Class: Yawast::Scanner::Plugins::Http::DirectorySearch
- Inherits:
-
Object
- Object
- Yawast::Scanner::Plugins::Http::DirectorySearch
- Defined in:
- lib/scanner/plugins/http/directory_search.rb
Class Method Summary collapse
- .load_queue(uri) ⇒ Object
- .process(uri) ⇒ Object
- .search(uri, recursive, list_redirects, search_list = nil) ⇒ Object
Class Method Details
.load_queue(uri) ⇒ Object
83 84 85 86 87 88 89 90 91 92 93 94 95 96 |
# File 'lib/scanner/plugins/http/directory_search.rb', line 83 def self.load_queue(uri) @search_list.each do |line| check = uri.copy begin check.path = check.path + "#{line}/" # add the job to the queue @jobs.push check rescue # rubocop:disable Style/RescueStandardError, Lint/HandleExceptions # who cares end end end |
.process(uri) ⇒ Object
98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 |
# File 'lib/scanner/plugins/http/directory_search.rb', line 98 def self.process(uri) begin res = Yawast::Shared::Http.head uri if res.code == '200' @results.push "\tFound: '#{uri}'" Yawast::Shared::Output.log_append_value 'http', 'http_dir', uri load_queue uri if @recursive elsif res.code == '301' && @list_redirects @results.push "\tFound Redirect: '#{uri} -> '#{res['Location']}'" Yawast::Shared::Output.log_value 'http', 'http_dir_redirect', uri, res['Location'] end rescue => e # rubocop:disable Style/RescueStandardError unless e..include?('end of file') || e..include?('getaddrinfo') Yawast::Utilities.puts_error "Error searching for directory '#{uri.path}' (#{e.})" end end end |
.search(uri, recursive, list_redirects, search_list = nil) ⇒ Object
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 |
# File 'lib/scanner/plugins/http/directory_search.rb', line 10 def self.search(uri, recursive, list_redirects, search_list = nil) # first, we need to see if the site responds to 404 in a reasonable way unless Yawast::Shared::Http.check_not_found(uri, false) puts 'Site does not respond properly to non-existent directory requests; skipping some checks.' return end @recursive = recursive @list_redirects = list_redirects if recursive puts 'Recursively searching for common directories (this will take a while)...' else puts 'Searching for common directories...' end if search_list.nil? @search_list = [] File.open(File.dirname(__FILE__) + '/../../../resources/common_dir.txt', 'r') do |f| f.each_line do |line| @search_list.push line.strip end end else @search_list = search_list end begin pool_size = 16 @jobs = Queue.new @results = Queue.new # load the queue, starting at / base = uri.copy base.path = '/' load_queue base workers = (pool_size).times.map do Thread.new do begin while (check = @jobs.pop(true)) process check end rescue ThreadError # rubocop:disable Lint/HandleExceptions #do nothing end end end results = Thread.new do begin while true if @results.length.positive? out = @results.pop(true) Yawast::Utilities.puts_info out end end rescue ThreadError # rubocop:disable Lint/HandleExceptions # do nothing end end workers.map(&:join) results.terminate rescue => e # rubocop:disable Style/RescueStandardError Yawast::Utilities.puts_error "Error searching for directories (#{e.})" end puts end |