RubyGems - watobo - Versions diffs - 0.9.21 → 0.9.23 - Mend

watobo 0.9.21 → 0.9.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (283) hide show

checksums.yaml +7 -0
data/CHANGELOG.md +46 -1
data/bin/nfq_server.rb +0 -9
data/bin/watobo_gui.rb +3 -13
data/custom-views/prettify-json.rb +9 -18
data/icons/watobo.ico +0 -0
data/icons/watobo.ico.old +0 -0
data/lib/watobo.rb +10 -19
data/lib/watobo/adapters.rb +5 -14
data/lib/watobo/adapters/data_store.rb +50 -59
data/lib/watobo/adapters/file/file_store.rb +287 -296
data/lib/watobo/adapters/file/marshal_store.rb +293 -296
data/lib/watobo/adapters/session_store.rb +5 -14
data/lib/watobo/ca.rb +1 -10
data/lib/watobo/config.rb +197 -206
data/lib/watobo/constants.rb +0 -9
data/lib/watobo/core.rb +3 -12
data/lib/watobo/core/active_check.rb +72 -135
data/lib/watobo/core/active_checks.rb +49 -58
data/lib/watobo/core/ca.rb +369 -389
data/lib/watobo/core/cert_store.rb +34 -43
data/lib/watobo/core/chat.rb +92 -101
data/lib/watobo/core/chats.rb +271 -280
data/lib/watobo/core/client_cert_store.rb +106 -35
data/lib/watobo/core/conversation.rb +48 -57
data/lib/watobo/core/cookie.rb +23 -32
data/lib/watobo/core/egress_handlers.rb +98 -0
data/lib/watobo/core/finding.rb +66 -75
data/lib/watobo/core/findings.rb +107 -114
data/lib/watobo/core/forwarding_proxy.rb +13 -22
data/lib/watobo/core/fuzz_gen.rb +0 -9
data/lib/watobo/core/intercept_carver.rb +166 -177
data/lib/watobo/core/intercept_filter.rb +235 -244
data/lib/watobo/core/interceptor.rb +98 -107
data/lib/watobo/core/min_class.rb +4 -13
data/lib/watobo/core/netfilter_queue.rb +170 -179
data/lib/watobo/core/ott_cache.rb +132 -141
data/lib/watobo/core/parameter.rb +43 -52
data/lib/watobo/core/passive_check.rb +103 -102
data/lib/watobo/core/passive_checks.rb +48 -57
data/lib/watobo/core/passive_scanner.rb +54 -55
data/lib/watobo/core/plugin.rb +11 -20
data/lib/watobo/core/project.rb +3 -9
data/lib/watobo/core/proxy.rb +43 -52
data/lib/watobo/core/request.rb +125 -123
data/lib/watobo/core/response.rb +44 -53
data/lib/watobo/core/scanner.rb +0 -9
data/lib/watobo/core/scanner3.rb +405 -414
data/lib/watobo/core/scope.rb +83 -92
data/lib/watobo/core/session.rb +1043 -1026
data/lib/watobo/core/sid_cache.rb +98 -107
data/lib/watobo/core/subscriber.rb +25 -34
data/lib/watobo/defaults.rb +21 -30
data/lib/watobo/external/diff/lcs.rb +0 -9
data/lib/watobo/external/diff/lcs/array.rb +0 -9
data/lib/watobo/external/diff/lcs/block.rb +0 -9
data/lib/watobo/external/diff/lcs/callbacks.rb +0 -9
data/lib/watobo/external/diff/lcs/change.rb +0 -9
data/lib/watobo/external/diff/lcs/hunk.rb +0 -9
data/lib/watobo/external/diff/lcs/ldiff.rb +0 -9
data/lib/watobo/external/diff/lcs/string.rb +0 -9
data/lib/watobo/externals.rb +6 -15
data/lib/watobo/framework.rb +4 -13
data/lib/watobo/framework/create_project.rb +60 -69
data/lib/watobo/framework/init.rb +0 -9
data/lib/watobo/framework/init_modules.rb +0 -9
data/lib/watobo/framework/license_text.rb +28 -37
data/lib/watobo/framework/load_chat.rb +13 -22
data/lib/watobo/gui.rb +132 -123
data/lib/watobo/gui/about_watobo.rb +0 -9
data/lib/watobo/gui/browser_preview.rb +0 -9
data/lib/watobo/gui/certificate_dialog.rb +0 -9
data/lib/watobo/gui/chat_diff.rb +0 -9
data/lib/watobo/gui/chatviewer_frame.rb +73 -72
data/lib/watobo/gui/checkboxtree.rb +0 -9
data/lib/watobo/gui/checks_policy_frame.rb +0 -9
data/lib/watobo/gui/client_cert_dialog.rb +96 -87
data/lib/watobo/gui/confirm_scan_dialog.rb +0 -9
data/lib/watobo/gui/conversation_table.rb +158 -164
data/lib/watobo/gui/conversation_table_ctrl.rb +207 -216
data/lib/watobo/gui/conversation_table_ctrl2.rb +373 -382
data/lib/watobo/gui/csrf_token_dialog.rb +0 -9
data/lib/watobo/gui/custom_viewer.rb +374 -383
data/lib/watobo/gui/dashboard.rb +296 -303
data/lib/watobo/gui/define_scope_frame.rb +0 -9
data/lib/watobo/gui/differ_frame.rb +215 -224
data/lib/watobo/gui/edit_comment.rb +0 -9
data/lib/watobo/gui/edit_scope_dialog.rb +0 -9
data/lib/watobo/gui/export_dialog.rb +104 -113
data/lib/watobo/gui/finding_info.rb +0 -9
data/lib/watobo/gui/findings_tree.rb +210 -217
data/lib/watobo/gui/full_scan_dialog.rb +0 -9
data/lib/watobo/gui/fuzzer_gui.rb +1295 -1313
data/lib/watobo/gui/fxsave_thread.rb +14 -0
data/lib/watobo/gui/goto_url_dialog.rb +70 -79
data/lib/watobo/gui/hex_viewer.rb +0 -9
data/lib/watobo/gui/html_viewer.rb +287 -296
data/lib/watobo/gui/intercept_filter_dialog.rb +188 -197
data/lib/watobo/gui/interceptor_gui.rb +1041 -1051
data/lib/watobo/gui/interceptor_settings_dialog.rb +0 -9
data/lib/watobo/gui/json_viewer.rb +287 -0
data/lib/watobo/gui/list_box.rb +101 -110
data/lib/watobo/gui/log_file_viewer.rb +32 -41
data/lib/watobo/gui/log_viewer.rb +83 -88
data/lib/watobo/gui/login_wizzard.rb +0 -9
data/lib/watobo/gui/main_window.rb +587 -618
data/lib/watobo/gui/manual_request_editor.rb +620 -565
data/lib/watobo/gui/master_pw_dialog.rb +0 -9
data/lib/watobo/gui/mixins/gui_settings.rb +29 -38
data/lib/watobo/gui/page_tree.rb +217 -226
data/lib/watobo/gui/password_policy_dialog.rb +0 -9
data/lib/watobo/gui/plugin_board.rb +0 -9
data/lib/watobo/gui/preferences_dialog.rb +0 -9
data/lib/watobo/gui/progress_window.rb +17 -27
data/lib/watobo/gui/project_wizzard.rb +0 -9
data/lib/watobo/gui/proxy_dialog.rb +1 -10
data/lib/watobo/gui/quick_scan_dialog.rb +0 -9
data/lib/watobo/gui/request_builder_frame.rb +102 -111
data/lib/watobo/gui/request_editor.rb +181 -137
data/lib/watobo/gui/rewrite_filters_dialog.rb +394 -403
data/lib/watobo/gui/rewrite_rules_dialog.rb +372 -381
data/lib/watobo/gui/save_chat_dialog.rb +140 -149
data/lib/watobo/gui/scanner_settings_dialog.rb +0 -9
data/lib/watobo/gui/select_chat_dialog.rb +0 -9
data/lib/watobo/gui/session_management_dialog.rb +0 -9
data/lib/watobo/gui/sites_tree.rb +0 -9
data/lib/watobo/gui/status_bar.rb +0 -9
data/lib/watobo/gui/table_editor.rb +0 -9
data/lib/watobo/gui/tagless_viewer.rb +0 -9
data/lib/watobo/gui/templates/plugin.rb +0 -9
data/lib/watobo/gui/templates/plugin2.rb +92 -100
data/lib/watobo/gui/templates/plugin_base.rb +144 -153
data/lib/watobo/gui/text_viewer.rb +0 -9
data/lib/watobo/gui/transcoder_window.rb +0 -9
data/lib/watobo/gui/utils/gui_utils.rb +0 -9
data/lib/watobo/gui/utils/init_icons.rb +86 -95
data/lib/watobo/gui/utils/load_icons.rb +33 -42
data/lib/watobo/gui/utils/load_plugins.rb +116 -119
data/lib/watobo/gui/utils/master_password.rb +68 -77
data/lib/watobo/gui/utils/save_default_settings.rb +113 -122
data/lib/watobo/gui/utils/save_project_settings.rb +0 -9
data/lib/watobo/gui/utils/save_proxy_settings.rb +41 -50
data/lib/watobo/gui/utils/save_scanner_settings.rb +18 -27
data/lib/watobo/gui/utils/session_history.rb +112 -121
data/lib/watobo/gui/workspace_dialog.rb +0 -9
data/lib/watobo/gui/www_auth_dialog.rb +0 -9
data/lib/watobo/gui/xml_viewer_frame.rb +0 -9
data/lib/watobo/http.rb +4 -13
data/lib/watobo/http/cookies/cookies.rb +26 -35
data/lib/watobo/http/data/data.rb +45 -54
data/lib/watobo/http/data/json.rb +47 -55
data/lib/watobo/http/url/url.rb +38 -47
data/lib/watobo/http/xml/xml.rb +124 -130
data/lib/watobo/interceptor.rb +3 -12
data/lib/watobo/interceptor/proxy.rb +742 -739
data/lib/watobo/interceptor/transparent.rb +22 -24
data/lib/watobo/mixins.rb +10 -19
data/lib/watobo/mixins/check_info.rb +27 -36
data/lib/watobo/mixins/httpparser.rb +613 -637
data/lib/watobo/mixins/request_parser.rb +88 -97
data/lib/watobo/mixins/shapers.rb +515 -529
data/lib/watobo/mixins/transcoders.rb +3 -11
data/lib/watobo/parser.rb +1 -10
data/lib/watobo/parser/html.rb +83 -92
data/lib/watobo/patch_fxruby_setfocus.rb +26 -0
data/lib/watobo/sockets.rb +3 -12
data/lib/watobo/sockets/agent.rb +828 -837
data/lib/watobo/sockets/client_socket.rb +308 -312
data/lib/watobo/sockets/connection.rb +401 -410
data/lib/watobo/sockets/http_socket.rb +11 -13
data/lib/watobo/sockets/ntlm_auth.rb +129 -138
data/lib/watobo/utils.rb +10 -19
data/lib/watobo/utils/check_regex.rb +0 -9
data/lib/watobo/utils/copy_object.rb +0 -9
data/lib/watobo/utils/crypto.rb +0 -9
data/lib/watobo/utils/expand_range.rb +23 -32
data/lib/watobo/utils/export_xml.rb +97 -106
data/lib/watobo/utils/file_management.rb +9 -11
data/lib/watobo/utils/hexprint.rb +9 -18
data/lib/watobo/utils/load_chat.rb +0 -9
data/lib/watobo/utils/load_icon.rb +0 -9
data/lib/watobo/utils/ntlm.rb +866 -875
data/lib/watobo/utils/print_debug.rb +12 -21
data/lib/watobo/utils/response_builder.rb +90 -99
data/lib/watobo/utils/response_hash.rb +0 -9
data/lib/watobo/utils/secure_eval.rb +0 -9
data/lib/watobo/utils/strings.rb +10 -19
data/lib/watobo/utils/text2request.rb +0 -9
data/lib/watobo/utils/url.rb +23 -32
data/lib/watobo/utils/utf16.rb +11 -20
data/modules/active/Apache/mod_status.rb +0 -9
data/modules/active/Apache/multiview.rb +151 -160
data/modules/active/Flash/crossdomain.rb +0 -9
data/modules/active/JWT/jwt_oauth2_none.rb +111 -0
data/modules/active/cq5/cq5_default_selectors.rb +106 -115
data/modules/active/cq5/cqp_user_enumeration.rb +125 -134
data/modules/active/directories/dirwalker.rb +0 -9
data/modules/active/discovery/fileextensions.rb +0 -9
data/modules/active/discovery/http_methods.rb +0 -9
data/modules/active/discovery/jsmapfiles.rb +79 -0
data/modules/active/domino/domino_db.rb +68 -76
data/modules/active/dotNET/custom_errors.rb +102 -111
data/modules/active/dotNET/dotnet_files.rb +90 -99
data/modules/active/fileinclusion/lfi_simple.rb +0 -9
data/modules/active/jboss/jboss_basic.rb +0 -9
data/modules/active/sap/business_objects.rb +51 -60
data/modules/active/sap/its_commands.rb +0 -9
data/modules/active/sap/its_service_parameter.rb +0 -9
data/modules/active/sap/its_services.rb +0 -9
data/modules/active/sap/its_xss.rb +0 -9
data/modules/active/shell_shock/shell_shock.rb +139 -148
data/modules/active/siebel/siebel_apps.rb +160 -169
data/modules/active/sqlinjection/sql_boolean.rb +0 -9
data/modules/active/sqlinjection/sql_numerical.rb +198 -0
data/modules/active/sqlinjection/sqli_error.rb +0 -9
data/modules/active/sqlinjection/sqli_timing.rb +220 -229
data/modules/active/struts2/default_handler_ognl.rb +106 -115
data/modules/active/struts2/include_params_ognl.rb +105 -114
data/modules/active/xml/xml_xxe.rb +112 -123
data/modules/active/xss/xss_ng.rb +214 -223
data/modules/active/xss/xss_simple.rb +0 -9
data/modules/passive/ajax.rb +68 -77
data/modules/passive/autocomplete.rb +56 -65
data/modules/passive/cookie_options.rb +0 -9
data/modules/passive/cookie_xss.rb +0 -9
data/modules/passive/detect_code.rb +0 -9
data/modules/passive/detect_fileupload.rb +0 -9
data/modules/passive/detect_infrastructure.rb +0 -9
data/modules/passive/detect_one_time_tokens.rb +0 -9
data/modules/passive/dirindexing.rb +0 -9
data/modules/passive/disclosure_domino.rb +55 -64
data/modules/passive/disclosure_emails.rb +0 -9
data/modules/passive/disclosure_ipaddr.rb +55 -53
data/modules/passive/filename_as_parameter.rb +0 -9
data/modules/passive/form_spotter.rb +0 -9
data/modules/passive/hidden_fields.rb +50 -59
data/modules/passive/hotspots.rb +0 -9
data/modules/passive/in_script_parameter.rb +0 -9
data/modules/passive/json_web_token.rb +93 -0
data/modules/passive/multiple_server_headers.rb +0 -9
data/modules/passive/possible_login.rb +0 -9
data/modules/passive/redirect_url.rb +0 -9
data/modules/passive/redirectionz.rb +0 -9
data/modules/passive/sap-headers.rb +56 -65
data/modules/passive/xss_dom.rb +0 -9
data/plugins/aem/aem.rb +11 -20
data/plugins/aem/gui/main.rb +118 -127
data/plugins/aem/gui/tree_view.rb +171 -180
data/plugins/aem/lib/agent.rb +130 -138
data/plugins/aem/lib/dispatcher.rb +45 -51
data/plugins/aem/lib/engine.rb +177 -186
data/plugins/catalog/catalog.rb +345 -355
data/plugins/crawler/crawler.rb +4 -13
data/plugins/crawler/gui.rb +5 -14
data/plugins/crawler/gui/auth_frame.rb +270 -279
data/plugins/crawler/gui/crawler_gui.rb +271 -276
data/plugins/crawler/gui/general_settings_frame.rb +96 -105
data/plugins/crawler/gui/hooks_frame.rb +80 -89
data/plugins/crawler/gui/scope_frame.rb +50 -59
data/plugins/crawler/gui/settings_tabbook.rb +38 -47
data/plugins/crawler/gui/status_frame.rb +59 -68
data/plugins/crawler/lib/bags.rb +18 -27
data/plugins/crawler/lib/constants.rb +11 -20
data/plugins/crawler/lib/engine.rb +488 -497
data/plugins/crawler/lib/grabber.rb +68 -77
data/plugins/crawler/lib/status.rb +71 -80
data/plugins/crawler/lib/uri_mp.rb +12 -21
data/plugins/filefinder/filefinder.rb +326 -333
data/plugins/sqlmap/bin/test.rb +78 -87
data/plugins/sqlmap/gui.rb +4 -13
data/plugins/sqlmap/gui/main.rb +218 -227
data/plugins/sqlmap/gui/options_frame.rb +97 -106
data/plugins/sqlmap/lib/sqlmap_ctrl.rb +90 -100
data/plugins/sqlmap/sqlmap.rb +2 -11
data/plugins/sslchecker/cli/sslchecker_cli.rb +0 -9
data/plugins/sslchecker/gui/cipher_table.rb +246 -254
data/plugins/sslchecker/gui/gui.rb +258 -264
data/plugins/sslchecker/gui/sslchecker.rb +4 -13
data/plugins/sslchecker/lib/check.rb +127 -133
data/plugins/wshell/gui/main.rb +119 -117
data/plugins/wshell/lib/core.rb +38 -88
data/plugins/wshell/wshell.rb +11 -20
metadata +170 -164

data/plugins/aem/lib/agent.rb CHANGED

@@ -1,140 +1,132 @@
-#.
-# agent.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+# @private
+module Watobo#:nodoc: all
+  module Plugin
+    class CQ5
+      class Agent < Watobo::Session
+         def initialize(base_request, in_queue, out_queue )
+            @work_queue = in_queue
+            @disp_queue = out_queue
+            @request = base_request
+            super(@request.object_id,  Watobo::Conf::Scanner.to_h )
-# @private
-module Watobo#:nodoc: all
-  module Plugin
-    class CQ5
-      class Agent < Watobo::Session
-         def initialize(base_request, in_queue, out_queue )
-            @work_queue = in_queue
-            @disp_queue = out_queue
-            @request = base_request
-            super(@request.object_id,  Watobo::Conf::Scanner.to_h )
-         end
-         def stop
-           @agent_thread.kill
-         end
-         def run
-           return nil if @work_queue.nil? or @disp_queue.nil?
-           @agent_thread = Thread.new(){
-             puts "#{self} running ..."
-             loop do
-             begin
-               item = @work_queue.deq
-               # not interested in jcr:content ... skip ...
-               next if item[:url] =~ /jcr%3acontent$/
-               get_pages item
-               file_info item
-             rescue => bang
-               puts bang
-               puts bang.backtrace
-               exit
-             end
-             end
-           }
-           @agent_thread
-         end
-         def get_pages(item)
-           test = @request.copy
-          # puts item
-           url = item[:url].gsub(/\/$/,'') + '/.pages.json'
-           test.replaceURL( url )
-           request, response = sendRequest test
-           return false unless response.respond_to? :status
-           item[:pages_status] = response.status
-          # @disp_queue << item
-           if response.content_type =~ /json/i
-             begin
-             ntpages = JSON.parse response.body.to_s
-             if ntpages['pages']
-              ntpages['pages'].each do |p|
-                #unless @use_relative_path
-                ep = p['escapedPath']
-                next if ep.nil?
-                next if ep.empty?
-                purl = ''
-                purl = @request.url.to_s.gsub(/\/$/, '') + p['escapedPath']
-                puts "+ #{purl}"
-                next if purl.empty?
-                item = {
-                  :url => purl,
-                  :page_info => p,
-                  :file_info => nil,
-                  :status => nil
-                }
-                @disp_queue << item
-               end
-             end
-             rescue => bang
-                puts bang
-                puts ntpages
-                puts "---"
-              end
-           end
-           #puts response.body.to_s
-           true
-         end
-         def file_info(item)
-           #url = item[:url]
-           #@request.replaceURL "#{url}/.json"
-           test = @request.copy
-           test.set_file_extension "json"
-          # puts "\n>> #{@request.url}"
-           request, response = sendRequest test
-           return false unless response.respond_to? :status
-           item[:info_status] = response.status
-           if response.content_type =~ /json/i
-             info = JSON.parse response.body.to_s
-             item[:file_info] = info
-           end
-           #@disp_queue << item
-           true
-         end
-         def sendRequest(request, prefs={})
-           begin
-              test_req, test_resp = self.doRequest(request, prefs)
-              return test_req, test_resp
-           rescue => bang
-              puts bang
-              puts bang.backtrace if $DEBUG
-           end
-           return nil, nil
-         end
-      end
-    end
-  end
+         end
+         def stop
+           @agent_thread.kill
+         end
+         def run
+           return nil if @work_queue.nil? or @disp_queue.nil?
+           @agent_thread = Thread.new(){
+             puts "#{self} running ..."
+             loop do
+             begin
+               item = @work_queue.deq
+               # not interested in jcr:content ... skip ...
+               next if item[:url] =~ /jcr%3acontent$/
+               puts item[:url]
+               get_pages item
+               file_info item
+             rescue => bang
+               puts bang
+               puts bang.backtrace
+               exit
+             end
+             end
+           }
+           @agent_thread
+         end
+         def get_pages(item)
+           test = @request.copy
+          # puts item
+           url = item[:url].gsub(/\/$/,'') + '/.pages.json'
+           test.replaceURL( url )
+           request, response = sendRequest test
+           return false unless response.respond_to? :status
+           item[:pages_status] = response.status
+          # @disp_queue << item
+           if response.content_type =~ /json/i
+             begin
+             ntpages = JSON.parse response.body.to_s
+             if ntpages['pages']
+              ntpages['pages'].each do |p|
+                #unless @use_relative_path
+                ep = p['escapedPath']
+                next if ep.nil?
+                next if ep.empty?
+                purl = ''
+                purl = @request.url.to_s.gsub(/\/$/, '') + p['escapedPath']
+                puts "+ #{purl}"
+                next if purl.empty?
+                item = {
+                  :url => purl,
+                  :page_info => p,
+                  :file_info => nil,
+                  :status => nil
+                }
+                @disp_queue << item
+               end
+             end
+             rescue => bang
+                puts bang
+                puts ntpages
+                puts "---"
+              end
+           end
+           #puts response.body.to_s
+           true
+         end
+         def file_info(item)
+           #url = item[:url]
+           #@request.replaceURL "#{url}/.json"
+           test = @request.copy
+           test.set_file_extension "json"
+          # puts "\n>> #{@request.url}"
+           request, response = sendRequest test
+           return false unless response.respond_to? :status
+           item[:info_status] = response.status
+           if response.content_type =~ /json/i
+             info = JSON.parse response.body.to_s
+             item[:file_info] = info
+           end
+           #@disp_queue << item
+           true
+         end
+         def sendRequest(request, prefs={})
+           begin
+              test_req, test_resp = self.doRequest(request, prefs)
+              return test_req, test_resp
+           rescue => bang
+              puts bang
+              puts bang.backtrace if $DEBUG
+           end
+           return nil, nil
+         end
+      end
+    end
+  end
 end

data/plugins/aem/lib/dispatcher.rb CHANGED

@@ -1,53 +1,47 @@
-#.
-# dispatcher.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+# @private
+module Watobo #:nodoc: all
+  module Plugin
+    class CQ5
+      class Dispatcher
-# @private
-module Watobo#:nodoc: all
-  module Plugin
-    class CQ5
-      class Dispatcher
-        def stop
-          @t_disp.kill unless @t_disp.nil?
-        end
-        def run
-          @known_urls = []
-          puts Watobo::Plugin::CQ5.ignore_patterns
-          @t_disp = Thread.new{
-            loop do
-               new_item = @dqueue.deq
-               unless @known_urls.include?( new_item[:url] )
-                 @known_urls << new_item[:url]
-                 if Watobo::Plugin::CQ5.ignore_patterns.empty?
-                  # puts "* no ignore patterns defined"
-                   @wqueue << new_item
-                 elsif Watobo::Plugin::CQ5.ignore_patterns.select{|ip| new_item[:url] =~ /#{ip}/i }.empty?
-                   @wqueue << new_item
-                 end
-                 @rqueue << new_item
-               else
-                 puts "[DUPLICATED] >> #{new_item[:url]}"
-               end
-             end
-          }
-        end
-        def initialize(disp_queue, work_queue, result_queue)
-          @dqueue = disp_queue
-          @wqueue = work_queue
-          @rqueue = result_queue
-          @t_disp = nil
-        end
-      end
-    end
-  end
+        def stop
+          @t_disp.kill unless @t_disp.nil?
+        end
+        def run
+          @known_urls = []
+          puts Watobo::Plugin::CQ5.ignore_patterns
+          @t_disp = Thread.new {
+            loop do
+              if @dqueue.size > 0
+                new_item = @dqueue.deq
+                unless @known_urls.include?(new_item[:url])
+                  @known_urls << new_item[:url]
+                  if Watobo::Plugin::CQ5.ignore_patterns.empty?
+                    # puts "* no ignore patterns defined"
+                    @wqueue << new_item
+                  elsif Watobo::Plugin::CQ5.ignore_patterns.select { |ip| new_item[:url] =~ /#{ip}/i }.empty?
+                    @wqueue << new_item
+                  end
+                  @rqueue << new_item
+                else
+                  puts "[DUPLICATED] >> #{new_item[:url]}"
+                end
+              else
+                sleep 0.2
+              end
+            end
+          }
+        end
+        def initialize(disp_queue, work_queue, result_queue)
+          @dqueue = disp_queue
+          @wqueue = work_queue
+          @rqueue = result_queue
+          @t_disp = nil
+        end
+      end
+    end
+  end
 end

data/plugins/aem/lib/engine.rb CHANGED

@@ -1,187 +1,178 @@
-#.
-# engine.rb
-#.
-# Copyright 2014 by siberas, http://www.siberas.de
-# This file is part of WATOBO (Web Application Tool Box) http://watobo.sourceforge.com
-# WATOBO is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 2 of the License.
-# WATOBO is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with WATOBO; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
-# @private
-module Watobo#:nodoc: all
-  module Plugin
-    class CQ5
-      @max_agents = 10
-      @disp_queue = Queue.new
-      @work_queue = Queue.new
-      @gui_queue = Queue.new
-      @agents = []
-      @use_relative_path = false
-      def self.reset
-        @disp_queue.clear
-        @work_queue.clear
-        @agents.map {|a| a.stop }
-        @agents = []
-      end
-      def self.ignore_patterns=(ipats)
-        @ignore_patterns = ipats
-      end
-      def self.ignore_patterns
-        @ignore_patterns
-      end
-      def self.use_relative_path=(urp)
-        @use_relative_path = urp
-      end
-      def self.queue_size
-        @work_queue.size
-      end
-      def self.status
-      end
-      def self.running?
-        @work_queue.size == 0 &&
-        @work_queue.num_waiting == @max_agents
-      end
-      def self.stop
-          @agents.map {|a| a.stop }
-      end
-      def self.run(start_path, gui_queue=nil)
-        @agents = []
-        puts "\nCQ5 Engine running on #{start_path}"
-        @dispatcher = Dispatcher.new( @disp_queue, @work_queue, gui_queue )
-        @dispatcher.run
-        vr = find_valid_request(start_path)
-        unless vr.nil?
-          puts "Baseline Request: " + vr.url.to_s
-          @max_agents.times do
-            puts " * Start Agent"
-            a = Agent.new( vr.copy, @work_queue, @disp_queue )
-            @agents << a
-            a.run
-          end
-        else
-          return false
-        end
-      end
-      def self.get_user_info
-        # https://mysite/cqa/libs/cq/security/userinfo.json?cq_ck=1427468388796
-      end
-      def self.find_valid_request(start_path)
-        # create a dummy agent to make test requests
-        agent = Agent.new nil, nil, nil
-        checked = []
-        #puts start_path.class
-        valid_request = nil
-        Watobo::Chats.to_a.reverse.each do |chat|
-          next unless chat.request.method_get?
-          url = chat.request.url.to_s
-        #  url.gsub!(chat.request.site, chat.request.host)
-          path = chat.request.path
-        #  next if checked.include? path
-          checked << path
-         # puts path.class
-         # puts url.class
-         # puts start_path
-         # puts url
-          pattern = Regexp.quote(start_path)
-          pattern = start_path
-          #puts pattern
-          #puts "---\n"
-          if url =~ /#{pattern}/
-            test = chat.copyRequest
-            test.replaceFileExt('.pages.json')
-            puts "* [#{chat.id}] " + test.url.to_s
-            request, response = agent.doRequest test
-           # puts response
-            unless response.content_type =~ /json/i
-              puts "! .pages.json is filtered !"
-              next
-            end
-            ntpages = JSON.parse response.body.to_s
-            if ntpages['pages']
-              valid_request = test
-              ntpages['pages'].each do |p|
-                # check if escapedPath is absolut or relativ
-                # if we find directory separator '/' we assume it's absolute
-                ep = p['escapedPath'].gsub(/^\//,'').strip
-                puts "EscapedPath: #{ep}"
-                # find the home directory of the application
-                ep_dirs = ep.split('/')
-                puts "EscapedPath-Dirs (#{ep_dirs.length}): " + ep_dirs.join("\n")
-                # request dir
-                r_dir = "#{test.dir}"
-                puts "Test-Request-Dir: " + r_dir
-                puts "Check for #{ep_dirs[0]}, #{ep_dirs[1]}"
-                # find offset of first escapePath directory
-                i = r_dir.index( ep_dirs.first )
-                puts "Index: #{i}"
-                base_dir = r_dir
-                puts base_dir
-                unless i.nil?
-                  if i > 0
-                    base_dir = r_dir[0..i-1]
-                  else
-                    base_dir = ''
-                  end
-                end
-                puts "Base-Dir: #{base_dir}"
-                test.setDir base_dir
-                item = {
-                  #:url => base_url.gsub(/\/$/,'') + p['escapedPath'],
-                  :url => start_path,
-                  :page_info => p,
-                  :file_info => nil,
-                  :status => nil
-                }
-                @disp_queue << item
-              end
-              #test.replaceFileExt('')
-              return valid_request
-            end
-          end
-        end
-        nil
-      end
-    end
-  end
+# @private
+module Watobo#:nodoc: all
+  module Plugin
+    class CQ5
+      @max_agents = 10
+      @disp_queue = Queue.new
+      @work_queue = Queue.new
+      @gui_queue = Queue.new
+      @agents = []
+      @use_relative_path = false
+      def self.reset
+        @disp_queue.clear
+        @work_queue.clear
+        @agents.map {|a| a.stop }
+        @agents = []
+      end
+      def self.ignore_patterns=(ipats)
+        @ignore_patterns = ipats
+      end
+      def self.ignore_patterns
+        @ignore_patterns
+      end
+      def self.use_relative_path=(urp)
+        @use_relative_path = urp
+      end
+      def self.queue_size
+        @work_queue.size
+      end
+      def self.status
+      end
+      def self.running?
+        @work_queue.size == 0 &&
+        @work_queue.num_waiting == @max_agents
+      end
+      def self.stop
+          @agents.map {|a| a.stop }
+      end
+      def self.run(start_path, gui_queue=nil)
+        @agents = []
+        puts "\nCQ5 Engine running on #{start_path}"
+        @dispatcher = Dispatcher.new( @disp_queue, @work_queue, gui_queue )
+        @dispatcher.run
+        vr = find_valid_request(start_path)
+        unless vr.nil?
+          puts "Baseline Request: " + vr.url.to_s
+          @max_agents.times do
+            puts " * Start Agent"
+            a = Agent.new( vr.copy, @work_queue, @disp_queue )
+            @agents << a
+            a.run
+          end
+        else
+          return false
+        end
+      end
+      def self.get_user_info
+        # https://mysite/cqa/libs/cq/security/userinfo.json?cq_ck=1427468388796
+      end
+      def self.find_valid_request(start_path)
+        # create a dummy agent to make test requests
+        agent = Agent.new nil, nil, nil
+        checked = []
+        #puts start_path.class
+        valid_request = nil
+        Watobo::Chats.to_a.reverse.each do |chat|
+          next unless chat.request.method_get?
+          url = chat.request.url.to_s
+        #  url.gsub!(chat.request.site, chat.request.host)
+          path = chat.request.path
+        #  next if checked.include? path
+          checked << path
+         # puts path.class
+         # puts url.class
+         # puts start_path
+         # puts url
+          pattern = Regexp.quote(start_path)
+          pattern = start_path
+          #puts pattern
+          #puts "---\n"
+          if URI.parse(url).to_s =~ /#{pattern}/
+            test = chat.copyRequest
+            test.replaceFileExt('.pages.json')
+            puts "* [#{chat.id}] " + test.url.to_s
+            request, response = agent.doRequest test
+            puts response
+            unless response.content_type =~ /json/i
+              puts "! .pages.json is filtered !"
+              next
+            end
+            ntpages = JSON.parse response.body.to_s
+            if ntpages['pages']
+              valid_request = test
+              ntpages['pages'].each do |p|
+                # check if escapedPath is absolut or relativ
+                # if we find directory separator '/' we assume it's absolute
+                ep = p['escapedPath'].gsub(/^\//,'').strip
+                puts "EscapedPath: #{ep}"
+                # find the home directory of the application
+                ep_dirs = ep.split('/')
+                puts "EscapedPath-Dirs (#{ep_dirs.length}): " + ep_dirs.join("\n")
+                # request dir
+                r_dir = "#{test.dir}"
+                puts "Test-Request-Dir: " + r_dir
+                puts "Check for #{ep_dirs[0]}, #{ep_dirs[1]}"
+                # find offset of first escapePath directory
+                i = r_dir.index( ep_dirs.first )
+                puts "Index: #{i}"
+                base_dir = r_dir
+                puts base_dir
+                unless i.nil?
+                  if i > 0
+                    base_dir = r_dir[0..i-1]
+                  else
+                    base_dir = ''
+                  end
+                end
+                puts "Base-Dir: #{base_dir}"
+                test.setDir base_dir
+                item = {
+                  #:url => base_url.gsub(/\/$/,'') + p['escapedPath'],
+                  :url => start_path,
+                  :page_info => p,
+                  :file_info => nil,
+                  :status => nil
+                }
+                @disp_queue << item
+              end
+              #test.replaceFileExt('')
+              return valid_request
+            end
+          end
+        end
+        nil
+      end
+    end
+  end
 end