cms_scanner 0.8.3 → 0.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/app/app.rb +1 -0
  3. data/app/finders/interesting_findings/search_replace_db_2.rb +1 -8
  4. data/app/finders/interesting_findings/xml_rpc.rb +2 -5
  5. data/app/models/fantastico_fileslist.rb +1 -1
  6. data/app/models/headers.rb +5 -0
  7. data/app/models/search_replace_db_2.rb +12 -0
  8. data/app/models/xml_rpc.rb +5 -0
  9. data/lib/cms_scanner/version.rb +1 -1
  10. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b0a2707a21eacc11f9dc36d247381b7a9a73ddfc77ec08b5d305f521552ee10c
4
- data.tar.gz: 99dc62f737fc9291e0d629f6bcd4a3a65e924584f6777f553295674c3e36b975
3
+ metadata.gz: d2ba75baf0bd8f3ee38106845a617e3b82b15550d2fe389bdd8caa9e01e4ed74
4
+ data.tar.gz: a61488048c346fdd6f484a34b1a75b38cc8cf996c7053830c0aa9bae2d849dff
5
5
  SHA512:
6
- metadata.gz: 433cd9161c29f4952885f2cf235f6782afa300e76ae3983e880cd2d6596ebe65138125956b158c05a4b7c6b651ecfec5db23b4d9913d1aca1b25dc83243a804b
7
- data.tar.gz: b375a54eeee615791e94d9603333b27bfb94b72ff645cb3b07f449bf9d5c42f213848da7c2d13bf9e3854bf81b20be840f065fce10ed8995aa2b32126486f497
6
+ metadata.gz: 9786135ac1b578a2fdf8ce4413840c719c6e335238343e6f1b7141877bc4d57702259c8feeaecf91640d5af47e66c2a914486ee7afb836f1bf2ab162283dda18
7
+ data.tar.gz: 178999de4b3de5da6c01dfad1ba48e79e8757b3401742184e8cc871423907522c0e6cbcda8006635f6370651521e0a21b29c29677d9ceb8bbb39ebad9df86e55
data/app/app.rb CHANGED
@@ -14,6 +14,7 @@ require_relative 'controllers/interesting_findings'
14
14
  require_relative 'models/interesting_finding'
15
15
  require_relative 'models/robots_txt'
16
16
  require_relative 'models/fantastico_fileslist'
17
+ require_relative 'models/search_replace_db_2'
17
18
  require_relative 'models/headers'
18
19
  require_relative 'models/xml_rpc'
19
20
  require_relative 'models/version'
data/app/finders/interesting_findings/search_replace_db_2.rb CHANGED
@@ -11,14 +11,7 @@ module CMSScanner
11
11
 
12
12
  return unless /by interconnect/i.match?(target.head_and_get(path).body)
13
13
 
14
- NS::Model::InterestingFinding.new(target.url(path),
15
- confidence: 100,
16
- found_by: found_by,
17
- references: references)
18
- end
19
-
20
- def references
21
- { url: 'https://interconnectit.com/products/search-and-replace-for-wordpress-databases/' }
14
+ NS::Model::SearchReplaceDB2.new(target.url(path), confidence: 100, found_by: found_by)
22
15
  end
23
16
  end
24
17
  end
data/app/finders/interesting_findings/xml_rpc.rb CHANGED
@@ -35,8 +35,7 @@ module CMSScanner
35
35
 
36
36
  potential_urls << url
37
37
 
38
- return NS::Model::XMLRPC.new(url, confidence: 30,
39
- found_by: 'Link Tag (Passive Detection)')
38
+ return NS::Model::XMLRPC.new(url, confidence: 30, found_by: 'Link Tag (Passive Detection)')
40
39
  end
41
40
  nil
42
41
  end
@@ -52,9 +51,7 @@ module CMSScanner
52
51
 
53
52
  next unless /<methodResponse>/i.match?(res&.body)
54
53
 
55
- return NS::Model::XMLRPC.new(potential_url,
56
- confidence: 100,
57
- found_by: DIRECT_ACCESS)
54
+ return NS::Model::XMLRPC.new(potential_url, confidence: 100, found_by: DIRECT_ACCESS)
58
55
  end
59
56
  nil
60
57
  end
data/app/models/fantastico_fileslist.rb CHANGED
@@ -17,7 +17,7 @@ module CMSScanner
17
17
  end
18
18
 
19
19
  def references
20
- { url: ['http://www.acunetix.com/vulnerabilities/fantastico-fileslist/'] }
20
+ @references ||= { url: ['http://www.acunetix.com/vulnerabilities/fantastico-fileslist/'] }
21
21
  end
22
22
  end
23
23
  end
data/app/models/headers.rb CHANGED
@@ -34,6 +34,11 @@ module CMSScanner
34
34
  x-webkit-csp x-xss-protection
35
35
  ]
36
36
  end
37
+
38
+ # @return [ String ]
39
+ def to_s
40
+ @to_s ||= 'Headers'
41
+ end
37
42
  end
38
43
  end
39
44
  end
data/app/models/search_replace_db_2.rb ADDED
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+
3
+ module CMSScanner
4
+ module Model
5
+ # SearchReplaceDB2
6
+ class SearchReplaceDB2 < InterestingFinding
7
+ def references
8
+ @references ||= { url: ['https://interconnectit.com/products/search-and-replace-for-wordpress-databases/'] }
9
+ end
10
+ end
11
+ end
12
+ end
data/app/models/xml_rpc.rb CHANGED
@@ -4,6 +4,11 @@ module CMSScanner
4
4
  module Model
5
5
  # XML RPC
6
6
  class XMLRPC < InterestingFinding
7
+ # @return [ String ]
8
+ def to_s
9
+ @to_s ||= "XML-RPC seems to be enabled: #{url}"
10
+ end
11
+
7
12
  # @return [ Browser ]
8
13
  def browser
9
14
  @browser ||= NS::Browser.instance
data/lib/cms_scanner/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  # Version
4
4
  module CMSScanner
5
- VERSION = '0.8.3'
5
+ VERSION = '0.8.4'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.3
4
+ version: 0.8.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-29 00:00:00.000000000 Z
11
+ date: 2020-03-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: get_process_mem
@@ -289,6 +289,7 @@ files:
289
289
  - app/models/headers.rb
290
290
  - app/models/interesting_finding.rb
291
291
  - app/models/robots_txt.rb
292
+ - app/models/search_replace_db_2.rb
292
293
  - app/models/user.rb
293
294
  - app/models/version.rb
294
295
  - app/models/xml_rpc.rb