fingerprinter 0.1.1 → 0.1.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/lib/fingerprinter/configs/scan_options.rb +1 -1
  3. data/lib/fingerprinter/core/detector.rb +4 -4
  4. data/lib/fingerprinter/core/http_client.rb +4 -3
  5. data/lib/fingerprinter/technologies/cms/magento.rb +12 -10
  6. data/lib/fingerprinter/technologies/softwares/apache_ofbiz.rb +2 -2
  7. data/lib/fingerprinter/technologies/softwares/nexus_repository.rb +5 -2
  8. data/lib/fingerprinter/utilities/kb.rb +2 -2
  9. data/lib/fingerprinter/utilities/parser.rb +1 -1
  10. data/lib/fingerprinter/utilities/urls.rb +1 -1
  11. data/lib/fingerprinter.rb +10 -5
  12. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1d85553bfd3f1487b0185188933d1e409f12cc8e8a96762e5f2e8e5a2ab7f7d1
4
- data.tar.gz: bd5fc3fd49ceac7667bcaca1eaf4cb3e0fb7be4dc68d62bc58bbf15f6ff8751d
3
+ metadata.gz: 3b224d61b1b79fce378d1b8ad8ac84ac4f1de81cd37195281aee7e0051c684d6
4
+ data.tar.gz: df4ba4f706f8a5de13b778f050ee1568a5f9bdbf6cabaa7732ec5fcb745b0f39
5
5
  SHA512:
6
- metadata.gz: e598f2f6025e1db35ca2089aace62176b048cc6e432868086199d5af999138257dcd6a3f8134c6b9c303c189e565d15ffb8e0e1e6736eae8b3be9f45c16f360b
7
- data.tar.gz: c9829ca7d4288d7f096b4c3dd7dea07369bebbee12e9b308c743bd749176f03c9898a3de1b937bf30f1ea33b5ef675d317ccf1546aeb3feba22a57f0909fdf91
6
+ metadata.gz: cc74aa0e8bf750f3a9d8a727a958e23d3a285491c0501763238cd5493e865bebe9590c42090b7bbf1f1cdea2ba9ac56824784eb3079b7fafeb9923deed1eae07
7
+ data.tar.gz: 7e70c7c5e3fabafd2c73dd53a1a41b1a05769044978005f0a521646b30a78ba5bc1b3a701ccd9d0b05a2cd5d6266fa35bf5075bf7f908f6babe0ff2ada89541f
data/lib/fingerprinter/configs/scan_options.rb CHANGED
@@ -34,7 +34,7 @@ class ScanOptions
34
34
  end
35
35
 
36
36
  def self.user_agent
37
- @user_agent || 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36'
37
+ @user_agent || 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36'
38
38
  end
39
39
 
40
40
  def self.timeout
data/lib/fingerprinter/core/detector.rb CHANGED
@@ -8,14 +8,14 @@ module Fingerprinter
8
8
  response.headers&.each do |header, value|
9
9
  regex = regexes[header.downcase]
10
10
  next unless regex
11
-
11
+
12
12
  if value.is_a?(Array)
13
13
  return true if value.any? { |v| regex.match?(v) }
14
- else
15
- return true if regex.match?(value)
14
+ elsif regex.match?(value)
15
+ return true
16
16
  end
17
17
  end
18
-
18
+
19
19
  false
20
20
  end
21
21
 
data/lib/fingerprinter/core/http_client.rb CHANGED
@@ -22,9 +22,10 @@ class HttpClient
22
22
  }
23
23
 
24
24
  req_options[:headers].merge!({
25
- 'Priority' => 'u=0, i',
26
- 'Accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8'
27
- })
25
+ 'Priority' => 'u=0, i',
26
+ 'Accept-Encoding' => 'gzip, deflate, br',
27
+ 'Accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8'
28
+ })
28
29
 
29
30
  req_options[:params] = options[:params] if options[:params]
30
31
 
data/lib/fingerprinter/technologies/cms/magento.rb CHANGED
@@ -15,15 +15,16 @@ class Magento < Fingerprinter::Technologies
15
15
  /Magento_PageCache/,
16
16
  /Mage\.Cookies\.path/,
17
17
  /data-requiremodule="(mage|Magento_)/,
18
- /mage\/cookies/,
18
+ %r{mage/cookies},
19
19
  /MAGENTO_/,
20
20
  /Magento Security Scan/,
21
- /js\/mage\//,
21
+ %r{js/mage/},
22
22
  /x-magento-init/
23
23
  ].freeze
24
24
 
25
25
  def self.get_graphql(url)
26
- url = File.join(Utilities::Urls.up_to_port(url), '/graphql?query=+{customerDownloadableProducts+{+items+{+date+download_url}}+}')
26
+ url = File.join(Utilities::Urls.up_to_port(url),
27
+ '/graphql?query=+{customerDownloadableProducts+{+items+{+date+download_url}}+}')
27
28
  return if Utilities::Kb.inspected?(self, url)
28
29
 
29
30
  Utilities::Kb.inspected(self, url)
@@ -31,16 +32,17 @@ class Magento < Fingerprinter::Technologies
31
32
  end
32
33
 
33
34
  def self.run(data)
34
- detected = meta_detection(data[:doc], META_CONTENT_REGEX) ||
35
- whole_body_check(data[:response], BODY_CONTENT_REGEX)
35
+ detected = meta_detection(data[:doc], META_CONTENT_REGEX) ||
36
+ whole_body_check(data[:response], BODY_CONTENT_REGEX)
36
37
 
37
- if detected
38
- 'Magento'
39
- else
38
+ unless detected
40
39
  response = get_graphql(data[:url])
41
- return unless response&.code == 200 && ['The current customer', 'graphql-authorization'].all? { |pattern| response.body.include?(pattern) }
40
+ return unless response&.code == 200 && ['The current customer', 'graphql-authorization'].all? do |pattern|
41
+ response.body.include?(pattern)
42
+ end
42
43
 
43
- 'Magento'
44
44
  end
45
+
46
+ 'Magento'
45
47
  end
46
48
  end
data/lib/fingerprinter/technologies/softwares/apache_ofbiz.rb CHANGED
@@ -28,13 +28,13 @@ class ApacheOfbiz < Fingerprinter::Technologies
28
28
  response = get_xmlrpc(data[:url])
29
29
  return unless response&.code == 200
30
30
 
31
- doc = Utilities::Parser.doc(response.body)
31
+ data[:doc] = Utilities::Parser.doc(response.body)
32
32
  end
33
33
 
34
34
  return unless response_headers_check(response, HEADERS_REGEX) ||
35
35
  meta_detection(data[:doc], META_CONTENT_REGEX) ||
36
36
  whole_body_check(response, BODY_CONTENT_REGEX)
37
37
 
38
- 'Apache Ofbiz'
38
+ 'Apache OFBiz'
39
39
  end
40
40
  end
data/lib/fingerprinter/technologies/softwares/nexus_repository.rb CHANGED
@@ -15,13 +15,16 @@ class NexusRepository < Fingerprinter::Technologies
15
15
  end
16
16
 
17
17
  def self.run(data)
18
- detected = title_detection(data[:doc], 'Sonatype Nexus Repository') || meta_detection(data[:doc], META_CONTENT_REGEX, 'description')
18
+ detected = title_detection(data[:doc],
19
+ 'Sonatype Nexus Repository') || meta_detection(data[:doc], META_CONTENT_REGEX,
20
+ 'description')
19
21
  unless detected
20
22
  response = check_path(data[:url])
21
23
  return unless response&.code == 200
22
24
 
23
25
  doc = Utilities::Parser.doc(response.body)
24
- detected = title_detection(doc, 'Sonatype Nexus Repository') || meta_detection(doc, META_CONTENT_REGEX, 'description')
26
+ detected = title_detection(doc,
27
+ 'Sonatype Nexus Repository') || meta_detection(doc, META_CONTENT_REGEX, 'description')
25
28
  end
26
29
  return unless detected
27
30
 
data/lib/fingerprinter/utilities/kb.rb CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  class Utilities
4
4
  # Files : Utilities related to files
5
- class Kb
5
+ class Kb
6
6
  def self.coverage_id(plugin, url)
7
7
  "#{plugin}:#{url}"
8
8
  end
@@ -15,4 +15,4 @@ class Utilities
15
15
  Fingerprinter::Technologies.kb[:inspected].include?(coverage_id(plugin, url))
16
16
  end
17
17
  end
18
- end
18
+ end
data/lib/fingerprinter/utilities/parser.rb CHANGED
@@ -9,4 +9,4 @@ class Utilities
9
9
  Nokogiri::HTML(body)
10
10
  end
11
11
  end
12
- end
12
+ end
data/lib/fingerprinter/utilities/urls.rb CHANGED
@@ -28,4 +28,4 @@ class Utilities
28
28
  uri.to_s.split('?', 2).first.to_s
29
29
  end
30
30
  end
31
- end
31
+ end
data/lib/fingerprinter.rb CHANGED
@@ -44,7 +44,7 @@ module Fingerprinter
44
44
  doc = Utilities::Parser.doc(response.body)
45
45
 
46
46
  results[url] = Concurrent::Array.new
47
- data = { response:, doc:, url: }
47
+ data = { response: response, doc: doc, url: url }
48
48
  Technologies.subclasses.each { |technology| results[url] << technology.run(data) }
49
49
  end
50
50
  end
@@ -56,11 +56,16 @@ module Fingerprinter
56
56
  private
57
57
 
58
58
  def get_response(url)
59
- response = Fingerprinter.http_client.get(url, { follow_location: true })[url]
60
- return if response&.code&.zero?
61
- return response if same_scope?(url, response)
59
+ response = nil
60
+ 3.times do
61
+ response = Fingerprinter.http_client.get(url, { follow_location: true })[url]
62
+ break if response&.code != 0 && !response.return_message.include?('Stream error')
62
63
 
63
- Fingerprinter.http_client.get(url, { follow_location: false })[url]
64
+ sleep(1)
65
+ end
66
+ return response if response&.code&.zero? || same_scope?(url, response)
67
+
68
+ response.redirections.first
64
69
  end
65
70
 
66
71
  def same_scope?(url, response)
metadata CHANGED
@@ -1,17 +1,17 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fingerprinter
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joshua MARTINELLE
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-06-26 00:00:00.000000000 Z
11
+ date: 2024-07-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: typhoeus
14
+ name: concurrent-ruby
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
17
  - - ">="
@@ -39,7 +39,7 @@ dependencies:
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
- name: concurrent-ruby
42
+ name: typhoeus
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
45
  - - ">="