Class: CMSScanner::Scan

Inherits:

Object

• Object
• CMSScanner::Scan

Defined in:

lib/cms_scanner/scan.rb

Overview

Scan

Instance Attribute Summary

• #run_error ⇒ Object readonly

  Returns the value of attribute run_error.

Instance Method Summary

• #controllers ⇒ Controllers
• #datastore ⇒ Hash
• #exit_hook ⇒ Object

  Hook to be able to have an exit code returned depending on the findings / errors :nocov:.

• #formatter ⇒ Object

  Used for convenience.

• #initialize {|_self| ... } ⇒ Scan constructor

  A new instance of Scan.

• #run ⇒ Object
• #run_error_exit_code ⇒ Integer

  The exit code related to the run_error.

Constructor Details

#initialize {|_self| ... } ⇒ Scan

Returns a new instance of Scan.

Yields:

• (_self)

Yield Parameters:

• _self (CMSScanner::Scan) —

  the object that the method was called on

# File 'lib/cms_scanner/scan.rb', line 8

def initialize
  NS.start_memory = GetProcessMem.new.bytes

  controllers << NS::Controller::Core.new

  exit_hook

  yield self if block_given?
end

Instance Attribute Details

#run_error ⇒ Object (readonly)

Returns the value of attribute run_error.

# File 'lib/cms_scanner/scan.rb', line 6

def run_error
  @run_error
end

Instance Method Details

#controllers ⇒ Controllers

Returns:

• (Controllers)

# File 'lib/cms_scanner/scan.rb', line 19

def controllers
  @controllers ||= NS::Controllers.new
end

#datastore ⇒ Hash

Returns:

• (Hash)

# File 'lib/cms_scanner/scan.rb', line 52

def datastore
  controllers.first.datastore
end

#exit_hook ⇒ Object

Hook to be able to have an exit code returned depending on the findings / errors :nocov:

# File 'lib/cms_scanner/scan.rb', line 59

def exit_hook
  # Avoid hooking the exit when rspec is running, otherwise it will always return 0
  # and Travis won't detect failed builds. Couldn't find a better way, even though
  # some people managed to https://github.com/rspec/rspec-core/pull/410
  return if defined?(RSpec)

  at_exit do
    exit(run_error_exit_code) if run_error

    # The parsed_option[:url] must be checked to avoid raising erros when only -h/-v are given
    exit(NS::ExitCode::VULNERABLE) if NS::ParsedCli.url && controllers.first.target.vulnerable?
    exit(NS::ExitCode::OK)
  end
end

#formatter ⇒ Object

Used for convenience

# File 'lib/cms_scanner/scan.rb', line 47

def formatter
  controllers.first.formatter
end

#run ⇒ Object

# File 'lib/cms_scanner/scan.rb', line 23

def run
  controllers.run
rescue OptParseValidator::NoRequiredOption => e
  @run_error = e

  formatter.output('@usage', msg: e.message)
rescue NoMemoryError, ScriptError, SecurityError, SignalException, StandardError, SystemStackError => e
  @run_error = e

  output_params = {
    reason: e.is_a?(Interrupt) ? 'Canceled by User' : e.message,
    trace: e.backtrace,
    verbose: NS::ParsedCli.verbose || run_error_exit_code == NS::ExitCode::EXCEPTION
  }

  output_params[:url] = controllers.first.target.url if NS::ParsedCli.url

  formatter.output('@scan_aborted', output_params)
ensure
  formatter.beautify
end

#run_error_exit_code ⇒ Integer

Returns The exit code related to the run_error.

Returns:

• (Integer) —

  The exit code related to the run_error

# File 'lib/cms_scanner/scan.rb', line 76

def run_error_exit_code
  return NS::ExitCode::CLI_OPTION_ERROR if run_error.is_a?(OptParseValidator::Error) ||
                                           run_error.is_a?(OptionParser::ParseError)

  return NS::ExitCode::INTERRUPTED if run_error.is_a?(Interrupt)

  return NS::ExitCode::ERROR if run_error.is_a?(NS::Error::Standard) ||
                                run_error.is_a?(CMSScanner::Error::Standard)

  NS::ExitCode::EXCEPTION
end