module CMSScanner::Target::Server::Generic
Public Instance Methods
directory_listing?(path = nil, params = {})
click to toggle source
@param [ String ] path @param [ Hash ] params The request params
@return [ Boolean ] true if url(path) has the directory
listing enabled, false otherwise
# File lib/cms_scanner/target/server/generic.rb, line 41 def directory_listing?(path = nil, params = {}) res = NS::Browser.get(url(path), params) res.code == 200 && res.body.include?('<h1>Index of') end
directory_listing_entries(path = nil, params = {}, selector = 'pre a', ignore = /parent directory/i)
click to toggle source
@param [ String ] path @param [ Hash ] params The request params @param [ String ] selector @param [ Regexp ] ignore
@return [ Array<String> ] The first level of directories/files listed,
or an empty array if none
# File lib/cms_scanner/target/server/generic.rb, line 54 def directory_listing_entries(path = nil, params = {}, selector = 'pre a', ignore = /parent directory/i) return [] unless directory_listing?(path, params) found = [] NS::Browser.get(url(path), params).html.css(selector).each do |node| entry = node.text.to_s next if entry&.match?(ignore) found << entry end found end
headers(path = nil, params = {})
click to toggle source
@param [ String ] path @param [ Hash ] params The request params
@return [ Hash ] The headers
# File lib/cms_scanner/target/server/generic.rb, line 31 def headers(path = nil, params = {}) # The HEAD method might be rejected by some servers ... maybe switch to GET ? NS::Browser.head(url(path), params).headers end
server(path = nil, params = {})
click to toggle source
@param [ String ] path @param [ Hash ] params The request params
@return [ Symbol ] The detected remote server (:Apache, :IIS, :Nginx)
# File lib/cms_scanner/target/server/generic.rb, line 12 def server(path = nil, params = {}) headers = headers(path, params) return unless headers case headers[:server] when /\Aapache/i :Apache when /\AMicrosoft-IIS/i :IIS when /\Anginx/ :Nginx end end