cms_scanner 0.0.37.3 → 0.0.37.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/controllers/interesting_findings.rb +2 -1
- data/app/finders/interesting_findings/fantastico_fileslist.rb +1 -1
- data/app/models/version.rb +1 -1
- data/app/models/xml_rpc.rb +1 -1
- data/cms_scanner.gemspec +12 -12
- data/lib/cms_scanner/browser.rb +2 -3
- data/lib/cms_scanner/browser/options.rb +2 -2
- data/lib/cms_scanner/finders/finder.rb +1 -1
- data/lib/cms_scanner/finders/finding.rb +1 -1
- data/lib/cms_scanner/finders/same_type_finder.rb +0 -1
- data/lib/cms_scanner/finders/unique_finder.rb +0 -1
- data/lib/cms_scanner/target/hashes.rb +1 -1
- data/lib/cms_scanner/version.rb +1 -1
- data/lib/cms_scanner/web_site.rb +1 -1
- metadata +25 -26
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e04805ab5723d3ae5e801aa89a44ba26ace6d5ae
|
4
|
+
data.tar.gz: 3ac81f2e34eb15b2e84425dcb0d4ca4660f4943e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9ebcc6de35ad7dae9fe5493934b9af944fd97585ce82d34a5fe542c19475990797f5f78cdd6168b0140f11ac1848df005df598be14b387fd8290ede6b2b2871b
|
7
|
+
data.tar.gz: 8a23c4cdd05345e60f629858b5988490fb60c52e9f448a6349c94b4d7e9ef754c1560139e70a1286e01ffc1f7484e7e440a4f416b2169ec25f4d8534bbc864d2
|
@@ -12,7 +12,7 @@ module CMSScanner
|
|
12
12
|
def aggressive(_opts = {})
|
13
13
|
res = NS::Browser.get(url)
|
14
14
|
|
15
|
-
return unless res && res.code == 200 && res.body.
|
15
|
+
return unless res && res.code == 200 && !res.body.empty?
|
16
16
|
return unless res.headers && res.headers['Content-Type'] =~ %r{\Atext/plain}
|
17
17
|
|
18
18
|
NS::FantasticoFileslist.new(url, confidence: 70, found_by: found_by)
|
data/app/models/version.rb
CHANGED
data/app/models/xml_rpc.rb
CHANGED
@@ -23,7 +23,7 @@ module CMSScanner
|
|
23
23
|
|
24
24
|
body = '<?xml version="1.0"?><methodCall>'
|
25
25
|
body << "<methodName>#{method}</methodName>"
|
26
|
-
body << "<params>#{p_body}</params>" unless p_body.length
|
26
|
+
body << "<params>#{p_body}</params>" unless p_body.length.zero?
|
27
27
|
body << '</methodCall>'
|
28
28
|
end
|
29
29
|
|
data/cms_scanner.gemspec
CHANGED
@@ -8,7 +8,7 @@ Gem::Specification.new do |s|
|
|
8
8
|
s.name = 'cms_scanner'
|
9
9
|
s.version = CMSScanner::VERSION
|
10
10
|
s.platform = Gem::Platform::RUBY
|
11
|
-
s.required_ruby_version = '>= 2.
|
11
|
+
s.required_ruby_version = '>= 2.2.2'
|
12
12
|
s.authors = ['WPScanTeam']
|
13
13
|
s.email = ['team@wpscan.org']
|
14
14
|
s.summary = 'CMS Scanner Framework (experimental)'
|
@@ -31,20 +31,20 @@ Gem::Specification.new do |s|
|
|
31
31
|
s.executables = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
32
32
|
s.require_path = 'lib'
|
33
33
|
|
34
|
-
s.add_dependency 'typhoeus', '~>
|
35
|
-
s.add_dependency 'nokogiri', '~> 1.6.
|
34
|
+
s.add_dependency 'typhoeus', '~> 1.1.0'
|
35
|
+
s.add_dependency 'nokogiri', '~> 1.6.8.1'
|
36
36
|
s.add_dependency 'yajl-ruby', '~> 1.2.1' # Better JSON parser regarding memory usage
|
37
37
|
s.add_dependency 'addressable', '~> 2.4.0'
|
38
|
-
s.add_dependency 'activesupport', '~>
|
39
|
-
s.add_dependency 'public_suffix', '~> 1.5
|
40
|
-
s.add_dependency 'ruby-progressbar', '~> 1.
|
41
|
-
s.add_dependency 'opt_parse_validator', '~> 0.0.13.
|
38
|
+
s.add_dependency 'activesupport', '~> 5.0.0.1'
|
39
|
+
s.add_dependency 'public_suffix', '~> 1.5'
|
40
|
+
s.add_dependency 'ruby-progressbar', '~> 1.8.1'
|
41
|
+
s.add_dependency 'opt_parse_validator', '~> 0.0.13.3'
|
42
42
|
|
43
|
-
s.add_development_dependency 'rake', '~>
|
44
|
-
s.add_development_dependency 'rspec', '~> 3.
|
43
|
+
s.add_development_dependency 'rake', '~> 11.3.0'
|
44
|
+
s.add_development_dependency 'rspec', '~> 3.5.0'
|
45
45
|
s.add_development_dependency 'rspec-its', '~> 1.2.0'
|
46
46
|
s.add_development_dependency 'bundler', '~> 1.6'
|
47
|
-
s.add_development_dependency 'rubocop', '~> 0.
|
48
|
-
s.add_development_dependency 'webmock', '~> 1.22
|
49
|
-
s.add_development_dependency 'simplecov', '~> 0.
|
47
|
+
s.add_development_dependency 'rubocop', '~> 0.43.0'
|
48
|
+
s.add_development_dependency 'webmock', '~> 1.22'
|
49
|
+
s.add_development_dependency 'simplecov', '~> 0.12.0'
|
50
50
|
end
|
data/lib/cms_scanner/browser.rb
CHANGED
@@ -40,8 +40,7 @@ module CMSScanner
|
|
40
40
|
def typhoeus_to_browser_opts
|
41
41
|
{ connecttimeout: :connect_timeout, cache_ttl: :cache_ttl,
|
42
42
|
proxy: :proxy, timeout: :request_timeout, cookiejar: :cookie_jar,
|
43
|
-
cookiefile: :cookie_jar, cookie: :cookie_string
|
44
|
-
}
|
43
|
+
cookiefile: :cookie_jar, cookie: :cookie_string }
|
45
44
|
end
|
46
45
|
|
47
46
|
# @return [ Hash ]
|
@@ -62,7 +61,7 @@ module CMSScanner
|
|
62
61
|
params[:proxyauth] = "#{proxy_auth[:username]}:#{proxy_auth[:password]}" if proxy_auth
|
63
62
|
params[:userpwd] = "#{http_auth[:username]}:#{http_auth[:password]}" if http_auth
|
64
63
|
|
65
|
-
params[:headers]
|
64
|
+
params[:headers]['Host'] = vhost if vhost
|
66
65
|
|
67
66
|
params
|
68
67
|
end
|
@@ -16,7 +16,7 @@ module CMSScanner
|
|
16
16
|
:user_agent,
|
17
17
|
:user_agents_list,
|
18
18
|
:vhost
|
19
|
-
]
|
19
|
+
].freeze
|
20
20
|
|
21
21
|
attr_accessor(*OPTIONS)
|
22
22
|
|
@@ -43,7 +43,7 @@ module CMSScanner
|
|
43
43
|
#
|
44
44
|
# @param [ Integer ] number
|
45
45
|
def max_threads=(number)
|
46
|
-
@max_threads = number.to_i > 0 && throttle
|
46
|
+
@max_threads = number.to_i > 0 && throttle.zero? ? number.to_i : 1
|
47
47
|
|
48
48
|
hydra.max_concurrency = @max_threads
|
49
49
|
end
|
@@ -8,7 +8,7 @@ module CMSScanner
|
|
8
8
|
super(base)
|
9
9
|
end
|
10
10
|
|
11
|
-
FINDING_OPTS = [:confidence, :confirmed_by, :references, :found_by, :interesting_entries]
|
11
|
+
FINDING_OPTS = [:confidence, :confirmed_by, :references, :found_by, :interesting_entries].freeze
|
12
12
|
|
13
13
|
attr_accessor(*FINDING_OPTS)
|
14
14
|
|
@@ -20,7 +20,7 @@ module CMSScanner
|
|
20
20
|
# @note This is used to detect potential custom 404 responding with a 200
|
21
21
|
# @return [ String ] The hash of a 404
|
22
22
|
def error_404_hash
|
23
|
-
@
|
23
|
+
@error404_hash ||= self.class.page_hash(non_existant_page_url)
|
24
24
|
end
|
25
25
|
|
26
26
|
# @return [ String ] The URL of an unlikely existant page
|
data/lib/cms_scanner/version.rb
CHANGED
data/lib/cms_scanner/web_site.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cms_scanner
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.37.
|
4
|
+
version: 0.0.37.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- WPScanTeam
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2016-10-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: typhoeus
|
@@ -16,28 +16,28 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
19
|
+
version: 1.1.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version:
|
26
|
+
version: 1.1.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: nokogiri
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 1.6.
|
33
|
+
version: 1.6.8.1
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 1.6.
|
40
|
+
version: 1.6.8.1
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: yajl-ruby
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
@@ -72,84 +72,84 @@ dependencies:
|
|
72
72
|
requirements:
|
73
73
|
- - "~>"
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version:
|
75
|
+
version: 5.0.0.1
|
76
76
|
type: :runtime
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
80
|
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version:
|
82
|
+
version: 5.0.0.1
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
84
|
name: public_suffix
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
87
|
- - "~>"
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version: 1.5
|
89
|
+
version: '1.5'
|
90
90
|
type: :runtime
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - "~>"
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version: 1.5
|
96
|
+
version: '1.5'
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: ruby-progressbar
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
100
100
|
requirements:
|
101
101
|
- - "~>"
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 1.
|
103
|
+
version: 1.8.1
|
104
104
|
type: :runtime
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: 1.
|
110
|
+
version: 1.8.1
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: opt_parse_validator
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
114
114
|
requirements:
|
115
115
|
- - "~>"
|
116
116
|
- !ruby/object:Gem::Version
|
117
|
-
version: 0.0.13.
|
117
|
+
version: 0.0.13.3
|
118
118
|
type: :runtime
|
119
119
|
prerelease: false
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
121
121
|
requirements:
|
122
122
|
- - "~>"
|
123
123
|
- !ruby/object:Gem::Version
|
124
|
-
version: 0.0.13.
|
124
|
+
version: 0.0.13.3
|
125
125
|
- !ruby/object:Gem::Dependency
|
126
126
|
name: rake
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
128
128
|
requirements:
|
129
129
|
- - "~>"
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version:
|
131
|
+
version: 11.3.0
|
132
132
|
type: :development
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
136
|
- - "~>"
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version:
|
138
|
+
version: 11.3.0
|
139
139
|
- !ruby/object:Gem::Dependency
|
140
140
|
name: rspec
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
142
142
|
requirements:
|
143
143
|
- - "~>"
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: 3.
|
145
|
+
version: 3.5.0
|
146
146
|
type: :development
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
150
|
- - "~>"
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: 3.
|
152
|
+
version: 3.5.0
|
153
153
|
- !ruby/object:Gem::Dependency
|
154
154
|
name: rspec-its
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
@@ -184,42 +184,42 @@ dependencies:
|
|
184
184
|
requirements:
|
185
185
|
- - "~>"
|
186
186
|
- !ruby/object:Gem::Version
|
187
|
-
version: 0.
|
187
|
+
version: 0.43.0
|
188
188
|
type: :development
|
189
189
|
prerelease: false
|
190
190
|
version_requirements: !ruby/object:Gem::Requirement
|
191
191
|
requirements:
|
192
192
|
- - "~>"
|
193
193
|
- !ruby/object:Gem::Version
|
194
|
-
version: 0.
|
194
|
+
version: 0.43.0
|
195
195
|
- !ruby/object:Gem::Dependency
|
196
196
|
name: webmock
|
197
197
|
requirement: !ruby/object:Gem::Requirement
|
198
198
|
requirements:
|
199
199
|
- - "~>"
|
200
200
|
- !ruby/object:Gem::Version
|
201
|
-
version: 1.22
|
201
|
+
version: '1.22'
|
202
202
|
type: :development
|
203
203
|
prerelease: false
|
204
204
|
version_requirements: !ruby/object:Gem::Requirement
|
205
205
|
requirements:
|
206
206
|
- - "~>"
|
207
207
|
- !ruby/object:Gem::Version
|
208
|
-
version: 1.22
|
208
|
+
version: '1.22'
|
209
209
|
- !ruby/object:Gem::Dependency
|
210
210
|
name: simplecov
|
211
211
|
requirement: !ruby/object:Gem::Requirement
|
212
212
|
requirements:
|
213
213
|
- - "~>"
|
214
214
|
- !ruby/object:Gem::Version
|
215
|
-
version: 0.
|
215
|
+
version: 0.12.0
|
216
216
|
type: :development
|
217
217
|
prerelease: false
|
218
218
|
version_requirements: !ruby/object:Gem::Requirement
|
219
219
|
requirements:
|
220
220
|
- - "~>"
|
221
221
|
- !ruby/object:Gem::Version
|
222
|
-
version: 0.
|
222
|
+
version: 0.12.0
|
223
223
|
description: Framework to provide an easy way to implement CMS Scanners
|
224
224
|
email:
|
225
225
|
- team@wpscan.org
|
@@ -325,7 +325,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
325
325
|
requirements:
|
326
326
|
- - ">="
|
327
327
|
- !ruby/object:Gem::Version
|
328
|
-
version: 2.
|
328
|
+
version: 2.2.2
|
329
329
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
330
330
|
requirements:
|
331
331
|
- - ">="
|
@@ -338,4 +338,3 @@ signing_key:
|
|
338
338
|
specification_version: 4
|
339
339
|
summary: CMS Scanner Framework (experimental)
|
340
340
|
test_files: []
|
341
|
-
has_rdoc:
|