cms_scanner 0.8.1 → 0.8.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/app/controllers/core.rb +1 -1
  3. data/app/views/cli/core/started.erb +1 -1
  4. data/app/views/json/core/started.erb +1 -0
  5. data/lib/cms_scanner.rb +1 -0
  6. data/lib/cms_scanner/browser.rb +25 -15
  7. data/lib/cms_scanner/version.rb +1 -1
  8. data/lib/cms_scanner/web_site.rb +7 -0
  9. metadata +10 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: ae764ad02069f0fcdee9d4eabacba1045acf85087a0298b1fac24c90604cf0ec
4
- data.tar.gz: 9a1fb6774274c793321ee1454f85dbee6f164269decb33a4b87734120cb7bd46
3
+ metadata.gz: 48ae2616183230e6297b76c906506069a1f24f087449e20eca76bbc6b0c53970
4
+ data.tar.gz: dc8fdd0b8627b9f8205cefa819061597455209465775c5ec75507889a9c7da2b
5
5
  SHA512:
6
- metadata.gz: 2a036270d5e2c935f6631533528700f58db4768f095d9babc9757136123d3b6b6ccbc10ee72989d2d11ad3e54868d593d4d2f283d684076c1f9de231c143357b
7
- data.tar.gz: f68402bc28c9feeaa5444299d52b950726e36d861fb0e01e7d8adbac10851c0fd6cb8dd32b10effec01c2cf7f04fee07961f2bc2a125002d00d39b0ab252d858
6
+ metadata.gz: 769a471c55e5ba0fd5d22e07b8df37719638111033467b334c6c9619b8e8aa27ab781e755dc85655f91288d766dde7b9d52d434782d69083dfbc8c159e83f4b2
7
+ data.tar.gz: 39f7fc48f95db233e34646fc6e9c80af33999ae55743972b1f4b948a2e04e3746b65b2cabf3251e7fad8eb411aed361bbfd0c7c9d83bcce09694e49b15a8f976
data/app/controllers/core.rb CHANGED
@@ -63,7 +63,7 @@ module CMSScanner
63
63
  @start_time = Time.now
64
64
  @start_memory = NS.start_memory
65
65
 
66
- output('started', url: target.url, effective_url: target.homepage_url)
66
+ output('started', url: target.url, ip: target.ip, effective_url: target.homepage_url)
67
67
  end
68
68
 
69
69
  def after_scan
data/app/views/cli/core/started.erb CHANGED
@@ -1,4 +1,4 @@
1
- <%= info_icon %> URL: <%= @url %>
1
+ <%= info_icon %> URL: <%= @url %> [<%= @ip %>]
2
2
  <% if @url != @effective_url -%>
3
3
  <%= info_icon %> Effective URL: <%= @effective_url %>
4
4
  <% end -%>
data/app/views/json/core/started.erb CHANGED
@@ -1,4 +1,5 @@
1
1
  "start_time": <%= @start_time.to_i %>,
2
2
  "start_memory": <%= @start_memory.to_i %>,
3
3
  "target_url": <%= @url.to_s.to_json %>,
4
+ "target_ip": <%= @ip.to_s.to_json %>,
4
5
  "effective_url": <%= @effective_url.to_s.to_json %>,
data/lib/cms_scanner.rb CHANGED
@@ -16,6 +16,7 @@ require 'erb'
16
16
  require 'uri'
17
17
  require 'fileutils'
18
18
  require 'pathname'
19
+ require 'socket'
19
20
  require 'timeout'
20
21
  require 'xmlrpc/client'
21
22
  # Monkey Patches/Fixes
data/lib/cms_scanner/browser.rb CHANGED
@@ -38,20 +38,9 @@ module CMSScanner
38
38
  Typhoeus::Request.new(url, request_params(params))
39
39
  end
40
40
 
41
- # @return [ Hash ]
42
- def typhoeus_to_browser_opts
43
- { connecttimeout: :connect_timeout, cache_ttl: :cache_ttl,
44
- proxy: :proxy, timeout: :request_timeout, cookiejar: :cookie_jar,
45
- cookiefile: :cookie_jar, cookie: :cookie_string }
46
- end
47
-
48
- # @return [ Hash ]
49
- def default_request_params
50
- params = {
51
- headers: { 'User-Agent' => user_agent, 'Referer' => url }.merge(headers || {}),
52
- accept_encoding: 'gzip, deflate',
53
- method: :get
54
- }
41
+ # @return [ Hash ] The request params used to connect tothe target as well as potential other systems such as API
42
+ def default_connect_request_params
43
+ params = {}
55
44
 
56
45
  if disable_tls_checks
57
46
  # See http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html
@@ -61,7 +50,28 @@ module CMSScanner
61
50
  params[:sslversion] = :tlsv1
62
51
  end
63
52
 
64
- typhoeus_to_browser_opts.each do |typhoeus_opt, browser_opt|
53
+ {
54
+ connecttimeout: :connect_timeout, cache_ttl: :cache_ttl,
55
+ proxy: :proxy, timeout: :request_timeout
56
+ }.each do |typhoeus_opt, browser_opt|
57
+ attr_value = public_send(browser_opt)
58
+ params[typhoeus_opt] = attr_value unless attr_value.nil?
59
+ end
60
+
61
+ params
62
+ end
63
+
64
+ # @return [ Hash ]
65
+ # The params are not cached (using @params ||= for example), so that they are set accordingly if updated
66
+ # by a controller/other piece of code
67
+ def default_request_params
68
+ params = default_connect_request_params.merge(
69
+ headers: { 'User-Agent' => user_agent, 'Referer' => url }.merge(headers || {}),
70
+ accept_encoding: 'gzip, deflate',
71
+ method: :get
72
+ )
73
+
74
+ { cookiejar: :cookie_jar, cookiefile: :cookie_jar, cookie: :cookie_string }.each do |typhoeus_opt, browser_opt|
65
75
  attr_value = public_send(browser_opt)
66
76
  params[typhoeus_opt] = attr_value unless attr_value.nil?
67
77
  end
data/lib/cms_scanner/version.rb CHANGED
@@ -2,5 +2,5 @@
2
2
 
3
3
  # Version
4
4
  module CMSScanner
5
- VERSION = '0.8.1'
5
+ VERSION = '0.8.2'
6
6
  end
data/lib/cms_scanner/web_site.rb CHANGED
@@ -32,6 +32,13 @@ module CMSScanner
32
32
  @uri.join(Addressable::URI.encode(path).gsub('#', '%23')).to_s
33
33
  end
34
34
 
35
+ # @return [ String ] The IP address of the target
36
+ def ip
37
+ @ip ||= IPSocket.getaddress(uri.host)
38
+ rescue SocketError
39
+ 'Unknown'
40
+ end
41
+
35
42
  attr_writer :homepage_res
36
43
 
37
44
  # @return [ Typhoeus::Response ]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cms_scanner
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.8.1
4
+ version: 0.8.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - WPScanTeam
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-01-02 00:00:00.000000000 Z
11
+ date: 2020-02-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: get_process_mem
@@ -56,22 +56,16 @@ dependencies:
56
56
  name: public_suffix
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - ">="
60
- - !ruby/object:Gem::Version
61
- version: '3.0'
62
- - - "<"
59
+ - - "~>"
63
60
  - !ruby/object:Gem::Version
64
- version: '4.1'
61
+ version: 4.0.3
65
62
  type: :runtime
66
63
  prerelease: false
67
64
  version_requirements: !ruby/object:Gem::Requirement
68
65
  requirements:
69
- - - ">="
70
- - !ruby/object:Gem::Version
71
- version: '3.0'
72
- - - "<"
66
+ - - "~>"
73
67
  - !ruby/object:Gem::Version
74
- version: '4.1'
68
+ version: 4.0.3
75
69
  - !ruby/object:Gem::Dependency
76
70
  name: ruby-progressbar
77
71
  requirement: !ruby/object:Gem::Requirement
@@ -218,14 +212,14 @@ dependencies:
218
212
  requirements:
219
213
  - - "~>"
220
214
  - !ruby/object:Gem::Version
221
- version: 0.78.0
215
+ version: 0.79.0
222
216
  type: :development
223
217
  prerelease: false
224
218
  version_requirements: !ruby/object:Gem::Requirement
225
219
  requirements:
226
220
  - - "~>"
227
221
  - !ruby/object:Gem::Version
228
- version: 0.78.0
222
+ version: 0.79.0
229
223
  - !ruby/object:Gem::Dependency
230
224
  name: rubocop-performance
231
225
  requirement: !ruby/object:Gem::Requirement
@@ -260,14 +254,14 @@ dependencies:
260
254
  requirements:
261
255
  - - "~>"
262
256
  - !ruby/object:Gem::Version
263
- version: 3.7.0
257
+ version: 3.8.0
264
258
  type: :development
265
259
  prerelease: false
266
260
  version_requirements: !ruby/object:Gem::Requirement
267
261
  requirements:
268
262
  - - "~>"
269
263
  - !ruby/object:Gem::Version
270
- version: 3.7.0
264
+ version: 3.8.0
271
265
  description: Framework to provide an easy way to implement CMS Scanners
272
266
  email:
273
267
  - team@wpscan.org