enchant 0.99.0 → 1.0.0.pre1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. data/Gemfile +1 -2
  2. data/Gemfile.lock +2 -3
  3. data/LICENSE.txt +20 -0
  4. data/README.md +71 -0
  5. data/Rakefile +61 -15
  6. data/VERSION +1 -1
  7. data/bin/enchant +26 -127
  8. data/db/directory-list-1.0.txt +141708 -0
  9. data/db/directory-list-2.3-medium.txt +220560 -0
  10. data/db/directory-list-2.3-small.txt +87664 -0
  11. data/lib/enchant/engine.rb +106 -46
  12. data/lib/enchant/version.rb +9 -85
  13. data/spec/enchant_spec.rb +8 -0
  14. data/spec/spec_helper.rb +12 -0
  15. metadata +53 -47
  16. data/README.textile +0 -93
  17. data/enchant.gemspec +0 -81
data/lib/enchant/engine.rb CHANGED
@@ -1,68 +1,128 @@
1
1
  require 'net/http'
2
+ require 'httpclient'
2
3
  require 'uri'
4
+ require 'progressbar'
3
5
 
4
6
  module Enchant
5
-
6
7
  class Engine
7
- attr_reader :server, :code
8
- attr_accessor :host, :port, :domain
8
+ attr_reader :urls_open
9
+ attr_reader :urls_internal_error
10
+ attr_reader :urls_private
9
11
 
10
- def initialize(*urls)
11
- url = urls.pop || ""
12
+ def initialize(options={})
13
+ @host = options[:host]
14
+ @port = options[:port]
15
+ @wordlist = options[:wordlist]
16
+ @verbose = options[:verbose]
17
+ end
18
+ def self.help
19
+ puts "usage: enchant -wVvh target"
20
+ puts " -w file: specifiy the text file to be used as dictionary"
21
+ puts " -V: be verbose"
22
+ puts " -v: shows version"
23
+ puts " -h: this help"
24
+ end
12
25
 
13
- if url != ""
14
- tmp = URI.parse(url)
15
- @host = tmp.host
16
- @port = tmp.port
26
+
27
+ def fuzz(*)
28
+ # in future some perturbation will be done here
29
+ get_list
30
+ end
17
31
 
18
- if @host == nil && @port == nil
19
- @sane = nil
20
- else
21
- @sane = 1
22
- end
23
- else
24
- @sane = 1
32
+ def scan
33
+ http = Net::HTTP.new(@host, @port)
34
+ list = get_list
35
+ if list.empty?
36
+ return 0
25
37
  end
26
- end
27
38
 
28
- def is_sane?
29
- @sane
39
+ refused=0
40
+ @urls_open=[]
41
+ @urls_internal_error=[]
42
+ @urls_private=[]
43
+
44
+
45
+ pbar = ProgressBar.new("urls", list.size)
46
+ list.each do |path|
47
+ pbar.inc
48
+ if ! path.start_with? '#'
49
+ begin
50
+ response = http.get('/'+path.chop)
51
+ c = response.code.to_i
52
+ refused = 0
53
+ if c == 200
54
+ @urls_open << path
55
+ end
56
+ if c == 401
57
+ @urls_private << path
58
+ end
59
+ if c >= 500
60
+ @urls_internal_error << path
61
+ end
62
+ rescue Errno::ECONNREFUSED
63
+ refused += 1
64
+ if refused > 5
65
+ pbar.finish
66
+ puts "received 5 connection refused. #{@host} went down".color(:red)
67
+ return @urls_open.count
68
+ else
69
+ puts "[WARNING] connection refused".color(:yellow)
70
+ sleep 2 * refused
71
+ end
72
+
73
+ rescue Net::HTTPBadResponse
74
+ refused = 0
75
+ if @verbose
76
+ puts "#{$!}".color(:red)
77
+ end
78
+ rescue Errno::ETIMEDOUT
79
+ refused = 0
80
+ if @verbose
81
+ puts "#{$!}".color(:red)
82
+ end
83
+ end
84
+ end
85
+ end
86
+ pbar.finish
87
+ @urls_open.count
30
88
  end
31
89
 
32
- def list(wordlist)
90
+ def up?
33
91
  begin
34
- File.open(wordlist, 'r') { |f|
35
- @list = f.readlines
36
- }
37
- rescue Errno::ENOENT
38
- puts "It seems the wordlist file is not present (#{wordlist})"
39
- @list = nil
92
+ Net::HTTP.new(@host, @port).get('/')
93
+ return true
94
+ rescue Errno::ECONNREFUSED
95
+ return false
96
+ rescue Errno::ETIMEDOUT
97
+ return false
40
98
  end
41
- end
99
+ end
42
100
 
43
- def fuzz(*)
44
- # in future some perturbation will be done here
45
- @list
46
- end
47
101
 
48
- def get(path)
49
- http = Net::HTTP.new(host, port)
102
+ private
103
+ def get_list
104
+
105
+ if @wordlist.nil?
106
+ if File.exists?('../../db/directory-list-2.3-small.txt')
107
+ @wordlist='../../db/directory-list-2.3-small.txt'
108
+ end
109
+ if File.exists?('./db/directory-list-2.3-small.txt')
110
+ @wordlist='./db/directory-list-2.3-small.txt'
111
+ else
112
+ @list = {}
113
+ end
114
+
115
+ end
116
+
50
117
  begin
51
- response = http.get(path)
52
- @code = response.code
53
- rescue Net::HTTPBadResponse
54
- puts #{$!}
55
- @code=-1
56
- rescue Errno::ETIMEDOUT
57
- puts #{$!}
58
- @code=-1
118
+ File.open(@wordlist, 'r') { |f|
119
+ @list = f.readlines
120
+ }
121
+ rescue Errno::ENOENT
122
+ puts "it seems the wordlist file is not present (#{@wordlist})".color(:red)
123
+ @list = {}
59
124
  end
60
- @code
61
125
  end
62
126
 
63
- def up?(site)
64
- Net::HTTP.new(site).head('/').kind_of? Net::HTTPOK
65
- end
66
-
67
127
  end
68
128
  end
data/lib/enchant/version.rb CHANGED
@@ -1,92 +1,16 @@
1
1
  module Enchant
2
- # Handles enchant version number taken from VERSION file.
3
- # The way Haml gem handles it's version.rb inspired me for creating this
4
- # file.
5
- class Version
2
+ module Version
3
+ MAJOR = 1
4
+ MINOR = 0
5
+ PATCH = 0
6
+ BUILD = 'pre1'
6
7
 
7
- # Returns a hash representing the version of enchant.
8
- # The `:major`, `:minor`, and `:patch` keys have their respective numbers as Fixnums.
9
- # The `:name` key has the name of the version.
10
- # The `:string` key contains a human-readable string representation of the version.
11
- # The `:number` key is the major, minor, and patch keys separated by periods.
12
- # If enchant is checked out from Git, the `:rev` key will have the revision hash.
13
- #
14
- # For example:
15
- #
16
- # {
17
- # :string => "0.1.4.160676a",
18
- # :rev => "160676ab8924ef36639c7e82aa88a51a24d16949",
19
- # :number => "0.1.4",
20
- # :major => 0, :minor => 1, :patch => 4
21
- # }
22
- #
23
- # If a prerelease version of enchant is being used,
24
- # the `:string` and `:number` fields will reflect the full version
25
- # (e.g. `"1.0.beta.1"`), and the `:patch` field will be `-1`.
26
- #
27
- # A `:prerelease` key will contain the name of the prerelease (e.g. `"beta"`),
28
- # and a `:prerelease_number` key will contain the rerelease number.
29
- #
30
- # For example:
31
- #
32
- # {
33
- # :string => "1.0.beta.1",
34
- # :number => "1.0.beta.1",
35
- # :major => 1, :minor => 0, :patch => -1,
36
- # :prerelease => "beta",
37
- # :prerelease_number => 1
38
- # }
39
- #
40
- # @return [{Symbol => String/Fixnum}] The version hash
41
8
  def self.version
42
- return @@version if defined?(@@version)
43
- numbers = File.read('VERSION').strip.split('.').map {|n| n =~ /^[0-9]+$/ ? n.to_i : n}
44
- @@version = {
45
- :major => numbers[0],
46
- :minor => numbers[1],
47
- :patch => numbers[2]
48
- }
49
- if numbers[3].is_a?(String)
50
- @@version[:patch] = -1
51
- @@version[:prerelease] = numbers[3]
52
- @@version[:prerelease_number] = numbers[4]
9
+ if BUILD.empty?
10
+ return [MAJOR, MINOR, PATCH].compact.join('.')
11
+ else
12
+ return [MAJOR, MINOR, PATCH, BUILD].compact.join('.')
53
13
  end
54
- @@version[:number] = numbers.join('.')
55
- @@version[:string] = @@version[:number].dup
56
-
57
- rev = revision_number
58
- @@version[:rev] = rev
59
- unless rev[0] == ?(
60
- @@version[:string] << "." << rev[0...7]
61
- end
62
-
63
- @@version
64
- end
65
-
66
- def self.revision_number
67
- if File.exists?('REVISION')
68
- rev = File.read('REVISION').strip
69
- return rev unless rev =~ /^([a-f0-9]+|\(.*\))$/ || rev == '(unknown)'
70
- end
71
-
72
- return unless File.exists?('.git/HEAD')
73
- rev = File.read('.git/HEAD').strip
74
- return rev unless rev =~ /^ref: (.*)$/
75
-
76
- ref_name = $1
77
- ref_file = "./.git/#{ref_name}"
78
- info_file = "./.git/info/refs"
79
- return File.read(ref_file).strip if File.exists?(ref_file)
80
- return unless File.exists?(info_file)
81
- File.open(info_file) do |f|
82
- f.each do |l|
83
- sha, ref = l.strip.split("\t", 2)
84
- next unless ref == ref_name
85
- return sha
86
- end
87
- end
88
- return nil
89
14
  end
90
-
91
15
  end
92
16
  end
data/spec/enchant_spec.rb ADDED
@@ -0,0 +1,8 @@
1
+ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
+
3
+ describe "enchant " do
4
+ it "must fail" do
5
+ fail
6
+ end
7
+
8
+ end
data/spec/spec_helper.rb ADDED
@@ -0,0 +1,12 @@
1
+ $LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
2
+ $LOAD_PATH.unshift(File.dirname(__FILE__))
3
+ require 'rspec'
4
+ require 'enchant'
5
+
6
+ # Requires supporting files with custom matchers and macros, etc,
7
+ # in ./support/ and its subdirectories.
8
+ Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
9
+
10
+ RSpec.configure do |config|
11
+
12
+ end
metadata CHANGED
@@ -1,19 +1,19 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: enchant
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.99.0
5
- prerelease:
4
+ version: 1.0.0.pre1
5
+ prerelease: 6
6
6
  platform: ruby
7
7
  authors:
8
8
  - Paolo Perego
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2012-01-08 00:00:00.000000000Z
12
+ date: 2012-02-16 00:00:00.000000000Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: rainbow
16
- requirement: &74330310 !ruby/object:Gem::Requirement
16
+ requirement: &70223617410300 !ruby/object:Gem::Requirement
17
17
  none: false
18
18
  requirements:
19
19
  - - ! '>='
@@ -21,10 +21,10 @@ dependencies:
21
21
  version: '0'
22
22
  type: :runtime
23
23
  prerelease: false
24
- version_requirements: *74330310
24
+ version_requirements: *70223617410300
25
25
  - !ruby/object:Gem::Dependency
26
26
  name: progressbar
27
- requirement: &74329910 !ruby/object:Gem::Requirement
27
+ requirement: &70223617407820 !ruby/object:Gem::Requirement
28
28
  none: false
29
29
  requirements:
30
30
  - - ! '>='
@@ -32,10 +32,10 @@ dependencies:
32
32
  version: '0'
33
33
  type: :runtime
34
34
  prerelease: false
35
- version_requirements: *74329910
35
+ version_requirements: *70223617407820
36
36
  - !ruby/object:Gem::Dependency
37
- name: awesome_print
38
- requirement: &74329590 !ruby/object:Gem::Requirement
37
+ name: httpclient
38
+ requirement: &70223617405260 !ruby/object:Gem::Requirement
39
39
  none: false
40
40
  requirements:
41
41
  - - ! '>='
@@ -43,21 +43,10 @@ dependencies:
43
43
  version: '0'
44
44
  type: :runtime
45
45
  prerelease: false
46
- version_requirements: *74329590
47
- - !ruby/object:Gem::Dependency
48
- name: rake
49
- requirement: &73873170 !ruby/object:Gem::Requirement
50
- none: false
51
- requirements:
52
- - - ! '>='
53
- - !ruby/object:Gem::Version
54
- version: '0'
55
- type: :runtime
56
- prerelease: false
57
- version_requirements: *73873170
46
+ version_requirements: *70223617405260
58
47
  - !ruby/object:Gem::Dependency
59
48
  name: rspec
60
- requirement: &73872830 !ruby/object:Gem::Requirement
49
+ requirement: &70223617401900 !ruby/object:Gem::Requirement
61
50
  none: false
62
51
  requirements:
63
52
  - - ~>
@@ -65,10 +54,10 @@ dependencies:
65
54
  version: 2.3.0
66
55
  type: :development
67
56
  prerelease: false
68
- version_requirements: *73872830
57
+ version_requirements: *70223617401900
69
58
  - !ruby/object:Gem::Dependency
70
59
  name: yard
71
- requirement: &73872380 !ruby/object:Gem::Requirement
60
+ requirement: &70223617399720 !ruby/object:Gem::Requirement
72
61
  none: false
73
62
  requirements:
74
63
  - - ~>
@@ -76,10 +65,10 @@ dependencies:
76
65
  version: 0.6.0
77
66
  type: :development
78
67
  prerelease: false
79
- version_requirements: *73872380
68
+ version_requirements: *70223617399720
80
69
  - !ruby/object:Gem::Dependency
81
70
  name: bundler
82
- requirement: &73872100 !ruby/object:Gem::Requirement
71
+ requirement: &70223617383320 !ruby/object:Gem::Requirement
83
72
  none: false
84
73
  requirements:
85
74
  - - ~>
@@ -87,10 +76,10 @@ dependencies:
87
76
  version: 1.0.0
88
77
  type: :development
89
78
  prerelease: false
90
- version_requirements: *73872100
79
+ version_requirements: *70223617383320
91
80
  - !ruby/object:Gem::Dependency
92
81
  name: jeweler
93
- requirement: &73871830 !ruby/object:Gem::Requirement
82
+ requirement: &70223617381780 !ruby/object:Gem::Requirement
94
83
  none: false
95
84
  requirements:
96
85
  - - ~>
@@ -98,10 +87,10 @@ dependencies:
98
87
  version: 1.6.0
99
88
  type: :development
100
89
  prerelease: false
101
- version_requirements: *73871830
90
+ version_requirements: *70223617381780
102
91
  - !ruby/object:Gem::Dependency
103
92
  name: rcov
104
- requirement: &73871490 !ruby/object:Gem::Requirement
93
+ requirement: &70223617380060 !ruby/object:Gem::Requirement
105
94
  none: false
106
95
  requirements:
107
96
  - - ! '>='
@@ -109,10 +98,10 @@ dependencies:
109
98
  version: '0'
110
99
  type: :development
111
100
  prerelease: false
112
- version_requirements: *73871490
101
+ version_requirements: *70223617380060
113
102
  - !ruby/object:Gem::Dependency
114
- name: ruby-progressbar
115
- requirement: &73871190 !ruby/object:Gem::Requirement
103
+ name: progressbar
104
+ requirement: &70223617378300 !ruby/object:Gem::Requirement
116
105
  none: false
117
106
  requirements:
118
107
  - - ! '>='
@@ -120,10 +109,10 @@ dependencies:
120
109
  version: '0'
121
110
  type: :runtime
122
111
  prerelease: false
123
- version_requirements: *73871190
112
+ version_requirements: *70223617378300
124
113
  - !ruby/object:Gem::Dependency
125
114
  name: rainbow
126
- requirement: &73870930 !ruby/object:Gem::Requirement
115
+ requirement: &70223617376540 !ruby/object:Gem::Requirement
127
116
  none: false
128
117
  requirements:
129
118
  - - ! '>='
@@ -131,31 +120,48 @@ dependencies:
131
120
  version: '0'
132
121
  type: :runtime
133
122
  prerelease: false
134
- version_requirements: *73870930
135
- description: Enchant is tool aimed to discover web application directory and pages
136
- by fuzzing the requests using a dictionary approach
137
- email: paolo@armoredcode.com
123
+ version_requirements: *70223617376540
124
+ - !ruby/object:Gem::Dependency
125
+ name: httpclient
126
+ requirement: &70223617336360 !ruby/object:Gem::Requirement
127
+ none: false
128
+ requirements:
129
+ - - ! '>='
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :runtime
133
+ prerelease: false
134
+ version_requirements: *70223617336360
135
+ description: ciphersurfer is a security tool that evaluates web server SSL configuration
136
+ email: thesp0nge@gmail.com
138
137
  executables:
139
138
  - enchant
140
139
  extensions: []
141
140
  extra_rdoc_files:
142
141
  - ChangeLog
143
- - README.textile
142
+ - LICENSE.txt
143
+ - README.md
144
144
  files:
145
145
  - COPYING
146
146
  - ChangeLog
147
147
  - Gemfile
148
148
  - Gemfile.lock
149
- - README.textile
149
+ - LICENSE.txt
150
+ - README.md
150
151
  - Rakefile
151
152
  - VERSION
152
153
  - bin/enchant
153
- - enchant.gemspec
154
+ - db/directory-list-1.0.txt
155
+ - db/directory-list-2.3-medium.txt
156
+ - db/directory-list-2.3-small.txt
154
157
  - lib/enchant.rb
155
158
  - lib/enchant/engine.rb
156
159
  - lib/enchant/version.rb
160
+ - spec/enchant_spec.rb
161
+ - spec/spec_helper.rb
157
162
  homepage: http://github.com/thesp0nge/enchant
158
- licenses: []
163
+ licenses:
164
+ - BSD
159
165
  post_install_message:
160
166
  rdoc_options: []
161
167
  require_paths:
@@ -165,17 +171,17 @@ required_ruby_version: !ruby/object:Gem::Requirement
165
171
  requirements:
166
172
  - - ! '>='
167
173
  - !ruby/object:Gem::Version
168
- version: '0'
174
+ version: 1.8.7
169
175
  required_rubygems_version: !ruby/object:Gem::Requirement
170
176
  none: false
171
177
  requirements:
172
- - - ! '>='
178
+ - - ! '>'
173
179
  - !ruby/object:Gem::Version
174
- version: '0'
180
+ version: 1.3.1
175
181
  requirements: []
176
182
  rubyforge_project:
177
183
  rubygems_version: 1.8.10
178
184
  signing_key:
179
185
  specification_version: 3
180
- summary: Your magical web application fuzzer
186
+ summary: evaluates web server SSL configuration
181
187
  test_files: []