RubyGems - cms_scanner - Versions diffs - 0.0.40.1 → 0.0.40.2 - Mend

cms_scanner 0.0.40.1 → 0.0.40.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

checksums.yaml +4 -4
data/LICENSE +19 -0
data/README.md +27 -0
data/app/controllers/core.rb +3 -2
data/app/controllers/core/cli_options.rb +15 -11
data/app/controllers/interesting_findings.rb +1 -2
data/app/views/cli/core/help.erb +3 -0
data/app/views/json/core/help.erb +4 -1
data/lib/cms_scanner/version.rb +1 -1
metadata +6 -4

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1b3d3e9abbb1a4ba227fd1ea88395d2e23c33e2a
-  data.tar.gz: 32a2b9929c10f34200b655827aa07dd57481802c
+  metadata.gz: 3835b59c723b4b5f73240e16295345892c5945cf
+  data.tar.gz: 7dee21423e396897ab18747d271889f957a48ae5
 SHA512:
-  metadata.gz: 9864ffc7778e4d3b70056967c41b4e721e0877ae476a4c11eea4791d15b009de863c7d2b01582cfac718e8e504530e4d99294b45a95733546609a872cc1c153f
-  data.tar.gz: ffb890e25c0b22e04892d3abee4559ee39d0bb617423d7f7fe17380136f80c9b0b1f3f5879714b5830d7d158b8ba7ebfa541cd48541771c7f131bf9c2e60a251
+  metadata.gz: d5ea0f55099c3e1b8657921c60ace4f0c1588c8e9edeb634842796028df1b22da2e63516b7e90b48ef5739b2a93fe723a9786aed7aebc21747e9649b4775a8c5
+  data.tar.gz: 42740280effe12021ae733597f850229d06d6204df5ce1582b088e247f34c61821e4b857a207d98bda81618ab0f5e0798864882f21a1bd5d52fc531e038afeca

data/LICENSE ADDED

@@ -0,0 +1,19 @@
+Copyright (C) 2014-2015 - WPScanTeam
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md ADDED

@@ -0,0 +1,27 @@
+# CMSScanner
+[![Gem Version](https://badge.fury.io/rb/cms_scanner.svg)](https://badge.fury.io/rb/cms_scanner)
+[![Build Status](https://img.shields.io/travis/wpscanteam/CMSScanner.svg)](https://travis-ci.org/wpscanteam/CMSScanner)
+[![Coverage Status](https://img.shields.io/coveralls/wpscanteam/CMSScanner.svg)](https://coveralls.io/r/wpscanteam/CMSScanner)
+[![Code Climate](https://api.codeclimate.com/v1/badges/b90b7f9f6982792ef8d6/maintainability)](https://codeclimate.com/github/wpscanteam/CMSScanner/maintainability)
+[![Dependency Status](https://img.shields.io/gemnasium/wpscanteam/CMSScanner.svg)](https://gemnasium.com/wpscanteam/CMSScanner)
+The goal of this gem is to provide a quick and easy way to create a CMS/WebSite Scanner by acting like a Framework and providing classes, formatters etc.
+## /!\ This gem is currently Experimental /!\
+## A basic implementation example is available in the example folder.
+To start to play with it, copy all its files and folders into a new git repository and run `bundle install && rake install` inside it.
+It will create a `cmsscan` command that you can run against a target, ie `cmsscan --url https://www.google.com`
+Install Dependencies: `bundle install`
+## Contributing
+1. Fork it ( https://github.com/wpscanteam/CMSScanner/fork )
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/app/controllers/core.rb CHANGED

@@ -22,10 +22,11 @@ module CMSScanner
       def maybe_output_banner_help_and_version
         output('banner') if parsed_options[:banner]
-        output('help', help: option_parser.to_s) if parsed_options[:help]
+        output('help', help: option_parser.simple_help, simple: true) if parsed_options[:help]
+        output('help', help: option_parser.full_help, simple: false) if parsed_options[:hh]
         output('version') if parsed_options[:version]
-        exit(NS::ExitCode::OK) if parsed_options[:help] || parsed_options[:version]
+        exit(NS::ExitCode::OK) if parsed_options[:help] || parsed_options[:hh] || parsed_options[:version]
       end
       # Checks that the target is accessible, raises related errors otherwise

data/app/controllers/core/cli_options.rb CHANGED

@@ -7,7 +7,7 @@ module CMSScanner
         [
           OptURL.new(['-u', '--url URL', 'The URL to scan'],
-                     required_unless: %i[help version],
+                     required_unless: %i[help hh version],
                      default_protocol: 'http')
         ] + mixed_cli_options + [
           OptFilePath.new(['-o', '--output FILE', 'Output to FILE'], writable: true, exists: false),
@@ -19,15 +19,17 @@ module CMSScanner
                         default: :mixed),
           OptArray.new(['--scope DOMAINS',
                         'Comma separated (sub-)domains to consider in scope. ',
-                        'Wildcard(s) allowed in the trd of valid domains, e.g: *.target.tld'])
+                        'Wildcard(s) allowed in the trd of valid domains, e.g: *.target.tld'], advanced: true)
         ] + cli_browser_options
       end
       def mixed_cli_options
         [
-          OptBoolean.new(['-h', '--help', 'Display the help and exit']),
+          OptBoolean.new(['-h', '--help', 'Display the simple help and exit']),
+          OptBoolean.new(['--hh', 'Display the full help and exit']),
           OptBoolean.new(['--version', 'Display the version and exit']),
-          OptBoolean.new(['--ignore-main-redirect', 'Ignore the main redirect (if any) and scan the target url']),
+          OptBoolean.new(['--ignore-main-redirect', 'Ignore the main redirect (if any) and scan the target url'],
+                         advanced: true),
           OptBoolean.new(['-v', '--verbose', 'Verbose mode']),
           OptBoolean.new(['--[no-]banner', 'Whether or not to display the banner'], default: true)
         ]
@@ -39,9 +41,9 @@ module CMSScanner
           OptBoolean.new(['--random-user-agent', '--rua',
                           'Use a random user-agent for each scan']),
           OptFilePath.new(['--user-agents-list FILE-PATH',
-                           'List of agents to use with --random-user-agent'], exists: true),
+                           'List of agents to use with --random-user-agent'], exists: true, advanced: true),
           OptCredentials.new(['--http-auth login:password']),
-          OptPositiveInteger.new(['--max-threads VALUE', '-t', 'The max threads to use'],
+          OptPositiveInteger.new(['-t', '--max-threads VALUE', 'The max threads to use'],
                                  default: 5),
           OptPositiveInteger.new(['--throttle MilliSeconds', 'Milliseconds to wait before doing another web request. ' \
                                   'If used, the max threads will be set to 1.']),
@@ -57,8 +59,8 @@ module CMSScanner
       def cli_browser_headers_options
         [
           OptString.new(['--user-agent VALUE', '--ua']),
-          OptHeaders.new(['--headers HEADERS', 'Additional headers to append in requests']),
-          OptString.new(['--vhost VALUE', 'The virtual host (Host header) to use in requests'])
+          OptHeaders.new(['--headers HEADERS', 'Additional headers to append in requests'], advanced: true),
+          OptString.new(['--vhost VALUE', 'The virtual host (Host header) to use in requests'], advanced: true)
         ]
       end
@@ -88,13 +90,15 @@ module CMSScanner
       # @return [ Array<OptParseValidator::OptBase> ]
       def cli_browser_cache_options
         [
-          OptInteger.new(['--cache-ttl TIME_TO_LIVE', 'The cache time to live in seconds'], default: 600),
-          OptBoolean.new(['--clear-cache', 'Clear the cache before the scan']),
+          OptInteger.new(['--cache-ttl TIME_TO_LIVE', 'The cache time to live in seconds'],
+                         default: 600, advanced: true),
+          OptBoolean.new(['--clear-cache', 'Clear the cache before the scan'], advanced: true),
           OptDirectoryPath.new(['--cache-dir PATH'],
                                readable: true,
                                writable: true,
                                create: true,
-                               default: File.join(tmp_directory, 'cache'))
+                               default: File.join(tmp_directory, 'cache'),
+                               advanced: true)
         ]
       end
     end

data/app/controllers/interesting_findings.rb CHANGED

@@ -7,8 +7,7 @@ module CMSScanner
           OptChoice.new(
             ['--interesting-findings-detection MODE',
              'Use the supplied mode for the interesting findings detection. '],
-            choices: %w[mixed passive aggressive],
-            normalize: :to_sym
+            choices: %w[mixed passive aggressive], normalize: :to_sym, advanced: true
           )
         ]
       end

data/app/views/cli/core/help.erb CHANGED

@@ -1 +1,4 @@
 <%= @help %>
+<% if @simple -%>
+[!] To see full list of options use --hh.
+<% end -%>

data/app/views/json/core/help.erb CHANGED

@@ -1 +1,4 @@
-"help": <%= @help.to_s.to_json %>,
+"help": <%= @help.to_s.to_json %>,
+<% if @simple -%>
+"full_help": "To see full list of options use --hh.",
+<% end -%>

data/lib/cms_scanner/version.rb CHANGED

@@ -1,4 +1,4 @@
 # Version
 module CMSScanner
-  VERSION = '0.0.40.1'.freeze
+  VERSION = '0.0.40.2'.freeze
 end

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cms_scanner
 version: !ruby/object:Gem::Version
-  version: 0.0.40.1
+  version: 0.0.40.2
 platform: ruby
 authors:
 - WPScanTeam
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-09-28 00:00:00.000000000 Z
+date: 2018-10-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.16.3
+        version: 0.0.16.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.0.16.3
+        version: 0.0.16.4
 - !ruby/object:Gem::Dependency
   name: public_suffix
   requirement: !ruby/object:Gem::Requirement
@@ -255,6 +255,8 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- LICENSE
+- README.md
 - app/app.rb
 - app/controllers.rb
 - app/controllers/core.rb