VulnAPI Implementation

app/controllers.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require_relative 'controllers/core'
-require_relative 'controllers/api_token'
+require_relative 'controllers/vuln_api'
 require_relative 'controllers/custom_directories'
 require_relative 'controllers/wp_version'
 require_relative 'controllers/main_theme'

app/controllers/api_token.rb

@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-module WPScan
-  module Controller
-    # Controller to handle the API token
-    class ApiToken < CMSScanner::Controller::Base
-      def cli_options
-        [
-          OptString.new(['--api-token TOKEN', 'The API Token to display vulnerability data'])
-        ]
-      end
-
-      def before_scan(opts = {})
-        # TODO, validate the token
-        # res = browser.get()
-      end
-    end
-  end
-end

app/controllers/vuln_api.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module WPScan
+  module Controller
+    # Controller to handle the API token
+    class VulnApi < CMSScanner::Controller::Base
+      def cli_options
+        [
+          OptString.new(['--api-token TOKEN', 'The WPVulnDB API Token to display vulnerability data'])
+        ]
+      end
+
+      def before_scan
+        return unless ParsedCli.api_token
+
+        DB::VulnApi.token = ParsedCli.api_token
+
+        api_status = DB::VulnApi.status
+
+        raise Error::InvalidApiToken if api_status['error']
+        raise Error::ApiLimitReached if api_status['requests_remaining'] == 0
+        raise api_status['http_error'] if api_status['http_error']
+      end
+
+      def after_scan
+        output('status', status: DB::VulnApi.status, api_requests: WPScan.api_requests)
+      end
+    end
+  end
+end

app/models/plugin.rb

@@ -15,9 +15,16 @@ module WPScan
         @uri = Addressable::URI.parse(blog.url(path_from_blog))
       end
 
-      # @return [ JSON ]
+      # Retrieve the metadata from the vuln API if available (and a valid token is given),
+      # or the local metadata db otherwise
+      # @return [ Hash ]
       def metadata
-        @metadata ||= DB::Plugin.metadata_at(slug)
+        @metadata ||= db_data.empty? ? DB::Plugin.metadata_at(slug) : db_data
+      end
+
+      # @return [ Hash ]
+      def db_data
+        @db_data ||= DB::VulnApi.plugin_data(slug)
       end
 
       # @param [ Hash ] opts

app/models/theme.rb

@@ -21,9 +21,16 @@ module WPScan
         parse_style
       end
 
+      # Retrieve the metadata from the vuln API if available (and a valid token is given),
+      # or the local metadata db otherwise
       # @return [ JSON ]
       def metadata
-        @metadata ||= DB::Theme.metadata_at(slug)
+        @metadata ||= db_data.empty? ? DB::Theme.metadata_at(slug) : db_data
+      end
+
+      # @return [ Hash ]
+      def db_data
+        @db_data ||= DB::VulnApi.theme_data(slug)
       end
 
       # @param [ Hash ] opts

app/models/wp_item.rb

@@ -39,11 +39,10 @@ module WPScan
 
         @vulnerabilities = []
 
-        # TODO Get them from API
-        #[*db_data['vulnerabilities']].each do |json_vuln|
-        #  vulnerability = Vulnerability.load_from_json(json_vuln)
-        #  @vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
-        #end
+        [*db_data['vulnerabilities']].each do |json_vuln|
+          vulnerability = Vulnerability.load_from_json(json_vuln)
+          @vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
+        end
 
         @vulnerabilities
       end
@@ -67,7 +66,7 @@ module WPScan
       # Not used anywhere ATM
       # @return [ Boolean ]
       def popular?
-        @popular ||= metadata['popular']
+        @popular ||= metadata['popular'] ? true : false
       end
 
       # @return [ String ]

app/models/wp_version.rb

@@ -35,9 +35,16 @@ module WPScan
         @all_numbers.sort! { |a, b| Gem::Version.new(b) <=> Gem::Version.new(a) }
       end
 
-      # @return [ JSON ]
+      # Retrieve the metadata from the vuln API if available (and a valid token is given),
+      # or the local metadata db otherwise
+      # @return [ Hash ]
       def metadata
-        @metadata ||= DB::Version.metadata_at(number)
+        @metadata ||= db_data.empty? ? DB::Version.metadata_at(number) : db_data
+      end
+
+      # @return [ Hash ]
+      def db_data
+        @db_data ||= DB::VulnApi.wordpress_data(number)
       end
 
       # @return [ Array<Vulnerability> ]
@@ -46,10 +53,9 @@ module WPScan
 
         @vulnerabilities = []
 
-        # TODO get them from API
-        #[*db_data['vulnerabilities']].each do |json_vuln|
-        #  @vulnerabilities << Vulnerability.load_from_json(json_vuln)
-        #end
+        [*db_data['vulnerabilities']].each do |json_vuln|
+          @vulnerabilities << Vulnerability.load_from_json(json_vuln)
+        end
 
         @vulnerabilities
       end

app/views/cli/vuln_api/status.erb

@@ -0,0 +1,13 @@
+<% unless @status.empty? -%>
+<% if @status['http_error'] -%>
+<%= critical_icon %> WPVulnDB API, <%= @status['http_error'].to_s %>
+<% else -%>
+<%= info_icon %> WPVulnDB API OK
+ | Plan: <%= @status['plan'] %>
+ | Requests Done (during the scan): <%= @api_requests %>
+ | Requests Remaining: <%= @status['requests_remaining'] %>
+<% end -%>
+<% else -%>
+<%= warning_icon %> No WPVulnDB API Token given, as a result vulnerability data has not been output.
+<%= warning_icon %> You can get a free API token with 50 daily requests by registering at https://wpvulndb.com/register.
+<% end -%>

app/views/json/vuln_api/status.erb

@@ -0,0 +1,13 @@
+"vuln_api": {
+<% unless @status.empty? -%>
+<% if @status['http_error'] -%>
+"http_error": <%= @status['http_error'].to_s.to_json %>
+<% else -%>
+"plan": <%= @status['plan'].to_json %>,
+"requests_done_during_scan": <%= @api_requests.to_json %>,
+"requests_remaining": <%= @status['requests_remaining'].to_json %>
+<% end -%>
+<% else -%>
+"error": "No WPVulnDB API Token given, as a result vulnerability data has not been output.\nYou can get a free API token with 50 daily requests by registering at https://wpvulndb.com/register."
+<% end -%>
+},