cms_scanner 0.0.41.4 → 0.0.41.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ad670b5c5ef2beb079b31d7b8429c4c38cc60176
4
- data.tar.gz: 0bd37bd414a72e1295c5662ff17485d27b6cc121
3
+ metadata.gz: 9e1ce07cd91015afc42d0501750a05cb073e81d4
4
+ data.tar.gz: 22763ad0ec70df77f32a99cffa827546f916fa2b
5
5
  SHA512:
6
- metadata.gz: cf9ce7cafd23dfa33e69c1d2ad62f75ac3c12f27087a62e35876387aabb198351ca5e40dcbd81e9692b41f4043dea2dab629a8a9680d0a4ec607535575234f49
7
- data.tar.gz: f5331e465aefb61ecf865d2407ee91f63800ecf74b1119cb7c9e807b878fbb809c0ae2c4f331f527c57730364e32bbc295ab2b13828a55f816e553e4db4cc928
6
+ metadata.gz: 13a0de39162442d470bcf1b6eb810218903bccfcf6cb323a229ec1c723ee53ffd0c6601117f86912f97747c6be750378244a8233995862b0dc29a167a6baaaa3
7
+ data.tar.gz: a7d65db216a38b241cbee7150a390ae4a7fe09e14d876c6725b2094a771c9d893153b45c7c3842451a9dbf11d916b6ea5e25913a823ade2586ea98b701472cd8
@@ -41,7 +41,7 @@ module CMSScanner
41
41
  when 401
42
42
  raise HTTPAuthRequiredError
43
43
  when 403
44
- raise AccessForbiddenError
44
+ raise AccessForbiddenError, parsed_options[:random_user_agent]
45
45
  when 407
46
46
  raise ProxyAuthRequiredError
47
47
  end
@@ -21,7 +21,7 @@ module CMSScanner
21
21
  def ==(other)
22
22
  return false unless self.class == other.class
23
23
 
24
- username == other.username
24
+ username == other.username && password == other.password
25
25
  end
26
26
 
27
27
  def to_s
@@ -35,12 +35,22 @@ module CMSScanner
35
35
 
36
36
  # Access Forbidden Error
37
37
  class AccessForbiddenError < Error
38
- # :nocov:
38
+ attr_reader :random_user_agent_used
39
+
40
+ # @param [ Boolean ] random_user_agent_used
41
+ def initialize(random_user_agent_used)
42
+ @random_user_agent_used = random_user_agent_used
43
+ end
44
+
39
45
  def to_s
40
- 'The target is responding with a 403, this might be due to a WAF. ' \
41
- 'Please re-try with --random-user-agent'
46
+ msg = if random_user_agent_used
47
+ 'Well... --random-user-agent didn\'t work, you\'re on your own now!'
48
+ else
49
+ 'Please re-try with --random-user-agent'
50
+ end
51
+
52
+ "The target is responding with a 403, this might be due to a WAF. #{msg}"
42
53
  end
43
- # :nocov:
44
54
  end
45
55
 
46
56
  # HTTP Redirect Error
@@ -10,6 +10,9 @@ module CMSScanner
10
10
  #
11
11
  # @yield [ CMSScanner::User ] When a valid combination is found
12
12
  #
13
+ # Due to Typhoeus threads shenanigans, in rare cases the progress-bar might
14
+ # be incorrect updated, hence the 'rescue ProgressBar::InvalidProgressError'
15
+ #
13
16
  # TODO: Make rubocop happy about metrics etc
14
17
  #
15
18
  # rubocop:disable all
@@ -35,14 +38,15 @@ module CMSScanner
35
38
 
36
39
  request.on_complete do |res|
37
40
  progress_bar.title = "Trying #{user.username} / #{password}"
38
- progress_bar.increment
41
+
42
+ progress_bar.increment rescue ProgressBar::InvalidProgressError
39
43
 
40
44
  if valid_credentials?(res)
41
45
  user.password = password
42
46
 
43
- yield user
47
+ progress_bar.total -= passwords.size - user_requests_count[user.username] rescue ProgressBar::InvalidProgressError
44
48
 
45
- progress_bar.total -= passwords.size - user_requests_count[user.username]
49
+ yield user
46
50
  elsif errored_response?(res)
47
51
  output_error(res)
48
52
  end
@@ -1,4 +1,4 @@
1
1
  # Version
2
2
  module CMSScanner
3
- VERSION = '0.0.41.4'.freeze
3
+ VERSION = '0.0.41.5'.freeze
4
4
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.41.4
4
+ version: 0.0.41.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-03-07 00:00:00.000000000 Z
11
+ date: 2019-03-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri