Ref #33 Options to find dead reference urls --cvru | check-vuln-ref-urls

2012-12-07 17:16:21 +01:00
parent 079b43a33d
commit 1663cdb301
3 changed files with 188 additions and 129 deletions
--- a/data/wp_vulns.xml
+++ b/data/wp_vulns.xml
@@ -32,20 +32,20 @@ This file contains vulnerabilities associated with WordPress verions.
  </wordpress>
  <wordpress version="3.4-beta4">
-    <vulnerability>   
+    <vulnerability>
-      <title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>    
+      <title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
-      <reference>http://www.exploit-db.com/exploits/18791/</reference>    
+      <reference>http://www.exploit-db.com/exploits/18791/</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.3.2">
-    <vulnerability>   
+    <vulnerability>
-      <title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>    
+      <title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
-      <reference>http://www.exploit-db.com/exploits/18791/</reference>    
+      <reference>http://www.exploit-db.com/exploits/18791/</reference>
  </vulnerability>
-  <vulnerability>   
+  <vulnerability>
-      <title>WordPress 3.3.2 Cross Site Scripting</title>   
+      <title>WordPress 3.3.2 Cross Site Scripting</title>
-      <reference>http://packetstormsecurity.org/files/113254</reference>    
+      <reference>http://packetstormsecurity.org/files/113254</reference>
    </vulnerability>
  </wordpress>
@@ -54,13 +54,13 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Multiple vulnerabilities including XSS and Privilege Escalation</title>
      <reference>http://wordpress.org/news/2012/04/wordpress-3-3-2/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>    
+      <title>Wordpress 3.3.1 Multiple CSRF Vulnerabilities</title>
-      <reference>http://www.exploit-db.com/exploits/18791/</reference>    
+      <reference>http://www.exploit-db.com/exploits/18791/</reference>
    </vulnerability>
-     <vulnerability>   
+     <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -69,30 +69,30 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Reflected Cross-Site Scripting in WordPress 3.3</title>
      <reference>http://oldmanlab.blogspot.com/2012/01/wordpress-33-xss-vulnerability.html</reference>
    </vulnerability>
-     <vulnerability>   
+     <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.2.1">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.2">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.1.4">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -101,9 +101,9 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Multiple SQL Injection Vulnerabilities</title>
      <reference>http://www.exploit-db.com/exploits/17465/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -112,9 +112,9 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Wordpress &lt;= 3.1.2 Clickjacking Vulnerability</title>
      <reference>http://seclists.org/fulldisclosure/2011/Sep/219</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -123,37 +123,37 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>WordPress wp-includes/formatting.php make_clickable() PCRE Library Remote DoS</title>
      <reference>http://osvdb.org/show/osvdb/72142</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.1">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.0.6">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.0.5">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.0.4">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -166,9 +166,9 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Wordpress 3.0.3 stored XSS IE7,6 NS8.1</title>
      <reference>http://www.exploit-db.com/exploits/15858/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -177,9 +177,9 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>WordPress XML-RPC Interface Access Restriction Bypass</title>
      <reference>http://osvdb.org/69761</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -188,30 +188,30 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>WordPress: Information Disclosure via SQL Injection Attack</title>
      <reference>http://blog.sjinks.pro/wordpress/858-information-disclosure-via-sql-injection-attack/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="3.0">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.9.2">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.9.1">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -224,16 +224,16 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Wordpress DOS &lt;= 2.9</title>
      <reference>http://www.exploit-db.com/exploits/11441/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.8.6">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -242,16 +242,16 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>WordPress &lt;= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution</title>
      <reference>http://www.exploit-db.com/exploits/10089/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.8.4">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -260,9 +260,9 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Wordpress &lt;= 2.8.3 Remote Admin Reset Password Vulnerability</title>
      <reference>http://www.exploit-db.com/exploits/9410/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -271,16 +271,16 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Wordpress 2.8.1 (url) Remote Cross Site Scripting Exploit</title>
      <reference>http://www.exploit-db.com/exploits/9250/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
   <wordpress version="2.8">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -289,44 +289,44 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability</title>
      <reference>http://www.exploit-db.com/exploits/10088/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.7">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.6.5">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.6.4">
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.6.3">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.6.2">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -335,30 +335,30 @@ This file contains vulnerabilities associated with WordPress verions.
      <title>Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit</title>
      <reference>http://www.exploit-db.com/exploits/6421/</reference>
    </vulnerability>
-    <vulnerability>   
+    <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.6">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.5.1">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
  <wordpress version="2.5">
-   <vulnerability>   
+   <vulnerability>
-      <title>XSS vulnerability in swfupload in WordPress</title>    
+      <title>XSS vulnerability in swfupload in WordPress</title>
-      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>    
+      <reference>http://seclists.org/fulldisclosure/2012/Nov/51</reference>
    </vulnerability>
  </wordpress>
@@ -440,4 +440,4 @@ This file contains vulnerabilities associated with WordPress verions.
    </vulnerability>
  </wordpress>
-</vulnerabilities>
+</vulnerabilities>
--- a/lib/wpstools/wpstools_helper.rb
+++ b/lib/wpstools/wpstools_helper.rb
@@ -56,12 +56,12 @@ def help()
  puts "--gpl  Alias for --generate_plugin_list"
  puts "--generate_full_plugin_list  Generate a new full data/plugins.txt file"
  puts "--gfpl  Alias for --generate_full_plugin_list"
  puts "--generate_theme_list [number of pages]  Generate a new data/themes.txt file. (supply number of *pages* to parse, default : 150)"
  puts "--gtl  Alias for --generate_theme_list"
  puts "--generate_full_theme_list  Generate a new full data/themes.txt file"
  puts "--gftl  Alias for --generate_full_theme_list"
  puts "--generate_all  Generate a new full plugins, full themes, popular plugins and popular themes list"
  puts "--ga  Alias for --generate_all"
  puts "--check-vuln-ref-urls | --cvru  Check all the vulnerabilities reference urls for 404"
  puts
 end
--- a/wpstools.rb
+++ b/wpstools.rb
@@ -39,12 +39,14 @@ begin
      ["--generate_theme_list", GetoptLong::OPTIONAL_ARGUMENT],
      ["--generate_full_theme_list", GetoptLong::NO_ARGUMENT],
      ["--generate_all", GetoptLong::NO_ARGUMENT],
-      ["--gpl", GetoptLong::OPTIONAL_ARGUMENT],
+      ["--gpl", GetoptLong::OPTIONAL_ARGUMENT],           # Alias for --generate_plugin_list
-      ["--gfpl", GetoptLong::OPTIONAL_ARGUMENT],
+      ["--gfpl", GetoptLong::OPTIONAL_ARGUMENT],          # Alias for --generate_full_plugin_list
-      ["--gtl", GetoptLong::OPTIONAL_ARGUMENT],
+      ["--gtl", GetoptLong::OPTIONAL_ARGUMENT],           # Alias for --generate_theme_list
-      ["--gftl", GetoptLong::OPTIONAL_ARGUMENT],
+      ["--gftl", GetoptLong::OPTIONAL_ARGUMENT],          # Alias for --generate_full_theme_list
-      ["--ga", GetoptLong::OPTIONAL_ARGUMENT],
+      ["--ga", GetoptLong::OPTIONAL_ARGUMENT],            # Alias for --generate_all
-      ["--update", "-u", GetoptLong::NO_ARGUMENT]
+      ["--update", "-u", GetoptLong::NO_ARGUMENT],
      ["--check-vuln-ref-urls", GetoptLong::NO_ARGUMENT],
      ["--cvru", GetoptLong::NO_ARGUMENT]                 # Alias for --check-vuln-ref-urls
  )
  options.each do |option, argument|
@@ -79,11 +81,13 @@ begin
      when "--generate_full_theme_list", "--gftl"
        @generate_full_theme_list = true
      when "--generate_all", "--ga"
-        @generate_plugin_list = true
+        @generate_plugin_list      = true
-        @generate_theme_list = true
+        @generate_theme_list       = true
-        @number_of_pages = 150
+        @number_of_pages           = 150
-        @generate_full_theme_list = true
+        @generate_full_theme_list  = true
        @generate_full_plugin_list = true
      when "--check-vuln-ref-urls", "--cvru"
        @check_vuln_ref_urls = true
    end
  end
@@ -111,6 +115,61 @@ begin
    Generate_List.new('themes', @verbose).generate_full_list
  end
  # seclists.org redirects to the homepage if the reference does not exist
  # TODO : the special case above
  if @check_vuln_ref_urls
    vuln_ref_files   = ["plugin_vulns.xml", "wp_theme_vulns.xml", "wp_vulns.xml"]
    error_codes      = [404, 500, 403]
    not_found_regexp = %r{No Results Found|error 404|ID Invalid or Not Found}i
    puts "[+] Checking vulnerabilities reference urls"
    vuln_ref_files.each do |vuln_ref_file|
      xml = Nokogiri::XML(File.open(DATA_DIR + '/' + vuln_ref_file)) do |config|
        config.noblanks
      end
      urls = []
      xml.xpath("//reference").each { |node| urls << node.text }
      urls.uniq!
      dead_urls       = []
      queue_count     = 0
      request_count   = 0
      browser         = Browser.instance
      hydra           = browser.hydra
      number_of_urls  = urls.size
      urls.each do |url|
        request = browser.forge_request(url, { :cache_timeout => 0, :follow_location => true })
        request_count += 1
        request.on_complete do |response|
          print "\r  [+] Checking #{vuln_ref_file} #{number_of_urls} total ... #{(request_count * 100) / number_of_urls}% complete."
          if error_codes.include?(response.code) or not_found_regexp.match(response.body)
            dead_urls << url
          end
        end
        hydra.queue(request)
        queue_count += 1
        if queue_count == browser.max_threads
          hydra.run
          queue_count = 0
        end
      end
      hydra.run
      puts
      unless dead_urls.empty?
        dead_urls.each { |url| puts "    Not Found #{url}" }
      end
    end
  end
  if @update
    unless @updater.nil?
      puts @updater.update()