garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Implement Erwan's feedbaxk #853

Browse Source
This commit is contained in:
ethicalhack3r
2015-08-14 21:51:55 +02:00
parent 8727935cb2
commit 57f6206aee
8 changed files with 61 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/common/models/wp_item/vulnerable.rb
View File

@@ -9,14 +9,13 @@ class WpItem
#
# @return [ Vulnerabilities ]
def vulnerabilities
json = json(vulns_file).select { |item| !item['vulnerabilities'].empty? }
json = json(vulns_file)
vulnerabilities = Vulnerabilities.new
json.each do |item|
asset = item['version'][identifier] if item['version']
asset = item['name'][identifier] if item['name']
asset = item['version'] || item['name']
next unless asset
next unless asset == identifier
item['vulnerabilities'].each do |vulnerability|
vulnerability = Vulnerability.load_from_json_item(vulnerability)

2
spec/lib/common/models/wp_item_spec.rb
View File

@@ -15,7 +15,7 @@ describe WpItem do
let(:identifier) { 'neo' }
let(:expected_refs) { {
'id' => [2993],
'url' => ['Ref 1,Ref 2'],
'url' => ['Ref 1', 'Ref 2'],
'cve' => ['2011-001'],
'secunia' => ['secunia'],
'osvdb' => ['osvdb'],

2
spec/lib/common/models/wp_plugin_spec.rb
View File

@@ -9,7 +9,7 @@ describe WpPlugin do
let(:vulns_file) { MODELS_FIXTURES + '/wp_plugin/vulnerable/plugins.json' }
let(:expected_refs) { {
'id' => [2993],
'url' => ['Ref 1,Ref 2'],
'url' => ['Ref 1', 'Ref 2'],
'cve' => ['2011-001'],
'secunia' => ['secunia'],
'osvdb' => ['osvdb'],

2
spec/lib/common/models/wp_theme_spec.rb
View File

@@ -10,7 +10,7 @@ describe WpTheme do
let(:vulns_file) { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.json' }
let(:expected_refs) { {
'id' => [2993],
'url' => ['Ref 1,Ref 2'],
'url' => ['Ref 1', 'Ref 2'],
'cve' => ['2011-001'],
'secunia' => ['secunia'],
'osvdb' => ['osvdb'],

14
spec/samples/common/models/wp_item/vulnerable/items_vulns.json
View File

@@ -6,7 +6,7 @@
"id":2989,
"title":"Administrator-exploitable blind SQLi in WordPress 1.0 - 3.8.1",
"references": {
"url":"https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/,http://www.example.com"
"url": ["https://security.dxw.com/advisories/sqli-in-wordpress-3-6-1/" ,"http://www.example.com"]
},
"created_at":"2014-07-28T12:10:07.000Z",
"updated_at":"2014-07-28T12:43:41.000Z"
@@ -20,12 +20,12 @@
"id":2993,
"title":"I'm the one",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1", "Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"XSS",
"fixed_in":"",

36
spec/samples/common/models/wp_plugin/vulnerable/plugins.json
View File

@@ -6,12 +6,12 @@
"id":2993,
"title":"I should not appear in the results",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1","Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"XSS",
"fixed_in":"",
@@ -22,12 +22,12 @@
"id":2989,
"title":"Neither do I",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1" ,"Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"XSS",
"fixed_in":"",
@@ -43,12 +43,12 @@
"id":2993,
"title":"Follow me!",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1", "Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"REDIRECT",
"fixed_in":"",

36
spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json
View File

@@ -6,12 +6,12 @@
"id":2989,
"title":"I should not appear in the results",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1", "Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"XSS",
"fixed_in":"",
@@ -22,12 +22,12 @@
"id":2989,
"title":"Neither do I",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1", "Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"XSS",
"fixed_in":"",
@@ -43,12 +43,12 @@
"id":2993,
"title":"I see you",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1", "Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"FPD",
"fixed_in":"",

24
spec/samples/common/models/wp_version/vulnerable/versions_vulns.json
View File

@@ -6,12 +6,12 @@
"id":2989,
"title":"I should not appear in the results",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1", "Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"XSS",
"fixed_in":"",
@@ -27,12 +27,12 @@
"id":2993,
"title":"Here I Am",
"references": {
"url":"Ref 1,Ref 2",
"osvdb":"osvdb",
"cve":"2011-001",
"secunia":"secunia",
"metasploit":"exploit/ex1",
"exploitdb":"exploitdb"
"url": ["Ref 1", "Ref 2"],
"osvdb": ["osvdb"],
"cve": ["2011-001"],
"secunia": ["secunia"],
"metasploit": ["exploit/ex1"],
"exploitdb": ["exploitdb"]
},
"type":"SQLI",
"fixed_in":"",