Initial attempt at implementing apiv2 #853

lib/common/models/vulnerability.rb

@@ -42,11 +42,12 @@ class Vulnerability
   # @return [ Vulnerability ]
   def self.load_from_json_item(json_item)
     references = {}
+    references['id'] = [json_item['id']]
 
-    %w(id url cve secunia osvdb metasploit exploitdb).each do |key|
-      if json_item[key]
-        json_item[key]  = [json_item[key]] if json_item[key].class != Array
-        references[key] = json_item[key]
+    %w(url cve secunia osvdb metasploit exploitdb).each do |key|
+      if json_item['references'][key]
+        json_item['references'][key] = [json_item['references'][key]] if json_item['references'][key].class != Array
+        references[key] = json_item['references'][key]
       end
     end
 
@@ -54,7 +55,7 @@ class Vulnerability
       json_item['title'],
       json_item['type'],
       references,
-      json_item['fixed_in'],
+      json_item['fixed_in']
     )
   end
 

lib/common/models/vulnerability/output.rb

@@ -2,22 +2,22 @@
 
 class Vulnerability
   module Output
-
     # output the vulnerability
     def output(verbose = false)
       puts
       puts critical("Title: #{title}")
+
       references.each do |key, urls|
         methodname = "url_#{key}"
+
         urls.each do |u|
           next unless respond_to?(methodname)
           url = send(methodname, u)
           puts "    Reference: #{url}" if url
         end
       end
-      unless fixed_in.nil?
-        puts notice("Fixed in: #{fixed_in}")
-      end
+      
+      puts notice("Fixed in: #{fixed_in}") if fixed_in
     end
   end
 end

lib/common/models/wp_item/output.rb

@@ -7,6 +7,8 @@ class WpItem
     def output(verbose = false)
       puts
       puts info("Name: #{self}") #this will also output the version number if detected
+      puts " |  Latest version:"
+      puts " |  Last updated:"
       puts " |  Location: #{url}"
       #puts " | WordPress: #{wordpress_url}" if wordpress_org_item?
       puts " |  Readme: #{readme_url}" if has_readme?

lib/common/models/wp_item/vulnerable.rb

@@ -9,15 +9,16 @@ class WpItem
     #
     # @return [ Vulnerabilities ]
     def vulnerabilities
-      json            = json(vulns_file)
+      json            = json(vulns_file).select { |item| !item['vulnerabilities'].empty? }
       vulnerabilities = Vulnerabilities.new
 
       json.each do |item|
-        asset = item[identifier]
+        asset = item['version'][identifier] if item['version']
+        asset = item['name'][identifier] if item['name']
 
         next unless asset
 
-        asset['vulnerabilities'].each do |vulnerability|
+        item['vulnerabilities'].each do |vulnerability|
           vulnerability = Vulnerability.load_from_json_item(vulnerability)
           vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
         end

lib/common/models/wp_plugin/vulnerable.rb

@@ -6,7 +6,7 @@ class WpPlugin < WpItem
     # @return [ String ] The path to the file containing vulnerabilities
     def vulns_file
       unless @vulns_file
-        @vulns_file = PLUGINS_VULNS_FILE
+        @vulns_file = PLUGINS_FILE
       end
       @vulns_file
     end

lib/common/models/wp_theme/vulnerable.rb

@@ -6,7 +6,7 @@ class WpTheme < WpItem
     # @return [ String ] The path to the file containing vulnerabilities
     def vulns_file
       unless @vulns_file
-        @vulns_file = THEMES_VULNS_FILE
+        @vulns_file = THEMES_FILE
       end
       @vulns_file
     end

lib/common/models/wp_version/vulnerable.rb

@@ -6,7 +6,7 @@ class WpVersion < WpItem
     # @return [ String ] The path to the file containing vulnerabilities
     def vulns_file
       unless @vulns_file
-        @vulns_file = WP_VULNS_FILE
+        @vulns_file = WORDPRESSES_FILE
       end
       @vulns_file
     end