diff --git a/.dockerignore b/.dockerignore index a3766a7f..d80eb012 100644 --- a/.dockerignore +++ b/.dockerignore @@ -17,3 +17,5 @@ data.zip DISCLAIMER.txt example.conf.json bin/ +Gemfile.lock + diff --git a/.gitignore b/.gitignore index 81dd0511..d1ba9013 100644 --- a/.gitignore +++ b/.gitignore @@ -6,7 +6,6 @@ coverage *.sublime-* .idea .*.swp -Gemfile.lock log.txt .yardoc debug.log diff --git a/Dockerfile b/Dockerfile index 430205b3..0fd881a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,8 @@ FROM ruby:2.4-slim MAINTAINER WPScan Team +ARG BUNDLER_ARGS="--system --jobs=8 --without test" + RUN DEBIAN_FRONTEND=noninteractive && \ rm -rf /var/lib/apt/lists/* && \ apt-get update && \ @@ -12,7 +14,7 @@ RUN mkdir /wpscan COPY Gemfile /wpscan WORKDIR /wpscan -RUN bundle install --system --without test +RUN bundle install $BUNDLER_ARGS COPY . /wpscan RUN chown -R wpscan:wpscan /wpscan diff --git a/bin/rspec b/bin/rspec new file mode 100755 index 00000000..e3829331 --- /dev/null +++ b/bin/rspec @@ -0,0 +1,20 @@ +#!/bin/bash + +SOURCE="${BASH_SOURCE[0]}" +while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symlink + DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" + SOURCE="$(readlink "$SOURCE")" + [[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE" # if $SOURCE was a relative symlink, we need to resolve it relative to the path where the symlink file was located +done +DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" + +cd $DIR/../ +# always rebuild and include all GEMs +docker build --build-arg "BUNDLER_ARGS=--system --jobs=8" -t wpscan:rspec . +# update all gems (this updates Gemfile.lock on the host) +docker run --rm -u root -v $DIR/../Gemfile.lock:/wpscan/Gemfile.lock --entrypoint "" wpscan:rspec bundle update +# rebuild image with latest GEMs +docker build --build-arg "BUNDLER_ARGS=--system --jobs=8" -t wpscan:rspec . +# run spec +docker run --rm -v $DIR/../:/wpscan --entrypoint "" wpscan:rspec rspec + diff --git a/bin/wpscan b/bin/wpscan index f173e63e..852b4b4d 100755 --- a/bin/wpscan +++ b/bin/wpscan @@ -9,6 +9,6 @@ done DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" cd $DIR/../ -docker build -q -t wpscan:dev . -docker run --rm wpscan:dev "$@" +docker build -q -t wpscan:git . +docker run --rm wpscan:git "$@" diff --git a/bin/wpscan-dev b/bin/wpscan-dev new file mode 100755 index 00000000..f9a5e810 --- /dev/null +++ b/bin/wpscan-dev @@ -0,0 +1,16 @@ +#!/bin/bash + +SOURCE="${BASH_SOURCE[0]}" +while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symlink + DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" + SOURCE="$(readlink "$SOURCE")" + [[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE" # if $SOURCE was a relative symlink, we need to resolve it relative to the path where the symlink file was located +done +DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )" + +cd $DIR/../ +if [[ -n "$WPSCAN_BUILD" ]]; then + docker build -q -t wpscan:git . +fi +docker run --rm -v $DIR/../:/wpscan wpscan:git "$@" + diff --git a/lib/common/browser/options.rb b/lib/common/browser/options.rb index ff23da18..84641b2a 100644 --- a/lib/common/browser/options.rb +++ b/lib/common/browser/options.rb @@ -20,7 +20,7 @@ class Browser elsif auth =~ /\ABasic [a-zA-Z0-9=]+\z/ @basic_auth = auth else - raise 'Invalid basic authentication format, "login:password" or "Basic base_64_encoded" expected' + raise "Invalid basic authentication format, \"login:password\" or \"Basic base_64_encoded\" expected. Your input: #{auth}" end end diff --git a/lib/wpscan/wpscan_options.rb b/lib/wpscan/wpscan_options.rb index 5d94cda1..af849871 100644 --- a/lib/wpscan/wpscan_options.rb +++ b/lib/wpscan/wpscan_options.rb @@ -152,11 +152,6 @@ class WpscanOptions end end - def basic_auth=(basic_auth) - raise 'Invalid basic authentication format, login:password expected' if basic_auth.index(':').nil? - @basic_auth = "Basic #{Base64.encode64(basic_auth).chomp}" - end - def debug_output=(debug_output) Typhoeus::Config.verbose = debug_output end