Module: CMSScanner::Target::Platform::PHP

Defined in:

lib/cms_scanner/target/platform/php.rb

Overview

Some PHP specific implementation

Constant Summary

DEBUG_LOG_PATTERN =

/\[[^\]]+\] PHP (?:Warning|Error|Notice):/

FPD_PATTERN =

/Fatal error:.+? in (.+?) on/

ERROR_LOG_PATTERN =

/PHP Fatal error/i

Instance Method Summary

• #debug_log?(path, params = {}) ⇒ Boolean

  True if url(path) is a debug log, false otherwise.

• #error_log?(path, params = {}) ⇒ Boolean

  Wether or not url(path) is an error log file.

• #full_path_disclosure?(path = nil, params = {}) ⇒ Boolean

  True if url(path) contains a FPD, false otherwise.

• #full_path_disclosure_entries(path = nil, params = {}) ⇒ Array<String>

  The FPD found, or an empty array if none.

• #log_file?(path, pattern, params = {}) ⇒ Boolean

Instance Method Details

#debug_log?(path, params = {}) ⇒ Boolean

Returns true if url(path) is a debug log, false otherwise.

Parameters:

• path (String)
• params (Hash) (defaults to: {}) —

  The request params

Returns:

• (Boolean) —

  true if url(path) is a debug log, false otherwise

# File 'lib/cms_scanner/target/platform/php.rb', line 27

def debug_log?(path, params = {})
  log_file?(path, DEBUG_LOG_PATTERN, params)
end

#error_log?(path, params = {}) ⇒ Boolean

Returns Wether or not url(path) is an error log file.

Parameters:

• path (String)
• params (Hash) (defaults to: {}) —

  The request params

Returns:

• (Boolean) —

  Wether or not url(path) is an error log file

# File 'lib/cms_scanner/target/platform/php.rb', line 35

def error_log?(path, params = {})
  log_file?(path, ERROR_LOG_PATTERN, params)
end

#full_path_disclosure?(path = nil, params = {}) ⇒ Boolean

Returns true if url(path) contains a FPD, false otherwise.

Parameters:

• path (String) (defaults to: nil)
• params (Hash) (defaults to: {}) —

  The request params

Returns:

• (Boolean) —

  true if url(path) contains a FPD, false otherwise

# File 'lib/cms_scanner/target/platform/php.rb', line 43

def full_path_disclosure?(path = nil, params = {})
  !full_path_disclosure_entries(path, params).empty?
end

#full_path_disclosure_entries(path = nil, params = {}) ⇒ Array<String>

Returns The FPD found, or an empty array if none.

Parameters:

• path (String) (defaults to: nil)
• params (Hash) (defaults to: {}) —

  The request params

Returns:

• (Array<String>) —

  The FPD found, or an empty array if none

# File 'lib/cms_scanner/target/platform/php.rb', line 51

def full_path_disclosure_entries(path = nil, params = {})
  res = NS::Browser.get(url(path), params)

  res.body.scan(FPD_PATTERN).flatten
end

#log_file?(path, pattern, params = {}) ⇒ Boolean

Parameters:

• path (String)
• pattern (Regexp)
• params (Hash) (defaults to: {}) —

  The request params

Returns:

• (Boolean)

# File 'lib/cms_scanner/target/platform/php.rb', line 15

def log_file?(path, pattern, params = {})
  # Only the first 700 bytes of the file are retrieved to avoid getting enture log file
  # which can be huge (~ 2Go)
  res = NS::Browser.get(url(path), params.merge(headers: { 'range' => 'bytes=0-700' }))

  res.body =~ pattern ? true : false
end