wormclaude 1.0.162 → 1.0.164

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/commands.js CHANGED
@@ -304,8 +304,14 @@ async function fullScanCmd(arg, ctx) {
304
304
  return;
305
305
  }
306
306
  pendingPentest = null;
307
- ctx.note(tt(`Full scan starting — ${target} (reconXSSSQLi, deterministic, repeatable)`, `Tam tarama başlıyor ${target} (recon → XSS → SQLi, deterministik, tekrarlanabilir)`));
307
+ // Çekirdek (recon+XSS+SQLi, crawl'lı) + sunucudaki TÜM şablon tarayıcıları (SSRF/XXE/SSTI/LFI/…).
308
308
  const steps = [['recon', ptLabel('recon')], ['xss', ptLabel('xss')], ['sqli', ptLabel('sqli')]];
309
+ const ptInfo = await fetchPtTools(ctx.config);
310
+ for (const tm of ((ptInfo && ptInfo.templates) || [])) {
311
+ if (tm && tm.id)
312
+ steps.push([String(tm.id), String(tm.name || tm.id)]);
313
+ }
314
+ ctx.note(tt(`Full scan starting — ${target} (${steps.length} scanners: recon + XSS + SQLi + templates, deterministic)`, `Tam tarama başlıyor — ${target} (${steps.length} tarayıcı: recon + XSS + SQLi + şablonlar, deterministik)`));
309
315
  const all = [];
310
316
  for (const [tool, label] of steps) {
311
317
  ctx.note(`▶ ${label} …`);
@@ -328,7 +334,7 @@ async function fullScanCmd(arg, ctx) {
328
334
  all.sort((a, b) => (order[a.severity] ?? 9) - (order[b.severity] ?? 9));
329
335
  const lines = [`✓ ${tt('Full scan complete', 'Tam tarama tamamlandı')} — ${target}`];
330
336
  if (!all.length) {
331
- lines.push(tt('No findings on the tested surface (recon/XSS/SQLi). Target looks clean or was unreachable.', 'Test edilen yüzeyde bulgu yok (recon/XSS/SQLi). Hedef temiz görünüyor ya da erişilemedi.'));
337
+ lines.push(tt('No findings across all scanners. Target looks clean or was unreachable.', 'Tüm tarayıcılarda bulgu yok. Hedef temiz görünüyor ya da erişilemedi.'));
332
338
  }
333
339
  else {
334
340
  const sev = (s) => all.filter((x) => x.severity === s).length;
package/dist/theme.js CHANGED
@@ -16,4 +16,4 @@ export const theme = {
16
16
  synType: '#a78bfa', // tip/sınıf adları, sabitler
17
17
  synProp: '#e0e0e0', // özellik/anahtar adları
18
18
  };
19
- export const VERSION = '1.0.162';
19
+ export const VERSION = '1.0.164';
package/dist/tools.js CHANGED
@@ -726,11 +726,13 @@ async function execOne(call, hooks) {
726
726
  // 3.4) Güvenlik taraması — kullanıcı "tara/scan/xss/sqli/recon" deyince model bu aracı çağırır;
727
727
  // elle PowerShell payload yazmak YERİNE sunucu motorunu (runPentest) çalıştırır.
728
728
  if (call.name === 'SecurityScan') {
729
- const tool = String(args?.tool || '').toLowerCase().trim();
729
+ let tool = String(args?.tool || '').toLowerCase().trim();
730
730
  const target = String(args?.target || '').trim();
731
731
  if (!['recon', 'scan', 'xss', 'sqli'].includes(tool) || !target) {
732
732
  return { ok: false, output: 'SecurityScan: tool (recon|scan|xss|sqli) ve target gerekli.', args };
733
733
  }
734
+ if (tool === 'scan')
735
+ tool = 'recon'; // "scan" genel tarama → motorun bildiği "recon" (slash ile aynı)
734
736
  try {
735
737
  const { runPentest } = await import('./pentest.js');
736
738
  const out = await runPentest(cfg(), tool, target, true, () => { });
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "wormclaude",
3
- "version": "1.0.162",
3
+ "version": "1.0.164",
4
4
  "description": "WormClaude CLI - uncensored security+code assistant (ink TUI, Claude-style)",
5
5
  "type": "module",
6
6
  "bin": {