gem::Requirement
|
273
299
|
requirements:
|
274
300
|
- - "~>"
|
275
301
|
- !ruby/object:Gem::Version
|
276
|
-
version: 3.
|
302
|
+
version: 3.14.0
|
277
303
|
description: Framework to provide an easy way to implement CMS Scanners
|
278
304
|
email:
|
279
305
|
- contact@wpscan.com
|
@@ -393,7 +419,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
393
419
|
- !ruby/object:Gem::Version
|
394
420
|
version: '0'
|
395
421
|
requirements: []
|
396
|
-
rubygems_version: 3.0.3
|
422
|
+
rubygems_version: 3.0.3.1
|
397
423
|
signing_key:
|
398
424
|
specification_version: 4
|
399
425
|
summary: CMS Scanner Framework (experimental)
|