python-cors.spec


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

%global _empty_manifest_terminate_build 0
Name:		python-cors
Version:	1.0.1
Release:	1
Summary:	Fast CORS misconfiguration vulnerabilities scanner
License:	MIT
URL:		http://github.com/chenjj/CORScanner
Source0:	https://mirrors.nju.edu.cn/pypi/web/packages/ef/74/a7913a710ef4ecce19dd091168dd0e21d7705587d3f2d4eac0e502bb3a75/cors-1.0.1.tar.gz
BuildArch:	noarch

Requires:	python3-colorama
Requires:	python3-requests
Requires:	python3-argparse
Requires:	python3-gevent
Requires:	python3-tldextract
Requires:	python3-future
Requires:	python3-PySocks

%description
-u            | --url         | URL/domain to check it's CORS policy
-d            | --headers     | Add headers to the request
-i            | --input       | URL/domain list file to check their CORS policy
-t            | --threads     | Number of threads to use for CORS scan
-o            | --output      | Save the results to json file
-v            | --verbose     | Enable the verbose mode and display results in realtime
-T            | --timeout     | Set requests timeout (default 10 sec)
-p            | --proxy       | Enable proxy (http or socks5)
-h            | --help        | show the help message and exit
### Examples
* To check CORS misconfigurations of specific domain:
``python cors_scan.py -u example.com``
* To enable more debug info, use -v:
``python cors_scan.py -u example.com -v``
* To save scan results to a JSON file, use -o:
``python cors_scan.py -u example.com -o output_filename``
* To check CORS misconfigurations of specific URL:
``python cors_scan.py -u http://example.com/restapi``
* To check CORS misconfiguration with specific headers:
``python cors_scan.py -u example.com -d "Cookie: test"``
* To check CORS misconfigurations of multiple domains/URLs:
``python cors_scan.py -i top_100_domains.txt -t 100``
* To enable proxy for CORScanner, use -p
```python cors_scan.py -u example.com -p http://127.0.0.1:8080```
To use socks5 proxy, install PySocks with `pip install PySocks`
```python cors_scan.py -u example.com -p socks5://127.0.0.1:8080```
* To list all the basic options and switches use -h switch:
```python cors_scan.py -h```
## Misconfiguration types
This tool covers the following misconfiguration types:

%package -n python3-cors
Summary:	Fast CORS misconfiguration vulnerabilities scanner
Provides:	python-cors
BuildRequires:	python3-devel
BuildRequires:	python3-setuptools
BuildRequires:	python3-pip
%description -n python3-cors
-u            | --url         | URL/domain to check it's CORS policy
-d            | --headers     | Add headers to the request
-i            | --input       | URL/domain list file to check their CORS policy
-t            | --threads     | Number of threads to use for CORS scan
-o            | --output      | Save the results to json file
-v            | --verbose     | Enable the verbose mode and display results in realtime
-T            | --timeout     | Set requests timeout (default 10 sec)
-p            | --proxy       | Enable proxy (http or socks5)
-h            | --help        | show the help message and exit
### Examples
* To check CORS misconfigurations of specific domain:
``python cors_scan.py -u example.com``
* To enable more debug info, use -v:
``python cors_scan.py -u example.com -v``
* To save scan results to a JSON file, use -o:
``python cors_scan.py -u example.com -o output_filename``
* To check CORS misconfigurations of specific URL:
``python cors_scan.py -u http://example.com/restapi``
* To check CORS misconfiguration with specific headers:
``python cors_scan.py -u example.com -d "Cookie: test"``
* To check CORS misconfigurations of multiple domains/URLs:
``python cors_scan.py -i top_100_domains.txt -t 100``
* To enable proxy for CORScanner, use -p
```python cors_scan.py -u example.com -p http://127.0.0.1:8080```
To use socks5 proxy, install PySocks with `pip install PySocks`
```python cors_scan.py -u example.com -p socks5://127.0.0.1:8080```
* To list all the basic options and switches use -h switch:
```python cors_scan.py -h```
## Misconfiguration types
This tool covers the following misconfiguration types:

%package help
Summary:	Development documents and examples for cors
Provides:	python3-cors-doc
%description help
-u            | --url         | URL/domain to check it's CORS policy
-d            | --headers     | Add headers to the request
-i            | --input       | URL/domain list file to check their CORS policy
-t            | --threads     | Number of threads to use for CORS scan
-o            | --output      | Save the results to json file
-v            | --verbose     | Enable the verbose mode and display results in realtime
-T            | --timeout     | Set requests timeout (default 10 sec)
-p            | --proxy       | Enable proxy (http or socks5)
-h            | --help        | show the help message and exit
### Examples
* To check CORS misconfigurations of specific domain:
``python cors_scan.py -u example.com``
* To enable more debug info, use -v:
``python cors_scan.py -u example.com -v``
* To save scan results to a JSON file, use -o:
``python cors_scan.py -u example.com -o output_filename``
* To check CORS misconfigurations of specific URL:
``python cors_scan.py -u http://example.com/restapi``
* To check CORS misconfiguration with specific headers:
``python cors_scan.py -u example.com -d "Cookie: test"``
* To check CORS misconfigurations of multiple domains/URLs:
``python cors_scan.py -i top_100_domains.txt -t 100``
* To enable proxy for CORScanner, use -p
```python cors_scan.py -u example.com -p http://127.0.0.1:8080```
To use socks5 proxy, install PySocks with `pip install PySocks`
```python cors_scan.py -u example.com -p socks5://127.0.0.1:8080```
* To list all the basic options and switches use -h switch:
```python cors_scan.py -h```
## Misconfiguration types
This tool covers the following misconfiguration types:

%prep
%autosetup -n cors-1.0.1

%build
%py3_build

%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
	find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
	find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
	find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
	find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
	find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .

%files -n python3-cors -f filelist.lst
%dir %{python3_sitelib}/*

%files help -f doclist.lst
%{_docdir}/*

%changelog
* Thu Jun 08 2023 Python_Bot <Python_Bot@openeuler.org> - 1.0.1-1
- Package Spec generated