Merge branch 'json_data'

Conflicts: data/plugin_vulns.xml data/theme_vulns.xml
2014-08-01 13:34:34 +02:00
parent c3110a4ab7 721cad75a2
commit ca100ef7e9
50 changed files with 560 additions and 23055 deletions
--- a/lib/common/collections/wp_items/detectable.rb
+++ b/lib/common/collections/wp_items/detectable.rb
@@ -142,16 +142,17 @@ class WpItems < Array
    # @return [ Array<WpItem> ]
    def vulnerable_targets_items(wp_target, item_class, vulns_file)
      targets = []
-      xml     = xml(vulns_file)
+      json    = json(vulns_file)

-      xml.xpath(item_xpath).each do |node|
+      [*json].each do |item|
        targets << create_item(
          item_class,
-          node.attribute('name').text,
+          item.keys.inject,
          wp_target,
          vulns_file
        )
      end
+
      targets
    end

@@ -190,6 +191,7 @@ class WpItems < Array
          )
        end
      end
+
      targets
    end

--- a/lib/common/collections/wp_plugins/detectable.rb
+++ b/lib/common/collections/wp_plugins/detectable.rb
@@ -9,9 +9,9 @@ class WpPlugins < WpItems
    end

    # @return [ String ]
-    def item_xpath
-      '//plugin'
-    end
+    # def item_xpath
+    #   '//plugin'
+    # end

    # @param [ WpTarget ] wp_target
    # @param [ Hash ] options
--- a/lib/common/collections/wp_themes/detectable.rb
+++ b/lib/common/collections/wp_themes/detectable.rb
@@ -9,9 +9,9 @@ class WpThemes < WpItems
    end

    # @return [ String ]
-    def item_xpath
-      '//theme'
-    end
+    # def item_xpath
+    #   '//theme'
+    # end

  end
 end
--- a/lib/common/common_helper.rb
+++ b/lib/common/common_helper.rb
@@ -22,14 +22,14 @@ WPSTOOLS_PLUGINS_DIR = File.join(WPSTOOLS_LIB_DIR, 'plugins')
 # Data files
 PLUGINS_FILE        = File.join(DATA_DIR, 'plugins.txt')
 PLUGINS_FULL_FILE   = File.join(DATA_DIR, 'plugins_full.txt')
-PLUGINS_VULNS_FILE  = File.join(DATA_DIR, 'plugin_vulns.xml')
+PLUGINS_VULNS_FILE  = File.join(DATA_DIR, 'plugin_vulns.json')
 THEMES_FILE         = File.join(DATA_DIR, 'themes.txt')
 THEMES_FULL_FILE    = File.join(DATA_DIR, 'themes_full.txt')
-THEMES_VULNS_FILE   = File.join(DATA_DIR, 'theme_vulns.xml')
-WP_VULNS_FILE       = File.join(DATA_DIR, 'wp_vulns.xml')
+THEMES_VULNS_FILE   = File.join(DATA_DIR, 'theme_vulns.json')
+WP_VULNS_FILE       = File.join(DATA_DIR, 'wp_vulns.json')
 WP_VERSIONS_FILE    = File.join(DATA_DIR, 'wp_versions.xml')
 LOCAL_FILES_FILE    = File.join(DATA_DIR, 'local_vulnerable_files.xml')
-VULNS_XSD           = File.join(DATA_DIR, 'vuln.xsd')
+# VULNS_XSD           = File.join(DATA_DIR, 'vuln.xsd')
 WP_VERSIONS_XSD     = File.join(DATA_DIR, 'wp_versions.xsd')
 LOCAL_FILES_XSD     = File.join(DATA_DIR, 'local_vulnerable_files.xsd')
 USER_AGENTS_FILE    = File.join(DATA_DIR, 'user-agents.txt')
@@ -54,7 +54,7 @@ require 'environment'
 def require_files_from_directory(absolute_dir_path, files_pattern = '*.rb')
  files = Dir[File.join(absolute_dir_path, files_pattern)]

-  # Files in the root dir are loaded first, then thoses in the subdirectories
+  # Files in the root dir are loaded first, then those in the subdirectories
  files.sort_by { |file| [file.count("/"), file] }.each do |f|
    f = File.expand_path(f)
    #puts "require #{f}" # Used for debug
@@ -64,14 +64,6 @@ end

 require_files_from_directory(COMMON_LIB_DIR, '**/*.rb')

-# Hook to check if the target if down during the scan
-# The target is considered down after 10 requests with status = 0
-down = 0
-Typhoeus.on_complete do |response|
-  down += 1 if response.code == 0
-  fail 'The target seems to be down' if down >= 10
-end
-
 # Add protocol
 def add_http_protocol(url)
  url =~ /^https?:/ ? url : "http://#{url}"
@@ -153,6 +145,17 @@ def xml(file)
  end
 end

+def json(file)
+  content = File.open(file).read
+
+  begin
+    JSON.parse(content)
+  rescue => e
+    puts "[ERROR] In JSON file parsing #{file} #{e}"
+    raise
+  end
+end
+
 def redefine_constant(constant, value)
  Object.send(:remove_const, constant)
  Object.const_set(constant, value)
--- a/lib/common/models/vulnerability.rb
+++ b/lib/common/models/vulnerability.rb
@@ -35,27 +35,23 @@ class Vulnerability
  end
  # :nocov:

-  # Create the Vulnerability from the xml_node
+  # Create the Vulnerability from the json_item
  #
-  # @param [ Nokogiri::XML::Node ] xml_node
+  # @param [ Hash ] json_item
  #
  # @return [ Vulnerability ]
-  def self.load_from_xml_node(xml_node)
+  def self.load_from_json_item(json_item)
    references = {}
-    refs = xml_node.search('references')
-    if refs
-      references[:url] = refs.search('url').map(&:text)
-      references[:cve] = refs.search('cve').map(&:text)
-      references[:secunia] = refs.search('secunia').map(&:text)
-      references[:osvdb] = refs.search('osvdb').map(&:text)
-      references[:metasploit] = refs.search('metasploit').map(&:text)
-      references[:exploitdb] = refs.search('exploitdb').map(&:text)
+
+    [:url, :cve, :secunia, :osvdb, :metasploit, :exploitdb].each do |key|
+      references[key] = json_item[key.to_s].split(',') if json_item[key.to_s]
    end
+
    new(
-      xml_node.search('title').text,
-      xml_node.search('type').text,
+      json_item['title'],
+      json_item['type'],
      references,
-      xml_node.search('fixed_in').text,
+      json_item['fixed_in'],
    )
  end

--- a/lib/common/models/vulnerability/output.rb
+++ b/lib/common/models/vulnerability/output.rb
@@ -14,7 +14,7 @@ class Vulnerability
          puts "    Reference: #{url}" if url
        end
      end
-      if !fixed_in.empty?
+      if !fixed_in.nil?
         puts "#{blue('[i]')} Fixed in: #{fixed_in}"
      end
    end
--- a/lib/common/models/wp_item/vulnerable.rb
+++ b/lib/common/models/wp_item/vulnerable.rb
@@ -2,22 +2,27 @@

 class WpItem
  module Vulnerable
-    attr_accessor :vulns_file, :vulns_xpath
+    attr_accessor :vulns_file, :identifier

    # Get the vulnerabilities associated to the WpItem
    # Filters out already fixed vulnerabilities
    #
    # @return [ Vulnerabilities ]
    def vulnerabilities
-      xml             = xml(vulns_file)
+      json            = json(vulns_file)
      vulnerabilities = Vulnerabilities.new

-      xml.xpath(vulns_xpath).each do |node|
-        vuln = Vulnerability.load_from_xml_node(node)
-        if vulnerable_to?(vuln)
-          vulnerabilities << vuln
+      json.each do |item|
+        asset = item[identifier]
+
+        if asset
+          asset['vulnerabilities'].each do |vulnerability|
+            vulnerability = Vulnerability.load_from_json_item(vulnerability)
+            vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
+          end
        end
      end
+
      vulnerabilities
    end

@@ -41,5 +46,4 @@ class WpItem
      return false
    end
  end
-
 end
--- a/lib/common/models/wp_plugin/vulnerable.rb
+++ b/lib/common/models/wp_plugin/vulnerable.rb
@@ -12,8 +12,8 @@ class WpPlugin < WpItem
    end

    # @return [ String ]
-    def vulns_xpath
-      "//plugin[@name='#{@name}']/vulnerability"
+    def identifier
+      @name
    end

  end
--- a/lib/common/models/wp_theme/vulnerable.rb
+++ b/lib/common/models/wp_theme/vulnerable.rb
@@ -12,9 +12,8 @@ class WpTheme < WpItem
    end

    # @return [ String ]
-    def vulns_xpath
-      "//theme[@name='#{@name}']/vulnerability"
+    def identifier
+      @name
    end
-
  end
 end
--- a/lib/common/models/wp_version/vulnerable.rb
+++ b/lib/common/models/wp_version/vulnerable.rb
@@ -12,9 +12,14 @@ class WpVersion < WpItem
    end

    # @return [ String ]
-    def vulns_xpath
-      "//wordpress[@version='#{@number}']/vulnerability"
-    end
+    def identifier
+      @number
+    end  
+
+    # @return [ String ]
+    # def vulns_xpath
+    #   "//wordpress[@version='#{@number}']/vulnerability"
+    # end

  end
 end