cms_scanner 0.8.6 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '08858e3eacac1be285d1e9ea03238dbe046d1ac90d8aa4c0b0c21951b84e5982'
-  data.tar.gz: ac6edf367a1869b6ecf307f67bdd1963413a81610629c2b93f6fd102aeef76e7
+  metadata.gz: 7a8c1343f1468a7f2c486b3a4e01ab78908a3148463a06f1368e53e748a6c269
+  data.tar.gz: 9613a2df1e556a49a8f6dc9c7e934c2cd35a7aed0fbba4d42c22300901dd6b6b
 SHA512:
-  metadata.gz: 6d8ccbc1b59b469ae4e1e08a29dc8aefc00c5fd76efcba6f5cbc924435211a9914dc1f0d49d20d45c5f132b367690d6094357191a06fa107cd29334092a79e27
-  data.tar.gz: 7b19f895bbb76aef0930a9fbf110e27d1ea3caf809319e6c81f23fc5aa9901582b4d1d4e55936f1944fc9cedf549f63a0b8043ce0f42977020aa697694298c98
+  metadata.gz: 7e7c1b97e79859d7bc38a3b9022ddc461ed0d9a91d275255f1f2430998ae46a2c591514165d6e21e6e6304b1f032eb8e9bf5f581bdc8e49f0dba43dceb640573
+  data.tar.gz: 25745b31c7217ce451cf30833fc180f2416af4cb5842cece2c0e73f543d8a9a021cbd5d03fcef8a2e3e06f29868987dd2fa02723d1fe98e0d22e9460105ad7da

data/app/models/headers.rb

@@ -19,7 +19,7 @@ module CMSScanner
         entries.each do |header, value|
           next if known_headers.include?(header.downcase)
 
-          results << "#{header}: #{[*value].join(', ')}"
+          results << "#{header}: #{Array(value).join(', ')}"
         end
         results
       end

data/lib/cms_scanner/finders/base_finders.rb

@@ -21,14 +21,14 @@ module CMSScanner
 
         return symbols if mode.nil? || mode == :mixed
 
-        symbols.include?(mode) ? [*mode] : []
+        symbols.include?(mode) ? Array(mode) : []
       end
 
       # @param [ CMSScanner::Finders::Finder ] finder
       # @param [ Symbol ] symbol See return values of #symbols_from_mode
       # @param [ Hash ] opts
       def run_finder(finder, symbol, opts)
-        [*finder.send(symbol, opts.merge(found: findings))].compact.each do |found|
+        Array(finder.send(symbol, opts.merge(found: findings))).compact.each do |found|
           findings << found
         end
       end

data/lib/cms_scanner/finders/finder/breadth_first_dictionary_attack.rb

@@ -6,20 +6,22 @@ module CMSScanner
       # Module to provide an easy way to perform password attacks
       module BreadthFirstDictionaryAttack
         # @param [ Array<CMSScanner::Model::User> ] users
-        # @param [ Array<String> ] passwords
+        # @param [ String ] wordlist_path
         # @param [ Hash ] opts
         # @option opts [ Boolean ] :show_progression
         #
         # @yield [ CMSScanner::User ] When a valid combination is found
         #
         # Due to Typhoeus threads shenanigans, in rare cases the progress-bar might
-        # be incorrect updated, hence the 'rescue ProgressBar::InvalidProgressError'
+        # be incorrectly updated, hence the 'rescue ProgressBar::InvalidProgressError'
         #
         # TODO: Make rubocop happy about metrics etc
         #
         # rubocop:disable all
-        def attack(users, passwords, opts = {})
-          create_progress_bar(total: users.size * passwords.size, show_progression: opts[:show_progression])
+        def attack(users, wordlist_path, opts = {})
+          wordlist = File.open(wordlist_path)
+
+          create_progress_bar(total: users.size * wordlist.count, show_progression: opts[:show_progression])
 
           queue_count         = 0
           # Keep the number of requests sent for each users
@@ -28,7 +30,8 @@ module CMSScanner
 
           users.each { |u| user_requests_count[u.username] = 0 }
 
-          passwords.each do |password|
+          File.foreach(wordlist) do |password|
+            password.chomp!
             remaining_users = users.select { |u| u.password.nil? }
 
             break if remaining_users.empty?
@@ -47,7 +50,7 @@ module CMSScanner
                   user.password = password
 
                   begin
-                    progress_bar.total -= passwords.size - user_requests_count[user.username]
+                    progress_bar.total -= wordlist.count - user_requests_count[user.username]
                   rescue ProgressBar::InvalidProgressError
                   end
 
@@ -103,10 +106,12 @@ module CMSScanner
                     'Request timed out.'
                   elsif response.code.zero?
                     "No response from remote server. WAF/IPS? (#{response.return_message})"
-                  elsif /^50/.match?(response.code.to_s)
+                  elsif response.code.to_s.start_with?('50')
                     'Server error, try reducing the number of threads.'
-                  else
+                  elsif NS::ParsedCli.verbose?
                     "Unknown response received Code: #{response.code}\nBody: #{response.body}"
+                  else
+                    "Unknown response received Code: #{response.code}"
                   end
 
           progress_bar.log("Error: #{error}")

data/lib/cms_scanner/finders/finder/enumerator.rb

@@ -55,7 +55,7 @@ module CMSScanner
         # @return [ Typhoeus::Response, nil ]
         def maybe_get_full_response(head_res, opts)
           return head_res unless opts[:check_full_response] == true ||
-                                 [*opts[:check_full_response]].include?(head_res.code)
+                                 Array(opts[:check_full_response]).include?(head_res.code)
 
           full_res = NS::Browser.get(head_res.effective_url, full_request_params)
 

data/lib/cms_scanner/progressbar_null_output.rb

@@ -17,7 +17,7 @@ module CMSScanner
     def log(string = nil)
       return logs if string.nil?
 
-      logs << string
+      logs << string unless logs.include?(string)
     end
   end
 end

data/lib/cms_scanner/references.rb

@@ -9,7 +9,7 @@ module CMSScanner
     module ClassMethods
       # @return [ Array<Symbol> ]
       def references_keys
-        @references_keys ||= %i[cve exploitdb url metasploit packetstorm securityfocus]
+        @references_keys ||= %i[cve exploitdb url metasploit packetstorm securityfocus youtube]
       end
     end
 
@@ -18,7 +18,13 @@ module CMSScanner
       @references = {}
 
       self.class.references_keys.each do |key|
-        @references[key] = [*refs[key]].map(&:to_s) if refs.key?(key)
+        next unless refs.key?(key)
+
+        @references[key] = if key == :youtube
+                             Array(refs[:youtube]).map { |id| youtube_url(id) }
+                           else
+                             Array(refs[key]).map(&:to_s)
+                           end
       end
     end
 
@@ -30,7 +36,7 @@ module CMSScanner
     # @return [ Array<String> ] All the references URLs
     def references_urls
       cve_urls + exploitdb_urls + urls + msf_urls +
-        packetstorm_urls + securityfocus_urls
+        packetstorm_urls + securityfocus_urls + youtube_urls
     end
 
     # @return [ Array<String> ] The CVEs
@@ -112,5 +118,15 @@ module CMSScanner
     def securityfocus_url(id)
       "https://www.securityfocus.com/bid/#{id}/"
     end
+
+    # @return [ Array<String> ]
+    def youtube_urls
+      references[:youtube] || []
+    end
+
+    # @return [ String ]
+    def youtube_url(id)
+      "https://www.youtube.com/watch?v=#{id}"
+    end
   end
 end

data/lib/cms_scanner/target.rb

@@ -18,7 +18,7 @@ module CMSScanner
       super(url, opts)
 
       scope << uri.host
-      [*opts[:scope]].each { |s| scope << s }
+      Array(opts[:scope]).each { |s| scope << s }
     end
 
     # @param [ Hash ] opts

data/lib/cms_scanner/target/platform/php.rb

@@ -5,7 +5,7 @@ module CMSScanner
     module Platform
       # Some PHP specific implementation
       module PHP
-        DEBUG_LOG_PATTERN = /(?:\[\d{2}\-[a-zA-Z]{3}\-\d{4}\s\d{2}\:\d{2}:\d{2}\s[A-Z]{3}\]|
+        DEBUG_LOG_PATTERN = /(?:\[\d{2}-[a-zA-Z]{3}-\d{4}\s\d{2}:\d{2}:\d{2}\s[A-Z]{3}\]|
                               PHP\s(?:Fatal|Warning|Strict|Error|Notice):)/x.freeze
         FPD_PATTERN       = /Fatal error:.+? in (.+?) on/.freeze
         ERROR_LOG_PATTERN = /PHP Fatal error/i.freeze

data/lib/cms_scanner/target/scope.rb

@@ -53,12 +53,12 @@ module CMSScanner
       domains = [uri.host + uri.path]
 
       domains += if scope.domains.empty?
-                   [*scope.invalid_domains[1..-1]]
+                   Array(scope.invalid_domains[1..-1])
                  else
-                   [*scope.domains[1..-1]].map(&:to_s) + scope.invalid_domains
+                   Array(scope.domains[1..-1]).map(&:to_s) + scope.invalid_domains
                  end
 
-      domains.map! { |d| Regexp.escape(d.gsub(%r{/$}, '')).gsub('\*', '.*').gsub('/', '\\\\\?/') }
+      domains.map! { |d| Regexp.escape(d.delete_suffix('/')).gsub('\*', '.*').gsub('/', '\\\\\?/') }
 
       domains[0].gsub!(Regexp.escape(uri.host), Regexp.escape(uri.host) + '(?::\\d+)?') if uri.port
 

data/lib/cms_scanner/target/server/generic.rb

@@ -41,7 +41,7 @@ module CMSScanner
         def directory_listing?(path = nil, params = {})
           res = NS::Browser.get(url(path), params)
 
-          res.code == 200 && res.body =~ /<h1>Index of/ ? true : false
+          res.code == 200 && res.body.include?('<h1>Index of') ? true : false
         end
 
         # @param [ String ] path

data/lib/cms_scanner/version.rb

@@ -2,5 +2,5 @@
 
 # Version
 module CMSScanner
-  VERSION = '0.8.6'
+  VERSION = '0.12.0'
 end

data/lib/cms_scanner/vulnerability.rb

@@ -5,22 +5,27 @@ module CMSScanner
   class Vulnerability
     include References
 
-    attr_reader :title, :type, :fixed_in
+    attr_reader :title, :type, :fixed_in, :cvss
 
     # @param [ String ] title
     # @param [ Hash ] references
-    # @option references [ Array<String>, String ] cve
-    # @option references [ Array<String>, String ] secunia
-    # @option references [ Array<String>, String ] osvdb
-    # @option references [ Array<String>, String ] exploitdb
-    # @option references [ Array<String> ] url URL(s) to related advisories etc
-    # @option references [ Array<String>, String ] metasploit The related metasploit module(s)
+    # @option references [ Array<String>, String ] :cve
+    # @option references [ Array<String>, String ] :secunia
+    # @option references [ Array<String>, String ] :osvdb
+    # @option references [ Array<String>, String ] :exploitdb
+    # @option references [ Array<String> ] :url URL(s) to related advisories etc
+    # @option references [ Array<String>, String ] :metasploit The related metasploit module(s)
+    # @option references [ Array<String> ] :youtube
     # @param [ String ] type
     # @param [ String ] fixed_in
-    def initialize(title, references = {}, type = nil, fixed_in = nil)
+    # @param [ HashSymbol ] cvss
+    # @option cvss [ String ] :score
+    # @option cvss [ String ] :vector
+    def initialize(title, references: {}, type: nil, fixed_in: nil, cvss: nil)
       @title    = title
       @type     = type
       @fixed_in = fixed_in
+      @cvss     = { score: cvss[:score], vector: cvss[:vector] } if cvss
 
       self.references = references
     end
@@ -32,7 +37,8 @@ module CMSScanner
       title == other.title &&
         type == other.type &&
         references == other.references &&
-        fixed_in == other.fixed_in
+        fixed_in == other.fixed_in &&
+        cvss == other.cvss
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cms_scanner
 version: !ruby/object:Gem::Version
-  version: 0.8.6
+  version: 0.12.0
 platform: ruby
 authors:
 - WPScanTeam
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-03-13 00:00:00.000000000 Z
+date: 2020-07-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: get_process_mem
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.8.2
+        version: 1.9.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.8.2
+        version: 1.9.1
 - !ruby/object:Gem::Dependency
   name: public_suffix
   requirement: !ruby/object:Gem::Requirement
@@ -84,16 +84,22 @@ dependencies:
   name: typhoeus
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: '1.3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '1.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.0
+        version: '1.3'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '1.5'
 - !ruby/object:Gem::Dependency
   name: xmlrpc
   requirement: !ruby/object:Gem::Requirement
@@ -198,28 +204,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.80.0
+        version: 0.88.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.80.0
+        version: 0.88.0
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: 1.7.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.5.0
+        version: 1.7.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -374,7 +380,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="