garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into layout-423

Browse Source
This commit is contained in:
FireFart
2014-03-22 18:01:22 +01:00
parent 17dcc7ec80 a0f476fb24
commit 78cb3f8ee2
27 changed files with 362 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
lib/common/browser.rb
View File

@@ -9,12 +9,10 @@ class Browser
include Browser::Options
OPTIONS = [
:available_user_agents,
:basic_auth,
:cache_ttl,
:max_threads,
:user_agent,
:user_agent_mode,
:proxy,
:proxy_auth,
:request_timeout,
@@ -23,16 +21,20 @@ class Browser
@@instance = nil
attr_reader :hydra, :config_file, :cache_dir
attr_reader :hydra, :cache_dir
# @param [ Hash ] options
#
# @return [ Browser ]
def initialize(options = {})
@config_file = options[:config_file] || CONF_DIR + '/browser.conf.json'
@cache_dir = options[:cache_dir] || CACHE_DIR + '/browser'
load_config
# sets browser defaults
browser_defaults
# load config file
conf = options[:config_file]
load_config(conf) if conf
# overrides defaults with user supplied values (overwrite values from config)
override_config(options)
unless @hydra
@@ -61,6 +63,20 @@ class Browser
@@instance = nil
end
#
# sets browser default values
#
def browser_defaults
@max_threads = 20
# 10 minutes, at this time the cache is cleaned before each scan. If this value is set to 0, the cache will be disabled
@cache_ttl = 600
# 2s
@request_timeout = 2000
# 1s
@connect_timeout = 1000
@user_agent = "WPScan v#{WPSCAN_VERSION} (http://wpscan.org)"
end
#
# If an option was set but is not in the new config_file
# it's value is kept
@@ -69,21 +85,20 @@ class Browser
#
# @return [ void ]
def load_config(config_file = nil)
@config_file = config_file || @config_file
if File.symlink?(@config_file)
if File.symlink?(config_file)
raise '[ERROR] Config file is a symlink.'
else
data = JSON.parse(File.read(@config_file))
data = JSON.parse(File.read(config_file))
end
OPTIONS.each do |option|
option_name = option.to_s
unless data[option_name].nil?
self.send(:"#{option_name}=", data[option_name])
end
end
end
# @param [ String ] url
@@ -101,7 +116,7 @@ class Browser
params = Browser.append_params_header_field(
params,
'User-Agent',
self.user_agent
@user_agent
)
if @proxy

42
lib/common/browser/options.rb
View File

@@ -3,10 +3,8 @@
class Browser
module Options
USER_AGENT_MODES = %w{ static semi-static random }
attr_accessor :available_user_agents, :cache_ttl, :request_timeout, :connect_timeout
attr_reader :basic_auth, :user_agent_mode, :proxy, :proxy_auth
attr_accessor :cache_ttl, :request_timeout, :connect_timeout
attr_reader :basic_auth, :proxy, :proxy_auth
attr_writer :user_agent
# Sets the Basic Authentification credentials
@@ -41,42 +39,6 @@ class Browser
end
end
# Sets the user_agent_mode, which can be one of the following:
# static: The UA is defined by the user, and will be the same in each requests
# semi-static: The UA is randomly chosen at the first request, and will not change
# random: UA randomly chosen each request
#
# UA are from @available_user_agents
#
# @param [ String ] ua_mode
#
# @return [ void ]
def user_agent_mode=(ua_mode)
ua_mode ||= 'static'
if USER_AGENT_MODES.include?(ua_mode)
@user_agent_mode = ua_mode
# For semi-static user agent mode, the user agent has to
# be nil the first time (it will be set with the getter)
@user_agent = nil if ua_mode === 'semi-static'
else
raise "Unknow user agent mode : '#{ua_mode}'"
end
end
# @return [ String ] The user agent, according to the user_agent_mode
def user_agent
case @user_agent_mode
when 'semi-static'
unless @user_agent
@user_agent = @available_user_agents.sample
end
when 'random'
@user_agent = @available_user_agents.sample
end
@user_agent
end
# Sets the proxy
# Accepted format:
# [protocol://]host:post

17
lib/common/common_helper.rb
View File

@@ -32,6 +32,7 @@ LOCAL_FILES_FILE = DATA_DIR + '/local_vulnerable_files.xml'
VULNS_XSD = DATA_DIR + '/vuln.xsd'
WP_VERSIONS_XSD = DATA_DIR + '/wp_versions.xsd'
LOCAL_FILES_XSD = DATA_DIR + '/local_vulnerable_files.xsd'
USER_AGENTS_FILE = DATA_DIR + '/user-agents.txt'
WPSCAN_VERSION = '2.3'
@@ -199,3 +200,19 @@ def truncate(input, size, trailing = '...')
trailing.length >= input.length or size-trailing.length-1 >= input.length
return "#{input[0..size-trailing.length-1]}#{trailing}"
end
# Gets a random User-Agent
#
# @return [ String ] A random user-agent from data/user-agents.txt
def get_random_user_agent
user_agents = []
f = File.open(USER_AGENTS_FILE, 'r')
f.each_line do |line|
# ignore comments
next if line.empty? or line =~ /^\s*(#|\/\/)/
user_agents << line.strip
end
f.close
# return ransom user-agent
user_agents.sample
end

4
lib/common/models/vulnerability/urls.rb
View File

@@ -14,7 +14,7 @@ class Vulnerability
end
def url_cve(cve)
"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-#{cve}"
"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-#{cve}"
end
def url_osvdb(id)
@@ -30,4 +30,4 @@ class Vulnerability
end
end
end
end

15
lib/common/typhoeus_cache.rb
View File

@@ -2,25 +2,14 @@
require 'common/cache_file_store'
# Implementaion of a cache_key (Typhoeus::Request#hash has too many options)
module Typhoeus
class Request
module Cacheable
def cache_key
Digest::SHA2.hexdigest("#{url}-#{options[:body]}-#{options[:method]}")[0..32]
end
end
end
end
class TyphoeusCache < CacheFileStore
def get(request)
read_entry(request.cache_key)
read_entry(request.hash.to_s)
end
def set(request, response)
write_entry(request.cache_key, response, request.cache_ttl)
write_entry(request.hash.to_s, response, request.cache_ttl)
end
end