cms_scanner 0.0.40 → 0.0.40.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/cms_scanner/version.rb +1 -1
- metadata +6 -28
- data/LICENSE +0 -19
- data/README.md +0 -27
- data/cms_scanner.gemspec +0 -55
- data/example/.gitignore +0 -13
- data/example/.rspec +0 -2
- data/example/.rubocop.yml +0 -20
- data/example/.travis.yml +0 -21
- data/example/Gemfile +0 -2
- data/example/Rakefile +0 -9
- data/example/app/app.rb +0 -1
- data/example/app/controllers.rb +0 -1
- data/example/app/controllers/example.rb +0 -36
- data/example/app/views/cli/core/banner.erb +0 -3
- data/example/app/views/cli/example/scan_word.erb +0 -5
- data/example/app/views/json/core/banner.erb +0 -3
- data/example/app/views/json/example/scan_word.erb +0 -1
- data/example/bin/cmsscan +0 -9
- data/example/cmsscan.gemspec +0 -51
- data/example/lib/cmsscan.rb +0 -35
- data/example/lib/cmsscan/controller.rb +0 -8
- data/example/lib/cmsscan/target.rb +0 -6
- data/example/lib/cmsscan/version.rb +0 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1b3d3e9abbb1a4ba227fd1ea88395d2e23c33e2a
|
|
4
|
+
data.tar.gz: 32a2b9929c10f34200b655827aa07dd57481802c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9864ffc7778e4d3b70056967c41b4e721e0877ae476a4c11eea4791d15b009de863c7d2b01582cfac718e8e504530e4d99294b45a95733546609a872cc1c153f
|
|
7
|
+
data.tar.gz: ffb890e25c0b22e04892d3abee4559ee39d0bb617423d7f7fe17380136f80c9b0b1f3f5879714b5830d7d158b8ba7ebfa541cd48541771c7f131bf9c2e60a251
|
data/lib/cms_scanner/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cms_scanner
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.40
|
|
4
|
+
version: 0.0.40.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- WPScanTeam
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-09-
|
|
11
|
+
date: 2018-09-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: nokogiri
|
|
@@ -30,14 +30,14 @@ dependencies:
|
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.0.16.
|
|
33
|
+
version: 0.0.16.3
|
|
34
34
|
type: :runtime
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.0.16.
|
|
40
|
+
version: 0.0.16.3
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: public_suffix
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -212,14 +212,14 @@ dependencies:
|
|
|
212
212
|
requirements:
|
|
213
213
|
- - "~>"
|
|
214
214
|
- !ruby/object:Gem::Version
|
|
215
|
-
version: 0.59.
|
|
215
|
+
version: 0.59.2
|
|
216
216
|
type: :development
|
|
217
217
|
prerelease: false
|
|
218
218
|
version_requirements: !ruby/object:Gem::Requirement
|
|
219
219
|
requirements:
|
|
220
220
|
- - "~>"
|
|
221
221
|
- !ruby/object:Gem::Version
|
|
222
|
-
version: 0.59.
|
|
222
|
+
version: 0.59.2
|
|
223
223
|
- !ruby/object:Gem::Dependency
|
|
224
224
|
name: simplecov
|
|
225
225
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -255,8 +255,6 @@ executables: []
|
|
|
255
255
|
extensions: []
|
|
256
256
|
extra_rdoc_files: []
|
|
257
257
|
files:
|
|
258
|
-
- LICENSE
|
|
259
|
-
- README.md
|
|
260
258
|
- app/app.rb
|
|
261
259
|
- app/controllers.rb
|
|
262
260
|
- app/controllers/core.rb
|
|
@@ -299,26 +297,6 @@ files:
|
|
|
299
297
|
- app/views/json/core/version.erb
|
|
300
298
|
- app/views/json/interesting_findings/findings.erb
|
|
301
299
|
- app/views/json/scan_aborted.erb
|
|
302
|
-
- cms_scanner.gemspec
|
|
303
|
-
- example/.gitignore
|
|
304
|
-
- example/.rspec
|
|
305
|
-
- example/.rubocop.yml
|
|
306
|
-
- example/.travis.yml
|
|
307
|
-
- example/Gemfile
|
|
308
|
-
- example/Rakefile
|
|
309
|
-
- example/app/app.rb
|
|
310
|
-
- example/app/controllers.rb
|
|
311
|
-
- example/app/controllers/example.rb
|
|
312
|
-
- example/app/views/cli/core/banner.erb
|
|
313
|
-
- example/app/views/cli/example/scan_word.erb
|
|
314
|
-
- example/app/views/json/core/banner.erb
|
|
315
|
-
- example/app/views/json/example/scan_word.erb
|
|
316
|
-
- example/bin/cmsscan
|
|
317
|
-
- example/cmsscan.gemspec
|
|
318
|
-
- example/lib/cmsscan.rb
|
|
319
|
-
- example/lib/cmsscan/controller.rb
|
|
320
|
-
- example/lib/cmsscan/target.rb
|
|
321
|
-
- example/lib/cmsscan/version.rb
|
|
322
300
|
- lib/cms_scanner.rb
|
|
323
301
|
- lib/cms_scanner/browser.rb
|
|
324
302
|
- lib/cms_scanner/browser/actions.rb
|
data/LICENSE
DELETED
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
Copyright (C) 2014-2015 - WPScanTeam
|
|
2
|
-
|
|
3
|
-
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
4
|
-
of this software and associated documentation files (the "Software"), to deal
|
|
5
|
-
in the Software without restriction, including without limitation the rights
|
|
6
|
-
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
7
|
-
copies of the Software, and to permit persons to whom the Software is
|
|
8
|
-
furnished to do so, subject to the following conditions:
|
|
9
|
-
|
|
10
|
-
The above copyright notice and this permission notice shall be included in all
|
|
11
|
-
copies or substantial portions of the Software.
|
|
12
|
-
|
|
13
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
14
|
-
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
15
|
-
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
16
|
-
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
17
|
-
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
18
|
-
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
19
|
-
SOFTWARE.
|
data/README.md
DELETED
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
# CMSScanner
|
|
2
|
-
|
|
3
|
-
[](https://badge.fury.io/rb/cms_scanner)
|
|
4
|
-
[](https://travis-ci.org/wpscanteam/CMSScanner)
|
|
5
|
-
[](https://coveralls.io/r/wpscanteam/CMSScanner)
|
|
6
|
-
[](https://codeclimate.com/github/wpscanteam/CMSScanner/maintainability)
|
|
7
|
-
[](https://gemnasium.com/wpscanteam/CMSScanner)
|
|
8
|
-
|
|
9
|
-
The goal of this gem is to provide a quick and easy way to create a CMS/WebSite Scanner by acting like a Framework and providing classes, formatters etc.
|
|
10
|
-
|
|
11
|
-
## /!\ This gem is currently Experimental /!\
|
|
12
|
-
|
|
13
|
-
## A basic implementation example is available in the example folder.
|
|
14
|
-
|
|
15
|
-
To start to play with it, copy all its files and folders into a new git repository and run `bundle install && rake install` inside it.
|
|
16
|
-
It will create a `cmsscan` command that you can run against a target, ie `cmsscan --url https://www.google.com`
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
Install Dependencies: `bundle install`
|
|
20
|
-
|
|
21
|
-
## Contributing
|
|
22
|
-
|
|
23
|
-
1. Fork it ( https://github.com/wpscanteam/CMSScanner/fork )
|
|
24
|
-
2. Create your feature branch (`git checkout -b my-new-feature`)
|
|
25
|
-
3. Commit your changes (`git commit -am 'Add some feature'`)
|
|
26
|
-
4. Push to the branch (`git push origin my-new-feature`)
|
|
27
|
-
5. Create new Pull Request
|
data/cms_scanner.gemspec
DELETED
|
@@ -1,55 +0,0 @@
|
|
|
1
|
-
lib = File.expand_path('../lib', __FILE__)
|
|
2
|
-
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
3
|
-
|
|
4
|
-
require 'cms_scanner/version'
|
|
5
|
-
|
|
6
|
-
Gem::Specification.new do |s|
|
|
7
|
-
s.name = 'cms_scanner'
|
|
8
|
-
s.version = CMSScanner::VERSION
|
|
9
|
-
s.platform = Gem::Platform::RUBY
|
|
10
|
-
s.required_ruby_version = '>= 2.3'
|
|
11
|
-
s.authors = ['WPScanTeam']
|
|
12
|
-
s.email = ['team@wpscan.org']
|
|
13
|
-
s.summary = 'CMS Scanner Framework (experimental)'
|
|
14
|
-
s.description = 'Framework to provide an easy way to implement CMS Scanners'
|
|
15
|
-
s.homepage = 'https://github.com/wpscanteam/CMSScanner'
|
|
16
|
-
s.license = 'MIT'
|
|
17
|
-
|
|
18
|
-
s.files = `git ls-files -z`.split("\x0").reject do |file|
|
|
19
|
-
file =~ %r{^(?:
|
|
20
|
-
spec\/.*
|
|
21
|
-
|Gemfile
|
|
22
|
-
|Rakefile
|
|
23
|
-
|\.rspec
|
|
24
|
-
|\.gitignore
|
|
25
|
-
|\.rubocop.yml
|
|
26
|
-
|\.travis.yml
|
|
27
|
-
)$}x
|
|
28
|
-
end
|
|
29
|
-
|
|
30
|
-
s.test_files = []
|
|
31
|
-
s.executables = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
|
32
|
-
s.require_path = 'lib'
|
|
33
|
-
|
|
34
|
-
s.add_dependency 'nokogiri', '~> 1.8.0'
|
|
35
|
-
s.add_dependency 'opt_parse_validator', '~> 0.0.16.2'
|
|
36
|
-
s.add_dependency 'public_suffix', '~> 3.0.0'
|
|
37
|
-
s.add_dependency 'ruby-progressbar', '~> 1.10.0'
|
|
38
|
-
s.add_dependency 'typhoeus', '~> 1.3.0'
|
|
39
|
-
s.add_dependency 'xmlrpc', '~> 0.3'
|
|
40
|
-
s.add_dependency 'yajl-ruby', '~> 1.4.1' # Better JSON parser regarding memory usage
|
|
41
|
-
|
|
42
|
-
# Already required by opt_parse_validator
|
|
43
|
-
# so version restriction loosen to avoid potential future conflicts
|
|
44
|
-
s.add_dependency 'activesupport', '~> 5.2'
|
|
45
|
-
s.add_dependency 'addressable', '~> 2.5'
|
|
46
|
-
|
|
47
|
-
s.add_development_dependency 'bundler', '~> 1.6'
|
|
48
|
-
s.add_development_dependency 'coveralls', '~> 0.8.0'
|
|
49
|
-
s.add_development_dependency 'rake', '~> 12.3'
|
|
50
|
-
s.add_development_dependency 'rspec', '~> 3.8.0'
|
|
51
|
-
s.add_development_dependency 'rspec-its', '~> 1.2.0'
|
|
52
|
-
s.add_development_dependency 'rubocop', '~> 0.59.1'
|
|
53
|
-
s.add_development_dependency 'simplecov', '~> 0.16.1'
|
|
54
|
-
s.add_development_dependency 'webmock', '~> 3.4.2'
|
|
55
|
-
end
|
data/example/.gitignore
DELETED
data/example/.rspec
DELETED
data/example/.rubocop.yml
DELETED
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
AllCops:
|
|
2
|
-
Exclude:
|
|
3
|
-
- '*.gemspec'
|
|
4
|
-
- 'vendor/**/*'
|
|
5
|
-
LineLength:
|
|
6
|
-
Max: 120
|
|
7
|
-
ClassVars:
|
|
8
|
-
Enabled: false
|
|
9
|
-
Style/RescueModifier:
|
|
10
|
-
Enabled: false
|
|
11
|
-
Style/SignalException:
|
|
12
|
-
EnforcedStyle: semantic
|
|
13
|
-
MethodLength:
|
|
14
|
-
Max: 17
|
|
15
|
-
Metrics/AbcSize:
|
|
16
|
-
Max: 25
|
|
17
|
-
Metrics/CyclomaticComplexity:
|
|
18
|
-
Max: 10
|
|
19
|
-
Metrics/PerceivedComplexity:
|
|
20
|
-
Max: 9
|
data/example/.travis.yml
DELETED
|
@@ -1,21 +0,0 @@
|
|
|
1
|
-
language: ruby
|
|
2
|
-
sudo: false
|
|
3
|
-
cache: bundler
|
|
4
|
-
rvm:
|
|
5
|
-
- 2.3.0
|
|
6
|
-
- 2.3.1
|
|
7
|
-
- 2.3.2
|
|
8
|
-
- 2.3.3
|
|
9
|
-
- 2.3.4
|
|
10
|
-
- 2.4.0
|
|
11
|
-
- 2.4.1
|
|
12
|
-
- ruby-head
|
|
13
|
-
before_install:
|
|
14
|
-
- "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
|
|
15
|
-
- "gem update --system"
|
|
16
|
-
matrix:
|
|
17
|
-
allow_failures:
|
|
18
|
-
- rvm: ruby-head
|
|
19
|
-
script:
|
|
20
|
-
- bundle exec rspec
|
|
21
|
-
- bundle exec rubocop
|
data/example/Gemfile
DELETED
data/example/Rakefile
DELETED
data/example/app/app.rb
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
require_relative 'controllers'
|
data/example/app/controllers.rb
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
require_relative 'controllers/example'
|
|
@@ -1,36 +0,0 @@
|
|
|
1
|
-
module CMSScan
|
|
2
|
-
module Controller
|
|
3
|
-
# Example Controller
|
|
4
|
-
class Example < CMSScanner::Controller::Core
|
|
5
|
-
# @return [ Array<OptParseValidator::Opt> ]
|
|
6
|
-
def cli_options
|
|
7
|
-
[
|
|
8
|
-
OptString.new(['--dummy VALUE', 'Dummy CLI Option'])
|
|
9
|
-
]
|
|
10
|
-
end
|
|
11
|
-
|
|
12
|
-
def before_scan
|
|
13
|
-
# Anything to do before ?
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
def run
|
|
17
|
-
# Let's check and display whether or not the word 'scan' is present in the homepage of the target
|
|
18
|
-
|
|
19
|
-
is_present = target.homepage_res.body =~ /scan/ ? true : false
|
|
20
|
-
|
|
21
|
-
output('scan_word', is_present: is_present)
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
# Alternative way of doing it
|
|
25
|
-
def run2
|
|
26
|
-
@is_present = Browser.get(target.homepage_url).body =~ /scan/ ? true : false
|
|
27
|
-
|
|
28
|
-
output('scan_word')
|
|
29
|
-
end
|
|
30
|
-
|
|
31
|
-
def after_scan
|
|
32
|
-
# Anything after ?
|
|
33
|
-
end
|
|
34
|
-
end
|
|
35
|
-
end
|
|
36
|
-
end
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
"scan_word_present": <%= @is_present.to_json %>,
|
data/example/bin/cmsscan
DELETED
data/example/cmsscan.gemspec
DELETED
|
@@ -1,51 +0,0 @@
|
|
|
1
|
-
# coding: utf-8
|
|
2
|
-
|
|
3
|
-
lib = File.expand_path('../lib', __FILE__)
|
|
4
|
-
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
5
|
-
|
|
6
|
-
require 'cmsscan/version'
|
|
7
|
-
|
|
8
|
-
Gem::Specification.new do |s|
|
|
9
|
-
s.name = 'cmsscan'
|
|
10
|
-
s.version = CMSScan::VERSION
|
|
11
|
-
s.platform = Gem::Platform::RUBY
|
|
12
|
-
s.required_ruby_version = '>= 2.1.0'
|
|
13
|
-
s.authors = ['WPScanTeam']
|
|
14
|
-
s.date = Time.now.utc.strftime('%Y-%m-%d')
|
|
15
|
-
s.email = ['team@wpscan.org']
|
|
16
|
-
s.summary = 'CMSScan Gem Example'
|
|
17
|
-
s.description = 'CMSScanner Implementation Example'
|
|
18
|
-
s.homepage = 'https://github.com/wpscanteam/CMSScanner'
|
|
19
|
-
s.license = 'MIT'
|
|
20
|
-
|
|
21
|
-
s.files = `git ls-files -z`.split("\x0").reject do |file|
|
|
22
|
-
file =~ %r{^(?:
|
|
23
|
-
spec\/.*
|
|
24
|
-
|Gemfile
|
|
25
|
-
|Rakefile
|
|
26
|
-
|\.rspec
|
|
27
|
-
|\.gitignore
|
|
28
|
-
|\.rubocop.yml
|
|
29
|
-
|\.travis.yml
|
|
30
|
-
)$}x
|
|
31
|
-
end
|
|
32
|
-
|
|
33
|
-
s.test_files = []
|
|
34
|
-
s.executables = s.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
|
35
|
-
s.require_path = 'lib'
|
|
36
|
-
|
|
37
|
-
s.add_dependency 'cms_scanner', '~> 0.0.39.0'
|
|
38
|
-
|
|
39
|
-
# Already required by CMSScanner, so version restrictions loosen
|
|
40
|
-
s.add_dependency 'activesupport', '~> 5.1'
|
|
41
|
-
s.add_dependency 'yajl-ruby', '~> 1.3'
|
|
42
|
-
|
|
43
|
-
s.add_development_dependency 'bundler', '~> 1.6'
|
|
44
|
-
s.add_development_dependency 'coveralls', '~> 0.8.0'
|
|
45
|
-
s.add_development_dependency 'rake', '~> 12.0'
|
|
46
|
-
s.add_development_dependency 'rspec', '~> 3.7.0'
|
|
47
|
-
s.add_development_dependency 'rspec-its', '~> 1.2.0'
|
|
48
|
-
s.add_development_dependency 'rubocop', '~> 0.52.0'
|
|
49
|
-
s.add_development_dependency 'simplecov', '~> 0.14.0' # Can't update to 0.15 as it breaks coveralls dep
|
|
50
|
-
s.add_development_dependency 'webmock', '~> 3.3.0'
|
|
51
|
-
end
|
data/example/lib/cmsscan.rb
DELETED
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
# Gems
|
|
2
|
-
require 'cms_scanner'
|
|
3
|
-
require 'yajl/json_gem'
|
|
4
|
-
require 'addressable/uri'
|
|
5
|
-
require 'active_support/all'
|
|
6
|
-
# Standard Lib
|
|
7
|
-
require 'uri'
|
|
8
|
-
require 'time'
|
|
9
|
-
require 'readline'
|
|
10
|
-
require 'securerandom'
|
|
11
|
-
# Custom Libs
|
|
12
|
-
require 'cmsscan/target'
|
|
13
|
-
require 'cmsscan/version'
|
|
14
|
-
require 'cmsscan/controller'
|
|
15
|
-
|
|
16
|
-
Encoding.default_external = Encoding::UTF_8
|
|
17
|
-
|
|
18
|
-
# CMSScan
|
|
19
|
-
module CMSScan
|
|
20
|
-
include CMSScanner
|
|
21
|
-
|
|
22
|
-
APP_DIR = Pathname.new(__FILE__).dirname.join('..', 'app').expand_path
|
|
23
|
-
# Not needed in this example
|
|
24
|
-
# DB_DIR = File.join(Dir.home, '.cmsscan', 'db')
|
|
25
|
-
|
|
26
|
-
# Override, otherwise it would be returned as 'cms_scan'
|
|
27
|
-
# doesn't really matter in this example.
|
|
28
|
-
#
|
|
29
|
-
# @return [ String ]
|
|
30
|
-
def self.app_name
|
|
31
|
-
'cmsscan'
|
|
32
|
-
end
|
|
33
|
-
end
|
|
34
|
-
|
|
35
|
-
require "#{CMSScan::APP_DIR}/app"
|