RubyGems - watobo - Versions diffs - 0.9.21 → 0.9.23 - Mend

watobo 0.9.21 → 0.9.23

Files changed (283) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +46 -1
data/bin/nfq_server.rb +0 -9
data/bin/watobo_gui.rb +3 -13
data/custom-views/prettify-json.rb +9 -18
data/icons/watobo.ico +0 -0
data/icons/watobo.ico.old +0 -0
data/lib/watobo.rb +10 -19
data/lib/watobo/adapters.rb +5 -14
data/lib/watobo/adapters/data_store.rb +50 -59
data/lib/watobo/adapters/file/file_store.rb +287 -296
data/lib/watobo/adapters/file/marshal_store.rb +293 -296
data/lib/watobo/adapters/session_store.rb +5 -14
data/lib/watobo/ca.rb +1 -10
data/lib/watobo/config.rb +197 -206
data/lib/watobo/constants.rb +0 -9
data/lib/watobo/core.rb +3 -12
data/lib/watobo/core/active_check.rb +72 -135
data/lib/watobo/core/active_checks.rb +49 -58
data/lib/watobo/core/ca.rb +369 -389
data/lib/watobo/core/cert_store.rb +34 -43
data/lib/watobo/core/chat.rb +92 -101
data/lib/watobo/core/chats.rb +271 -280
data/lib/watobo/core/client_cert_store.rb +106 -35
data/lib/watobo/core/conversation.rb +48 -57
data/lib/watobo/core/cookie.rb +23 -32
data/lib/watobo/core/egress_handlers.rb +98 -0
data/lib/watobo/core/finding.rb +66 -75
data/lib/watobo/core/findings.rb +107 -114
data/lib/watobo/core/forwarding_proxy.rb +13 -22
data/lib/watobo/core/fuzz_gen.rb +0 -9
data/lib/watobo/core/intercept_carver.rb +166 -177
data/lib/watobo/core/intercept_filter.rb +235 -244
data/lib/watobo/core/interceptor.rb +98 -107
data/lib/watobo/core/min_class.rb +4 -13
data/lib/watobo/core/netfilter_queue.rb +170 -179
data/lib/watobo/core/ott_cache.rb +132 -141
data/lib/watobo/core/parameter.rb +43 -52
data/lib/watobo/core/passive_check.rb +103 -102
data/lib/watobo/core/passive_checks.rb +48 -57
data/lib/watobo/core/passive_scanner.rb +54 -55
data/lib/watobo/core/plugin.rb +11 -20
data/lib/watobo/core/project.rb +3 -9
data/lib/watobo/core/proxy.rb +43 -52
data/lib/watobo/core/request.rb +125 -123
data/lib/watobo/core/response.rb +44 -53
data/lib/watobo/core/scanner.rb +0 -9
data/lib/watobo/core/scanner3.rb +405 -414
data/lib/watobo/core/scope.rb +83 -92
data/lib/watobo/core/session.rb +1043 -1026
data/lib/watobo/core/sid_cache.rb +98 -107
data/lib/watobo/core/subscriber.rb +25 -34
data/lib/watobo/defaults.rb +21 -30
data/lib/watobo/external/diff/lcs.rb +0 -9
data/lib/watobo/external/diff/lcs/array.rb +0 -9
data/lib/watobo/external/diff/lcs/block.rb +0 -9
data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
data/lib/watobo/external/diff/lcs/change.rb +0 -9
data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
data/lib/watobo/external/diff/lcs/string.rb +0 -9
data/lib/watobo/externals.rb +6 -15
data/lib/watobo/framework.rb +4 -13
data/lib/watobo/framework/create_project.rb +60 -69
data/lib/watobo/framework/init.rb +0 -9
data/lib/watobo/framework/init_modules.rb +0 -9
data/lib/watobo/framework/license_text.rb +28 -37
data/lib/watobo/framework/load_chat.rb +13 -22
data/lib/watobo/gui.rb +132 -123
data/lib/watobo/gui/about_watobo.rb +0 -9
data/lib/watobo/gui/browser_preview.rb +0 -9
data/lib/watobo/gui/certificate_dialog.rb +0 -9
data/lib/watobo/gui/chat_diff.rb +0 -9
data/lib/watobo/gui/chatviewer_frame.rb +73 -72
data/lib/watobo/gui/checkboxtree.rb +0 -9
data/lib/watobo/gui/checks_policy_frame.rb +0 -9
data/lib/watobo/gui/client_cert_dialog.rb +96 -87
data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
data/lib/watobo/gui/conversation_table.rb +158 -164
data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
data/lib/watobo/gui/custom_viewer.rb +374 -383
data/lib/watobo/gui/dashboard.rb +296 -303
data/lib/watobo/gui/define_scope_frame.rb +0 -9
data/lib/watobo/gui/differ_frame.rb +215 -224
data/lib/watobo/gui/edit_comment.rb +0 -9
data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
data/lib/watobo/gui/export_dialog.rb +104 -113
data/lib/watobo/gui/finding_info.rb +0 -9
data/lib/watobo/gui/findings_tree.rb +210 -217
data/lib/watobo/gui/full_scan_dialog.rb +0 -9
data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
data/lib/watobo/gui/fxsave_thread.rb +14 -0
data/lib/watobo/gui/goto_url_dialog.rb +70 -79
data/lib/watobo/gui/hex_viewer.rb +0 -9
data/lib/watobo/gui/html_viewer.rb +287 -296
data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
data/lib/watobo/gui/json_viewer.rb +287 -0
data/lib/watobo/gui/list_box.rb +101 -110
data/lib/watobo/gui/log_file_viewer.rb +32 -41
data/lib/watobo/gui/log_viewer.rb +83 -88
data/lib/watobo/gui/login_wizzard.rb +0 -9
data/lib/watobo/gui/main_window.rb +587 -618
data/lib/watobo/gui/manual_request_editor.rb +620 -565
data/lib/watobo/gui/master_pw_dialog.rb +0 -9
data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
data/lib/watobo/gui/page_tree.rb +217 -226
data/lib/watobo/gui/password_policy_dialog.rb +0 -9
data/lib/watobo/gui/plugin_board.rb +0 -9
data/lib/watobo/gui/preferences_dialog.rb +0 -9
data/lib/watobo/gui/progress_window.rb +17 -27
data/lib/watobo/gui/project_wizzard.rb +0 -9
data/lib/watobo/gui/proxy_dialog.rb +1 -10
data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
data/lib/watobo/gui/request_builder_frame.rb +102 -111
data/lib/watobo/gui/request_editor.rb +181 -137
data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
data/lib/watobo/gui/save_chat_dialog.rb +140 -149
data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
data/lib/watobo/gui/select_chat_dialog.rb +0 -9
data/lib/watobo/gui/session_management_dialog.rb +0 -9
data/lib/watobo/gui/sites_tree.rb +0 -9
data/lib/watobo/gui/status_bar.rb +0 -9
data/lib/watobo/gui/table_editor.rb +0 -9
data/lib/watobo/gui/tagless_viewer.rb +0 -9
data/lib/watobo/gui/templates/plugin.rb +0 -9
data/lib/watobo/gui/templates/plugin2.rb +92 -100
data/lib/watobo/gui/templates/plugin_base.rb +144 -153
data/lib/watobo/gui/text_viewer.rb +0 -9
data/lib/watobo/gui/transcoder_window.rb +0 -9
data/lib/watobo/gui/utils/gui_utils.rb +0 -9
data/lib/watobo/gui/utils/init_icons.rb +86 -95
data/lib/watobo/gui/utils/load_icons.rb +33 -42
data/lib/watobo/gui/utils/load_plugins.rb +116 -119
data/lib/watobo/gui/utils/master_password.rb +68 -77
data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
data/lib/watobo/gui/utils/session_history.rb +112 -121
data/lib/watobo/gui/workspace_dialog.rb +0 -9
data/lib/watobo/gui/www_auth_dialog.rb +0 -9
data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
data/lib/watobo/http.rb +4 -13
data/lib/watobo/http/cookies/cookies.rb +26 -35
data/lib/watobo/http/data/data.rb +45 -54
data/lib/watobo/http/data/json.rb +47 -55
data/lib/watobo/http/url/url.rb +38 -47
data/lib/watobo/http/xml/xml.rb +124 -130
data/lib/watobo/interceptor.rb +3 -12
data/lib/watobo/interceptor/proxy.rb +742 -739
data/lib/watobo/interceptor/transparent.rb +22 -24
data/lib/watobo/mixins.rb +10 -19
data/lib/watobo/mixins/check_info.rb +27 -36
data/lib/watobo/mixins/httpparser.rb +613 -637
data/lib/watobo/mixins/request_parser.rb +88 -97
data/lib/watobo/mixins/shapers.rb +515 -529
data/lib/watobo/mixins/transcoders.rb +3 -11
data/lib/watobo/parser.rb +1 -10
data/lib/watobo/parser/html.rb +83 -92
data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
data/lib/watobo/sockets.rb +3 -12
data/lib/watobo/sockets/agent.rb +828 -837
data/lib/watobo/sockets/client_socket.rb +308 -312
data/lib/watobo/sockets/connection.rb +401 -410
data/lib/watobo/sockets/http_socket.rb +11 -13
data/lib/watobo/sockets/ntlm_auth.rb +129 -138
data/lib/watobo/utils.rb +10 -19
data/lib/watobo/utils/check_regex.rb +0 -9
data/lib/watobo/utils/copy_object.rb +0 -9
data/lib/watobo/utils/crypto.rb +0 -9
data/lib/watobo/utils/expand_range.rb +23 -32
data/lib/watobo/utils/export_xml.rb +97 -106
data/lib/watobo/utils/file_management.rb +9 -11
data/lib/watobo/utils/hexprint.rb +9 -18
data/lib/watobo/utils/load_chat.rb +0 -9
data/lib/watobo/utils/load_icon.rb +0 -9
data/lib/watobo/utils/ntlm.rb +866 -875
data/lib/watobo/utils/print_debug.rb +12 -21
data/lib/watobo/utils/response_builder.rb +90 -99
data/lib/watobo/utils/response_hash.rb +0 -9
data/lib/watobo/utils/secure_eval.rb +0 -9
data/lib/watobo/utils/strings.rb +10 -19
data/lib/watobo/utils/text2request.rb +0 -9
data/lib/watobo/utils/url.rb +23 -32
data/lib/watobo/utils/utf16.rb +11 -20
data/modules/active/Apache/mod_status.rb +0 -9
data/modules/active/Apache/multiview.rb +151 -160
data/modules/active/Flash/crossdomain.rb +0 -9
data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
data/modules/active/cq5/cq5_default_selectors.rb +106 -115
data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
data/modules/active/directories/dirwalker.rb +0 -9
data/modules/active/discovery/fileextensions.rb +0 -9
data/modules/active/discovery/http_methods.rb +0 -9
data/modules/active/discovery/jsmapfiles.rb +79 -0
data/modules/active/domino/domino_db.rb +68 -76
data/modules/active/dotNET/custom_errors.rb +102 -111
data/modules/active/dotNET/dotnet_files.rb +90 -99
data/modules/active/fileinclusion/lfi_simple.rb +0 -9
data/modules/active/jboss/jboss_basic.rb +0 -9
data/modules/active/sap/business_objects.rb +51 -60
data/modules/active/sap/its_commands.rb +0 -9
data/modules/active/sap/its_service_parameter.rb +0 -9
data/modules/active/sap/its_services.rb +0 -9
data/modules/active/sap/its_xss.rb +0 -9
data/modules/active/shell_shock/shell_shock.rb +139 -148
data/modules/active/siebel/siebel_apps.rb +160 -169
data/modules/active/sqlinjection/sql_boolean.rb +0 -9
data/modules/active/sqlinjection/sql_numerical.rb +198 -0
data/modules/active/sqlinjection/sqli_error.rb +0 -9
data/modules/active/sqlinjection/sqli_timing.rb +220 -229
data/modules/active/struts2/default_handler_ognl.rb +106 -115
data/modules/active/struts2/include_params_ognl.rb +105 -114
data/modules/active/xml/xml_xxe.rb +112 -123
data/modules/active/xss/xss_ng.rb +214 -223
data/modules/active/xss/xss_simple.rb +0 -9
data/modules/passive/ajax.rb +68 -77
data/modules/passive/autocomplete.rb +56 -65
data/modules/passive/cookie_options.rb +0 -9
data/modules/passive/cookie_xss.rb +0 -9
data/modules/passive/detect_code.rb +0 -9
data/modules/passive/detect_fileupload.rb +0 -9
data/modules/passive/detect_infrastructure.rb +0 -9
data/modules/passive/detect_one_time_tokens.rb +0 -9
data/modules/passive/dirindexing.rb +0 -9
data/modules/passive/disclosure_domino.rb +55 -64
data/modules/passive/disclosure_emails.rb +0 -9
data/modules/passive/disclosure_ipaddr.rb +55 -53
data/modules/passive/filename_as_parameter.rb +0 -9
data/modules/passive/form_spotter.rb +0 -9
data/modules/passive/hidden_fields.rb +50 -59
data/modules/passive/hotspots.rb +0 -9
data/modules/passive/in_script_parameter.rb +0 -9
data/modules/passive/json_web_token.rb +93 -0
data/modules/passive/multiple_server_headers.rb +0 -9
data/modules/passive/possible_login.rb +0 -9
data/modules/passive/redirect_url.rb +0 -9
data/modules/passive/redirectionz.rb +0 -9
data/modules/passive/sap-headers.rb +56 -65
data/modules/passive/xss_dom.rb +0 -9
data/plugins/aem/aem.rb +11 -20
data/plugins/aem/gui/main.rb +118 -127
data/plugins/aem/gui/tree_view.rb +171 -180
data/plugins/aem/lib/agent.rb +130 -138
data/plugins/aem/lib/dispatcher.rb +45 -51
data/plugins/aem/lib/engine.rb +177 -186
data/plugins/catalog/catalog.rb +345 -355
data/plugins/crawler/crawler.rb +4 -13
data/plugins/crawler/gui.rb +5 -14
data/plugins/crawler/gui/auth_frame.rb +270 -279
data/plugins/crawler/gui/crawler_gui.rb +271 -276
data/plugins/crawler/gui/general_settings_frame.rb +96 -105
data/plugins/crawler/gui/hooks_frame.rb +80 -89
data/plugins/crawler/gui/scope_frame.rb +50 -59
data/plugins/crawler/gui/settings_tabbook.rb +38 -47
data/plugins/crawler/gui/status_frame.rb +59 -68
data/plugins/crawler/lib/bags.rb +18 -27
data/plugins/crawler/lib/constants.rb +11 -20
data/plugins/crawler/lib/engine.rb +488 -497
data/plugins/crawler/lib/grabber.rb +68 -77
data/plugins/crawler/lib/status.rb +71 -80
data/plugins/crawler/lib/uri_mp.rb +12 -21
data/plugins/filefinder/filefinder.rb +326 -333
data/plugins/sqlmap/bin/test.rb +78 -87
data/plugins/sqlmap/gui.rb +4 -13
data/plugins/sqlmap/gui/main.rb +218 -227
data/plugins/sqlmap/gui/options_frame.rb +97 -106
data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
data/plugins/sqlmap/sqlmap.rb +2 -11
data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
data/plugins/sslchecker/gui/cipher_table.rb +246 -254
data/plugins/sslchecker/gui/gui.rb +258 -264
data/plugins/sslchecker/gui/sslchecker.rb +4 -13
data/plugins/sslchecker/lib/check.rb +127 -133
data/plugins/wshell/gui/main.rb +119 -117
data/plugins/wshell/lib/core.rb +38 -88
data/plugins/wshell/wshell.rb +11 -20
metadata +170 -164

@@ -1,140 +1,132 @@
-#.
-# agent.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+# @private
+module Watobo#:nodoc: all
+  module Plugin
+    class CQ5
+      class Agent < Watobo::Session
+         def initialize(base_request, in_queue, out_queue )
+            @work_queue = in_queue
+            @disp_queue = out_queue
+            @request = base_request
+            super(@request.object_id,  Watobo::Conf::Scanner.to_h )
-# @private
-module Watobo#:nodoc: all
-  module Plugin
-    class CQ5
-      class Agent < Watobo::Session
-         def initialize(base_request, in_queue, out_queue )
-            @work_queue = in_queue
-            @disp_queue = out_queue
-            @request = base_request
-            super(@request.object_id,  Watobo::Conf::Scanner.to_h )
-         end
-         def stop
-           @agent_thread.kill
-         end
-         def run
-           return nil if @work_queue.nil? or @disp_queue.nil?
-           @agent_thread = Thread.new(){
-             puts "#{self} running ..."
-             loop do
-             begin
-               item = @work_queue.deq
-               # not interested in jcr:content ... skip ...
-               next if item[:url] =~ /jcr%3acontent$/
-               get_pages item
-               file_info item
-             rescue => bang
-               puts bang
-               puts bang.backtrace
-               exit
-             end
-             end
-           }
-           @agent_thread
-         end
-         def get_pages(item)
-           test = @request.copy
-          # puts item
-           url = item[:url].gsub(/\/$/,'') + '/.pages.json'
-           test.replaceURL( url )
-           request, response = sendRequest test
-           return false unless response.respond_to? :status
-           item[:pages_status] = response.status
-          # @disp_queue << item
-           if response.content_type =~ /json/i
-             begin
-             ntpages = JSON.parse response.body.to_s
-             if ntpages['pages']
-              ntpages['pages'].each do |p|
-                #unless @use_relative_path
-                ep = p['escapedPath']
-                next if ep.nil?
-                next if ep.empty?
-                purl = ''
-                purl = @request.url.to_s.gsub(/\/$/, '') + p['escapedPath']
-                puts "+ #{purl}"
-                next if purl.empty?
-                item = {
-                  :url => purl,
-                  :page_info => p,
-                  :file_info => nil,
-                  :status => nil
-                }
-                @disp_queue << item
-               end
-             end
-             rescue => bang
-                puts bang
-                puts ntpages
-                puts "---"
-              end
-           end
-           #puts response.body.to_s
-           true
-         end
-         def file_info(item)
-           #url = item[:url]
-           #@request.replaceURL "#{url}/.json"
-           test = @request.copy
-           test.set_file_extension "json"
-          # puts "\n>> #{@request.url}"
-           request, response = sendRequest test
-           return false unless response.respond_to? :status
-           item[:info_status] = response.status
-           if response.content_type =~ /json/i
-             info = JSON.parse response.body.to_s
-             item[:file_info] = info
-           end
-           #@disp_queue << item
-           true
-         end
-         def sendRequest(request, prefs={})
-           begin
-              test_req, test_resp = self.doRequest(request, prefs)
-              return test_req, test_resp
-           rescue => bang
-              puts bang
-              puts bang.backtrace if $DEBUG
-           end
-           return nil, nil
-         end
-      end
-    end
-  end
+         end
+         def stop
+           @agent_thread.kill
+         end
+         def run
+           return nil if @work_queue.nil? or @disp_queue.nil?
+           @agent_thread = Thread.new(){
+             puts "#{self} running ..."
+             loop do
+             begin
+               item = @work_queue.deq
+               # not interested in jcr:content ... skip ...
+               next if item[:url] =~ /jcr%3acontent$/
+               puts item[:url]
+               get_pages item
+               file_info item
+             rescue => bang
+               puts bang
+               puts bang.backtrace
+               exit
+             end
+             end
+           }
+           @agent_thread
+         end
+         def get_pages(item)
+           test = @request.copy
+          # puts item
+           url = item[:url].gsub(/\/$/,'') + '/.pages.json'
+           test.replaceURL( url )
+           request, response = sendRequest test
+           return false unless response.respond_to? :status
+           item[:pages_status] = response.status
+          # @disp_queue << item
+           if response.content_type =~ /json/i
+             begin
+             ntpages = JSON.parse response.body.to_s
+             if ntpages['pages']
+              ntpages['pages'].each do |p|
+                #unless @use_relative_path
+                ep = p['escapedPath']
+                next if ep.nil?
+                next if ep.empty?
+                purl = ''
+                purl = @request.url.to_s.gsub(/\/$/, '') + p['escapedPath']
+                puts "+ #{purl}"
+                next if purl.empty?
+                item = {
+                  :url => purl,
+                  :page_info => p,
+                  :file_info => nil,
+                  :status => nil
+                }
+                @disp_queue << item
+               end
+             end
+             rescue => bang
+                puts bang
+                puts ntpages
+                puts "---"
+              end
+           end
+           #puts response.body.to_s
+           true
+         end
+         def file_info(item)
+           #url = item[:url]
+           #@request.replaceURL "#{url}/.json"
+           test = @request.copy
+           test.set_file_extension "json"
+          # puts "\n>> #{@request.url}"
+           request, response = sendRequest test
+           return false unless response.respond_to? :status
+           item[:info_status] = response.status
+           if response.content_type =~ /json/i
+             info = JSON.parse response.body.to_s
+             item[:file_info] = info
+           end
+           #@disp_queue << item
+           true
+         end
+         def sendRequest(request, prefs={})
+           begin
+              test_req, test_resp = self.doRequest(request, prefs)
+              return test_req, test_resp
+           rescue => bang
+              puts bang
+              puts bang.backtrace if $DEBUG
+           end
+           return nil, nil
+         end
+      end
+    end
+  end
 end

data/plugins/aem/lib/dispatcher.rb CHANGED

@@ -1,53 +1,47 @@
-#.
-# dispatcher.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+# @private
+module Watobo #:nodoc: all
+  module Plugin
+    class CQ5
+      class Dispatcher
-# @private
-module Watobo#:nodoc: all
-  module Plugin
-    class CQ5
-      class Dispatcher
-        def stop
-          @t_disp.kill unless @t_disp.nil?
-        end
-        def run
-          @known_urls = []
-          puts Watobo::Plugin::CQ5.ignore_patterns
-          @t_disp = Thread.new{
-            loop do
-               new_item = @dqueue.deq
-               unless @known_urls.include?( new_item[:url] )
-                 @known_urls << new_item[:url]
-                 if Watobo::Plugin::CQ5.ignore_patterns.empty?
-                  # puts "* no ignore patterns defined"
-                   @wqueue << new_item
-                 elsif Watobo::Plugin::CQ5.ignore_patterns.select{|ip| new_item[:url] =~ /#{ip}/i }.empty?
-                   @wqueue << new_item
-                 end
-                 @rqueue << new_item
-               else
-                 puts "[DUPLICATED] >> #{new_item[:url]}"
-               end
-             end
-          }
-        end
-        def initialize(disp_queue, work_queue, result_queue)
-          @dqueue = disp_queue
-          @wqueue = work_queue
-          @rqueue = result_queue
-          @t_disp = nil
-        end
-      end
-    end
-  end
+        def stop
+          @t_disp.kill unless @t_disp.nil?
+        end
+        def run
+          @known_urls = []
+          puts Watobo::Plugin::CQ5.ignore_patterns
+          @t_disp = Thread.new {
+            loop do
+              if @dqueue.size > 0
+                new_item = @dqueue.deq
+                unless @known_urls.include?(new_item[:url])
+                  @known_urls << new_item[:url]
+                  if Watobo::Plugin::CQ5.ignore_patterns.empty?
+                    # puts "* no ignore patterns defined"
+                    @wqueue << new_item
+                  elsif Watobo::Plugin::CQ5.ignore_patterns.select { |ip| new_item[:url] =~ /#{ip}/i }.empty?
+                    @wqueue << new_item
+                  end
+                  @rqueue << new_item
+                else
+                  puts "[DUPLICATED] >> #{new_item[:url]}"
+                end
+              else
+                sleep 0.2
+              end
+            end
+          }
+        end
+        def initialize(disp_queue, work_queue, result_queue)
+          @dqueue = disp_queue
+          @wqueue = work_queue
+          @rqueue = result_queue
+          @t_disp = nil
+        end
+      end
+    end
+  end
 end

data/plugins/aem/lib/engine.rb CHANGED

@@ -1,187 +1,178 @@
-#.
-# engine.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-# @private
-module Watobo#:nodoc: all
-  module Plugin
-    class CQ5
-      @max_agents = 10
-      @disp_queue = Queue.new
-      @work_queue = Queue.new
-      @gui_queue = Queue.new
-      @agents = []
-      @use_relative_path = false
-      def self.reset
-        @disp_queue.clear
-        @work_queue.clear
-        @agents.map {|a| a.stop }
-        @agents = []
-      end
-      def self.ignore_patterns=(ipats)
-        @ignore_patterns = ipats
-      end
-      def self.ignore_patterns
-        @ignore_patterns
-      end
-      def self.use_relative_path=(urp)
-        @use_relative_path = urp
-      end
-      def self.queue_size
-        @work_queue.size
-      end
-      def self.status
-      end
-      def self.running?
-        @work_queue.size == 0 &&
-        @work_queue.num_waiting == @max_agents
-      end
-      def self.stop
-          @agents.map {|a| a.stop }
-      end
-      def self.run(start_path, gui_queue=nil)
-        @agents = []
-        puts "\nCQ5 Engine running on #{start_path}"
-        @dispatcher = Dispatcher.new( @disp_queue, @work_queue, gui_queue )
-        @dispatcher.run
-        vr = find_valid_request(start_path)
-        unless vr.nil?
-          puts "Baseline Request: " + vr.url.to_s
-          @max_agents.times do
-            puts " * Start Agent"
-            a = Agent.new( vr.copy, @work_queue, @disp_queue )
-            @agents << a
-            a.run
-          end
-        else
-          return false
-        end
-      end
-      def self.get_user_info
-        # https://mysite/cqa/libs/cq/security/userinfo.json?cq_ck=1427468388796
-      end
-      def self.find_valid_request(start_path)
-        # create a dummy agent to make test requests
-        agent = Agent.new nil, nil, nil
-        checked = []
-        #puts start_path.class
-        valid_request = nil
-        Watobo::Chats.to_a.reverse.each do |chat|
-          next unless chat.request.method_get?
-          url = chat.request.url.to_s
-        #  url.gsub!(chat.request.site, chat.request.host)
-          path = chat.request.path
-        #  next if checked.include? path
-          checked << path
-         # puts path.class
-         # puts url.class
-         # puts start_path
-         # puts url
-          pattern = Regexp.quote(start_path)
-          pattern = start_path
-          #puts pattern
-          #puts "---\n"
-          if url =~ /#{pattern}/
-            test = chat.copyRequest
-            test.replaceFileExt('.pages.json')
-            puts "* [#{chat.id}] " + test.url.to_s
-            request, response = agent.doRequest test
-           # puts response
-            unless response.content_type =~ /json/i
-              puts "! .pages.json is filtered !"
-              next
-            end
-            ntpages = JSON.parse response.body.to_s
-            if ntpages['pages']
-              valid_request = test
-              ntpages['pages'].each do |p|
-                # check if escapedPath is absolut or relativ
-                # if we find directory separator '/' we assume it's absolute
-                ep = p['escapedPath'].gsub(/^\//,'').strip
-                puts "EscapedPath: #{ep}"
-                # find the home directory of the application
-                ep_dirs = ep.split('/')
-                puts "EscapedPath-Dirs (#{ep_dirs.length}): " + ep_dirs.join("\n")
-                # request dir
-                r_dir = "#{test.dir}"
-                puts "Test-Request-Dir: " + r_dir
-                puts "Check for #{ep_dirs[0]}, #{ep_dirs[1]}"
-                # find offset of first escapePath directory
-                i = r_dir.index( ep_dirs.first )
-                puts "Index: #{i}"
-                base_dir = r_dir
-                puts base_dir
-                unless i.nil?
-                  if i > 0
-                    base_dir = r_dir[0..i-1]
-                  else
-                    base_dir = ''
-                  end
-                end
-                puts "Base-Dir: #{base_dir}"
-                test.setDir base_dir
-                item = {
-                  #:url => base_url.gsub(/\/$/,'') + p['escapedPath'],
-                  :url => start_path,
-                  :page_info => p,
-                  :file_info => nil,
-                  :status => nil
-                }
-                @disp_queue << item
-              end
-              #test.replaceFileExt('')
-              return valid_request
-            end
-          end
-        end
-        nil
-      end
-    end
-  end
+# @private
+module Watobo#:nodoc: all
+  module Plugin
+    class CQ5
+      @max_agents = 10
+      @disp_queue = Queue.new
+      @work_queue = Queue.new
+      @gui_queue = Queue.new
+      @agents = []
+      @use_relative_path = false
+      def self.reset
+        @disp_queue.clear
+        @work_queue.clear
+        @agents.map {|a| a.stop }
+        @agents = []
+      end
+      def self.ignore_patterns=(ipats)
+        @ignore_patterns = ipats
+      end
+      def self.ignore_patterns
+        @ignore_patterns
+      end
+      def self.use_relative_path=(urp)
+        @use_relative_path = urp
+      end
+      def self.queue_size
+        @work_queue.size
+      end
+      def self.status
+      end
+      def self.running?
+        @work_queue.size == 0 &&
+        @work_queue.num_waiting == @max_agents
+      end
+      def self.stop
+          @agents.map {|a| a.stop }
+      end
+      def self.run(start_path, gui_queue=nil)
+        @agents = []
+        puts "\nCQ5 Engine running on #{start_path}"
+        @dispatcher = Dispatcher.new( @disp_queue, @work_queue, gui_queue )
+        @dispatcher.run
+        vr = find_valid_request(start_path)
+        unless vr.nil?
+          puts "Baseline Request: " + vr.url.to_s
+          @max_agents.times do
+            puts " * Start Agent"
+            a = Agent.new( vr.copy, @work_queue, @disp_queue )
+            @agents << a
+            a.run
+          end
+        else
+          return false
+        end
+      end
+      def self.get_user_info
+        # https://mysite/cqa/libs/cq/security/userinfo.json?cq_ck=1427468388796
+      end
+      def self.find_valid_request(start_path)
+        # create a dummy agent to make test requests
+        agent = Agent.new nil, nil, nil
+        checked = []
+        #puts start_path.class
+        valid_request = nil
+        Watobo::Chats.to_a.reverse.each do |chat|
+          next unless chat.request.method_get?
+          url = chat.request.url.to_s
+        #  url.gsub!(chat.request.site, chat.request.host)
+          path = chat.request.path
+        #  next if checked.include? path
+          checked << path
+         # puts path.class
+         # puts url.class
+         # puts start_path
+         # puts url
+          pattern = Regexp.quote(start_path)
+          pattern = start_path
+          #puts pattern
+          #puts "---\n"
+          if URI.parse(url).to_s =~ /#{pattern}/
+            test = chat.copyRequest
+            test.replaceFileExt('.pages.json')
+            puts "* [#{chat.id}] " + test.url.to_s
+            request, response = agent.doRequest test
+            puts response
+            unless response.content_type =~ /json/i
+              puts "! .pages.json is filtered !"
+              next
+            end
+            ntpages = JSON.parse response.body.to_s
+            if ntpages['pages']
+              valid_request = test
+              ntpages['pages'].each do |p|
+                # check if escapedPath is absolut or relativ
+                # if we find directory separator '/' we assume it's absolute
+                ep = p['escapedPath'].gsub(/^\//,'').strip
+                puts "EscapedPath: #{ep}"
+                # find the home directory of the application
+                ep_dirs = ep.split('/')
+                puts "EscapedPath-Dirs (#{ep_dirs.length}): " + ep_dirs.join("\n")
+                # request dir
+                r_dir = "#{test.dir}"
+                puts "Test-Request-Dir: " + r_dir
+                puts "Check for #{ep_dirs[0]}, #{ep_dirs[1]}"
+                # find offset of first escapePath directory
+                i = r_dir.index( ep_dirs.first )
+                puts "Index: #{i}"
+                base_dir = r_dir
+                puts base_dir
+                unless i.nil?
+                  if i > 0
+                    base_dir = r_dir[0..i-1]
+                  else
+                    base_dir = ''
+                  end
+                end
+                puts "Base-Dir: #{base_dir}"
+                test.setDir base_dir
+                item = {
+                  #:url => base_url.gsub(/\/$/,'') + p['escapedPath'],
+                  :url => start_path,
+                  :page_info => p,
+                  :file_info => nil,
+                  :status => nil
+                }
+                @disp_queue << item
+              end
+              #test.replaceFileExt('')
+              return valid_request
+            end
+          end
+        end
+        nil
+      end
+    end
+  end
 end