jira_scan 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +8 -8
- data/bin/jira-scan +17 -8
- data/lib/jira_scan.rb +36 -24
- metadata +31 -3
checksums.yaml
CHANGED
@@ -1,15 +1,15 @@
|
|
1
1
|
---
|
2
2
|
!binary "U0hBMQ==":
|
3
3
|
metadata.gz: !binary |-
|
4
|
-
|
4
|
+
YjNmYTk1OWYwM2VjNzJlZjVmZGFlZGIyNzdlYmUyOGE3Mzg0NTIxNg==
|
5
5
|
data.tar.gz: !binary |-
|
6
|
-
|
6
|
+
NDA1MWUyMjE2ODIwODBhMThjYjU2ZWNlY2VhMjcxY2E0YWIyODYyZQ==
|
7
7
|
SHA512:
|
8
8
|
metadata.gz: !binary |-
|
9
|
-
|
10
|
-
|
11
|
-
|
9
|
+
MjliM2EyYWE0MzFjNDllMWMyOTljMDYyOGRkYTU3ZDc2NTk2MDc0ZTg0ODJi
|
10
|
+
Zjg3MTAwOGU5MjkzNmEzNmZkNGZkYWY4YTNhMDE3Mzg0YzEzNjVkOGUzMjMy
|
11
|
+
YTI1MGQ0NDg1NzA4Y2YzNjE3ODM0MWQ2NTJiOTk1NDUzZDI1ZmU=
|
12
12
|
data.tar.gz: !binary |-
|
13
|
-
|
14
|
-
|
15
|
-
|
13
|
+
NDM2MTdiY2ViMzVlYmEwZTg5MTY4NGI0NWY0M2IwZmFjMGFjYmM5MzRhZmFi
|
14
|
+
NmYxYTkzYWE4ODAzNDYwNzNjZTNmNGE1OGM1OGJjMzAyZDYwYWRkMzg0NWRl
|
15
|
+
NzVmNTQ2NmY3NTNhZWQ3ODA0MWZhNDVjN2M0YzQ2OTQ5Y2M1MDg=
|
data/bin/jira-scan
CHANGED
@@ -17,7 +17,7 @@ def banner
|
|
17
17
|
_ | | | '__/ _` |\\___ \\ / __/ _` | '_ \\
|
18
18
|
| |__| | | | | (_| |____) | (_| (_| | | | |
|
19
19
|
\\____/|_|_| \\__,_|_____/ \\___\\__,_|_| |_|
|
20
|
-
version 0.0.
|
20
|
+
version 0.0.4"
|
21
21
|
puts
|
22
22
|
puts '-' * 60
|
23
23
|
end
|
@@ -55,16 +55,20 @@ end
|
|
55
55
|
|
56
56
|
opts.parse!
|
57
57
|
|
58
|
-
$VERBOSE = true unless options[:verbose].nil?
|
59
|
-
@check = true unless options[:skip]
|
60
|
-
@insecure = false unless options[:insecure]
|
61
|
-
|
62
58
|
if options[:url].nil?
|
63
59
|
puts opts
|
64
60
|
exit(1)
|
65
61
|
end
|
66
62
|
|
67
|
-
def scan(url)
|
63
|
+
def scan(url, check: true, insecure: false, verbose: false)
|
64
|
+
JiraScan.logger = ::Logger.new($stdout).tap do |log|
|
65
|
+
log.progname = 'jira-scan'
|
66
|
+
log.level = verbose ? ::Logger::INFO : ::Logger::WARN
|
67
|
+
log.datetime_format = '%Y-%m-%d %H:%M:%S '
|
68
|
+
end
|
69
|
+
|
70
|
+
JiraScan.insecure = insecure
|
71
|
+
|
68
72
|
puts "Scan started at #{Time.now.getutc}"
|
69
73
|
puts "URL: #{url}"
|
70
74
|
|
@@ -89,7 +93,7 @@ def scan(url)
|
|
89
93
|
puts '-' * 60
|
90
94
|
|
91
95
|
# Check if the URL is Jira
|
92
|
-
if
|
96
|
+
if check
|
93
97
|
is_jira = JiraScan::detectJiraDashboard(url)
|
94
98
|
is_jira = JiraScan::detectJiraLogin(url) unless is_jira
|
95
99
|
unless is_jira
|
@@ -177,4 +181,9 @@ def scan(url)
|
|
177
181
|
puts '-' * 60
|
178
182
|
end
|
179
183
|
|
180
|
-
scan(
|
184
|
+
scan(
|
185
|
+
options[:url],
|
186
|
+
insecure: options[:insecure],
|
187
|
+
check: !options[:skip],
|
188
|
+
verbose: options[:verbose]
|
189
|
+
)
|
data/lib/jira_scan.rb
CHANGED
@@ -6,11 +6,28 @@
|
|
6
6
|
require 'uri'
|
7
7
|
require 'cgi'
|
8
8
|
require 'json'
|
9
|
+
require 'logger'
|
9
10
|
require 'net/http'
|
10
11
|
require 'openssl'
|
11
12
|
|
12
13
|
class JiraScan
|
13
|
-
VERSION = '0.0.
|
14
|
+
VERSION = '0.0.4'.freeze
|
15
|
+
|
16
|
+
def self.logger
|
17
|
+
@logger
|
18
|
+
end
|
19
|
+
|
20
|
+
def self.logger=(logger)
|
21
|
+
@logger = logger
|
22
|
+
end
|
23
|
+
|
24
|
+
def self.insecure
|
25
|
+
@insecure ||= false
|
26
|
+
end
|
27
|
+
|
28
|
+
def self.insecure=(insecure)
|
29
|
+
@insecure = insecure
|
30
|
+
end
|
14
31
|
|
15
32
|
#
|
16
33
|
# Check if URL is running Jira using Login page
|
@@ -64,12 +81,9 @@ class JiraScan
|
|
64
81
|
build = res.body.to_s.scan(%r{<meta name="ajs-build-number" content="(\d+)">}).flatten.first
|
65
82
|
|
66
83
|
unless version && build
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
else
|
71
|
-
return
|
72
|
-
end
|
84
|
+
return unless res.body.to_s =~ /Version: ([\d\.]+)-#(\d+)/
|
85
|
+
version = Regexp.last_match(1)
|
86
|
+
build = Regexp.last_match(2)
|
73
87
|
end
|
74
88
|
|
75
89
|
"#{version}-##{build}"
|
@@ -93,12 +107,9 @@ class JiraScan
|
|
93
107
|
build = res.body.to_s.scan(%r{<meta name="ajs-build-number" content="(\d+)">}).flatten.first
|
94
108
|
|
95
109
|
unless version && build
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
else
|
100
|
-
return
|
101
|
-
end
|
110
|
+
return unless res.body.to_s =~ /Version: ([\d\.]+)-#(\d+)/
|
111
|
+
version = Regexp.last_match(1)
|
112
|
+
build = Regexp.last_match(2)
|
102
113
|
end
|
103
114
|
|
104
115
|
"#{version}-##{build}"
|
@@ -292,7 +303,7 @@ class JiraScan
|
|
292
303
|
return [] unless res.code.to_i == 200
|
293
304
|
return [] unless res.body.to_s.start_with?('{"startAt"')
|
294
305
|
|
295
|
-
JSON.parse(res.body.to_s, symbolize_names: true)[:dashboards].map {|d| [d[:id], d[:name]] }
|
306
|
+
JSON.parse(res.body.to_s, symbolize_names: true)[:dashboards].map { |d| [d[:id], d[:name]] }
|
296
307
|
rescue
|
297
308
|
[]
|
298
309
|
end
|
@@ -312,7 +323,7 @@ class JiraScan
|
|
312
323
|
return [] unless res.code.to_i == 200
|
313
324
|
return [] unless res.body.to_s.start_with?('{"searchers"')
|
314
325
|
|
315
|
-
searchers = JSON.parse(res.body.to_s)[
|
326
|
+
searchers = JSON.parse(res.body.to_s)['searchers']
|
316
327
|
return [] if searchers.empty?
|
317
328
|
|
318
329
|
groups = searchers['groups']
|
@@ -325,7 +336,7 @@ class JiraScan
|
|
325
336
|
end
|
326
337
|
end
|
327
338
|
|
328
|
-
JSON.parse(field_names.to_json, symbolize_names: true).map {|f| [f[:name], f[:id], f[:key], f[:isShown].to_s, f[:lastViewed]] }
|
339
|
+
JSON.parse(field_names.to_json, symbolize_names: true).map { |f| [f[:name], f[:id], f[:key], f[:isShown].to_s, f[:lastViewed]] }
|
329
340
|
rescue
|
330
341
|
[]
|
331
342
|
end
|
@@ -345,7 +356,7 @@ class JiraScan
|
|
345
356
|
return [] unless res.code.to_i == 200
|
346
357
|
return [] unless res.body.to_s.start_with?('{"searchers"')
|
347
358
|
|
348
|
-
searchers = JSON.parse(res.body.to_s)[
|
359
|
+
searchers = JSON.parse(res.body.to_s)['searchers']
|
349
360
|
return [] if searchers.empty?
|
350
361
|
|
351
362
|
groups = searchers['groups']
|
@@ -358,13 +369,11 @@ class JiraScan
|
|
358
369
|
end
|
359
370
|
end
|
360
371
|
|
361
|
-
JSON.parse(field_names.to_json, symbolize_names: true).map {|f| [f[:name], f[:id], f[:key], f[:isShown].to_s, f[:lastViewed]] }
|
372
|
+
JSON.parse(field_names.to_json, symbolize_names: true).map { |f| [f[:name], f[:id], f[:key], f[:isShown].to_s, f[:lastViewed]] }
|
362
373
|
rescue
|
363
374
|
[]
|
364
375
|
end
|
365
376
|
|
366
|
-
private
|
367
|
-
|
368
377
|
#
|
369
378
|
# Fetch URL
|
370
379
|
#
|
@@ -374,7 +383,8 @@ class JiraScan
|
|
374
383
|
#
|
375
384
|
def self.sendHttpRequest(url)
|
376
385
|
target = URI.parse(url)
|
377
|
-
|
386
|
+
@logger.info("Fetching #{target}")
|
387
|
+
|
378
388
|
http = Net::HTTP.new(target.host, target.port)
|
379
389
|
if target.scheme.to_s.eql?('https')
|
380
390
|
http.use_ssl = true
|
@@ -394,11 +404,13 @@ class JiraScan
|
|
394
404
|
res.body = gz.read
|
395
405
|
end
|
396
406
|
rescue Timeout::Error, Errno::ETIMEDOUT
|
397
|
-
|
407
|
+
@logger.error("Could not retrieve URL #{target}: Timeout")
|
408
|
+
return nil
|
398
409
|
rescue => e
|
399
|
-
|
410
|
+
@logger.error("Could not retrieve URL #{target}: #{e}")
|
411
|
+
return nil
|
400
412
|
end
|
401
|
-
|
413
|
+
@logger.info("Received reply (#{res.body.length} bytes)")
|
402
414
|
res
|
403
415
|
end
|
404
416
|
end
|
metadata
CHANGED
@@ -1,15 +1,43 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jira_scan
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brendan Coles
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-07-
|
12
|
-
dependencies:
|
11
|
+
date: 2021-07-12 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: terminal-table
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - ! '>='
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - ! '>='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: logger
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ! '>='
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ! '>='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
13
41
|
description: A simple remote scanner for Atlassian Jira
|
14
42
|
email: bcoles@gmail.com
|
15
43
|
executables:
|