From a50383abe552ce3756b5788550aa3d908fa71e5d Mon Sep 17 00:00:00 2001 From: Postmodern Date: Mon, 13 May 2024 21:39:43 -0700 Subject: [PATCH] Use hyphenated option values for `--lfi-filter-bypass` and `--filter-bypass`. --- lib/ronin/vulns/cli/commands/lfi.rb | 16 +++++----- lib/ronin/vulns/cli/commands/scan.rb | 16 +++++----- man/ronin-vulns-scan.1.md | 4 +-- spec/cli/commands/lfi_spec.rb | 48 +++++++++++++++++++++++++--- spec/cli/commands/scan_spec.rb | 48 +++++++++++++++++++++++++--- 5 files changed, 106 insertions(+), 26 deletions(-) diff --git a/lib/ronin/vulns/cli/commands/lfi.rb b/lib/ronin/vulns/cli/commands/lfi.rb index 8f2c5bb..44dd335 100644 --- a/lib/ronin/vulns/cli/commands/lfi.rb +++ b/lib/ronin/vulns/cli/commands/lfi.rb @@ -61,7 +61,7 @@ module Commands # -i, --input FILE Reads URLs from the list file # -O, --os unix|windows Sets the OS to test for # -D, --depth COUNT Sets the directory depth to escape up - # -B null_byte|double_escape|base64|rot13|zlib, + # -B null-byte|double-escape|base64|rot13|zlib, # --filter-bypass Sets the filter bypass strategy to use # -h, --help Print help information # @@ -92,13 +92,13 @@ class Lfi < WebVulnCommand option :filter_bypass, short: '-B', value: { - type: [ - :null_byte, - :double_escape, - :base64, - :rot13, - :zlib - ] + type: { + 'null-byte' => :null_byte, + 'double-escape' => :double_escape, + 'base64' => :base64, + 'rot13' => :rot13, + 'zlib' => :zlib + } }, desc: 'Sets the filter bypass strategy to use' do |filter_bypass| scan_kwargs[:filter_bypass] = filter_bypass diff --git a/lib/ronin/vulns/cli/commands/scan.rb b/lib/ronin/vulns/cli/commands/scan.rb index 90a0e22..77780c9 100644 --- a/lib/ronin/vulns/cli/commands/scan.rb +++ b/lib/ronin/vulns/cli/commands/scan.rb @@ -59,7 +59,7 @@ module Commands # -i, --input FILE Reads URLs from the list file # --lfi-os unix|windows Sets the OS to test for # --lfi-depth COUNT Sets the directory depth to escape up - # --lfi-filter-bypass null_byte|double_escape|base64|rot13|zlib + # --lfi-filter-bypass null-byte|double-escape|base64|rot13|zlib # Sets the filter bypass strategy to use # --rfi-filter-bypass double-encode|suffix-escape|null-byte # Optional filter-bypass strategy to use @@ -98,13 +98,13 @@ class Scan < WebVulnCommand end option :lfi_filter_bypass, value: { - type: [ - :null_byte, - :double_escape, - :base64, - :rot13, - :zlib - ] + type: { + 'null-byte' => :null_byte, + 'double-escape' => :double_escape, + 'base64' => :base64, + 'rot13' => :rot13, + 'zlib' => :zlib + } }, desc: 'Sets the filter bypass strategy to use' do |filter_bypass| lfi_kwargs[:filter_bypass] = filter_bypass diff --git a/man/ronin-vulns-scan.1.md b/man/ronin-vulns-scan.1.md index b9867f2..b0bb309 100644 --- a/man/ronin-vulns-scan.1.md +++ b/man/ronin-vulns-scan.1.md @@ -96,7 +96,7 @@ additional arguments or read from a file using the `--input` option. `--lfi-depth` *NUM* : Sets the directory depth to escape up. -`--lfi-filter-bypass` `null_byte`\|`double_escape`\|`base64`\|`rot13`\|`zlib` +`--lfi-filter-bypass` `null-byte`\|`double-escape`\|`base64`\|`rot13`\|`zlib` : Sets the filter bypass strategy to use. `--rfi-filter-bypass` `double-encode`\|`suffix-escape`\|`null-byte` @@ -132,4 +132,4 @@ Postmodern ## SEE ALSO -[ronin-vulns-lfi](ronin-vulns-lfi.1.md) [ronin-vulns-rfi](ronin-vulns-rfi.1.md) [ronin-vulns-sqli](ronin-vulns-sqli.1.md) [ronin-vulns-ssti](ronin-vulns-ssti.1.md) [ronin-vulns-open-redirect](ronin-vulns-open-redirect.1.md) [ronin-vulns-reflected-xss](ronin-vulns-reflected-xss.1.md) \ No newline at end of file +[ronin-vulns-lfi](ronin-vulns-lfi.1.md) [ronin-vulns-rfi](ronin-vulns-rfi.1.md) [ronin-vulns-sqli](ronin-vulns-sqli.1.md) [ronin-vulns-ssti](ronin-vulns-ssti.1.md) [ronin-vulns-open-redirect](ronin-vulns-open-redirect.1.md) [ronin-vulns-reflected-xss](ronin-vulns-reflected-xss.1.md) diff --git a/spec/cli/commands/lfi_spec.rb b/spec/cli/commands/lfi_spec.rb index 138ffd9..8ed279d 100644 --- a/spec/cli/commands/lfi_spec.rb +++ b/spec/cli/commands/lfi_spec.rb @@ -31,13 +31,53 @@ end context "when the '--filter-bypass' option is parsed" do - let(:filter_bypass) { :base64 } - let(:argv) { ['--filter-bypass', filter_bypass.to_s] } + let(:argv) { ['--filter-bypass', option_value] } before { subject.option_parser.parse(argv) } - it "must set the :filter_bypass key in the Hash" do - expect(subject.scan_kwargs[:filter_bypass]).to eq(filter_bypass) + context "and it's value is 'null-byte'" do + let(:option_value) { 'null-byte' } + let(:filter_bypass) { :null_byte } + + it "must set the :filter_bypass key in the Hash to :null_byte" do + expect(subject.scan_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'double-escape'" do + let(:option_value) { 'double-escape' } + let(:filter_bypass) { :double_escape } + + it "must set the :filter_bypass key in the Hash to :double_escape" do + expect(subject.scan_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'base64'" do + let(:option_value) { 'base64' } + let(:filter_bypass) { :base64 } + + it "must set the :filter_bypass key in the Hash to :base64" do + expect(subject.scan_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'rot13'" do + let(:option_value) { 'rot13' } + let(:filter_bypass) { :rot13 } + + it "must set the :filter_bypass key in the Hash to :rot13" do + expect(subject.scan_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'zlib'" do + let(:option_value) { 'zlib' } + let(:filter_bypass) { :zlib } + + it "must set the :filter_bypass key in the Hash to :zlib" do + expect(subject.scan_kwargs[:filter_bypass]).to eq(filter_bypass) + end end end end diff --git a/spec/cli/commands/scan_spec.rb b/spec/cli/commands/scan_spec.rb index 62974d7..fa160f9 100644 --- a/spec/cli/commands/scan_spec.rb +++ b/spec/cli/commands/scan_spec.rb @@ -103,13 +103,53 @@ end context "when the '--lfi-filter-bypass' option is parsed" do - let(:filter_bypass) { :base64 } - let(:argv) { ['--lfi-filter-bypass', filter_bypass.to_s] } + let(:argv) { ['--lfi-filter-bypass', option_value] } before { subject.option_parser.parse(argv) } - it "must set the :filter_bypass key in the Hash" do - expect(subject.lfi_kwargs[:filter_bypass]).to eq(filter_bypass) + context "and it's value is 'null-byte'" do + let(:option_value) { 'null-byte' } + let(:filter_bypass) { :null_byte } + + it "must set the :filter_bypass key in #lfi_kwargs to :null_byte" do + expect(subject.lfi_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'double-escape'" do + let(:option_value) { 'double-escape' } + let(:filter_bypass) { :double_escape } + + it "must set the :filter_bypass key in #lfi_kwargs to :double_escape" do + expect(subject.lfi_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'base64'" do + let(:option_value) { 'base64' } + let(:filter_bypass) { :base64 } + + it "must set the :filter_bypass key in #lfi_kwargs to :base64" do + expect(subject.lfi_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'rot13'" do + let(:option_value) { 'rot13' } + let(:filter_bypass) { :rot13 } + + it "must set the :filter_bypass key in #lfi_kwargs to :rot13" do + expect(subject.lfi_kwargs[:filter_bypass]).to eq(filter_bypass) + end + end + + context "and it's value is 'zlib'" do + let(:option_value) { 'zlib' } + let(:filter_bypass) { :zlib } + + it "must set the :filter_bypass key in #lfi_kwargs to :zlib" do + expect(subject.lfi_kwargs[:filter_bypass]).to eq(filter_bypass) + end end end