Module: CMSScanner::Target::Server::IIS

Defined in:
lib/cms_scanner/target/server/iis.rb

Overview

Some IIS specific implementation

Instance Method Summary collapse

Instance Method Details

#directory_listing?(path = nil, params = {}) ⇒ Boolean

Returns true if url(path) has the directory listing enabled, false otherwise.

Parameters:

  • path (String) (defaults to: nil)
  • params (Hash) (defaults to: {})

    The request params

Returns:

  • (Boolean)

    true if url(path) has the directory listing enabled, false otherwise



19
20
21
22
23
 
# File 'lib/cms_scanner/target/server/iis.rb', line 19

def directory_listing?(path = nil, params = {})
  res = NS::Browser.get(url(path), params)

  res.code == 200 && res.body =~ /<H1>#{uri.host} - \// ? true : false
end

#directory_listing_entries(path = nil, params = {}) ⇒ Array<String>

Returns The first level of directories/files listed, or an empty array if none.

Parameters:

  • path (String) (defaults to: nil)
  • params (Hash) (defaults to: {})

    The request params

Returns:

  • (Array<String>)

    The first level of directories/files listed, or an empty array if none



30
31
32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/cms_scanner/target/server/iis.rb', line 30

def directory_listing_entries(path = nil, params = {})
  return [] unless directory_listing?(path, params)

  found = []

  NS::Browser.get(url(path), params).html.css('pre a').each do |node|
    entry = node.text.to_s

    next if entry == '[To Parent Directory]'
    found << entry
  end

  found
end

#server(_path = nil, _params = {}) ⇒ Symbol

Returns :iis.

Parameters:

  • path (String)
  • params (Hash)

    The request params

Returns:

  • (Symbol)

    :iis



10
11
12
 
# File 'lib/cms_scanner/target/server/iis.rb', line 10

def server(_path = nil, _params = {})
  :IIS
end