6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
# File 'lib/scanner/vuln_scan.rb', line 6
def self.scan(uri, options, head)
puts 'Performing vulnerability scan (this will take a while)...'
if options.spider
links = Yawast::Scanner::Plugins::Spider::Spider.spider(uri)
else
puts 'Building site map...'
links = Yawast::Scanner::Plugins::Spider::Spider.spider(uri, true)
end
Yawast::Scanner::Plugins::Http::FilePresence.check_all uri, options.files
Yawast::Scanner::Plugins::Servers::Apache.check_all(uri, links)
Yawast::Scanner::Plugins::Servers::Nginx.check_all(uri)
Yawast::Scanner::Plugins::Servers::Iis.check_all(uri, head)
Yawast::Scanner::Plugins::Http::Generic.check_propfind(uri)
Yawast::Scanner::Plugins::Http::Generic.check_options(uri)
Yawast::Scanner::Plugins::Http::Generic.check_trace(uri)
unless Yawast.options.pass_reset_page.nil?
Yawast::Scanner::Plugins::Applications::Generic::PasswordReset.setup
Yawast::Scanner::Plugins::Applications::Generic::PasswordReset.check_resp_user_enum
end
Yawast::Scanner::Plugins::Applications::Framework::Rails.check_all uri, links
wordpress_uri = Yawast::Scanner::Plugins::Applications::CMS::WordPress.identify uri
unless wordpress_uri.nil?
Yawast::Scanner::Plugins::Applications::CMS::WordPress.check_json_user_enum wordpress_uri
end
end
|