cms_scanner 0.0.23 → 0.0.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: bfb8f0f330cdaf4b47d1459029b4328c7c8a3474
4
- data.tar.gz: c324f2c4c0aa51b6debcba249bedce15b944877a
3
+ metadata.gz: 6ba0eb7b854b3284b9c15c6ccba0e7435510c0e1
4
+ data.tar.gz: 61f20c09a8911a41aaf9140f4efb80d14ef527b3
5
5
  SHA512:
6
- metadata.gz: 3702af56ecf6cb6313a2d1cfc92d3b45e93b7d4713ec66f69bda037e289a70b460836b67357b8e928d9594ade420d7860d3413bb8388b3322ea826ef75995a89
7
- data.tar.gz: 82eccf4f3b8e461ed03a37b12f778b48d1022df5ae590783040335e9d66f673884f986eaf74734258a473a4e16e28b541cae325b532775ddd062d1c0bc9b2b1b
6
+ metadata.gz: 7e2c771210af4df78d1b3a99db98c7f05547d46d17816f64eac932918d7875199bc9ea395babf901636bda4ee610691d7888a12de6e34be931ddc5713a98316c
7
+ data.tar.gz: 2a06183adab57a03f14f699cf2b4d204d4c3fc123bdd509a34f56843edb7e5f8e8d835fcf67d4fdeec52eb36c4c708d9557db21aa01bc9c1ffb900b6c3b0c73c
@@ -32,9 +32,10 @@ module CMSScanner
32
32
  OptCredentials.new(['--http-auth login:password']),
33
33
  OptPositiveInteger.new(['--max-threads VALUE', '-t', 'The max threads to use'],
34
34
  default: 5),
35
- OptPositiveInteger.new(['--request-timeout SECONDS', 'The request timeout in seconds']),
36
- OptPositiveInteger.new(['--connect-timeout SECONDS',
37
- 'The connection timeout in seconds'])
35
+ OptPositiveInteger.new(['--request-timeout SECONDS', 'The request timeout in seconds'],
36
+ default: 60),
37
+ OptPositiveInteger.new(['--connect-timeout SECONDS', 'The connection timeout in seconds'],
38
+ default: 5)
38
39
  ] + cli_browser_proxy_options + cli_browser_cookies_options + cli_browser_cache_options
39
40
  end
40
41
 
@@ -13,7 +13,7 @@ module CMSScanner
13
13
  res = NS::Browser.get(url)
14
14
 
15
15
  return unless res && res.code == 200 && res.body.length > 0
16
- return unless res.headers && res.headers['Content-Type'] =~ /\Atext\/plain/
16
+ return unless res.headers && res.headers['Content-Type'] =~ %r{\Atext/plain}
17
17
 
18
18
  NS::FantasticoFileslist.new(url, confidence: 70, found_by: found_by)
19
19
  end
@@ -21,7 +21,7 @@ module CMSScanner
21
21
  def entries
22
22
  res = NS::Browser.get(url)
23
23
 
24
- return [] unless res && res.headers['Content-Type'] =~ /\Atext\/plain;/i
24
+ return [] unless res && res.headers['Content-Type'] =~ %r{\Atext/plain;}i
25
25
 
26
26
  res.body.split("\n").reject { |s| s.strip.empty? }
27
27
  end
data/cms_scanner.gemspec CHANGED
@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
17
17
  s.license = 'MIT'
18
18
 
19
19
  s.files = `git ls-files -z`.split("\x0").reject do |file|
20
- file =~ /^(?:
20
+ file =~ %r{^(?:
21
21
  spec\/.*
22
22
  |Gemfile
23
23
  |Rakefile
@@ -25,10 +25,10 @@ Gem::Specification.new do |s|
25
25
  |\.gitignore
26
26
  |\.rubocop.yml
27
27
  |\.travis.yml
28
- )$/x
28
+ )$}x
29
29
  end
30
30
  s.test_files = []
31
- s.executables = s.files.grep(/^bin\//) { |f| File.basename(f) }
31
+ s.executables = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
32
32
  s.require_path = 'lib'
33
33
 
34
34
  s.add_dependency 'opt_parse_validator', '~> 0.0.9'
@@ -36,14 +36,14 @@ Gem::Specification.new do |s|
36
36
  s.add_dependency 'nokogiri', '~> 1.6'
37
37
  s.add_dependency 'addressable', '~> 2.3'
38
38
  s.add_dependency 'activesupport', '~> 4.2'
39
- s.add_dependency 'public_suffix', '~> 1.4'
40
- s.add_dependency 'ruby-progressbar', '~> 1.7.1'
39
+ s.add_dependency 'public_suffix', '~> 1.5'
40
+ s.add_dependency 'ruby-progressbar', '~> 1.7'
41
41
 
42
42
  s.add_development_dependency 'rake', '~> 10.4'
43
43
  s.add_development_dependency 'rspec', '~> 3.2'
44
44
  s.add_development_dependency 'rspec-its', '~> 1.2'
45
45
  s.add_development_dependency 'bundler', '~> 1.6'
46
- s.add_development_dependency 'rubocop', '~> 0.29'
47
- s.add_development_dependency 'webmock', '~> 1.20'
46
+ s.add_development_dependency 'rubocop', '~> 0.30'
47
+ s.add_development_dependency 'webmock', '~> 1.21'
48
48
  s.add_development_dependency 'simplecov', '~> 0.9'
49
49
  end
@@ -28,7 +28,7 @@ module CMSScanner
28
28
 
29
29
  each(&:before_scan)
30
30
  each(&:run)
31
- reverse.each(&:after_scan)
31
+ reverse_each(&:after_scan)
32
32
  end
33
33
  end
34
34
  end
@@ -7,8 +7,6 @@ module CMSScanner
7
7
  class SameTypeFinders < IndependentFinders
8
8
  # @param [ Hash ] opts
9
9
  # @option opts [ Symbol ] :mode :mixed, :passive or :aggressive
10
- # @option opts [ Boolean ] :vulnerable Only return vulnerable findings
11
- # (which must respond to :vulnerable?)
12
10
  # @option opts [ Boolean ] :sort Wether or not to sort the findings
13
11
  #
14
12
  # @return [ Findings ]
@@ -21,8 +19,7 @@ module CMSScanner
21
19
  end
22
20
  end
23
21
 
24
- findings.select!(&:vulnerable?) if opts[:vulnerable]
25
- findings.sort! if opts[:sort]
22
+ findings.sort! if opts[:sort]
26
23
 
27
24
  findings
28
25
  end
@@ -11,7 +11,7 @@ module CMSScanner
11
11
  #
12
12
  # @return [ Formatter::Base ]
13
13
  def load(format = nil, custom_views = nil)
14
- format ||= 'cli'
14
+ format ||= 'cli'
15
15
  custom_views ||= []
16
16
 
17
17
  f = const_get(format.gsub(/-/, '_').camelize).new
@@ -113,9 +113,9 @@ module CMSScanner
113
113
  tpl = "#{controller_name}/#{tpl}"
114
114
  end
115
115
 
116
- fail "Wrong tpl format: '#{tpl}'" unless tpl =~ /\A[\w\/_]+\z/
116
+ fail "Wrong tpl format: '#{tpl}'" unless tpl =~ %r{\A[\w/_]+\z}
117
117
 
118
- views_directories.reverse.each do |dir|
118
+ views_directories.reverse_each do |dir|
119
119
  formats.each do |format|
120
120
  potential_file = File.join(dir, format, "#{tpl}.erb")
121
121
 
@@ -36,7 +36,7 @@ module CMSScanner
36
36
  matches = []
37
37
 
38
38
  page.html.xpath('//comment()').each do |node|
39
- next unless node.text.to_s.strip =~ pattern
39
+ next unless node.text.strip =~ pattern
40
40
 
41
41
  yield Regexp.last_match, node if block_given?
42
42
 
@@ -19,7 +19,7 @@ module CMSScanner
19
19
  def directory_listing?(path = nil, params = {})
20
20
  res = NS::Browser.get(url(path), params)
21
21
 
22
- res.code == 200 && res.body =~ /<H1>#{uri.host} - \// ? true : false
22
+ res.code == 200 && res.body =~ %r{<H1>#{uri.host} - /} ? true : false
23
23
  end
24
24
  end
25
25
  end
@@ -3,7 +3,7 @@ module Typhoeus
3
3
  class Response
4
4
  # @return [ Nokogiri::HTML ] The response's body parsed by Nokogiri
5
5
  def html
6
- Nokogiri::HTML(body)
6
+ @html ||= Nokogiri::HTML(body.encode('UTF-8', invalid: :replace, undef: :replace))
7
7
  end
8
8
  end
9
9
  end
@@ -1,4 +1,4 @@
1
1
  # Version
2
2
  module CMSScanner
3
- VERSION = '0.0.23'
3
+ VERSION = '0.0.24'
4
4
  end
@@ -83,7 +83,7 @@ module CMSScanner
83
83
 
84
84
  # @return [ String ] The URL to the metasploit module page
85
85
  def msf_url(mod)
86
- "http://www.rapid7.com/db/modules/#{mod.sub(/^\//, '')}"
86
+ "http://www.rapid7.com/db/modules/#{mod.sub(%r{^/}, '')}"
87
87
  end
88
88
 
89
89
  # @return [ Array<String> ] The Packetstormsecurity ID
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.23
4
+ version: 0.0.24
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam - Erwan Le Rousseau
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-03-27 00:00:00.000000000 Z
11
+ date: 2015-04-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: opt_parse_validator
@@ -86,28 +86,28 @@ dependencies:
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: '1.4'
89
+ version: '1.5'
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: '1.4'
96
+ version: '1.5'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: ruby-progressbar
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.7.1
103
+ version: '1.7'
104
104
  type: :runtime
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.7.1
110
+ version: '1.7'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: rake
113
113
  requirement: !ruby/object:Gem::Requirement
@@ -170,28 +170,28 @@ dependencies:
170
170
  requirements:
171
171
  - - "~>"
172
172
  - !ruby/object:Gem::Version
173
- version: '0.29'
173
+ version: '0.30'
174
174
  type: :development
175
175
  prerelease: false
176
176
  version_requirements: !ruby/object:Gem::Requirement
177
177
  requirements:
178
178
  - - "~>"
179
179
  - !ruby/object:Gem::Version
180
- version: '0.29'
180
+ version: '0.30'
181
181
  - !ruby/object:Gem::Dependency
182
182
  name: webmock
183
183
  requirement: !ruby/object:Gem::Requirement
184
184
  requirements:
185
185
  - - "~>"
186
186
  - !ruby/object:Gem::Version
187
- version: '1.20'
187
+ version: '1.21'
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
192
  - - "~>"
193
193
  - !ruby/object:Gem::Version
194
- version: '1.20'
194
+ version: '1.21'
195
195
  - !ruby/object:Gem::Dependency
196
196
  name: simplecov
197
197
  requirement: !ruby/object:Gem::Requirement