cms_scanner 0.0.40.1 → 0.0.40.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1b3d3e9abbb1a4ba227fd1ea88395d2e23c33e2a
-  data.tar.gz: 32a2b9929c10f34200b655827aa07dd57481802c
+  metadata.gz: 3835b59c723b4b5f73240e16295345892c5945cf
+  data.tar.gz: 7dee21423e396897ab18747d271889f957a48ae5
 SHA512:
-  metadata.gz: 9864ffc7778e4d3b70056967c41b4e721e0877ae476a4c11eea4791d15b009de863c7d2b01582cfac718e8e504530e4d99294b45a95733546609a872cc1c153f
-  data.tar.gz: ffb890e25c0b22e04892d3abee4559ee39d0bb617423d7f7fe17380136f80c9b0b1f3f5879714b5830d7d158b8ba7ebfa541cd48541771c7f131bf9c2e60a251
+  metadata.gz: d5ea0f55099c3e1b8657921c60ace4f0c1588c8e9edeb634842796028df1b22da2e63516b7e90b48ef5739b2a93fe723a9786aed7aebc21747e9649b4775a8c5
+  data.tar.gz: 42740280effe12021ae733597f850229d06d6204df5ce1582b088e247f34c61821e4b857a207d98bda81618ab0f5e0798864882f21a1bd5d52fc531e038afeca

data/LICENSE

@@ -0,0 +1,19 @@
+Copyright (C) 2014-2015 - WPScanTeam
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,27 @@
+# CMSScanner
+
+[![Gem Version](https://badge.fury.io/rb/cms_scanner.svg)](https://badge.fury.io/rb/cms_scanner)
+[![Build Status](https://img.shields.io/travis/wpscanteam/CMSScanner.svg)](https://travis-ci.org/wpscanteam/CMSScanner)
+[![Coverage Status](https://img.shields.io/coveralls/wpscanteam/CMSScanner.svg)](https://coveralls.io/r/wpscanteam/CMSScanner)
+[![Code Climate](https://api.codeclimate.com/v1/badges/b90b7f9f6982792ef8d6/maintainability)](https://codeclimate.com/github/wpscanteam/CMSScanner/maintainability)
+[![Dependency Status](https://img.shields.io/gemnasium/wpscanteam/CMSScanner.svg)](https://gemnasium.com/wpscanteam/CMSScanner)
+
+The goal of this gem is to provide a quick and easy way to create a CMS/WebSite Scanner by acting like a Framework and providing classes, formatters etc.
+
+## /!\ This gem is currently Experimental /!\
+
+## A basic implementation example is available in the example folder.
+
+To start to play with it, copy all its files and folders into a new git repository and run `bundle install && rake install` inside it.
+It will create a `cmsscan` command that you can run against a target, ie `cmsscan --url https://www.google.com`
+
+
+Install Dependencies: `bundle install`
+
+## Contributing
+
+1. Fork it ( https://github.com/wpscanteam/CMSScanner/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/app/controllers/core.rb

@@ -22,10 +22,11 @@ module CMSScanner
 
       def maybe_output_banner_help_and_version
         output('banner') if parsed_options[:banner]
-        output('help', help: option_parser.to_s) if parsed_options[:help]
+        output('help', help: option_parser.simple_help, simple: true) if parsed_options[:help]
+        output('help', help: option_parser.full_help, simple: false) if parsed_options[:hh]
         output('version') if parsed_options[:version]
 
-        exit(NS::ExitCode::OK) if parsed_options[:help] || parsed_options[:version]
+        exit(NS::ExitCode::OK) if parsed_options[:help] || parsed_options[:hh] || parsed_options[:version]
       end
 
       # Checks that the target is accessible, raises related errors otherwise

data/app/controllers/core/cli_options.rb

@@ -7,7 +7,7 @@ module CMSScanner
 
         [
           OptURL.new(['-u', '--url URL', 'The URL to scan'],
-                     required_unless: %i[help version],
+                     required_unless: %i[help hh version],
                      default_protocol: 'http')
         ] + mixed_cli_options + [
           OptFilePath.new(['-o', '--output FILE', 'Output to FILE'], writable: true, exists: false),
@@ -19,15 +19,17 @@ module CMSScanner
                         default: :mixed),
           OptArray.new(['--scope DOMAINS',
                         'Comma separated (sub-)domains to consider in scope. ',
-                        'Wildcard(s) allowed in the trd of valid domains, e.g: *.target.tld'])
+                        'Wildcard(s) allowed in the trd of valid domains, e.g: *.target.tld'], advanced: true)
         ] + cli_browser_options
       end
 
       def mixed_cli_options
         [
-          OptBoolean.new(['-h', '--help', 'Display the help and exit']),
+          OptBoolean.new(['-h', '--help', 'Display the simple help and exit']),
+          OptBoolean.new(['--hh', 'Display the full help and exit']),
           OptBoolean.new(['--version', 'Display the version and exit']),
-          OptBoolean.new(['--ignore-main-redirect', 'Ignore the main redirect (if any) and scan the target url']),
+          OptBoolean.new(['--ignore-main-redirect', 'Ignore the main redirect (if any) and scan the target url'],
+                         advanced: true),
           OptBoolean.new(['-v', '--verbose', 'Verbose mode']),
           OptBoolean.new(['--[no-]banner', 'Whether or not to display the banner'], default: true)
         ]
@@ -39,9 +41,9 @@ module CMSScanner
           OptBoolean.new(['--random-user-agent', '--rua',
                           'Use a random user-agent for each scan']),
           OptFilePath.new(['--user-agents-list FILE-PATH',
-                           'List of agents to use with --random-user-agent'], exists: true),
+                           'List of agents to use with --random-user-agent'], exists: true, advanced: true),
           OptCredentials.new(['--http-auth login:password']),
-          OptPositiveInteger.new(['--max-threads VALUE', '-t', 'The max threads to use'],
+          OptPositiveInteger.new(['-t', '--max-threads VALUE', 'The max threads to use'],
                                  default: 5),
           OptPositiveInteger.new(['--throttle MilliSeconds', 'Milliseconds to wait before doing another web request. ' \
                                   'If used, the max threads will be set to 1.']),
@@ -57,8 +59,8 @@ module CMSScanner
       def cli_browser_headers_options
         [
           OptString.new(['--user-agent VALUE', '--ua']),
-          OptHeaders.new(['--headers HEADERS', 'Additional headers to append in requests']),
-          OptString.new(['--vhost VALUE', 'The virtual host (Host header) to use in requests'])
+          OptHeaders.new(['--headers HEADERS', 'Additional headers to append in requests'], advanced: true),
+          OptString.new(['--vhost VALUE', 'The virtual host (Host header) to use in requests'], advanced: true)
         ]
       end
 
@@ -88,13 +90,15 @@ module CMSScanner
       # @return [ Array<OptParseValidator::OptBase> ]
       def cli_browser_cache_options
         [
-          OptInteger.new(['--cache-ttl TIME_TO_LIVE', 'The cache time to live in seconds'], default: 600),
-          OptBoolean.new(['--clear-cache', 'Clear the cache before the scan']),
+          OptInteger.new(['--cache-ttl TIME_TO_LIVE', 'The cache time to live in seconds'],
+                         default: 600, advanced: true),
+          OptBoolean.new(['--clear-cache', 'Clear the cache before the scan'], advanced: true),
           OptDirectoryPath.new(['--cache-dir PATH'],
                                readable: true,
                                writable: true,
                                create: true,
-                               default: File.join(tmp_directory, 'cache'))
+                               default: File.join(tmp_directory, 'cache'),
+                               advanced: true)
         ]
       end
     end

data/app/controllers/interesting_findings.rb

@@ -7,8 +7,7 @@ module CMSScanner
           OptChoice.new(
             ['--interesting-findings-detection MODE',
              'Use the supplied mode for the interesting findings detection. '],
-            choices: %w[mixed passive aggressive],
-            normalize: :to_sym
+            choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
           )
         ]
       end

data/app/views/cli/core/help.erb

@@ -1 +1,4 @@
 <%= @help %>
+<% if @simple -%>
+[!] To see full list of options use --hh.
+<% end -%>

data/app/views/json/core/help.erb

@@ -1 +1,4 @@
-"help": <%= @help.to_s.to_json %>,
+"help": <%= @help.to_s.to_json %>,
+<% if @simple -%>
+"full_help": "To see full list of options use --hh.",
+<% end -%>

data/lib/cms_scanner/version.rb

@@ -1,4 +1,4 @@
 # Version
 module CMSScanner
-  VERSION = '0.0.40.1'.freeze
+  VERSION = '0.0.40.2'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cms_scanner
 version: !ruby/object:Gem::Version
-  version: 0.0.40.1
+  version: 0.0.40.2
 platform: ruby
 authors:
 - WPScanTeam
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-09-28 00:00:00.000000000 Z
+date: 2018-10-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.16.3
+        version: 0.0.16.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.16.3
+        version: 0.0.16.4
 - !ruby/object:Gem::Dependency
   name: public_suffix
   requirement: !ruby/object:Gem::Requirement
@@ -255,6 +255,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- LICENSE
+- README.md
 - app/app.rb
 - app/controllers.rb
 - app/controllers/core.rb