Module: CMSScanner::Target::Platform::PHP
- Defined in:
- lib/cms_scanner/target/platform/php.rb
Overview
Some PHP specific implementation
Constant Summary collapse
- DEBUG_LOG_PATTERN =
/\[[^\]]+\] PHP (?:Warning|Error|Notice):/
- FPD_PATTERN =
/Fatal error:.+? in (.+?) on/
- ERROR_LOG_PATTERN =
/PHP Fatal error/i
Instance Method Summary collapse
-
#debug_log?(path, params = {}) ⇒ Boolean
True if url(path) is a debug log, false otherwise.
-
#error_log?(path, params = {}) ⇒ Boolean
Wether or not url(path) is an error log file.
-
#full_path_disclosure?(path = nil, params = {}) ⇒ Boolean
True if url(path) contains a FPD, false otherwise.
-
#full_path_disclosure_entries(path = nil, params = {}) ⇒ Array<String>
The FPD found, or an empty array if none.
- #log_file?(path, pattern, params = {}) ⇒ Boolean
Instance Method Details
#debug_log?(path, params = {}) ⇒ Boolean
Returns true if url(path) is a debug log, false otherwise.
27 28 29 |
# File 'lib/cms_scanner/target/platform/php.rb', line 27 def debug_log?(path, params = {}) log_file?(path, DEBUG_LOG_PATTERN, params) end |
#error_log?(path, params = {}) ⇒ Boolean
Returns Wether or not url(path) is an error log file.
35 36 37 |
# File 'lib/cms_scanner/target/platform/php.rb', line 35 def error_log?(path, params = {}) log_file?(path, ERROR_LOG_PATTERN, params) end |
#full_path_disclosure?(path = nil, params = {}) ⇒ Boolean
Returns true if url(path) contains a FPD, false otherwise.
43 44 45 |
# File 'lib/cms_scanner/target/platform/php.rb', line 43 def full_path_disclosure?(path = nil, params = {}) !full_path_disclosure_entries(path, params).empty? end |
#full_path_disclosure_entries(path = nil, params = {}) ⇒ Array<String>
Returns The FPD found, or an empty array if none.
51 52 53 54 55 |
# File 'lib/cms_scanner/target/platform/php.rb', line 51 def full_path_disclosure_entries(path = nil, params = {}) res = NS::Browser.get(url(path), params) res.body.scan(FPD_PATTERN).flatten end |
#log_file?(path, pattern, params = {}) ⇒ Boolean
15 16 17 18 19 20 21 |
# File 'lib/cms_scanner/target/platform/php.rb', line 15 def log_file?(path, pattern, params = {}) # Only the first 700 bytes of the file are retrieved to avoid getting enture log file # which can be huge (~ 2Go) res = NS::Browser.get(url(path), params.merge(headers: { 'range' => 'bytes=0-700' })) res.body =~ pattern ? true : false end |