use constants for data files

2013-01-19 21:33:07 +01:00
parent 5d6ce70863
commit 14be8c700f
9 changed files with 24 additions and 15 deletions
--- a/lib/common_helper.rb
+++ b/lib/common_helper.rb
@@ -31,6 +31,15 @@ COMON_PLUGINS_DIR    = COMMON_LIB_DIR + "/plugins"
 WPSCAN_PLUGINS_DIR   = WPSCAN_LIB_DIR + "/plugins"
 WPSTOOLS_PLUGINS_DIR = WPSTOOLS_LIB_DIR + "/plugins"

+# Data files
+PLUGINS_FILE        = DATA_DIR + "/plugins.txt"
+PLUGINS_FULL_FILE   = DATA_DIR + "/plugins_full.txt"
+PLUGINS_VULNS_FILE  = DATA_DIR + "/plugin_vulns.xml"
+THEMES_FILE         = DATA_DIR + "/themes.txt"
+THEMES_FULL_FILE    = DATA_DIR + "/themes_full.txt"
+THEMES_VULNS_FILE   = DATA_DIR + "/theme_vulns.xml"
+WP_VULNS_FILE       = DATA_DIR + "/wp_vulns.xml"
+
 WPSCAN_VERSION       = "2.0"

 require "#{LIB_DIR}/environment"
--- a/lib/wpscan/modules/wp_plugins.rb
+++ b/lib/wpscan/modules/wp_plugins.rb
@@ -22,9 +22,9 @@ module WpPlugins
  #
  # return array of WpPlugin
  def plugins_from_aggressive_detection(options)
-    options[:file]          = options[:file] || (options[:full] ? "#{DATA_DIR}/plugins_full.txt" : "#{DATA_DIR}/plugins.txt")
+    options[:file]          = options[:file] || (options[:full] ? PLUGINS_FULL_FILE : PLUGINS_FILE)
    options[:vulns_file]    = (options[:vulns_file] != nil and options[:vulns_file] != "") ?
-    options[:vulns_file] : DATA_DIR + "/plugin_vulns.xml"
+    options[:vulns_file] : PLUGINS_VULNS_FILE
    options[:vulns_xpath]   = "//plugin[@name='#{@name}']/vulnerability"
    options[:vulns_xpath_2] = "//plugin"
    options[:type]          = "plugins"
--- a/lib/wpscan/modules/wp_themes.rb
+++ b/lib/wpscan/modules/wp_themes.rb
@@ -19,9 +19,9 @@
 module WpThemes

  def themes_from_aggressive_detection(options)
-    options[:file]          = options[:file] || (options[:full] ? "#{DATA_DIR}/themes_full.txt" : "#{DATA_DIR}/themes.txt")
+    options[:file]          = options[:file] || (options[:full] ? THEMES_FULL_FILE : THEMES_FILE)
    options[:vulns_file]    = (options[:vulns_file] != nil and options[:vulns_file] != "") ?
-        options[:vulns_file] : DATA_DIR + "/theme_vulns.xml"
+        options[:vulns_file] : THEMES_VULNS_FILE
    options[:vulns_xpath]   = "//theme[@name='#{@name}']/vulnerability"
    options[:vulns_xpath_2] = "//theme"
    options[:type]          = "themes"
--- a/lib/wpscan/wp_item.rb
+++ b/lib/wpscan/wp_item.rb
@@ -57,9 +57,9 @@ class WpItem < Vulnerable
  def wp_org_item?
    case @type
      when "themes"
-        file = "#{DATA_DIR}/themes_full.txt"
+        file = THEMES_FULL_FILE
      when "plugins"
-        file = "#{DATA_DIR}/plugins_full.txt"
+        file = PLUGINS_FULL_FILE
      else
        raise("Unknown type #@type")
    end
--- a/lib/wpscan/wp_plugin.rb
+++ b/lib/wpscan/wp_plugin.rb
@@ -19,7 +19,7 @@
 class WpPlugin < WpItem
  def initialize(options = {})
    options[:vulns_file]    = (options[:vulns_file] != nil and options[:vulns_file] != "") ?
-    options[:vulns_file] : DATA_DIR + "/plugin_vulns.xml"
+    options[:vulns_file] : PLUGINS_VULNS_FILE
    options[:vulns_xpath]   = "//plugin[@name='$name$']/vulnerability"
    options[:vulns_xpath_2] = "//plugin"
    options[:type]          = "plugins"
--- a/lib/wpscan/wp_theme.rb
+++ b/lib/wpscan/wp_theme.rb
@@ -24,7 +24,7 @@ class WpTheme < WpItem

  def initialize(options = {})
    options[:vulns_file]    = (options[:vulns_file] != nil and options[:vulns_file] != "") ?
-        options[:vulns_file] : DATA_DIR + "/theme_vulns.xml"
+        options[:vulns_file] : THEMES_VULNS_FILE
    options[:vulns_xpath] = "//theme[@name='$name$']/vulnerability"
    options[:type]        = "themes"
    @version              = options[:version]
--- a/lib/wpscan/wp_version.rb
+++ b/lib/wpscan/wp_version.rb
@@ -25,7 +25,7 @@ class WpVersion < Vulnerable
  def initialize(number, options = {})
    @number           = number
    @discovery_method = options[:discovery_method]
-    @vulns_file       = options[:vulns_file] || DATA_DIR + '/wp_vulns.xml'
+    @vulns_file       = options[:vulns_file] || WP_VULNS_FILE
    @vulns_xpath      = "//wordpress[@version='#{@number}']/vulnerability"
  end

--- a/lib/wpstools/plugins/checker/checker_plugin.rb
+++ b/lib/wpstools/plugins/checker/checker_plugin.rb
@@ -39,14 +39,14 @@ class CheckerPlugin < Plugin
  end

  def check_vuln_ref_urls
-    vuln_ref_files   = ["plugin_vulns.xml", "theme_vulns.xml", "wp_vulns.xml"]
+    vuln_ref_files   = [ PLUGINS_VULNS_FILE , THEMES_VULNS_FILE, WP_VULNS_FILE ]
    error_codes      = [404, 500, 403]
    not_found_regexp = %r{No Results Found|error 404|ID Invalid or Not Found}i

    puts "[+] Checking vulnerabilities reference urls"

    vuln_ref_files.each do |vuln_ref_file|
-      xml = Nokogiri::XML(File.open(DATA_DIR + '/' + vuln_ref_file)) do |config|
+      xml = Nokogiri::XML(File.open(vuln_ref_file)) do |config|
        config.noblanks
      end

--- a/lib/wpstools/plugins/list_generator/generate_list.rb
+++ b/lib/wpstools/plugins/list_generator/generate_list.rb
@@ -48,18 +48,18 @@ class GenerateList
      when "plugin"
        case type
          when :full
-            @file_name = DATA_DIR + "/plugins_full.txt"
+            @file_name = PLUGINS_FULL_FILE
          when :popular
-            @file_name = DATA_DIR + "/plugins.txt"
+            @file_name = PLUGINS_FILE
          else
            raise "Unknown type"
        end
      when "theme"
        case type
          when :full
-            @file_name = DATA_DIR + "/themes_full.txt"
+            @file_name = THEMES_FULL_FILE
          when :popular
-            @file_name = DATA_DIR + "/themes.txt"
+            @file_name = THEMES_FILE
          else
            raise "Unknown type"
        end