fingerprinter 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/fingerprinter/configs/scan_options.rb +1 -1
- data/lib/fingerprinter/core/detector.rb +4 -4
- data/lib/fingerprinter/core/http_client.rb +4 -3
- data/lib/fingerprinter/technologies/cms/magento.rb +12 -10
- data/lib/fingerprinter/technologies/softwares/apache_ofbiz.rb +2 -2
- data/lib/fingerprinter/technologies/softwares/nexus_repository.rb +5 -2
- data/lib/fingerprinter/utilities/kb.rb +2 -2
- data/lib/fingerprinter/utilities/parser.rb +1 -1
- data/lib/fingerprinter/utilities/urls.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a5d9551bfc1292f8beaa893f4d0aa76f43959f732149c5d2beb691088d5d8d4a
|
|
4
|
+
data.tar.gz: f807abd267a54511288d860f3668500bbdec3bcb862b94f3b034324ee8f6bcb2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ed9bec0cbdbb74b0d29bc4cf8dcd6fdd7e086264f9db6f96cbe930d1460ff28f31c0494b5eedfdb926c48f0ec5c3b3b6c242fc1a23bfad8e74589057e9cfe98f
|
|
7
|
+
data.tar.gz: 9d6c9096ffe5ea19f06d3271bca16c62a4d13648f771b8ca078b99015097e3e7837174adf91f5f7fd63e5afc0905289543d240110a9af2439ebc958109d815e1
|
|
@@ -34,7 +34,7 @@ class ScanOptions
|
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
def self.user_agent
|
|
37
|
-
@user_agent || 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/
|
|
37
|
+
@user_agent || 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36'
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
def self.timeout
|
|
@@ -8,14 +8,14 @@ module Fingerprinter
|
|
|
8
8
|
response.headers&.each do |header, value|
|
|
9
9
|
regex = regexes[header.downcase]
|
|
10
10
|
next unless regex
|
|
11
|
-
|
|
11
|
+
|
|
12
12
|
if value.is_a?(Array)
|
|
13
13
|
return true if value.any? { |v| regex.match?(v) }
|
|
14
|
-
|
|
15
|
-
return true
|
|
14
|
+
elsif regex.match?(value)
|
|
15
|
+
return true
|
|
16
16
|
end
|
|
17
17
|
end
|
|
18
|
-
|
|
18
|
+
|
|
19
19
|
false
|
|
20
20
|
end
|
|
21
21
|
|
|
@@ -22,9 +22,10 @@ class HttpClient
|
|
|
22
22
|
}
|
|
23
23
|
|
|
24
24
|
req_options[:headers].merge!({
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
25
|
+
'Priority' => 'u=0, i',
|
|
26
|
+
'Accept-Encoding' => 'gzip, deflate, br',
|
|
27
|
+
'Accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8'
|
|
28
|
+
})
|
|
28
29
|
|
|
29
30
|
req_options[:params] = options[:params] if options[:params]
|
|
30
31
|
|
|
@@ -15,15 +15,16 @@ class Magento < Fingerprinter::Technologies
|
|
|
15
15
|
/Magento_PageCache/,
|
|
16
16
|
/Mage\.Cookies\.path/,
|
|
17
17
|
/data-requiremodule="(mage|Magento_)/,
|
|
18
|
-
/
|
|
18
|
+
%r{mage/cookies},
|
|
19
19
|
/MAGENTO_/,
|
|
20
20
|
/Magento Security Scan/,
|
|
21
|
-
/
|
|
21
|
+
%r{js/mage/},
|
|
22
22
|
/x-magento-init/
|
|
23
23
|
].freeze
|
|
24
24
|
|
|
25
25
|
def self.get_graphql(url)
|
|
26
|
-
url = File.join(Utilities::Urls.up_to_port(url),
|
|
26
|
+
url = File.join(Utilities::Urls.up_to_port(url),
|
|
27
|
+
'/graphql?query=+{customerDownloadableProducts+{+items+{+date+download_url}}+}')
|
|
27
28
|
return if Utilities::Kb.inspected?(self, url)
|
|
28
29
|
|
|
29
30
|
Utilities::Kb.inspected(self, url)
|
|
@@ -31,16 +32,17 @@ class Magento < Fingerprinter::Technologies
|
|
|
31
32
|
end
|
|
32
33
|
|
|
33
34
|
def self.run(data)
|
|
34
|
-
detected = meta_detection(data[:doc], META_CONTENT_REGEX) ||
|
|
35
|
-
|
|
35
|
+
detected = meta_detection(data[:doc], META_CONTENT_REGEX) ||
|
|
36
|
+
whole_body_check(data[:response], BODY_CONTENT_REGEX)
|
|
36
37
|
|
|
37
|
-
|
|
38
|
-
'Magento'
|
|
39
|
-
else
|
|
38
|
+
unless detected
|
|
40
39
|
response = get_graphql(data[:url])
|
|
41
|
-
return unless response&.code == 200 && ['The current customer', 'graphql-authorization'].all?
|
|
40
|
+
return unless response&.code == 200 && ['The current customer', 'graphql-authorization'].all? do |pattern|
|
|
41
|
+
response.body.include?(pattern)
|
|
42
|
+
end
|
|
42
43
|
|
|
43
|
-
'Magento'
|
|
44
44
|
end
|
|
45
|
+
|
|
46
|
+
'Magento'
|
|
45
47
|
end
|
|
46
48
|
end
|
|
@@ -28,13 +28,13 @@ class ApacheOfbiz < Fingerprinter::Technologies
|
|
|
28
28
|
response = get_xmlrpc(data[:url])
|
|
29
29
|
return unless response&.code == 200
|
|
30
30
|
|
|
31
|
-
doc = Utilities::Parser.doc(response.body)
|
|
31
|
+
data[:doc] = Utilities::Parser.doc(response.body)
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
return unless response_headers_check(response, HEADERS_REGEX) ||
|
|
35
35
|
meta_detection(data[:doc], META_CONTENT_REGEX) ||
|
|
36
36
|
whole_body_check(response, BODY_CONTENT_REGEX)
|
|
37
37
|
|
|
38
|
-
'Apache
|
|
38
|
+
'Apache OFBiz'
|
|
39
39
|
end
|
|
40
40
|
end
|
|
@@ -15,13 +15,16 @@ class NexusRepository < Fingerprinter::Technologies
|
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
def self.run(data)
|
|
18
|
-
detected = title_detection(data[:doc],
|
|
18
|
+
detected = title_detection(data[:doc],
|
|
19
|
+
'Sonatype Nexus Repository') || meta_detection(data[:doc], META_CONTENT_REGEX,
|
|
20
|
+
'description')
|
|
19
21
|
unless detected
|
|
20
22
|
response = check_path(data[:url])
|
|
21
23
|
return unless response&.code == 200
|
|
22
24
|
|
|
23
25
|
doc = Utilities::Parser.doc(response.body)
|
|
24
|
-
detected = title_detection(doc,
|
|
26
|
+
detected = title_detection(doc,
|
|
27
|
+
'Sonatype Nexus Repository') || meta_detection(doc, META_CONTENT_REGEX, 'description')
|
|
25
28
|
end
|
|
26
29
|
return unless detected
|
|
27
30
|
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
class Utilities
|
|
4
4
|
# Files : Utilities related to files
|
|
5
|
-
class Kb
|
|
5
|
+
class Kb
|
|
6
6
|
def self.coverage_id(plugin, url)
|
|
7
7
|
"#{plugin}:#{url}"
|
|
8
8
|
end
|
|
@@ -15,4 +15,4 @@ class Utilities
|
|
|
15
15
|
Fingerprinter::Technologies.kb[:inspected].include?(coverage_id(plugin, url))
|
|
16
16
|
end
|
|
17
17
|
end
|
|
18
|
-
end
|
|
18
|
+
end
|
metadata
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fingerprinter
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Joshua MARTINELLE
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-07-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
|
-
name:
|
|
14
|
+
name: concurrent-ruby
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
@@ -39,7 +39,7 @@ dependencies:
|
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
40
|
version: '0'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
|
-
name:
|
|
42
|
+
name: typhoeus
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - ">="
|