garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support multiple references

Browse Source
This commit is contained in:
Christian Mehlmauer
2013-01-09 22:48:24 +01:00
parent 525491af89
commit a6ad818496
4 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
data/plugin_vulns.xml
View File

@@ -37,6 +37,7 @@ ryandewhurst at gmail
<vulnerability> <vulnerability>
<title>Google Document Embedder Arbitrary File Disclosure</title> <title>Google Document Embedder Arbitrary File Disclosure</title>
<reference>http://www.exploit-db.com/exploits/23970/</reference> <reference>http://www.exploit-db.com/exploits/23970/</reference>
<reference>http://ceriksen.com/2013/01/03/wordpress-google-document-embedder-arbitrary-file-disclosure/</reference>
<type>UNKNOWN</type> <type>UNKNOWN</type>
</vulnerability> </vulnerability>
</plugin> </plugin>

2
lib/wpscan/vulnerable.rb
View File

@@ -31,7 +31,7 @@ class Vulnerable
xml.xpath(@vulns_xpath).each do |node| xml.xpath(@vulns_xpath).each do |node|
vulnerabilities << WpVulnerability.new( vulnerabilities << WpVulnerability.new(
node.search("title").text, node.search("title").text,
node.search("reference").text, node.search("reference").map(&:text),
node.search("type").text node.search("type").text
) )
end end

6
lib/wpscan/wp_vulnerability.rb
View File

@@ -17,11 +17,11 @@
#++ #++
class WpVulnerability class WpVulnerability
attr_accessor :title, :reference, :type attr_accessor :title, :references, :type
def initialize(title, reference, type) def initialize(title, references, type)
@title = title @title = title
@reference = reference @references = references
@type = type @type = type
end end
end end

20
wpscan.rb
View File

@@ -114,7 +114,9 @@ begin
theme_vulnerabilities.each do |vulnerability| theme_vulnerabilities.each do |vulnerability|
puts puts
puts " | " + red("* Title: #{vulnerability.title}") puts " | " + red("* Title: #{vulnerability.title}")
puts " | " + red("* Reference: #{vulnerability.reference}") vulnerability.references.each do |r|
puts " | " + red("* Reference: #{r}")
end
end end
puts puts
end end
@@ -175,7 +177,9 @@ begin
version_vulnerabilities.each do |vulnerability| version_vulnerabilities.each do |vulnerability|
puts puts
puts " | " + red("* Title: #{vulnerability.title}") puts " | " + red("* Title: #{vulnerability.title}")
puts " | " + red("* Reference: #{vulnerability.reference}") vulnerability.references.each do |r|
puts " | " + red("* Reference: #{r}")
end
end end
end end
end end
@@ -196,7 +200,9 @@ begin
plugin.vulnerabilities.each do |vulnerability| plugin.vulnerabilities.each do |vulnerability|
puts " |" puts " |"
puts " | " + red("[!] #{vulnerability.title}") puts " | " + red("[!] #{vulnerability.title}")
puts " | " + red("* Reference: #{vulnerability.reference}") vulnerability.references.each do |r|
puts " | " + red("* Reference: #{r}")
end
end end
end end
else else
@@ -242,7 +248,9 @@ begin
puts " |" puts " |"
puts " | " + red("[!] #{vulnerability.title}") puts " | " + red("[!] #{vulnerability.title}")
puts " | " + red("* Reference: #{vulnerability.reference}") vulnerability.references.each do |r|
puts " | " + red("* Reference: #{r}")
end
# This has been commented out as MSF are moving from # This has been commented out as MSF are moving from
# XML-RPC to MessagePack. # XML-RPC to MessagePack.
@@ -297,7 +305,9 @@ begin
theme.vulnerabilities.each do |vulnerability| theme.vulnerabilities.each do |vulnerability|
puts " |" puts " |"
puts " | " + red("[!] #{vulnerability.title}") puts " | " + red("[!] #{vulnerability.title}")
puts " | " + red("* Reference: #{vulnerability.reference}") vulnerability.references.each do |r|
puts " | " + red("* Reference: #{r}")
end
# This has been commented out as MSF are moving from # This has been commented out as MSF are moving from
# XML-RPC to MessagePack. # XML-RPC to MessagePack.