owasp_zap 0.0.9 → 0.0.81
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/owasp_zap/alert.rb +1 -1
- data/lib/owasp_zap/attack.rb +3 -3
- data/lib/owasp_zap/spider.rb +4 -12
- data/lib/owasp_zap/version.rb +1 -1
- data/lib/owasp_zap.rb +2 -2
- data/spec/zap_spec.rb +2 -23
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 22c87a0289c9453ee20a0469b2b5ac8dc07f4eb2
|
4
|
+
data.tar.gz: c030852ed5fa68a78b9b05c57cb4adc151505e8c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2582b39e92c33b003ff9467c23a7e3f2e9653185f031baf8b8eab6c067917b8dfd55ceda503ee48e948bea5505e94347ef4f6e50028d1d9d2ab55fad90d70b4b
|
7
|
+
data.tar.gz: 90e8278dbca49dd80b6714896c6ec63248ddc5b46835b2f8e738dbf2208e3f44e243a68ddc234ab559e90b9341b21df98dabc053da83ea1dae751e687395e9a5
|
data/lib/owasp_zap/alert.rb
CHANGED
@@ -11,7 +11,7 @@ module OwaspZap
|
|
11
11
|
def view(format = "JSON")
|
12
12
|
raise OwaspZap::WrongFormatException,"Output format not accepted" unless ["JSON","HTML","XML"].include?(format)
|
13
13
|
#http://localhost:8080/JSON/core/view/alerts/?zapapiformat=JSON&baseurl=http%3A%2F%2F192.168.1.113&start=&count=
|
14
|
-
url = Addressable::URI.parse "#{@base}
|
14
|
+
url = Addressable::URI.parse "#{@base}/core/view/alerts/"
|
15
15
|
url.query_values = {:zapapiformat=>format,:baseurl=>@target}
|
16
16
|
RestClient::get url.normalize.to_str
|
17
17
|
end
|
data/lib/owasp_zap/attack.rb
CHANGED
@@ -8,15 +8,15 @@ module OwaspZap
|
|
8
8
|
end
|
9
9
|
|
10
10
|
def start
|
11
|
-
url = Addressable::URI.parse "#{@base}/
|
11
|
+
url = Addressable::URI.parse "#{@base}/ascan/action/scan/"
|
12
12
|
url.query_values = {:zapapiformat=>"JSON",:url=>@target}
|
13
13
|
RestClient::get url.normalize.to_str
|
14
14
|
end
|
15
15
|
|
16
16
|
def status
|
17
|
-
ret = JSON.parse(RestClient::get("#{@base}/
|
17
|
+
ret = JSON.parse(RestClient::get("#{@base}/ascan/view/status/?zapapiformat=JSON"))
|
18
18
|
if ret.has_key? "status"
|
19
|
-
ret["status"]
|
19
|
+
ret["status"]
|
20
20
|
else
|
21
21
|
100 # it means no running
|
22
22
|
end
|
data/lib/owasp_zap/spider.rb
CHANGED
@@ -10,26 +10,18 @@ module OwaspZap
|
|
10
10
|
|
11
11
|
def start
|
12
12
|
#http://localhost:8080/JSON/spider/action/scan/?zapapiformat=JSON&url=
|
13
|
-
url = Addressable::URI.parse "#{@base}/
|
13
|
+
url = Addressable::URI.parse "#{@base}/spider/action/scan/"
|
14
14
|
url.query_values = {:zapapiformat=>"JSON",:url=>@target}
|
15
15
|
RestClient::get url.normalize.to_str
|
16
16
|
end
|
17
17
|
|
18
18
|
def stop
|
19
|
-
RestClient::get "#{@base}/
|
19
|
+
RestClient::get "#{@base}/spider/action/stop/?zapapiformat=JSON"
|
20
20
|
end
|
21
21
|
|
22
22
|
def status
|
23
|
-
|
24
|
-
|
25
|
-
ret["status"].to_i
|
26
|
-
else
|
27
|
-
100 # it means no running
|
28
|
-
end
|
29
|
-
end
|
23
|
+
RestClient::get "#{@base}/spider/view/status/?zapapiformat=JSON"
|
24
|
+
end
|
30
25
|
|
31
|
-
def running?
|
32
|
-
self.status != 100
|
33
|
-
end
|
34
26
|
end
|
35
27
|
end
|
data/lib/owasp_zap/version.rb
CHANGED
data/lib/owasp_zap.rb
CHANGED
@@ -20,7 +20,7 @@ module OwaspZap
|
|
20
20
|
def initialize(params = {})
|
21
21
|
#TODO
|
22
22
|
# handle params
|
23
|
-
@base = params[:base] || "http://127.0.0.1:8080"
|
23
|
+
@base = params[:base] || "http://127.0.0.1:8080/JSON"
|
24
24
|
@target = params[:target]
|
25
25
|
@zap_bin = params [:zap] || "#{ENV['HOME']}/ZAP/zap.sh"
|
26
26
|
end
|
@@ -83,7 +83,7 @@ module OwaspZap
|
|
83
83
|
|
84
84
|
#shutdown zap
|
85
85
|
def shutdown
|
86
|
-
RestClient::get "#{@base}/
|
86
|
+
RestClient::get "#{@base}/core/action/shutdown/"
|
87
87
|
end
|
88
88
|
|
89
89
|
#xml report
|
data/spec/zap_spec.rb
CHANGED
@@ -68,8 +68,8 @@ describe Zap do
|
|
68
68
|
@zap.base.wont_be :nil?
|
69
69
|
end
|
70
70
|
|
71
|
-
it "base default should be http://127.0.0.1:8080" do
|
72
|
-
assert_equal @zap.base, "http://127.0.0.1:8080"
|
71
|
+
it "base default should be http://127.0.0.1:8080/JSON" do
|
72
|
+
assert_equal @zap.base, "http://127.0.0.1:8080/JSON"
|
73
73
|
end
|
74
74
|
end
|
75
75
|
|
@@ -138,25 +138,4 @@ describe "status_for" do
|
|
138
138
|
it "should return an unknown" do
|
139
139
|
@h.status_for(:foo).wont_be_nil
|
140
140
|
end
|
141
|
-
|
142
|
-
it "should return an integer" do
|
143
|
-
@h.spider.status.must_be_kind_of Numeric
|
144
|
-
end
|
145
|
-
it "should return an integer" do
|
146
|
-
@h.spider.status.must_be_kind_of Numeric
|
147
|
-
end
|
148
141
|
end
|
149
|
-
|
150
|
-
describe "running? method" do
|
151
|
-
before do
|
152
|
-
@h = Zap::Zap.new :target=>"http://127.0.0.1"
|
153
|
-
stub_request(:get, "http://127.0.0.1:8080/JSON/spider/view/status/?zapapiformat=JSON").to_return(:status => 200, :body => {:status=>"90"}.to_json, :headers => {})
|
154
|
-
stub_request(:get, "http://127.0.0.1:8080/JSON/ascan/view/status/?zapapiformat=JSON").to_return(:status => 200, :body => {:status=>"100"}.to_json, :headers => {})
|
155
|
-
end
|
156
|
-
it "should return true" do
|
157
|
-
@h.spider.running?.must_equal true
|
158
|
-
end
|
159
|
-
it "should return false" do
|
160
|
-
@h.ascan.running?.must_equal false
|
161
|
-
end
|
162
|
-
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: owasp_zap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.81
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Victor Pereira
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-06-
|
11
|
+
date: 2014-06-14 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|