Module: CMSScanner::Target::Platform::PHP
- Defined in:
- lib/cms_scanner/target/platform/php.rb
Overview
Some PHP specific implementation
Constant Summary collapse
- DEBUG_LOG_PATTERN =
/\[[^\]]+\] PHP (?:Warning|Error|Notice):/- FPD_PATTERN =
/Fatal error:.+? in (.+?) on/
Instance Method Summary collapse
-
#debug_log?(path = nil, params = {}) ⇒ Boolean
True if url(path) is a debug log, false otherwise.
-
#full_path_disclosure?(path = nil, params = {}) ⇒ Boolean
True if url(path) contains a FPD, false otherwise.
-
#full_path_disclosure_entries(path = nil, params = {}) ⇒ Array<String>
The FPD found, or an empty array if none.
Instance Method Details
#debug_log?(path = nil, params = {}) ⇒ Boolean
Returns true if url(path) is a debug log, false otherwise.
13 14 15 16 17 |
# File 'lib/cms_scanner/target/platform/php.rb', line 13 def debug_log?(path = nil, params = {}) res = NS::Browser.get(url(path), params.merge(headers: { 'range' => 'bytes=0-700' })) res.body =~ DEBUG_LOG_PATTERN ? true : false end |
#full_path_disclosure?(path = nil, params = {}) ⇒ Boolean
Returns true if url(path) contains a FPD, false otherwise.
23 24 25 |
# File 'lib/cms_scanner/target/platform/php.rb', line 23 def full_path_disclosure?(path = nil, params = {}) !full_path_disclosure_entries(path, params).empty? end |
#full_path_disclosure_entries(path = nil, params = {}) ⇒ Array<String>
Returns The FPD found, or an empty array if none.
31 32 33 34 35 |
# File 'lib/cms_scanner/target/platform/php.rb', line 31 def full_path_disclosure_entries(path = nil, params = {}) res = NS::Browser.get(url(path), params) res.body.scan(FPD_PATTERN).flatten end |