Class: Yawast::Scanner::Plugins::Servers::Nginx
- Inherits:
-
Object
- Object
- Yawast::Scanner::Plugins::Servers::Nginx
- Defined in:
- lib/scanner/plugins/servers/nginx.rb
Class Method Summary collapse
Class Method Details
.check_all(uri) ⇒ Object
24 25 26 |
# File 'lib/scanner/plugins/servers/nginx.rb', line 24 def self.check_all(uri) check_status_page uri.copy end |
.check_banner(banner) ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
# File 'lib/scanner/plugins/servers/nginx.rb', line 8 def self.() Yawast::Shared::Output.log_hash 'vulnerabilities', 'nginx_version_exposed', {vulnerable: false, version: nil} # don't bother if this doesn't include nginx return unless .include? 'nginx/' Yawast::Utilities.puts_warn "nginx Version: #{}" puts '' Yawast::Shared::Output.log_hash 'vulnerabilities', 'nginx_version_exposed', {vulnerable: true, version: } end |
.check_status_page(uri) ⇒ Object
28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
# File 'lib/scanner/plugins/servers/nginx.rb', line 28 def self.check_status_page(uri) uri.path = '/status' uri.query = '' unless uri.query.nil? body = Yawast::Shared::Http.get(uri) if body.include? 'Active connections:' Yawast::Utilities.puts_vuln "Nginx status page found: #{uri}" Yawast::Shared::Output.log_hash 'vulnerabilities', 'nginx_status_found', {vulnerable: true, uri: uri, body: body} puts '' else Yawast::Shared::Output.log_hash 'vulnerabilities', 'nginx_status_found', {vulnerable: false, uri: uri, body: body} end end |