module CMSScanner::Target::Platform::PHP

Some PHP specific implementation

Constants

DEBUG_LOG_PATTERN
ERROR_LOG_PATTERN
FPD_PATTERN

Public Instance Methods

debug_log?(path, params = {}) click to toggle source

@param [ String ] path @param [ Hash ] params The request params

@return [ Boolean ] true if url(path) is a debug log, false otherwise

# File lib/cms_scanner/target/platform/php.rb, line 30
def debug_log?(path, params = {})
  log_file?(path, DEBUG_LOG_PATTERN, params)
end
error_log?(path, params = {}) click to toggle source

@param [ String ] path @param [ Hash ] params The request params

@return [ Boolean ] Wether or not url(path) is an error log file

# File lib/cms_scanner/target/platform/php.rb, line 38
def error_log?(path, params = {})
  log_file?(path, ERROR_LOG_PATTERN, params)
end
full_path_disclosure?(path = nil, params = {}) click to toggle source

@param [ String ] path @param [ Hash ] params The request params

@return [ Boolean ] true if url(path) contains a FPD, false otherwise

# File lib/cms_scanner/target/platform/php.rb, line 46
def full_path_disclosure?(path = nil, params = {})
  !full_path_disclosure_entries(path, params).empty?
end
full_path_disclosure_entries(path = nil, params = {}) click to toggle source

@param [ String ] path @param [ Hash ] params The request params

@return [ Array<String> ] The FPD found, or an empty array if none

# File lib/cms_scanner/target/platform/php.rb, line 54
def full_path_disclosure_entries(path = nil, params = {})
  res = NS::Browser.get(url(path), params)

  res.body.scan(FPD_PATTERN).flatten
end
log_file?(path, pattern, params = {}) click to toggle source

@param [ String ] path @param [ Regexp ] pattern @param [ Hash ] params The request params

@return [ Boolean ]

# File lib/cms_scanner/target/platform/php.rb, line 18
def log_file?(path, pattern, params = {})
  # Only the first 700 bytes of the file are retrieved to avoid getting entire log file
  # which can be huge (~ 2Go)
  res = head_and_get(path, [200], get: params.merge(headers: { 'Range' => 'bytes=0-700' }))

  res.body&.match?(pattern) ? true : false
end