From b19696090f970493742309c3c8a4bc2ebaa322a5 Mon Sep 17 00:00:00 2001 From: ethicalhack3r Date: Sun, 21 Sep 2014 22:02:30 +0200 Subject: [PATCH] Fix for #694 --- lib/common/models/vulnerability.rb | 8 +++++--- spec/lib/common/models/vulnerability_spec.rb | 14 +++++++------- spec/lib/common/models/wp_item_spec.rb | 14 +++++++------- spec/lib/common/models/wp_plugin_spec.rb | 14 +++++++------- spec/lib/common/models/wp_theme_spec.rb | 14 +++++++------- spec/lib/common/models/wp_version_spec.rb | 14 +++++++------- 6 files changed, 40 insertions(+), 38 deletions(-) diff --git a/lib/common/models/vulnerability.rb b/lib/common/models/vulnerability.rb index ad2b563e..f9ce1423 100755 --- a/lib/common/models/vulnerability.rb +++ b/lib/common/models/vulnerability.rb @@ -43,9 +43,11 @@ class Vulnerability def self.load_from_json_item(json_item) references = {} - [:url, :cve, :secunia, :osvdb, :metasploit, :exploitdb].each do |key| - #json_item['id'] = json_item['id'].to_s.split(',') - references[key] = json_item[key.to_s].to_s.split(',') if json_item[key.to_s] + %w(url cve secunia osvdb metasploit exploitdb).each do |key| + if json_item[key] + json_item[key] = [json_item[key]] if json_item[key].class != Array + references[key] = json_item[key] + end end new( diff --git a/spec/lib/common/models/vulnerability_spec.rb b/spec/lib/common/models/vulnerability_spec.rb index 8a2776d7..97ffb4f7 100644 --- a/spec/lib/common/models/vulnerability_spec.rb +++ b/spec/lib/common/models/vulnerability_spec.rb @@ -37,12 +37,12 @@ describe Vulnerability do } expected_refs = { - :url => ['Ref 1', 'Ref 2'], - :cve => ['2011-001'], - :secunia => ['secunia'], - :osvdb => ['osvdb'], - :metasploit => ['exploit/ex1'], - :exploitdb => ['exploitdb'] + 'url' => ['Ref 1,Ref 2'], + 'cve' => ['2011-001'], + 'secunia' => ['secunia'], + 'osvdb' => ['osvdb'], + 'metasploit' => ['exploit/ex1'], + 'exploitdb' => ['exploitdb'] } its(:title) { should == 'Vuln Title' } @@ -51,4 +51,4 @@ describe Vulnerability do its(:fixed_in) { should == '1.0'} end -end +end \ No newline at end of file diff --git a/spec/lib/common/models/wp_item_spec.rb b/spec/lib/common/models/wp_item_spec.rb index 9b4342c7..529903ee 100644 --- a/spec/lib/common/models/wp_item_spec.rb +++ b/spec/lib/common/models/wp_item_spec.rb @@ -14,12 +14,12 @@ describe WpItem do let(:vulns_file) { MODELS_FIXTURES + '/wp_item/vulnerable/items_vulns.json' } let(:identifier) { 'neo' } let(:expected_refs) { { - :url => ['Ref 1', 'Ref 2'], - :cve => ['2011-001'], - :secunia => ['secunia'], - :osvdb => ['osvdb'], - :metasploit => ['exploit/ex1'], - :exploitdb => ['exploitdb'] + 'url' => ['Ref 1,Ref 2'], + 'cve' => ['2011-001'], + 'secunia' => ['secunia'], + 'osvdb' => ['osvdb'], + 'metasploit' => ['exploit/ex1'], + 'exploitdb' => ['exploitdb'] } } let(:expected_vulns) { Vulnerabilities.new(1, Vulnerability.new("I'm the one", 'XSS', expected_refs)) } end @@ -167,4 +167,4 @@ describe WpItem do end end -end +end \ No newline at end of file diff --git a/spec/lib/common/models/wp_plugin_spec.rb b/spec/lib/common/models/wp_plugin_spec.rb index 2e4837c9..8e851bc0 100644 --- a/spec/lib/common/models/wp_plugin_spec.rb +++ b/spec/lib/common/models/wp_plugin_spec.rb @@ -8,12 +8,12 @@ describe WpPlugin do let(:options) { { name: 'white-rabbit' } } let(:vulns_file) { MODELS_FIXTURES + '/wp_plugin/vulnerable/plugins_vulns.json' } let(:expected_refs) { { - :url => ['Ref 1', 'Ref 2'], - :cve => ['2011-001'], - :secunia => ['secunia'], - :osvdb => ['osvdb'], - :metasploit => ['exploit/ex1'], - :exploitdb => ['exploitdb'] + 'url' => ['Ref 1,Ref 2'], + 'cve' => ['2011-001'], + 'secunia' => ['secunia'], + 'osvdb' => ['osvdb'], + 'metasploit' => ['exploit/ex1'], + 'exploitdb' => ['exploitdb'] } } let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Follow me!', 'REDIRECT', expected_refs) } end @@ -26,4 +26,4 @@ describe WpPlugin do its('uri.to_s') { is_expected.to eq 'http://example.com/wp-content/plugins/plugin-name/' } end -end +end \ No newline at end of file diff --git a/spec/lib/common/models/wp_theme_spec.rb b/spec/lib/common/models/wp_theme_spec.rb index a88faaaf..e19dbea1 100644 --- a/spec/lib/common/models/wp_theme_spec.rb +++ b/spec/lib/common/models/wp_theme_spec.rb @@ -9,12 +9,12 @@ describe WpTheme do let(:options) { { name: 'the-oracle' } } let(:vulns_file) { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.json' } let(:expected_refs) { { - :url => ['Ref 1', 'Ref 2'], - :cve => ['2011-001'], - :secunia => ['secunia'], - :osvdb => ['osvdb'], - :metasploit => ['exploit/ex1'], - :exploitdb => ['exploitdb'] + 'url' => ['Ref 1,Ref 2'], + 'cve' => ['2011-001'], + 'secunia' => ['secunia'], + 'osvdb' => ['osvdb'], + 'metasploit' => ['exploit/ex1'], + 'exploitdb' => ['exploitdb'] } } let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('I see you', 'FPD', expected_refs) } end @@ -32,4 +32,4 @@ describe WpTheme do its(:uri) { is_expected.to eq uri.merge(theme_path) } end -end +end \ No newline at end of file diff --git a/spec/lib/common/models/wp_version_spec.rb b/spec/lib/common/models/wp_version_spec.rb index cbd94410..32135053 100644 --- a/spec/lib/common/models/wp_version_spec.rb +++ b/spec/lib/common/models/wp_version_spec.rb @@ -8,12 +8,12 @@ describe WpVersion do let(:options) { { number: '3.2' } } let(:vulns_file) { MODELS_FIXTURES + '/wp_version/vulnerable/versions_vulns.json' } let(:expected_refs) { { - :url => ['Ref 1', 'Ref 2'], - :cve => ['2011-001'], - :secunia => ['secunia'], - :osvdb => ['osvdb'], - :metasploit => ['exploit/ex1'], - :exploitdb => ['exploitdb'] + 'url' => ['Ref 1,Ref 2'], + 'cve' => ['2011-001'], + 'secunia' => ['secunia'], + 'osvdb' => ['osvdb'], + 'metasploit' => ['exploit/ex1'], + 'exploitdb' => ['exploitdb'] } } let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Here I Am', 'SQLI', expected_refs) } end @@ -28,4 +28,4 @@ describe WpVersion do end end -end +end \ No newline at end of file