wormclaude 1.0.183 → 1.0.185

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/theme.js CHANGED
@@ -16,4 +16,4 @@ export const theme = {
16
16
  synType: '#a78bfa', // tip/sınıf adları, sabitler
17
17
  synProp: '#e0e0e0', // özellik/anahtar adları
18
18
  };
19
- export const VERSION = '1.0.183';
19
+ export const VERSION = '1.0.185';
package/dist/tools.js CHANGED
@@ -230,7 +230,7 @@ export const toolSchemas = [
230
230
  parameters: {
231
231
  type: 'object',
232
232
  properties: {
233
- tool: { type: 'string', enum: ['full', 'recon', 'scan', 'xss', 'sqli', 'dirscan'], description: 'full → tam kapsamlı (recon+xss+sqli tek seferde, kapsamlı tarama için BUNU kullan); recon/scan/dirscan → domain; xss/sqli → parameterized URL' },
233
+ tool: { type: 'string', enum: ['full', 'recon', 'scan', 'xss', 'sqli', 'dirscan', 'idor'], description: 'full → tam kapsamlı (recon+dirscan+xss+sqli+idor + tüm şablonlar tek seferde, kapsamlı için BUNU kullan); recon/scan/dirscan → domain; xss/sqli/idor → parameterized URL (idor = yetkisiz nesne erişimi, id-benzeri param gerekir)' },
234
234
  target: { type: 'string', description: 'Domain for recon/scan/dirscan (example.com) OR parameterized URL for xss/sqli (https://example.com/p?id=1)' },
235
235
  cookie: { type: 'string', description: 'Optional. Session cookie for AUTHENTICATED / behind-login scanning, e.g. "sessionid=abc123; csrftoken=xyz". The user copies it from their logged-in browser (DevTools → Application → Cookies, or the Cookie request header). Sent only to the target from the user IP — never stored on the server. Provide it whenever the user wants to scan pages behind a login.' },
236
236
  auth_header: { type: 'string', description: 'Optional. Authorization header value for token-based authenticated scanning, e.g. "Bearer eyJhbGci..." or "Basic dXNlcjpwYXNz". Use instead of / together with cookie when the site authenticates via a token header.' },
@@ -737,7 +737,7 @@ async function execOne(call, hooks) {
737
737
  if (call.name === 'SecurityScan') {
738
738
  let tool = String(args?.tool || '').toLowerCase().trim();
739
739
  const target = String(args?.target || '').trim();
740
- if (!['recon', 'scan', 'xss', 'sqli', 'dirscan', 'full', 'fullscan'].includes(tool) || !target) {
740
+ if (!['recon', 'scan', 'xss', 'sqli', 'dirscan', 'idor', 'full', 'fullscan'].includes(tool) || !target) {
741
741
  return { ok: false, output: 'SecurityScan: tool (recon|scan|xss|sqli|dirscan|full) ve target gerekli.', args };
742
742
  }
743
743
  if (tool === 'scan')
@@ -776,10 +776,22 @@ async function execOne(call, hooks) {
776
776
  return { ok: false, args, output: `[ALREADY-SCANNED] full scan "${target}" already ran — findings are above. Do NOT call SecurityScan again; summarize the results in text.` };
777
777
  }
778
778
  try {
779
- const { runPentest } = await import('./pentest.js');
779
+ const { runPentest, fetchPtTools } = await import('./pentest.js');
780
780
  const all = [];
781
- let rpt = `Tam kapsamlı tarama — ${target}${_auth ? ' (authenticated / login-arkası oturum enjekte edildi)' : ''}${_loginNote}\n`;
782
- for (const _t of ['recon', 'xss', 'sqli']) {
781
+ // PROFESYONEL KAPSAM: çekirdek (recon+dirscan+xss+sqli) + sunucudaki TÜM şablon tarayıcıları
782
+ // (SSRF/XXE/SSTI/LFI/LDAP/open-redirect/CRLF/graphql/exposed-files/waf-detect …). /fullscan ile aynı.
783
+ const _steps = ['recon', 'dirscan', 'xss', 'sqli', 'idor'];
784
+ try {
785
+ const _pt = await fetchPtTools(cfg());
786
+ for (const tm of ((_pt && _pt.templates) || [])) {
787
+ if (tm && tm.id && !_steps.includes(String(tm.id)))
788
+ _steps.push(String(tm.id));
789
+ }
790
+ }
791
+ catch { }
792
+ let rpt = `Tam kapsamlı tarama — ${target}${_auth ? ' (authenticated / login-arkası — oturum enjekte edildi)' : ''}${_loginNote}\n${_steps.length} tarayıcı koşuluyor (recon+dirscan+xss+sqli + şablonlar).\n`;
793
+ let _wafSeen = false;
794
+ for (const _t of _steps) {
783
795
  if (hooks?.signal?.aborted) {
784
796
  rpt += `\n[STOPPED] kullanıcı durdurdu (Esc) — kalan taramalar atlandı.`;
785
797
  break;
@@ -789,29 +801,43 @@ async function execOne(call, hooks) {
789
801
  if (o?.ok) {
790
802
  const ff = o.report?.findings || [];
791
803
  all.push(...ff.map((x) => ({ ...x, scan: _t })));
792
- rpt += `\n[${_t}] ${ff.length ? ff.length + ' bulgu' : 'temiz'}` + (o.report?.target ? ` (${o.report.target})` : '');
804
+ if (ff.some((x) => /waf|firewall|cloudflare|akamai|imperva/i.test(JSON.stringify(x))))
805
+ _wafSeen = true;
806
+ rpt += `\n[${_t}] ${ff.length ? ff.length + ' bulgu' : 'temiz'}`;
793
807
  }
794
808
  else {
795
809
  const rsn = o?.reason || o?.plan?.reason || 'error';
796
- rpt += `\n[${_t}] çalışmadı: ${rsn}`;
797
810
  if (rsn === 'trust_required') {
798
- rpt += ' — Doğrulanmış Araştırmacı (seviye 3+) gerekir.';
811
+ rpt += `\n[${_t}] çalışmadı: ${rsn} — Doğrulanmış Araştırmacı (seviye 3+) gerekir.`;
799
812
  break;
800
813
  }
814
+ rpt += `\n[${_t}] ${rsn === 'invalid_target' ? 'atlandı (param yok)' : 'çalışmadı: ' + rsn}`;
801
815
  }
802
816
  }
803
817
  catch (e) {
804
818
  rpt += `\n[${_t}] hata: ${e?.message || e}`;
805
819
  }
806
820
  }
807
- rpt += `\n\nToplam ${all.length} bulgu.`;
821
+ // no_params spam'ini tekille (her inject tarayıcı bir tane ekliyor)
822
+ const _np = all.filter((f) => f.note === 'no_params');
823
+ for (let i = all.length - 1; i >= 0; i--)
824
+ if (all[i].note === 'no_params')
825
+ all.splice(i, 1);
826
+ if (_np.length)
827
+ all.push({ type: 'info', severity: 'info', url: target, note: 'no_params',
828
+ evidence: `${_np.length} enjeksiyon tarayıcısı test edilebilir GET parametresi bulamadı — girdiler POST form/login-arkası/JS-üretimli olabilir.` });
829
+ const _sev = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
830
+ all.sort((a, b) => (_sev[a.severity] ?? 9) - (_sev[b.severity] ?? 9));
831
+ if (_wafSeen || /cloudflare|akamai|imperva/i.test(rpt)) {
832
+ rpt += `\n\n⚠️ WAF/CDN tespit edildi — payload'lar filtrelenmiş olabilir; "temiz" sonuçlar KESİN değil. Kesin sonuç için origin sunucuya (CDN arkası) doğrudan tara.`;
833
+ }
834
+ rpt += `\n\nToplam ${all.length} bulgu (${_steps.length} tarayıcı).`;
808
835
  if (all.length)
809
- rpt += '\n' + all.slice(0, 60).map((x) => ' ' + JSON.stringify(x)).join('\n');
810
- rpt += `\n[full-done] recon+xss+sqli all ran. Do NOT call SecurityScan again — report the findings to the user in text (summary + prioritized fixes), in their language.`;
836
+ rpt += '\n' + all.slice(0, 80).map((x) => ' ' + JSON.stringify(x)).join('\n');
837
+ rpt += `\n[full-done] comprehensive scan (${_steps.length} scanners) ran. Do NOT call SecurityScan again — report the findings to the user in text (severity-ordered summary + prioritized fixes), in their language.`;
811
838
  const _now = Date.now();
812
839
  _scanCache.set(_fk, { out: rpt, t: _now });
813
- // Alt tarama tiplerini de cache'le → full sonrası model tek tek recon/xss/sqli çağıramaz (gereksiz tekrar).
814
- for (const _t of ['recon', 'xss', 'sqli'])
840
+ for (const _t of ['recon', 'xss', 'sqli', 'dirscan'])
815
841
  _scanCache.set(_t + '|' + target.toLowerCase() + _authTag, { out: rpt, t: _now });
816
842
  return { ok: true, output: rpt, args };
817
843
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "wormclaude",
3
- "version": "1.0.183",
3
+ "version": "1.0.185",
4
4
  "description": "WormClaude CLI - uncensored security+code assistant (ink TUI, Claude-style)",
5
5
  "type": "module",
6
6
  "bin": {