miteru 0.14.1 → 0.14.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cbb47828d938e86289f845435bd9d342e18d7c50090e486b5681bf212dfcd84b
-  data.tar.gz: c416439bc1c80cfd4cf2de8bc9a7a6abb6ff46bb1af5d0a58ec0e71954584a4c
+  metadata.gz: 4e33e427231064c47dd4e1358e71e009ebc9418af15350e1f9c7f833ea02205f
+  data.tar.gz: cf3e3f1608a6be63b7b5b93f1e12a8264935da1e059bfbda7437f91a8009bf63
 SHA512:
-  metadata.gz: f15f1770d870404e7b50cddb2e20d7e5d90adfab04283d5cb4364a2480f210b9c4869717d647bdc0174b5d0f0a9323903aac101f77d140ebad0c9523688b43d0
-  data.tar.gz: cb4a8e2c561aa53265362beec7e45445f6a6825bf991c7c4c559d40279dc84e138f54e300ab163f9db19dc891f2fe0a30c874d620d0464c9451c1e6c0e6e729e
+  metadata.gz: e26651ad45bfc20c22b6584b3ea6f8419f99801f36e6673835034c4a77da3ea5ec2502273265fae8f89590551c4bd3eb42f33bc66a6fb3b873422b57e5136d40
+  data.tar.gz: f582e8422d5d33a97b8f9d3ae7aa58fe1346fc68284b867c0139f7bb908107b3b8eb8081f1bcdc3bbfb678427d318e6eaf269ce1d28647d317ec7dd8ed49a7d8

data/docker/Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.6-alpine3.10
+FROM ruby:2.7-alpine3.10
 RUN apk --no-cache add git build-base ruby-dev \
   && cd /tmp/ \
   && git clone https://github.com/ninoseki/miteru.git \

data/lib/miteru/configuration.rb

@@ -28,6 +28,10 @@ module Miteru
     # @return [Boolean]
     attr_accessor :verbose
 
+    attr_reader :valid_extensions
+
+    attr_reader :valid_mime_types
+
     def initialize
       @auto_download = false
       @ayashige = false
@@ -37,6 +41,9 @@ module Miteru
       @size = 100
       @threads = Parallel.processor_count
       @verbose = false
+
+      @valid_extensions = [".zip", ".rar", ".7z", ".tar", ".gz"].freeze
+      @valid_mime_types = ["application/zip", "application/vnd.rar", "application/x-7z-compressed", "application/x-tar", "application/gzip"]
     end
 
     def auto_download?

data/lib/miteru/feeds.rb

@@ -10,7 +10,6 @@ require_relative "./feeds/urlscan_pro"
 module Miteru
   class Feeds
     IGNORE_EXTENSIONS = %w(.htm .html .php .asp .aspx .exe .txt).freeze
-    VALID_EXTENSIONS = [".zip", ".rar", ".7z", ".tar", ".gz"].freeze
 
     def initialize
       @feeds = [
@@ -49,16 +48,7 @@ module Miteru
       segments = uri.path.split("/")
       return [base] if segments.length.zero?
 
-      urls = (0...segments.length).map do |idx|
-        breakdowned_url = "#{base}#{segments[0..idx].join('/')}"
-        breakdown = [breakdowned_url]
-        if idx > 0 && idx < segments.length - 1
-          VALID_EXTENSIONS.each do |ext|
-            breakdown << "#{base}#{segments[0..idx - 1].join('/')}/#{segments[idx]}#{ext}"
-          end
-        end
-        breakdown
-      end.flatten
+      urls = (0...segments.length).map { |idx| "#{base}#{segments[0..idx].join('/')}" }
 
       urls.reject do |breakdowned_url|
         # Reject a url which ends with specific extension names

data/lib/miteru/http_client.rb

@@ -18,11 +18,20 @@ module Miteru
     end
 
     def download(url, destination)
-      down = Down::Http.new(default_options) { |client| client.headers(default_headers) }
+      down = Down::Http.new(**default_options) { |client| client.headers(**default_headers) }
       down.download(url, destination: destination)
       destination
     end
 
+    def head(url, options = {})
+      options = options.merge default_options
+
+      HTTP.follow
+          .timeout(3)
+          .headers(urlscan_url?(url) ? urlscan_headers : default_headers)
+          .head(url, options)
+    end
+
     def get(url, options = {})
       options = options.merge default_options
 
@@ -48,6 +57,10 @@ module Miteru
       def post(url, options = {})
         new.post url, options
       end
+
+      def head(url, options = {})
+        new.head url, options
+      end
     end
 
     private

data/lib/miteru/kit.rb

@@ -5,37 +5,44 @@ require "securerandom"
 
 module Miteru
   class Kit
-    VALID_EXTENSIONS = [".zip", ".rar", ".7z", ".tar", ".gz"].freeze
+    VALID_EXTENSIONS = Miteru.configuration.valid_extensions
+    VALID_MIME_TYPES = Miteru.configuration.valid_mime_types
 
-    attr_reader :base_url, :link
+    attr_reader :url
 
-    def initialize(base_url:, link:)
-      @base_url = base_url
-      @link = link.start_with?("/") ? link[1..-1] : link
+    attr_reader :status
+    attr_reader :content_length
+    attr_reader :mime_type
+
+    def initialize(url)
+      @url = url
+
+      @content_length = nil
+      @mime_type = nil
+      @status = nil
     end
 
-    def valid?
-      VALID_EXTENSIONS.include? extname
+    def valid?;
+      # make a HEAD request for the validation
+      before_validation
+
+      valid_ext? && reachable? && valid_mime_type? && valid_content_length?
     end
 
     def extname
-      return ".tar.gz" if link.end_with?("tar.gz")
+      return ".tar.gz" if url.end_with?("tar.gz")
 
-      File.extname(link)
+      File.extname(url)
     end
 
     def basename
-      File.basename(link)
+      File.basename(url)
     end
 
     def filename
       CGI.unescape basename
     end
 
-    def url
-      "#{base_url}/#{basename}"
-    end
-
     def download_filepath
       "#{base_dir}/#{download_filename}"
     end
@@ -59,7 +66,7 @@ module Miteru
     end
 
     def hostname
-      URI(base_url).hostname
+      URI(url).hostname
     end
 
     def download_filename
@@ -69,5 +76,30 @@ module Miteru
     def base_dir
       @base_dir ||= Miteru.configuration.download_to
     end
+
+    def valid_ext?
+      VALID_EXTENSIONS.include? extname
+    end
+
+    def before_validation
+      res = HTTPClient.head(url)
+      @content_length = res.content_length
+      @mime_type = res.content_type.mime_type.to_s
+      @status = res.status
+    rescue StandardError
+      # do nothing
+    end
+
+    def reachable?
+      status&.success?
+    end
+
+    def valid_mime_type?
+      VALID_MIME_TYPES.include? mime_type
+    end
+
+    def valid_content_length?
+      content_length.to_i > 0
+    end
   end
 end

data/lib/miteru/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Miteru
-  VERSION = "0.14.1"
+  VERSION = "0.14.6"
 end

data/lib/miteru/website.rb

@@ -4,7 +4,10 @@ require "oga"
 
 module Miteru
   class Website
+    VALID_EXTENSIONS = Miteru.configuration.valid_extensions
+
     attr_reader :url
+
     def initialize(url)
       @url = url
     end
@@ -15,7 +18,7 @@ module Miteru
 
     def kits
       @kits ||= links.map do |link|
-        kit = Kit.new(base_url: url, link: link.to_s)
+        kit = Kit.new(link)
         kit.valid? ? kit : nil
       end.compact
     end
@@ -33,7 +36,7 @@ module Miteru
     end
 
     def has_kits?
-      ok? && index? && kits?
+      kits?
     rescue Addressable::URI::InvalidURIError, ArgumentError, Encoding::CompatibilityError, HTTP::Error, LL::ParserError, OpenSSL::SSL::SSLError => _e
       false
     end
@@ -46,6 +49,10 @@ module Miteru
       "It might contain #{noun}: #{filename_with_sizes}."
     end
 
+    def links
+      (href_links + possible_file_links).compact.uniq
+    end
+
     private
 
     def response
@@ -66,12 +73,31 @@ module Miteru
       nil
     end
 
-    def links
-      if doc
-        doc.css("a").map { |a| a.get("href") }.compact
+    def href_links
+      if doc && ok? && index?
+        doc.css("a").map { |a| a.get("href") }.compact.map do |href|
+          href = href.start_with?("/") ? href : "/#{href}"
+          url + href
+        end
       else
         []
       end
+    rescue Addressable::URI::InvalidURIError, ArgumentError, Encoding::CompatibilityError, HTTP::Error, LL::ParserError, OpenSSL::SSL::SSLError => _e
+      []
+    end
+
+    def possible_file_links
+      uri = URI.parse(url)
+
+      segments = uri.path.split("/")
+      return [] if segments.length.zero?
+
+      last = segments.last
+      VALID_EXTENSIONS.map do |ext|
+        new_segments = segments[0..-2] + ["#{last}#{ext}"]
+        uri.path = new_segments.join("/")
+        uri.to_s
+      end
     end
   end
 end

data/miteru.gemspec

@@ -30,14 +30,14 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rake", "~> 13.0"
   spec.add_development_dependency "rspec", "~> 3.9"
   spec.add_development_dependency "vcr", "~> 6.0"
-  spec.add_development_dependency "webmock", "~> 3.8"
+  spec.add_development_dependency "webmock", "~> 3.9"
 
   spec.add_dependency "colorize", "~> 0.8"
-  spec.add_dependency "down", "~> 5.1"
+  spec.add_dependency "down", "~> 5.2"
   spec.add_dependency "http", "~> 4.4"
-  spec.add_dependency "oga", "~> 3.2"
+  spec.add_dependency "oga", "~> 3.3"
   spec.add_dependency "parallel", "~> 1.19"
   spec.add_dependency "slack-notifier", "~> 2.3"
   spec.add_dependency "thor", "~> 1.0"
-  spec.add_dependency "urlscan", "~> 0.5"
+  spec.add_dependency "urlscan", "~> 0.6"
 end

data/renovate.json

@@ -0,0 +1,5 @@
+{
+  "extends": [
+    "config:base"
+  ]
+}

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: miteru
 version: !ruby/object:Gem::Version
-  version: 0.14.1
+  version: 0.14.6
 platform: ruby
 authors:
 - Manabu Niseki
-autorequire: 
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-06-23 00:00:00.000000000 Z
+date: 2020-10-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.8'
+        version: '3.9'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.8'
+        version: '3.9'
 - !ruby/object:Gem::Dependency
   name: colorize
   requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '5.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.1'
+        version: '5.2'
 - !ruby/object:Gem::Dependency
   name: http
   requirement: !ruby/object:Gem::Requirement
@@ -156,14 +156,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '3.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.2'
+        version: '3.3'
 - !ruby/object:Gem::Dependency
   name: parallel
   requirement: !ruby/object:Gem::Requirement
@@ -212,14 +212,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: '0.6'
 description: An experimental phishing kit detector
 email:
 - manabu.niseki@gmail.com
@@ -259,12 +259,13 @@ files:
 - lib/miteru/version.rb
 - lib/miteru/website.rb
 - miteru.gemspec
+- renovate.json
 - screenshots/slack.png
 homepage: https://github.com/ninoseki/miteru
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -280,7 +281,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.2
-signing_key: 
+signing_key:
 specification_version: 4
 summary: An experimental phishing kit detector
 test_files: []