cms_scanner 0.5.8 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/core/cli_options.rb +3 -1
  3. data/lib/cms_scanner/browser.rb +2 -0
  4. data/lib/cms_scanner/controllers.rb +6 -4
  5. data/lib/cms_scanner/version.rb +1 -1
  6. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 89a9a8926786633c33826a0b17aba20f0969b30d88c08db2b188050ad07a57c1
4
- data.tar.gz: d9a07649b204329b5bd12665fafb7b6074e46eedb37f9a8ca2bde30b41a7ea0f
3
+ metadata.gz: ca37ab68087ef1b53d298a9438a57fd56986e347f421ab39cc5966fe8d438683
4
+ data.tar.gz: 44463983165dfa3b71f5d285d81fe53dff50f443736cd5f136bfe6f9ff60b468
5
5
  SHA512:
6
- metadata.gz: 32da62d1914178ecdedf5f869501d60909a0cfab65755f54f2c349a561c762ba69207818ece75ca159fe8a4ad7b1c8d5ba8812ace2bf5da938dcfcdc872df8f4
7
- data.tar.gz: 855753f004bfa699f241fbe78bf095e841eb405ad601187c2b09d8d1c4bdb93e39dcf2b4f33088fe5fa8c4b0a30d048accec34b357ffc8190d23508d83af37f9
6
+ metadata.gz: 21711ffc321d799fdd866c8f495df55a2de5228dfcb5b4ae0fc4d82ee0c151d1d726ae60038f9c4891923cebd1d48309dc0a82fa5ede9f054622c2b529284b58
7
+ data.tar.gz: 8208a51454f004bdc72ee7d32a100302877d82f91d6f115a125b0fb7dd5ada0784b4acaf6ed9b454e715f557e23672c20e25e6b2540afc7e6bb4c5caa694af7a
data/app/controllers/core/cli_options.rb CHANGED
@@ -59,7 +59,9 @@ module CMSScanner
59
59
  default: 60),
60
60
  OptPositiveInteger.new(['--connect-timeout SECONDS', 'The connection timeout in seconds'],
61
61
  default: 30),
62
- OptBoolean.new(['--disable-tls-checks', 'Disables SSL/TLS certificate verification'])
62
+ OptBoolean.new(['--disable-tls-checks',
63
+ 'Disables SSL/TLS certificate verification, and downgrade to TLS1.0+ ' \
64
+ '(requires cURL 7.66 for the latter)'])
63
65
  ] + cli_browser_proxy_options + cli_browser_cookies_options + cli_browser_cache_options
64
66
  end
65
67
 
data/lib/cms_scanner/browser.rb CHANGED
@@ -57,6 +57,8 @@ module CMSScanner
57
57
  # See http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html
58
58
  params[:ssl_verifypeer] = false
59
59
  params[:ssl_verifyhost] = 0
60
+ # TLSv1.0 and plus, allows to use a protocol potentially lower than the OS default
61
+ params[:sslversion] = :tlsv1
60
62
  end
61
63
 
62
64
  typhoeus_to_browser_opts.each do |typhoeus_opt, browser_opt|
data/lib/cms_scanner/controllers.rb CHANGED
@@ -9,14 +9,16 @@ module CMSScanner
9
9
  def initialize(option_parser = OptParseValidator::OptParser.new(nil, 40))
10
10
  @option_parser = option_parser
11
11
 
12
- register_options_files
12
+ register_config_files
13
+
14
+ option_parser.config_files.result_key = 'cli_options'
13
15
  end
14
16
 
15
17
  # Adds the potential option file paths to the option_parser
16
- def register_options_files
18
+ def register_config_files
17
19
  [Dir.home, Dir.pwd].each do |dir|
18
- option_parser.options_files.class.supported_extensions.each do |ext|
19
- @option_parser.options_files << Pathname.new(dir).join(".#{NS.app_name}", "cli_options.#{ext}").to_s
20
+ option_parser.config_files.class.supported_extensions.each do |ext|
21
+ option_parser.config_files << Pathname.new(dir).join(".#{NS.app_name}", "scan.#{ext}").to_s
20
22
  end
21
23
  end
22
24
  end
data/lib/cms_scanner/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  # Version
4
4
  module CMSScanner
5
- VERSION = '0.5.8'
5
+ VERSION = '0.6.0'
6
6
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.8
4
+ version: 0.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-08-24 00:00:00.000000000 Z
11
+ date: 2019-09-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.7.4
33
+ version: 1.8.0
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.7.4
40
+ version: 1.8.0
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: public_suffix
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -232,14 +232,14 @@ dependencies:
232
232
  requirements:
233
233
  - - "~>"
234
234
  - !ruby/object:Gem::Version
235
- version: 3.6.0
235
+ version: 3.7.0
236
236
  type: :development
237
237
  prerelease: false
238
238
  version_requirements: !ruby/object:Gem::Requirement
239
239
  requirements:
240
240
  - - "~>"
241
241
  - !ruby/object:Gem::Version
242
- version: 3.6.0
242
+ version: 3.7.0
243
243
  description: Framework to provide an easy way to implement CMS Scanners
244
244
  email:
245
245
  - team@wpscan.org