Skip to content

Commit

Permalink
Use log_warn to print discovered vulnerabilities.
Browse files Browse the repository at this point in the history 
* This allows visually differentiating between regular `log_info` status
  messages and discovered vulnerabilities.
  • Loading branch information
@postmodern
postmodern committed Apr 15, 2024
1 parent bb5c99f commit b1656c0
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 26 deletions.
4 changes: 2 additions & 2 deletions lib/ronin/vulns/cli/logging.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,9 +84,9 @@ def log_vuln(vuln)
location = vuln_location(vuln)

if location
log_info "Found #{vuln_name} on #{vuln.url} via #{location}!"
log_warn "Found #{vuln_name} on #{vuln.url} via #{location}!"
else
log_info "Found #{vuln_name} on #{vuln.url}!"
log_warn "Found #{vuln_name} on #{vuln.url}!"
end
end
end
Expand Down
48 changes: 24 additions & 24 deletions spec/cli/logging_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::LFI.new(url, query_param: query_param) }

it "must log 'Found LFI on <url> via query param <query_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found LFI on #{url} via query param '#{query_param}'!"
)

Expand All @@ -129,7 +129,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::LFI.new(url, header_name: header_name) }

it "must log 'Found LFI on <url> via Header <header_name>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found LFI on #{url} via Header '#{header_name}'!"
)

Expand All @@ -142,7 +142,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::LFI.new(url, cookie_param: cookie_param) }

it "must log 'Found LFI on <url> via Cookie param <cookie_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found LFI on #{url} via Cookie param '#{cookie_param}'!"
)

Expand All @@ -155,7 +155,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::LFI.new(url, form_param: form_param) }

it "must log 'Found LFI on <url> via form param <form_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found LFI on #{url} via form param '#{form_param}'!"
)

Expand All @@ -170,7 +170,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::RFI.new(url, query_param: query_param) }

it "must log 'Found RFI on <url> via query param <query_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found RFI on #{url} via query param '#{query_param}'!"
)

Expand All @@ -183,7 +183,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::RFI.new(url, header_name: header_name) }

it "must log 'Found RFI on <url> via Header <header_name>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found RFI on #{url} via Header '#{header_name}'!"
)

Expand All @@ -196,7 +196,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::RFI.new(url, cookie_param: cookie_param) }

it "must log 'Found RFI on <url> via Cookie param <cookie_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found RFI on #{url} via Cookie param '#{cookie_param}'!"
)

Expand All @@ -209,7 +209,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::RFI.new(url, form_param: form_param) }

it "must log 'Found RFI on <url> via form param <form_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found RFI on #{url} via form param '#{form_param}'!"
)

Expand All @@ -224,7 +224,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SQLI.new(url, query_param: query_param) }

it "must log 'Found SQLI on <url> via query param <query_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SQLi on #{url} via query param '#{query_param}'!"
)

Expand All @@ -237,7 +237,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SQLI.new(url, header_name: header_name) }

it "must log 'Found SQLI on <url> via Header <header_name>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SQLi on #{url} via Header '#{header_name}'!"
)

Expand All @@ -250,7 +250,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SQLI.new(url, cookie_param: cookie_param) }

it "must log 'Found SQLI on <url> via Cookie param <cookie_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SQLi on #{url} via Cookie param '#{cookie_param}'!"
)

Expand All @@ -263,7 +263,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SQLI.new(url, form_param: form_param) }

it "must log 'Found SQLI on <url> via form param <form_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SQLi on #{url} via form param '#{form_param}'!"
)

Expand All @@ -278,7 +278,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SSTI.new(url, query_param: query_param) }

it "must log 'Found SSTI on <url> via query param <query_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SSTI on #{url} via query param '#{query_param}'!"
)

Expand All @@ -291,7 +291,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SSTI.new(url, header_name: header_name) }

it "must log 'Found SSTI on <url> via Header <header_name>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SSTI on #{url} via Header '#{header_name}'!"
)

Expand All @@ -304,7 +304,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SSTI.new(url, cookie_param: cookie_param) }

it "must log 'Found SSTI on <url> via Cookie param <cookie_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SSTI on #{url} via Cookie param '#{cookie_param}'!"
)

Expand All @@ -317,7 +317,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::SSTI.new(url, form_param: form_param) }

it "must log 'Found SSTI on <url> via form param <form_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found SSTI on #{url} via form param '#{form_param}'!"
)

Expand All @@ -332,7 +332,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::OpenRedirect.new(url, query_param: query_param) }

it "must log 'Found Open Redirect on <url> via query param <query_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found Open Redirect on #{url} via query param '#{query_param}'!"
)

Expand All @@ -345,7 +345,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::OpenRedirect.new(url, header_name: header_name) }

it "must log 'Found Open Redirect on <url> via Header <header_name>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found Open Redirect on #{url} via Header '#{header_name}'!"
)

Expand All @@ -358,7 +358,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::OpenRedirect.new(url, cookie_param: cookie_param) }

it "must log 'Found Open Redirect on <url> via Cookie param <cookie_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found Open Redirect on #{url} via Cookie param '#{cookie_param}'!"
)

Expand All @@ -371,7 +371,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::OpenRedirect.new(url, form_param: form_param) }

it "must log 'Found Open Redirect on <url> via form param <form_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found Open Redirect on #{url} via form param '#{form_param}'!"
)

Expand All @@ -386,7 +386,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::ReflectedXSS.new(url, query_param: query_param) }

it "must log 'Found reflected XSS on <url> via query param <query_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found reflected XSS on #{url} via query param '#{query_param}'!"
)

Expand All @@ -399,7 +399,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::ReflectedXSS.new(url, header_name: header_name) }

it "must log 'Found reflected XSS on <url> via Header <header_name>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found reflected XSS on #{url} via Header '#{header_name}'!"
)

Expand All @@ -412,7 +412,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::ReflectedXSS.new(url, cookie_param: cookie_param) }

it "must log 'Found reflected XSS on <url> via Cookie param <cookie_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found reflected XSS on #{url} via Cookie param '#{cookie_param}'!"
)

Expand All @@ -425,7 +425,7 @@ class TestCommand < Ronin::Vulns::CLI::Command
let(:vuln) { Ronin::Vulns::ReflectedXSS.new(url, form_param: form_param) }

it "must log 'Found reflected XSS on <url> via form param <form_param>!'" do
expect(subject).to receive(:log_info).with(
expect(subject).to receive(:log_warn).with(
"Found reflected XSS on #{url} via form param '#{form_param}'!"
)

Expand Down

0 comments on commit b1656c0

Please sign in to comment.