more docker work

.dockerignore

@@ -17,3 +17,5 @@ data.zip
 DISCLAIMER.txt
 example.conf.json
 bin/
+Gemfile.lock
+

.gitignore

@@ -6,7 +6,6 @@ coverage
 *.sublime-*
 .idea
 .*.swp
-Gemfile.lock
 log.txt
 .yardoc
 debug.log

Dockerfile

@@ -1,6 +1,8 @@
 FROM ruby:2.4-slim
 MAINTAINER WPScan Team <team@wpscan.org>
 
+ARG BUNDLER_ARGS="--system --jobs=8 --without test"
+
 RUN DEBIAN_FRONTEND=noninteractive && \
   rm -rf /var/lib/apt/lists/* && \
   apt-get update && \
@@ -12,7 +14,7 @@ RUN mkdir /wpscan
 
 COPY Gemfile /wpscan
 WORKDIR /wpscan
-RUN bundle install --system --without test
+RUN bundle install $BUNDLER_ARGS
 
 COPY . /wpscan
 RUN chown -R wpscan:wpscan /wpscan

bin/rspec

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+SOURCE="${BASH_SOURCE[0]}"
+while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symlink
+  DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
+  SOURCE="$(readlink "$SOURCE")"
+  [[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE" # if $SOURCE was a relative symlink, we need to resolve it relative to the path where the symlink file was located
+done
+DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
+
+cd $DIR/../
+# always rebuild and include all GEMs
+docker build --build-arg "BUNDLER_ARGS=--system --jobs=8" -t wpscan:rspec .
+# update all gems (this updates Gemfile.lock on the host)
+docker run --rm -u root -v $DIR/../Gemfile.lock:/wpscan/Gemfile.lock --entrypoint "" wpscan:rspec bundle update
+# rebuild image with latest GEMs
+docker build --build-arg "BUNDLER_ARGS=--system --jobs=8" -t wpscan:rspec .
+# run spec
+docker run --rm -v $DIR/../:/wpscan --entrypoint "" wpscan:rspec rspec
+

bin/wpscan

@@ -9,6 +9,6 @@ done
 DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
 
 cd $DIR/../
-docker build -q -t wpscan:dev .
+docker build -q -t wpscan:git .
-docker run --rm wpscan:dev "$@"
+docker run --rm wpscan:git "$@"
 

bin/wpscan-dev

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+SOURCE="${BASH_SOURCE[0]}"
+while [ -h "$SOURCE" ]; do # resolve $SOURCE until the file is no longer a symlink
+  DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
+  SOURCE="$(readlink "$SOURCE")"
+  [[ $SOURCE != /* ]] && SOURCE="$DIR/$SOURCE" # if $SOURCE was a relative symlink, we need to resolve it relative to the path where the symlink file was located
+done
+DIR="$( cd -P "$( dirname "$SOURCE" )" && pwd )"
+
+cd $DIR/../
+if [[ -n "$WPSCAN_BUILD" ]]; then
+  docker build -q -t wpscan:git .
+fi
+docker run --rm -v $DIR/../:/wpscan wpscan:git "$@"
+

lib/common/browser/options.rb

@@ -20,7 +20,7 @@ class Browser
       elsif auth =~ /\ABasic [a-zA-Z0-9=]+\z/
         @basic_auth = auth
       else
-       raise 'Invalid basic authentication format, "login:password" or "Basic base_64_encoded" expected'
+        raise "Invalid basic authentication format, \"login:password\" or \"Basic base_64_encoded\" expected. Your input: #{auth}"
      end
     end
 

lib/wpscan/wpscan_options.rb

@@ -152,11 +152,6 @@ class WpscanOptions
     end
   end
 
-  def basic_auth=(basic_auth)
-    raise 'Invalid basic authentication format, login:password expected' if basic_auth.index(':').nil?
-    @basic_auth = "Basic #{Base64.encode64(basic_auth).chomp}"
-  end
-
   def debug_output=(debug_output)
     Typhoeus::Config.verbose = debug_output
   end