Class: CMSScanner::WebSite

Inherits:
Object
  • Object
show all
Defined in:
lib/cms_scanner/web_site.rb

Overview

WebSite Implementation

Direct Known Subclasses

Target

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(site_url, opts = {}) ⇒ WebSite

Returns a new instance of WebSite.

Parameters:

  • site_url (String)
  • opts (Hash) (defaults to: {}) 


10
11
12
13
 
# File 'lib/cms_scanner/web_site.rb', line 10

def initialize(site_url, opts = {})
  self.url = site_url
  @opts    = opts
end

Instance Attribute Details

#homepage_resTyphoeus::Response

As webmock does not support redirects mocking, coverage is ignored :nocov:

Returns:



49
50
51
 
# File 'lib/cms_scanner/web_site.rb', line 49

def homepage_res
  @homepage_res ||= NS::Browser.get_and_follow_location(url)
end

#optsObject (readonly)

Returns the value of attribute opts.



6
7
8
 
# File 'lib/cms_scanner/web_site.rb', line 6

def opts
  @opts
end

#uriObject (readonly)

Returns the value of attribute uri.



6
7
8
 
# File 'lib/cms_scanner/web_site.rb', line 6

def uri
  @uri
end

Instance Method Details

#access_forbidden?(path = nil) ⇒ Boolean

Parameters:

  • path (String) (defaults to: nil)

Returns:

  • (Boolean) 


88
89
90
 
# File 'lib/cms_scanner/web_site.rb', line 88

def access_forbidden?(path = nil)
  NS::Browser.get(url(path)).code == 403
end

#error_404_resTyphoeus::Response

Returns:



60
61
62
 
# File 'lib/cms_scanner/web_site.rb', line 60

def error_404_res
  @error_404_res ||= NS::Browser.get_and_follow_location(error_404_url)
end

#error_404_urlString

Returns The URL of an unlikely existant page.

Returns:

  • (String)

    The URL of an unlikely existant page



65
66
67
 
# File 'lib/cms_scanner/web_site.rb', line 65

def error_404_url
  @error_404_url ||= uri.join("#{Digest::MD5.hexdigest(rand(999_999).to_s)[0..6]}.html").to_s
end

#head_and_get(path, codes = [200], params = {}) ⇒ Typhoeus::Response

Perform a HEAD request to the path provided, then if its response code is in the array of codes given, a GET is done and the response returned. Otherwise the HEAD response is returned.

Parameters:

  • path (String)
  • codes (Array<String>) (defaults to: [200])
  • params (Hash) (defaults to: {})

    The requests params

Options Hash (params):

  • :head (Hash)

    Request params for the HEAD

  • :get (hash)

    Request params for the GET

Returns:



136
137
138
139
140
141
142
143
 
# File 'lib/cms_scanner/web_site.rb', line 136

def head_and_get(path, codes = [200], params = {})
  url_to_get  = url(path)
  head_params = (params[:head] || {}).merge(head_or_get_params)

  head_res = NS::Browser.forge_request(url_to_get, head_params).run

  codes.include?(head_res.code) ? NS::Browser.get(url_to_get, params[:get] || {}) : head_res
end

#head_or_get_paramsHash

Returns The Typhoeus params to use to perform head requests.

Returns:

  • (Hash)

    The Typhoeus params to use to perform head requests



117
118
119
120
121
122
123
 
# File 'lib/cms_scanner/web_site.rb', line 117

def head_or_get_params
  @head_or_get_params ||= if [0, 405, 501].include?(NS::Browser.head(homepage_url).code)
                            { method: :get, maxfilesize: 1 }
                          else
                            { method: :head }
                          end
end

#homepage_urlString

Returns:

  • (String) 


55
56
57
 
# File 'lib/cms_scanner/web_site.rb', line 55

def homepage_url
  @homepage_url ||= homepage_res.effective_url
end

#http_auth?(path = nil) ⇒ Boolean

Parameters:

  • path (String) (defaults to: nil)

Returns:

  • (Boolean) 


81
82
83
 
# File 'lib/cms_scanner/web_site.rb', line 81

def http_auth?(path = nil)
  NS::Browser.get(url(path)).code == 401
end

#ipString

Returns The IP address of the target.

Returns:

  • (String)

    The IP address of the target



37
38
39
40
41
 
# File 'lib/cms_scanner/web_site.rb', line 37

def ip
  @ip ||= IPSocket.getaddress(uri.host)
rescue SocketError
  'Unknown'
end

#online?(path = nil) ⇒ Boolean

Checks if the remote website is up.

Parameters:

  • path (String) (defaults to: nil)

Returns:

  • (Boolean) 


74
75
76
 
# File 'lib/cms_scanner/web_site.rb', line 74

def online?(path = nil)
  NS::Browser.get(url(path)).code.nonzero? ? true : false
end

#proxy_auth?(path = nil) ⇒ Boolean

Parameters:

  • path (String) (defaults to: nil)

Returns:

  • (Boolean) 


95
96
97
 
# File 'lib/cms_scanner/web_site.rb', line 95

def proxy_auth?(path = nil)
  NS::Browser.get(url(path)).code == 407
end

#redirection(url = nil) ⇒ String

As webmock does not support redirects mocking, coverage is ignored :nocov:

Parameters:

  • url (String) (defaults to: nil)

Returns:

  • (String)

    The redirection url or nil



105
106
107
108
109
110
111
112
113
 
# File 'lib/cms_scanner/web_site.rb', line 105

def redirection(url = nil)
  url ||= @uri.to_s

  return unless [301, 302].include?(NS::Browser.get(url).code)

  res = NS::Browser.get(url, followlocation: true, maxredirs: 10)

  res.effective_url == url ? nil : res.effective_url
end

#url(path = nil) ⇒ String

Parameters:

  • path (String) (defaults to: nil)

    Optional path to merge with the uri

Returns:

  • (String) 


30
31
32
33
34
 
# File 'lib/cms_scanner/web_site.rb', line 30

def url(path = nil)
  return @uri.to_s unless path

  @uri.join(Addressable::URI.encode(path).gsub('#', '%23')).to_s
end

#url=(site_url) ⇒ Object 



15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/cms_scanner/web_site.rb', line 15

def url=(site_url)
  new_url = site_url.dup

  # Add a trailing slash to the URL
  new_url << '/' if new_url[-1, 1] != '/'

  # Use the validator to ensure the URL has a correct format
  OptParseValidator::OptURL.new([]).validate(new_url)

  @uri = Addressable::URI.parse(new_url).normalize
end