cms_scanner 0.0.19 → 0.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/app/controllers.rb +1 -1
- data/app/controllers/{interesting_files.rb → interesting_findings.rb} +6 -6
- data/app/finders.rb +1 -1
- data/app/finders/interesting_findings.rb +23 -0
- data/app/finders/{interesting_files → interesting_findings}/fantastico_fileslist.rb +3 -3
- data/app/finders/{interesting_files → interesting_findings}/headers.rb +2 -2
- data/app/finders/{interesting_files → interesting_findings}/robots_txt.rb +2 -2
- data/app/finders/{interesting_files → interesting_findings}/search_replace_db_2.rb +5 -5
- data/app/finders/{interesting_files → interesting_findings}/xml_rpc.rb +1 -1
- data/app/models.rb +1 -1
- data/app/models/fantastico_fileslist.rb +1 -1
- data/app/models/headers.rb +2 -2
- data/app/models/{interesting_file.rb → interesting_finding.rb} +12 -5
- data/app/models/robots_txt.rb +1 -1
- data/app/models/xml_rpc.rb +1 -1
- data/app/views/cli/{interesting_files → interesting_findings}/_array.erb +0 -0
- data/app/views/cli/{interesting_files → interesting_findings}/findings.erb +4 -2
- data/app/views/json/{interesting_files → interesting_findings}/findings.erb +1 -1
- data/lib/cms_scanner/browser.rb +3 -3
- data/lib/cms_scanner/finders/finding.rb +4 -6
- data/lib/cms_scanner/target.rb +2 -2
- data/lib/cms_scanner/target/platform/php.rb +23 -3
- data/lib/cms_scanner/version.rb +1 -1
- metadata +14 -15
- data/app/finders/interesting_files.rb +0 -23
- data/lib/cms_scanner/finders/confidence.rb +0 -81
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5dff32b05d6da49f0ad5697263e3a1e0a3d011a7
|
4
|
+
data.tar.gz: 5373a9c0a91523b45287aa577f07ce53a59fd59e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a8c5b0c833ac6514ab85a5a1c5d00a7932eb41c33ad44bfcba544935b84c7405771b06b8ec833d3b211317af4412515db9b075cc88f17a56adcb1a64b2907ed5
|
7
|
+
data.tar.gz: 1a568813897294b4958f5f3f23ce245b64fa5322698a353bf5504bf599f8ef02a90c5a96dcf52b53dce0e3ccd7acc3225a9feae590cbc6f7b1c7bee41c4f6ba4
|
data/app/controllers.rb
CHANGED
@@ -1,2 +1,2 @@
|
|
1
1
|
require_relative 'controllers/core'
|
2
|
-
require_relative 'controllers/
|
2
|
+
require_relative 'controllers/interesting_findings'
|
@@ -1,12 +1,12 @@
|
|
1
1
|
module CMSScanner
|
2
2
|
module Controller
|
3
|
-
#
|
4
|
-
class
|
3
|
+
# InterestingFindings Controller
|
4
|
+
class InterestingFindings < Base
|
5
5
|
def cli_options
|
6
6
|
[
|
7
7
|
OptChoice.new(
|
8
|
-
['--interesting-
|
9
|
-
'Use the supplied mode for the interesting
|
8
|
+
['--interesting-findings-detection MODE',
|
9
|
+
'Use the supplied mode for the interesting findings detection. ' \
|
10
10
|
'Modes: mixed, passive, aggressive'
|
11
11
|
],
|
12
12
|
choices: %w(mixed passive aggressive),
|
@@ -15,8 +15,8 @@ module CMSScanner
|
|
15
15
|
end
|
16
16
|
|
17
17
|
def run
|
18
|
-
mode
|
19
|
-
findings = target.
|
18
|
+
mode = parsed_options[:interesting_findings_detection] || parsed_options[:detection_mode]
|
19
|
+
findings = target.interesting_findings(mode: mode)
|
20
20
|
|
21
21
|
output('findings', findings: findings) unless findings.empty?
|
22
22
|
end
|
data/app/finders.rb
CHANGED
@@ -1 +1 @@
|
|
1
|
-
require_relative 'finders/
|
1
|
+
require_relative 'finders/interesting_findings'
|
@@ -0,0 +1,23 @@
|
|
1
|
+
require_relative 'interesting_findings/headers'
|
2
|
+
require_relative 'interesting_findings/robots_txt'
|
3
|
+
require_relative 'interesting_findings/fantastico_fileslist'
|
4
|
+
require_relative 'interesting_findings/search_replace_db_2'
|
5
|
+
require_relative 'interesting_findings/xml_rpc'
|
6
|
+
|
7
|
+
module CMSScanner
|
8
|
+
module Finders
|
9
|
+
module InterestingFindings
|
10
|
+
# Interesting Files Finder
|
11
|
+
class Base
|
12
|
+
include IndependentFinder
|
13
|
+
|
14
|
+
# @param [ CMSScanner::Target ] target
|
15
|
+
def initialize(target)
|
16
|
+
%w(Headers RobotsTxt FantasticoFileslist SearchReplaceDB2 XMLRPC).each do |f|
|
17
|
+
finders << NS::Finders::InterestingFindings.const_get(f).new(target)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
module CMSScanner
|
2
2
|
module Finders
|
3
|
-
module
|
3
|
+
module InterestingFindings
|
4
4
|
# FantasticoFileslist finder
|
5
5
|
class FantasticoFileslist < Finder
|
6
6
|
# @return [ String ] The url of the fantastico_fileslist.txt file
|
@@ -8,14 +8,14 @@ module CMSScanner
|
|
8
8
|
target.url('fantastico_fileslist.txt')
|
9
9
|
end
|
10
10
|
|
11
|
-
# @return [
|
11
|
+
# @return [ InterestingFinding ]
|
12
12
|
def aggressive(_opts = {})
|
13
13
|
res = NS::Browser.get(url)
|
14
14
|
|
15
15
|
return unless res && res.code == 200 && res.body.length > 0
|
16
16
|
return unless res.headers && res.headers['Content-Type'] =~ /\Atext\/plain/
|
17
17
|
|
18
|
-
NS::FantasticoFileslist.new(url, confidence:
|
18
|
+
NS::FantasticoFileslist.new(url, confidence: 70, found_by: found_by)
|
19
19
|
end
|
20
20
|
end
|
21
21
|
end
|
@@ -1,9 +1,9 @@
|
|
1
1
|
module CMSScanner
|
2
2
|
module Finders
|
3
|
-
module
|
3
|
+
module InterestingFindings
|
4
4
|
# Interesting Headers finder
|
5
5
|
class Headers < Finder
|
6
|
-
# @return [
|
6
|
+
# @return [ InterestingFinding ]
|
7
7
|
def passive(_opts = {})
|
8
8
|
r = NS::Headers.new(target.url, confidence: 100, found_by: found_by)
|
9
9
|
|
@@ -1,6 +1,6 @@
|
|
1
1
|
module CMSScanner
|
2
2
|
module Finders
|
3
|
-
module
|
3
|
+
module InterestingFindings
|
4
4
|
# Robots.txt finder
|
5
5
|
class RobotsTxt < Finder
|
6
6
|
# @return [ String ] The url of the robots.txt file
|
@@ -8,7 +8,7 @@ module CMSScanner
|
|
8
8
|
target.url('robots.txt')
|
9
9
|
end
|
10
10
|
|
11
|
-
# @return [
|
11
|
+
# @return [ InterestingFinding ]
|
12
12
|
def aggressive(_opts = {})
|
13
13
|
res = NS::Browser.get(url)
|
14
14
|
|
@@ -1,6 +1,6 @@
|
|
1
1
|
module CMSScanner
|
2
2
|
module Finders
|
3
|
-
module
|
3
|
+
module InterestingFindings
|
4
4
|
# SearchReplaceDB2 finder
|
5
5
|
class SearchReplaceDB2 < Finder
|
6
6
|
# @return [ String ] The url to the searchreplacedb2 PHP file
|
@@ -8,15 +8,15 @@ module CMSScanner
|
|
8
8
|
target.url('searchreplacedb2.php')
|
9
9
|
end
|
10
10
|
|
11
|
-
# @return [
|
11
|
+
# @return [ InterestingFinding ]
|
12
12
|
def aggressive(_opts = {})
|
13
13
|
res = NS::Browser.get(url)
|
14
14
|
|
15
15
|
return unless res && res.code == 200 && res.body =~ /by interconnect/i
|
16
16
|
|
17
|
-
NS::
|
18
|
-
|
19
|
-
|
17
|
+
NS::InterestingFinding.new(url, confidence: 100,
|
18
|
+
found_by: found_by,
|
19
|
+
references: references)
|
20
20
|
end
|
21
21
|
|
22
22
|
def references
|
data/app/models.rb
CHANGED
data/app/models/headers.rb
CHANGED
@@ -1,12 +1,19 @@
|
|
1
1
|
module CMSScanner
|
2
|
-
# Interesting
|
3
|
-
class
|
2
|
+
# Interesting Finding
|
3
|
+
class InterestingFinding
|
4
4
|
include NS::Finders::Finding
|
5
5
|
|
6
6
|
attr_reader :url
|
7
|
+
attr_writer :to_s
|
7
8
|
|
9
|
+
# @param [ String ] url
|
10
|
+
# @param [ Hash ] opts
|
11
|
+
# :to_s (override the to_s method)
|
12
|
+
# See Finders::Finding for other available options
|
8
13
|
def initialize(url, opts = {})
|
9
|
-
@url
|
14
|
+
@url = url
|
15
|
+
@to_s = opts[:to_s]
|
16
|
+
|
10
17
|
parse_finding_options(opts)
|
11
18
|
end
|
12
19
|
|
@@ -20,12 +27,12 @@ module CMSScanner
|
|
20
27
|
end
|
21
28
|
|
22
29
|
def to_s
|
23
|
-
url
|
30
|
+
@to_s || url
|
24
31
|
end
|
25
32
|
|
26
33
|
def ==(other)
|
27
34
|
return false unless self.class == other.class
|
28
|
-
|
35
|
+
to_s == other.to_s
|
29
36
|
end
|
30
37
|
end
|
31
38
|
end
|
data/app/models/robots_txt.rb
CHANGED
data/app/models/xml_rpc.rb
CHANGED
File without changes
|
@@ -1,7 +1,8 @@
|
|
1
|
-
|
1
|
+
<% unless @findings.empty? -%>
|
2
|
+
Interesting Finding(s):
|
2
3
|
<% @findings.each do |finding| -%>
|
3
4
|
|
4
|
-
<%= green('[+]') %> <%= finding
|
5
|
+
<%= green('[+]') %> <%= finding %>
|
5
6
|
<% if finding.confidence > 0 -%>
|
6
7
|
| Confidence: <%= finding.confidence %>%
|
7
8
|
<% end -%>
|
@@ -18,4 +19,5 @@ Interesting Findings: <%= @findings.size %>
|
|
18
19
|
<% end -%>
|
19
20
|
<%= render('_array', a: finding.references, s: 'Reference', p: 'References') -%>
|
20
21
|
<%= render('_array', a: finding.interesting_entries, s: 'Interesting Entry', p: 'Interesting Entries') -%>
|
22
|
+
<% end -%>
|
21
23
|
<% end %>
|
data/lib/cms_scanner/browser.rb
CHANGED
@@ -37,9 +37,9 @@ module CMSScanner
|
|
37
37
|
# @return [ Hash ]
|
38
38
|
def default_request_params
|
39
39
|
params = {
|
40
|
-
ssl_verifypeer: false, # Disable SSL-Certificate checks
|
41
|
-
|
42
|
-
|
40
|
+
ssl_verifypeer: false, ssl_verifyhost: 2, # Disable SSL-Certificate checks
|
41
|
+
headers: { 'User-Agent' => user_agent },
|
42
|
+
method: :get
|
43
43
|
}
|
44
44
|
|
45
45
|
{ connecttimeout: :connect_timeout, cache_ttl: :cache_ttl,
|
@@ -1,5 +1,3 @@
|
|
1
|
-
require 'cms_scanner/finders/confidence'
|
2
|
-
|
3
1
|
module CMSScanner
|
4
2
|
module Finders
|
5
3
|
# Finding
|
@@ -24,14 +22,14 @@ module CMSScanner
|
|
24
22
|
@interesting_entries ||= []
|
25
23
|
end
|
26
24
|
|
27
|
-
# @return [
|
25
|
+
# @return [ Integer ]
|
28
26
|
def confidence
|
29
|
-
@confidence ||=
|
27
|
+
@confidence ||= 0
|
30
28
|
end
|
31
29
|
|
32
|
-
# @param [ Integer
|
30
|
+
# @param [ Integer ] value
|
33
31
|
def confidence=(value)
|
34
|
-
@confidence = value
|
32
|
+
@confidence = value >= 100 ? 100 : value
|
35
33
|
end
|
36
34
|
|
37
35
|
# @param [ Hash ] opts
|
data/lib/cms_scanner/target.rb
CHANGED
@@ -22,8 +22,8 @@ module CMSScanner
|
|
22
22
|
# @param [ Hash ] opts
|
23
23
|
#
|
24
24
|
# @return [ Findings ]
|
25
|
-
def
|
26
|
-
@
|
25
|
+
def interesting_findings(opts = {})
|
26
|
+
@interesting_findings ||= NS::Finders::InterestingFindings::Base.find(self, opts)
|
27
27
|
end
|
28
28
|
|
29
29
|
# @param [ Regexp ] pattern
|
@@ -5,15 +5,35 @@ module CMSScanner
|
|
5
5
|
module PHP
|
6
6
|
DEBUG_LOG_PATTERN = /\[[^\]]+\] PHP (?:Warning|Error|Notice):/
|
7
7
|
FPD_PATTERN = /Fatal error:.+? in (.+?) on/
|
8
|
+
ERROR_LOG_PATTERN = /PHP Fatal error/i
|
8
9
|
|
9
10
|
# @param [ String ] path
|
11
|
+
# @param [ Regexp ] pattern
|
10
12
|
# @param [ Hash ] params The request params
|
11
13
|
#
|
12
|
-
# @return [ Boolean ]
|
13
|
-
def
|
14
|
+
# @return [ Boolean ]
|
15
|
+
def log_file?(path, pattern, params = {})
|
16
|
+
# Only the first 700 bytes of the file are retrieved to avoid getting enture log file
|
17
|
+
# which can be huge (~ 2Go)
|
14
18
|
res = NS::Browser.get(url(path), params.merge(headers: { 'range' => 'bytes=0-700' }))
|
15
19
|
|
16
|
-
res.body =~
|
20
|
+
res.body =~ pattern ? true : false
|
21
|
+
end
|
22
|
+
|
23
|
+
# @param [ String ] path
|
24
|
+
# @param [ Hash ] params The request params
|
25
|
+
#
|
26
|
+
# @return [ Boolean ] true if url(path) is a debug log, false otherwise
|
27
|
+
def debug_log?(path, params = {})
|
28
|
+
log_file?(path, DEBUG_LOG_PATTERN, params)
|
29
|
+
end
|
30
|
+
|
31
|
+
# @param [ String ] path
|
32
|
+
# @param [ Hash ] params The request params
|
33
|
+
#
|
34
|
+
# @return [ Boolean ] Wether or not url(path) is an error log file
|
35
|
+
def error_log?(path, params = {})
|
36
|
+
log_file?(path, ERROR_LOG_PATTERN, params)
|
17
37
|
end
|
18
38
|
|
19
39
|
# @param [ String ] path
|
data/lib/cms_scanner/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cms_scanner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.20
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- WPScanTeam - Erwan Le Rousseau
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2015-03-
|
11
|
+
date: 2015-03-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: opt_parse_validator
|
@@ -219,14 +219,14 @@ files:
|
|
219
219
|
- app/controllers.rb
|
220
220
|
- app/controllers/core.rb
|
221
221
|
- app/controllers/core/cli_options.rb
|
222
|
-
- app/controllers/
|
222
|
+
- app/controllers/interesting_findings.rb
|
223
223
|
- app/finders.rb
|
224
|
-
- app/finders/
|
225
|
-
- app/finders/
|
226
|
-
- app/finders/
|
227
|
-
- app/finders/
|
228
|
-
- app/finders/
|
229
|
-
- app/finders/
|
224
|
+
- app/finders/interesting_findings.rb
|
225
|
+
- app/finders/interesting_findings/fantastico_fileslist.rb
|
226
|
+
- app/finders/interesting_findings/headers.rb
|
227
|
+
- app/finders/interesting_findings/robots_txt.rb
|
228
|
+
- app/finders/interesting_findings/search_replace_db_2.rb
|
229
|
+
- app/finders/interesting_findings/xml_rpc.rb
|
230
230
|
- app/formatters.rb
|
231
231
|
- app/formatters/cli.rb
|
232
232
|
- app/formatters/cli_no_colour.rb
|
@@ -234,19 +234,19 @@ files:
|
|
234
234
|
- app/models.rb
|
235
235
|
- app/models/fantastico_fileslist.rb
|
236
236
|
- app/models/headers.rb
|
237
|
-
- app/models/
|
237
|
+
- app/models/interesting_finding.rb
|
238
238
|
- app/models/robots_txt.rb
|
239
239
|
- app/models/version.rb
|
240
240
|
- app/models/xml_rpc.rb
|
241
241
|
- app/views/cli/core/banner.erb
|
242
242
|
- app/views/cli/core/finished.erb
|
243
243
|
- app/views/cli/core/started.erb
|
244
|
-
- app/views/cli/
|
245
|
-
- app/views/cli/
|
244
|
+
- app/views/cli/interesting_findings/_array.erb
|
245
|
+
- app/views/cli/interesting_findings/findings.erb
|
246
246
|
- app/views/cli/scan_aborted.erb
|
247
247
|
- app/views/json/core/finished.erb
|
248
248
|
- app/views/json/core/started.erb
|
249
|
-
- app/views/json/
|
249
|
+
- app/views/json/interesting_findings/findings.erb
|
250
250
|
- app/views/json/scan_aborted.erb
|
251
251
|
- cms_scanner.gemspec
|
252
252
|
- lib/cms_scanner.rb
|
@@ -259,7 +259,6 @@ files:
|
|
259
259
|
- lib/cms_scanner/controllers.rb
|
260
260
|
- lib/cms_scanner/errors/auth_errors.rb
|
261
261
|
- lib/cms_scanner/finders.rb
|
262
|
-
- lib/cms_scanner/finders/confidence.rb
|
263
262
|
- lib/cms_scanner/finders/finder.rb
|
264
263
|
- lib/cms_scanner/finders/finder/enumerator.rb
|
265
264
|
- lib/cms_scanner/finders/finder/fingerprinter.rb
|
@@ -312,7 +311,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
312
311
|
version: '0'
|
313
312
|
requirements: []
|
314
313
|
rubyforge_project:
|
315
|
-
rubygems_version: 2.4.
|
314
|
+
rubygems_version: 2.4.6
|
316
315
|
signing_key:
|
317
316
|
specification_version: 4
|
318
317
|
summary: Experimental CMSScanner
|
@@ -1,23 +0,0 @@
|
|
1
|
-
require_relative 'interesting_files/headers'
|
2
|
-
require_relative 'interesting_files/robots_txt'
|
3
|
-
require_relative 'interesting_files/fantastico_fileslist'
|
4
|
-
require_relative 'interesting_files/search_replace_db_2'
|
5
|
-
require_relative 'interesting_files/xml_rpc'
|
6
|
-
|
7
|
-
module CMSScanner
|
8
|
-
module Finders
|
9
|
-
module InterestingFiles
|
10
|
-
# Interesting Files Finder
|
11
|
-
class Base
|
12
|
-
include IndependentFinder
|
13
|
-
|
14
|
-
# @param [ CMSScanner::Target ] target
|
15
|
-
def initialize(target)
|
16
|
-
%w(Headers RobotsTxt FantasticoFileslist SearchReplaceDB2 XMLRPC).each do |f|
|
17
|
-
finders << NS.const_get("Finders::InterestingFiles::#{f}").new(target)
|
18
|
-
end
|
19
|
-
end
|
20
|
-
end
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
@@ -1,81 +0,0 @@
|
|
1
|
-
module CMSScanner
|
2
|
-
module Finders
|
3
|
-
# Confidence
|
4
|
-
class Confidence < Numeric
|
5
|
-
attr_reader :value
|
6
|
-
|
7
|
-
def initialize(value)
|
8
|
-
@value = value
|
9
|
-
end
|
10
|
-
|
11
|
-
# @param [ Integer, Confidence ] other
|
12
|
-
#
|
13
|
-
# TODO: rework the formula which is weak when the value to add is < the current confidence
|
14
|
-
# e.g: 90 + 50 + 30 => 82
|
15
|
-
#
|
16
|
-
# @return [ Confidence ] A new Confidence
|
17
|
-
def +(other)
|
18
|
-
return Confidence.new(100) if @value == 100
|
19
|
-
|
20
|
-
to_add = other_value(other)
|
21
|
-
new_value = (@value + to_add) / 1.5
|
22
|
-
new_value = 100 if new_value > 100 || to_add == 100
|
23
|
-
|
24
|
-
Confidence.new(new_value.floor)
|
25
|
-
end
|
26
|
-
|
27
|
-
#
|
28
|
-
## Convenient Methods
|
29
|
-
#
|
30
|
-
#:nocov:
|
31
|
-
def to_s
|
32
|
-
@value.to_s
|
33
|
-
end
|
34
|
-
|
35
|
-
def to_json
|
36
|
-
@value.to_json
|
37
|
-
end
|
38
|
-
|
39
|
-
# @param [ Integer, Confidence ] other
|
40
|
-
def other_value(other)
|
41
|
-
other.is_a?(Confidence) ? other.value : other
|
42
|
-
end
|
43
|
-
|
44
|
-
# @param [ Integer, Confidence ] other
|
45
|
-
def ==(other)
|
46
|
-
@value == other_value(other)
|
47
|
-
end
|
48
|
-
|
49
|
-
# @param [ Integer, Confidence ] other
|
50
|
-
def eql?(other)
|
51
|
-
@value.eql?(other_value(other))
|
52
|
-
end
|
53
|
-
|
54
|
-
# @param [ Integer, Confidence ] other
|
55
|
-
def <(other)
|
56
|
-
@value < other_value(other)
|
57
|
-
end
|
58
|
-
|
59
|
-
# @param [ Integer, Confidence ] other
|
60
|
-
def <=(other)
|
61
|
-
@value <= other_value(other)
|
62
|
-
end
|
63
|
-
|
64
|
-
# @param [ Integer, Confidence ] other
|
65
|
-
def >(other)
|
66
|
-
@value > other_value(other)
|
67
|
-
end
|
68
|
-
|
69
|
-
# @param [ Integer, Confidence ] other
|
70
|
-
def >=(other)
|
71
|
-
@value >= other_value(other)
|
72
|
-
end
|
73
|
-
|
74
|
-
# @param [ Integer, Confidence ] other
|
75
|
-
def <=>(other)
|
76
|
-
@value <=> other_value(other)
|
77
|
-
end
|
78
|
-
#:nocov:
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|