cms_scanner 0.0.41.9 → 0.0.41.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/app/views/cli/scan_aborted.erb +1 -0
  3. data/lib/cms_scanner.rb +6 -1
  4. data/lib/cms_scanner/browser/options.rb +3 -3
  5. data/lib/cms_scanner/typhoeus/hydra.rb +10 -0
  6. data/lib/cms_scanner/version.rb +1 -1
  7. metadata +5 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2f8a08db554fc79d30135e3250569454f9b4d07b2899a436ae8065a5e9dc029d
4
- data.tar.gz: 45a05783fdac31c93a69a988e26759f6854a9d0b58c6c0a77d23ccbee3d6902d
3
+ metadata.gz: 7e47006d4ef6041b74990ece7fb987edbe92e4ac12640d12b601cb917fd07384
4
+ data.tar.gz: 5c36f333c1a404df5e7a373be1d06dd874d662515ac33171babab21a497161b0
5
5
  SHA512:
6
- metadata.gz: '08d4b7c12c8bec00e255f83a8049cdc4ace640d6bd6c15b86d7bf2a372efe417719a0f717de1d40c06a02008b440066bb4dabfd3ff2189ce4c1bded5a8551d1a'
7
- data.tar.gz: 16a1e0fec3dcff040189de7dbb33e50710fa4cb762da49debaadfd626bb743579bd18c41561b108a166a583ff270b391e988d60a2e6b3df304765d2ccb9adaa5
6
+ metadata.gz: a9ec0fc35cc97167ff34deccd9f2ecdb20d7be1499ce9e77ec56f2b1f05568a82c5870036cdb54d9faf5a6a1639242f9be27449a927c7b60c605bbcd1c9374c3
7
+ data.tar.gz: 61bf5514e607909b1fe92a7afe114f813e2f7ff08cdbf89ba64d27881eb997e6f790fa80fa0050dea4df6aa6f698ae292561bb8b8136c2bbf2e219053f9bae7c
data/app/views/cli/scan_aborted.erb CHANGED
@@ -1,3 +1,4 @@
1
+
1
2
  Scan Aborted: <%= @reason %>
2
3
  <% if @verbose -%>
3
4
  Trace: <%= @trace.join("\n") %>
data/lib/cms_scanner.rb CHANGED
@@ -17,6 +17,7 @@ require 'timeout'
17
17
  require 'xmlrpc/client'
18
18
  # Monkey Patches
19
19
  require 'cms_scanner/typhoeus/response' # Adds a Response#html using Nokogiri to parse the body
20
+ require 'cms_scanner/typhoeus/hydra' # https://github.com/typhoeus/typhoeus/issues/439
20
21
  require 'cms_scanner/public_suffix/domain' # Adds a Domain#match method and logic, used in scope stuff
21
22
  require 'cms_scanner/numeric' # Adds a Numeric#bytes_to_human
22
23
  # Custom Libs
@@ -41,6 +42,10 @@ module CMSScanner
41
42
  APP_DIR = Pathname.new(__FILE__).dirname.join('..', 'app').expand_path
42
43
  NS = self
43
44
 
45
+ # Avoid memory leak when using Hydra, see https://github.com/typhoeus/typhoeus/issues/562
46
+ # Requests are still cached via the provided Cache system
47
+ Typhoeus::Config.memoize = false
48
+
44
49
  # Number of requests performed and data sent/received to display at the end of the scan
45
50
  Typhoeus.on_complete do |response|
46
51
  self.cached_requests += 1 if response.cached?
@@ -149,7 +154,7 @@ module CMSScanner
149
154
  verbose: controllers.first.parsed_options[:verbose] ||
150
155
  run_error_exit_code == NS::ExitCode::EXCEPTION)
151
156
  ensure
152
- # Browser.instance.hydra.abort
157
+ Browser.instance.hydra.abort
153
158
 
154
159
  formatter.beautify
155
160
  end
data/lib/cms_scanner/browser/options.rb CHANGED
@@ -29,7 +29,7 @@ module CMSScanner
29
29
 
30
30
  # @return [ Typhoeus::Hydra ]
31
31
  def hydra
32
- Typhoeus::Hydra.new(max_concurrency: max_threads || 1)
32
+ @hydra ||= Typhoeus::Hydra.new(max_concurrency: max_threads || 1)
33
33
  end
34
34
 
35
35
  # @param [ Hash ] options
@@ -39,14 +39,14 @@ module CMSScanner
39
39
  end
40
40
  end
41
41
 
42
- # Set the threads attribute
42
+ # Set the threads attribute and update hydra accordinly
43
43
  # If the throttle attribute is > 0, max_threads will be forced to 1
44
44
  #
45
45
  # @param [ Integer ] number
46
46
  def max_threads=(number)
47
47
  @max_threads = number.to_i.positive? && throttle.zero? ? number.to_i : 1
48
48
 
49
- # hydra.max_concurrency = @max_threads
49
+ hydra.max_concurrency = @max_threads
50
50
  end
51
51
 
52
52
  # @return [ String ] The user agent
data/lib/cms_scanner/typhoeus/hydra.rb ADDED
@@ -0,0 +1,10 @@
1
+ module Typhoeus
2
+ # Ensure a clean abort of hydra
3
+ # See https://github.com/typhoeus/typhoeus/issues/439
4
+ class Hydra
5
+ def abort
6
+ super
7
+ run
8
+ end
9
+ end
10
+ end
data/lib/cms_scanner/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  # Version
2
2
  module CMSScanner
3
- VERSION = '0.0.41.9'.freeze
3
+ VERSION = '0.0.41.10'.freeze
4
4
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.41.9
4
+ version: 0.0.41.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-03-18 00:00:00.000000000 Z
11
+ date: 2019-03-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -184,14 +184,14 @@ dependencies:
184
184
  requirements:
185
185
  - - "~>"
186
186
  - !ruby/object:Gem::Version
187
- version: 0.65.0
187
+ version: 0.66.0
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
192
  - - "~>"
193
193
  - !ruby/object:Gem::Version
194
- version: 0.65.0
194
+ version: 0.66.0
195
195
  - !ruby/object:Gem::Dependency
196
196
  name: simplecov
197
197
  requirement: !ruby/object:Gem::Requirement
@@ -315,6 +315,7 @@ files:
315
315
  - lib/cms_scanner/target/server/generic.rb
316
316
  - lib/cms_scanner/target/server/iis.rb
317
317
  - lib/cms_scanner/target/server/nginx.rb
318
+ - lib/cms_scanner/typhoeus/hydra.rb
318
319
  - lib/cms_scanner/typhoeus/response.rb
319
320
  - lib/cms_scanner/version.rb
320
321
  - lib/cms_scanner/vulnerability.rb