cms_scanner 0.8.3 → 0.8.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/app/app.rb +1 -0
  3. data/app/finders/interesting_findings/search_replace_db_2.rb +1 -8
  4. data/app/finders/interesting_findings/xml_rpc.rb +2 -5
  5. data/app/models/fantastico_fileslist.rb +1 -1
  6. data/app/models/headers.rb +5 -0
  7. data/app/models/search_replace_db_2.rb +12 -0
  8. data/app/models/xml_rpc.rb +5 -0
  9. data/lib/cms_scanner/version.rb +1 -1
  10. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b0a2707a21eacc11f9dc36d247381b7a9a73ddfc77ec08b5d305f521552ee10c
4
- data.tar.gz: 99dc62f737fc9291e0d629f6bcd4a3a65e924584f6777f553295674c3e36b975
3
+ metadata.gz: d2ba75baf0bd8f3ee38106845a617e3b82b15550d2fe389bdd8caa9e01e4ed74
4
+ data.tar.gz: a61488048c346fdd6f484a34b1a75b38cc8cf996c7053830c0aa9bae2d849dff
5
5
  SHA512:
6
- metadata.gz: 433cd9161c29f4952885f2cf235f6782afa300e76ae3983e880cd2d6596ebe65138125956b158c05a4b7c6b651ecfec5db23b4d9913d1aca1b25dc83243a804b
7
- data.tar.gz: b375a54eeee615791e94d9603333b27bfb94b72ff645cb3b07f449bf9d5c42f213848da7c2d13bf9e3854bf81b20be840f065fce10ed8995aa2b32126486f497
6
+ metadata.gz: 9786135ac1b578a2fdf8ce4413840c719c6e335238343e6f1b7141877bc4d57702259c8feeaecf91640d5af47e66c2a914486ee7afb836f1bf2ab162283dda18
7
+ data.tar.gz: 178999de4b3de5da6c01dfad1ba48e79e8757b3401742184e8cc871423907522c0e6cbcda8006635f6370651521e0a21b29c29677d9ceb8bbb39ebad9df86e55
data/app/app.rb CHANGED
@@ -14,6 +14,7 @@ require_relative 'controllers/interesting_findings'
14
14
  require_relative 'models/interesting_finding'
15
15
  require_relative 'models/robots_txt'
16
16
  require_relative 'models/fantastico_fileslist'
17
+ require_relative 'models/search_replace_db_2'
17
18
  require_relative 'models/headers'
18
19
  require_relative 'models/xml_rpc'
19
20
  require_relative 'models/version'
data/app/finders/interesting_findings/search_replace_db_2.rb CHANGED
@@ -11,14 +11,7 @@ module CMSScanner
11
11
 
12
12
  return unless /by interconnect/i.match?(target.head_and_get(path).body)
13
13
 
14
- NS::Model::InterestingFinding.new(target.url(path),
15
- confidence: 100,
16
- found_by: found_by,
17
- references: references)
18
- end
19
-
20
- def references
21
- { url: 'https://interconnectit.com/products/search-and-replace-for-wordpress-databases/' }
14
+ NS::Model::SearchReplaceDB2.new(target.url(path), confidence: 100, found_by: found_by)
22
15
  end
23
16
  end
24
17
  end
data/app/finders/interesting_findings/xml_rpc.rb CHANGED
@@ -35,8 +35,7 @@ module CMSScanner
35
35
 
36
36
  potential_urls << url
37
37
 
38
- return NS::Model::XMLRPC.new(url, confidence: 30,
39
- found_by: 'Link Tag (Passive Detection)')
38
+ return NS::Model::XMLRPC.new(url, confidence: 30, found_by: 'Link Tag (Passive Detection)')
40
39
  end
41
40
  nil
42
41
  end
@@ -52,9 +51,7 @@ module CMSScanner
52
51
 
53
52
  next unless /<methodResponse>/i.match?(res&.body)
54
53
 
55
- return NS::Model::XMLRPC.new(potential_url,
56
- confidence: 100,
57
- found_by: DIRECT_ACCESS)
54
+ return NS::Model::XMLRPC.new(potential_url, confidence: 100, found_by: DIRECT_ACCESS)
58
55
  end
59
56
  nil
60
57
  end
data/app/models/fantastico_fileslist.rb CHANGED
@@ -17,7 +17,7 @@ module CMSScanner
17
17
  end
18
18
 
19
19
  def references
20
- { url: ['http://www.acunetix.com/vulnerabilities/fantastico-fileslist/'] }
20
+ @references ||= { url: ['http://www.acunetix.com/vulnerabilities/fantastico-fileslist/'] }
21
21
  end
22
22
  end
23
23
  end
data/app/models/headers.rb CHANGED
@@ -34,6 +34,11 @@ module CMSScanner
34
34
  x-webkit-csp x-xss-protection
35
35
  ]
36
36
  end
37
+
38
+ # @return [ String ]
39
+ def to_s
40
+ @to_s ||= 'Headers'
41
+ end
37
42
  end
38
43
  end
39
44
  end
data/app/models/search_replace_db_2.rb ADDED
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CMSScanner
4
+ module Model
5
+ # SearchReplaceDB2
6
+ class SearchReplaceDB2 < InterestingFinding
7
+ def references
8
+ @references ||= { url: ['https://interconnectit.com/products/search-and-replace-for-wordpress-databases/'] }
9
+ end
10
+ end
11
+ end
12
+ end
data/app/models/xml_rpc.rb CHANGED
@@ -4,6 +4,11 @@ module CMSScanner
4
4
  module Model
5
5
  # XML RPC
6
6
  class XMLRPC < InterestingFinding
7
+ # @return [ String ]
8
+ def to_s
9
+ @to_s ||= "XML-RPC seems to be enabled: #{url}"
10
+ end
11
+
7
12
  # @return [ Browser ]
8
13
  def browser
9
14
  @browser ||= NS::Browser.instance
data/lib/cms_scanner/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  # Version
4
4
  module CMSScanner
5
- VERSION = '0.8.3'
5
+ VERSION = '0.8.4'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.3
4
+ version: 0.8.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-29 00:00:00.000000000 Z
11
+ date: 2020-03-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: get_process_mem
@@ -289,6 +289,7 @@ files:
289
289
  - app/models/headers.rb
290
290
  - app/models/interesting_finding.rb
291
291
  - app/models/robots_txt.rb
292
+ - app/models/search_replace_db_2.rb
292
293
  - app/models/user.rb
293
294
  - app/models/version.rb
294
295
  - app/models/xml_rpc.rb