module CMSScanner::Target::Server::Generic

Generic Server methods

Public Instance Methods

directory_listing?(path = nil, params = {}) click to toggle source

@param [ String ] path @param [ Hash ] params The request params

@return [ Boolean ] true if url(path) has the directory

listing enabled, false otherwise
# File lib/cms_scanner/target/server/generic.rb, line 41
def directory_listing?(path = nil, params = {})
  res = NS::Browser.get(url(path), params)

  res.code == 200 && res.body.include?('<h1>Index of')
end
directory_listing_entries(path = nil, params = {}, selector = 'pre a', ignore = /parent directory/i) click to toggle source

@param [ String ] path @param [ Hash ] params The request params @param [ String ] selector @param [ Regexp ] ignore

@return [ Array<String> ] The first level of directories/files listed,

or an empty array if none
# File lib/cms_scanner/target/server/generic.rb, line 54
def directory_listing_entries(path = nil, params = {}, selector = 'pre a', ignore = /parent directory/i)
  return [] unless directory_listing?(path, params)

  found = []

  NS::Browser.get(url(path), params).html.css(selector).each do |node|
    entry = node.text.to_s

    next if entry&.match?(ignore)

    found << entry
  end

  found
end
headers(path = nil, params = {}) click to toggle source

@param [ String ] path @param [ Hash ] params The request params

@return [ Hash ] The headers

# File lib/cms_scanner/target/server/generic.rb, line 31
def headers(path = nil, params = {})
  # The HEAD method might be rejected by some servers ... maybe switch to GET ?
  NS::Browser.head(url(path), params).headers
end
server(path = nil, params = {}) click to toggle source

@param [ String ] path @param [ Hash ] params The request params

@return [ Symbol ] The detected remote server (:Apache, :IIS, :Nginx)

# File lib/cms_scanner/target/server/generic.rb, line 12
def server(path = nil, params = {})
  headers = headers(path, params)

  return unless headers

  case headers[:server]
  when /\Aapache/i
    :Apache
  when /\AMicrosoft-IIS/i
    :IIS
  when /\Anginx/
    :Nginx
  end
end