cms_scanner 0.11.0 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7a8c1343f1468a7f2c486b3a4e01ab78908a3148463a06f1368e53e748a6c269
|
|
4
|
+
data.tar.gz: 9613a2df1e556a49a8f6dc9c7e934c2cd35a7aed0fbba4d42c22300901dd6b6b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7e7c1b97e79859d7bc38a3b9022ddc461ed0d9a91d275255f1f2430998ae46a2c591514165d6e21e6e6304b1f032eb8e9bf5f581bdc8e49f0dba43dceb640573
|
|
7
|
+
data.tar.gz: 25745b31c7217ce451cf30833fc180f2416af4cb5842cece2c0e73f543d8a9a021cbd5d03fcef8a2e3e06f29868987dd2fa02723d1fe98e0d22e9460105ad7da
|
|
@@ -6,20 +6,22 @@ module CMSScanner
|
|
|
6
6
|
# Module to provide an easy way to perform password attacks
|
|
7
7
|
module BreadthFirstDictionaryAttack
|
|
8
8
|
# @param [ Array<CMSScanner::Model::User> ] users
|
|
9
|
-
# @param [
|
|
9
|
+
# @param [ String ] wordlist_path
|
|
10
10
|
# @param [ Hash ] opts
|
|
11
11
|
# @option opts [ Boolean ] :show_progression
|
|
12
12
|
#
|
|
13
13
|
# @yield [ CMSScanner::User ] When a valid combination is found
|
|
14
14
|
#
|
|
15
15
|
# Due to Typhoeus threads shenanigans, in rare cases the progress-bar might
|
|
16
|
-
# be
|
|
16
|
+
# be incorrectly updated, hence the 'rescue ProgressBar::InvalidProgressError'
|
|
17
17
|
#
|
|
18
18
|
# TODO: Make rubocop happy about metrics etc
|
|
19
19
|
#
|
|
20
20
|
# rubocop:disable all
|
|
21
|
-
def attack(users,
|
|
22
|
-
|
|
21
|
+
def attack(users, wordlist_path, opts = {})
|
|
22
|
+
wordlist = File.open(wordlist_path)
|
|
23
|
+
|
|
24
|
+
create_progress_bar(total: users.size * wordlist.count, show_progression: opts[:show_progression])
|
|
23
25
|
|
|
24
26
|
queue_count = 0
|
|
25
27
|
# Keep the number of requests sent for each users
|
|
@@ -28,7 +30,8 @@ module CMSScanner
|
|
|
28
30
|
|
|
29
31
|
users.each { |u| user_requests_count[u.username] = 0 }
|
|
30
32
|
|
|
31
|
-
|
|
33
|
+
File.foreach(wordlist) do |password|
|
|
34
|
+
password.chomp!
|
|
32
35
|
remaining_users = users.select { |u| u.password.nil? }
|
|
33
36
|
|
|
34
37
|
break if remaining_users.empty?
|
|
@@ -47,7 +50,7 @@ module CMSScanner
|
|
|
47
50
|
user.password = password
|
|
48
51
|
|
|
49
52
|
begin
|
|
50
|
-
progress_bar.total -=
|
|
53
|
+
progress_bar.total -= wordlist.count - user_requests_count[user.username]
|
|
51
54
|
rescue ProgressBar::InvalidProgressError
|
|
52
55
|
end
|
|
53
56
|
|
data/lib/cms_scanner/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: cms_scanner
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.12.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- WPScanTeam
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-07-
|
|
11
|
+
date: 2020-07-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: get_process_mem
|