wormclaude 1.0.162 → 1.0.164
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands.js +8 -2
- package/dist/theme.js +1 -1
- package/dist/tools.js +3 -1
- package/package.json +1 -1
package/dist/commands.js
CHANGED
|
@@ -304,8 +304,14 @@ async function fullScanCmd(arg, ctx) {
|
|
|
304
304
|
return;
|
|
305
305
|
}
|
|
306
306
|
pendingPentest = null;
|
|
307
|
-
|
|
307
|
+
// Çekirdek (recon+XSS+SQLi, crawl'lı) + sunucudaki TÜM şablon tarayıcıları (SSRF/XXE/SSTI/LFI/…).
|
|
308
308
|
const steps = [['recon', ptLabel('recon')], ['xss', ptLabel('xss')], ['sqli', ptLabel('sqli')]];
|
|
309
|
+
const ptInfo = await fetchPtTools(ctx.config);
|
|
310
|
+
for (const tm of ((ptInfo && ptInfo.templates) || [])) {
|
|
311
|
+
if (tm && tm.id)
|
|
312
|
+
steps.push([String(tm.id), String(tm.name || tm.id)]);
|
|
313
|
+
}
|
|
314
|
+
ctx.note(tt(`Full scan starting — ${target} (${steps.length} scanners: recon + XSS + SQLi + templates, deterministic)`, `Tam tarama başlıyor — ${target} (${steps.length} tarayıcı: recon + XSS + SQLi + şablonlar, deterministik)`));
|
|
309
315
|
const all = [];
|
|
310
316
|
for (const [tool, label] of steps) {
|
|
311
317
|
ctx.note(`▶ ${label} …`);
|
|
@@ -328,7 +334,7 @@ async function fullScanCmd(arg, ctx) {
|
|
|
328
334
|
all.sort((a, b) => (order[a.severity] ?? 9) - (order[b.severity] ?? 9));
|
|
329
335
|
const lines = [`✓ ${tt('Full scan complete', 'Tam tarama tamamlandı')} — ${target}`];
|
|
330
336
|
if (!all.length) {
|
|
331
|
-
lines.push(tt('No findings
|
|
337
|
+
lines.push(tt('No findings across all scanners. Target looks clean or was unreachable.', 'Tüm tarayıcılarda bulgu yok. Hedef temiz görünüyor ya da erişilemedi.'));
|
|
332
338
|
}
|
|
333
339
|
else {
|
|
334
340
|
const sev = (s) => all.filter((x) => x.severity === s).length;
|
package/dist/theme.js
CHANGED
package/dist/tools.js
CHANGED
|
@@ -726,11 +726,13 @@ async function execOne(call, hooks) {
|
|
|
726
726
|
// 3.4) Güvenlik taraması — kullanıcı "tara/scan/xss/sqli/recon" deyince model bu aracı çağırır;
|
|
727
727
|
// elle PowerShell payload yazmak YERİNE sunucu motorunu (runPentest) çalıştırır.
|
|
728
728
|
if (call.name === 'SecurityScan') {
|
|
729
|
-
|
|
729
|
+
let tool = String(args?.tool || '').toLowerCase().trim();
|
|
730
730
|
const target = String(args?.target || '').trim();
|
|
731
731
|
if (!['recon', 'scan', 'xss', 'sqli'].includes(tool) || !target) {
|
|
732
732
|
return { ok: false, output: 'SecurityScan: tool (recon|scan|xss|sqli) ve target gerekli.', args };
|
|
733
733
|
}
|
|
734
|
+
if (tool === 'scan')
|
|
735
|
+
tool = 'recon'; // "scan" genel tarama → motorun bildiği "recon" (slash ile aynı)
|
|
734
736
|
try {
|
|
735
737
|
const { runPentest } = await import('./pentest.js');
|
|
736
738
|
const out = await runPentest(cfg(), tool, target, true, () => { });
|