New upstream version 0.5.7
Sophie Brun
4 years ago
8 | 8 |
def aggressive(_opts = {})
|
9 | 9 |
path = 'searchreplacedb2.php'
|
10 | 10 |
|
11 | |
return unless target.head_and_get(path).body =~ /by interconnect/i
|
|
11 |
return unless /by interconnect/i.match?(target.head_and_get(path).body)
|
12 | 12 |
|
13 | 13 |
NS::Model::InterestingFinding.new(target.url(path),
|
14 | 14 |
confidence: 100,
|
49 | 49 |
|
50 | 50 |
res = NS::Browser.post(potential_url, body: Digest::MD5.hexdigest(rand(999_999).to_s[0..5]))
|
51 | 51 |
|
52 | |
next unless res&.body =~ /<methodResponse>/i
|
|
52 |
next unless /<methodResponse>/i.match?(res&.body)
|
53 | 53 |
|
54 | 54 |
return NS::Model::XMLRPC.new(potential_url,
|
55 | 55 |
confidence: 100,
|
8 | 8 |
results = []
|
9 | 9 |
|
10 | 10 |
entries.each do |entry|
|
11 | |
next unless entry =~ /(?:admin|\.log|\.sql|\.db)/i
|
|
11 |
next unless /(?:admin|\.log|\.sql|\.db)/i.match?(entry)
|
12 | 12 |
|
13 | 13 |
results << entry
|
14 | 14 |
end
|
19 | 19 |
s.require_paths = ['lib']
|
20 | 20 |
|
21 | 21 |
s.add_dependency 'nokogiri', '~> 1.10.0'
|
22 | |
s.add_dependency 'opt_parse_validator', '~> 1.7.3'
|
|
22 |
s.add_dependency 'opt_parse_validator', '~> 1.7.4'
|
23 | 23 |
s.add_dependency 'public_suffix', '>= 3.0', '< 4.1'
|
24 | 24 |
s.add_dependency 'ruby-progressbar', '~> 1.10.0'
|
25 | 25 |
s.add_dependency 'typhoeus', '~> 1.3.0'
|
|
31 | 31 |
s.add_development_dependency 'rake', '~> 12.3'
|
32 | 32 |
s.add_development_dependency 'rspec', '~> 3.8.0'
|
33 | 33 |
s.add_development_dependency 'rspec-its', '~> 1.3.0'
|
34 | |
s.add_development_dependency 'rubocop', '~> 0.72.0'
|
|
34 |
s.add_development_dependency 'rubocop', '~> 0.74.0'
|
35 | 35 |
s.add_development_dependency 'rubocop-performance', '~> 1.4.0'
|
36 | 36 |
s.add_development_dependency 'simplecov', '~> 0.16.1'
|
37 | 37 |
s.add_development_dependency 'webmock', '~> 3.6.0'
|
47 | 47 |
# @return [ Hash ]
|
48 | 48 |
def default_request_params
|
49 | 49 |
params = {
|
50 | |
headers: { 'User-Agent' => user_agent }.merge(headers || {}),
|
|
50 |
headers: { 'User-Agent' => user_agent, 'Referer' => url }.merge(headers || {}),
|
51 | 51 |
accept_encoding: 'gzip, deflate',
|
52 | 52 |
method: :get
|
53 | 53 |
}
|
15 | 15 |
# @param [ Typhoeus::Request ] request
|
16 | 16 |
# @param [ Typhoeus::Response ] response
|
17 | 17 |
def set(request, response)
|
|
18 |
return if response.timed_out? || response.code&.zero?
|
|
19 |
|
18 | 20 |
write_entry(request.hash.to_s, response, request.cache_ttl)
|
19 | 21 |
end
|
20 | 22 |
end
|
116 | 116 |
tpl = "#{controller_name}/#{tpl}"
|
117 | 117 |
end
|
118 | 118 |
|
119 | |
raise "Wrong tpl format: '#{tpl}'" unless tpl =~ %r{\A[\w/_]+\z}
|
|
119 |
raise "Wrong tpl format: '#{tpl}'" unless %r{\A[\w/_]+\z}.match?(tpl)
|
120 | 120 |
|
121 | 121 |
views_directories.reverse_each do |dir|
|
122 | 122 |
formats.each do |format|
|
58 | 58 |
NS::Browser.get(url(path), params).html.css(selector).each do |node|
|
59 | 59 |
entry = node.text.to_s
|
60 | 60 |
|
61 | |
next if entry =~ ignore
|
|
61 |
next if entry&.match?(ignore)
|
62 | 62 |
|
63 | 63 |
found << entry
|
64 | 64 |
end
|
1 | 1 |
|
2 | 2 |
# Version
|
3 | 3 |
module CMSScanner
|
4 | |
VERSION = '0.5.4'
|
|
4 |
VERSION = '0.5.7'
|
5 | 5 |
end
|
7 | 7 |
let(:options) { {} }
|
8 | 8 |
let(:default) do
|
9 | 9 |
{
|
10 | |
headers: { 'User-Agent' => "CMSScanner v#{CMSScanner::VERSION}" },
|
|
10 |
headers: { 'User-Agent' => "CMSScanner v#{CMSScanner::VERSION}", 'Referer' => nil },
|
11 | 11 |
accept_encoding: 'gzip, deflate',
|
12 | 12 |
method: :get
|
13 | 13 |
}
|
|
25 | 25 |
context 'when some attributes are set' do
|
26 | 26 |
let(:options) do
|
27 | 27 |
{
|
|
28 |
url: 'http://wp.lo/',
|
28 | 29 |
cache_ttl: 200, connect_timeout: 10,
|
29 | 30 |
http_auth: { username: 'log', password: 'pwd' },
|
30 | 31 |
cookie_jar: '/tmp/cookie_jar.txt',
|
|
41 | 42 |
userpwd: 'log:pwd', proxyuserpwd: 'u:pwd',
|
42 | 43 |
cookiejar: options[:cookie_jar], cookiefile: options[:cookie_jar],
|
43 | 44 |
ssl_verifypeer: false, ssl_verifyhost: 0
|
44 | |
).merge(headers: default[:headers].merge('Host' => 'testing', 'Test' => 'aa'))
|
|
45 |
).merge(headers: default[:headers].merge('Host' => 'testing', 'Test' => 'aa', 'Referer' => 'http://wp.lo/'))
|
45 | 46 |
end
|
46 | 47 |
|
47 | 48 |
its(:default_request_params) { should eq expected }
|
16 | 16 |
end
|
17 | 17 |
|
18 | 18 |
describe '#set' do
|
19 | |
let(:response) { Typhoeus::Response.new }
|
|
19 |
context 'when response did not time out' do
|
|
20 |
let(:response) { Typhoeus::Response.new(return_code: :ok, code: 200) }
|
20 | 21 |
|
21 | |
it 'calls #write_entry' do
|
22 | |
expect(cache).to receive(:write_entry).with(key, response, request.cache_ttl)
|
|
22 |
it 'calls #write_entry' do
|
|
23 |
expect(cache).to receive(:write_entry).with(key, response, request.cache_ttl)
|
23 | 24 |
|
24 | |
cache.set(request, response)
|
|
25 |
cache.set(request, response)
|
|
26 |
end
|
|
27 |
end
|
|
28 |
|
|
29 |
context 'when response timed out' do
|
|
30 |
let(:response) { Typhoeus::Response.new(return_code: :operation_timedout) }
|
|
31 |
|
|
32 |
it 'does not write the entry' do
|
|
33 |
expect(cache).to_not receive(:write_entry)
|
|
34 |
|
|
35 |
cache.set(request, response)
|
|
36 |
end
|
|
37 |
end
|
|
38 |
|
|
39 |
context 'when response code is 0' do
|
|
40 |
let(:response) { Typhoeus::Response.new(code: 0) }
|
|
41 |
|
|
42 |
it 'does not write the entry' do
|
|
43 |
expect(cache).to_not receive(:write_entry)
|
|
44 |
|
|
45 |
cache.set(request, response)
|
|
46 |
end
|
25 | 47 |
end
|
26 | 48 |
end
|
27 | 49 |
end
|