garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tabs replaced by spaces !

Browse Source 
The presence of tabs can be checked with 'rubocop --only Tab --format
files'
This commit is contained in:
erwanlr
2013-12-30 11:50:43 +00:00
parent 23de013c86
commit dc1c65b418
12 changed files with 106 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
dev/pre-commit-hook.rb
View File

@@ -6,16 +6,16 @@ require 'pty'
html_path = 'rspec_results.html' html_path = 'rspec_results.html'
begin begin
PTY.spawn( "rspec spec --format h > #{html_path}" ) do |stdin, stdout, pid| PTY.spawn( "rspec spec --format h > #{html_path}" ) do |stdin, stdout, pid|
begin begin
stdin.each { |line| print line } stdin.each { |line| print line }
rescue Errno::EIO => e rescue Errno::EIO => e
puts "Error: #{e.to.s}" puts "Error: #{e.to.s}"
return 1 return 1
end end
end end
rescue PTY::ChildExited rescue PTY::ChildExited
puts 'Child process exit!' puts 'Child process exit!'
end end
# find out if there were any errors # find out if there were any errors
@@ -23,18 +23,18 @@ html = open(html_path).read
examples = html.match(/(\d+) examples/)[0].to_i rescue 0 examples = html.match(/(\d+) examples/)[0].to_i rescue 0
errors = html.match(/(\d+) errors/)[0].to_i rescue 0 errors = html.match(/(\d+) errors/)[0].to_i rescue 0
if errors == 0 then if errors == 0 then
errors = html.match(/(\d+) failure/)[0].to_i rescue 0 errors = html.match(/(\d+) failure/)[0].to_i rescue 0
end end
pending = html.match(/(\d+) pending/)[0].to_i rescue 0 pending = html.match(/(\d+) pending/)[0].to_i rescue 0
if errors.zero? if errors.zero?
puts "0 failed! #{examples} run, #{pending} pending" puts "0 failed! #{examples} run, #{pending} pending"
sleep 1 sleep 1
exit 0 exit 0
else else
puts "\aCOMMIT FAILED!!" puts "\aCOMMIT FAILED!!"
puts "View your rspec results at #{File.expand_path(html_path)}" puts "View your rspec results at #{File.expand_path(html_path)}"
puts puts
puts "#{errors} failed! #{examples} run, #{pending} pending" puts "#{errors} failed! #{examples} run, #{pending} pending"
exit 1 exit 1
end end

22
lib/common/models/vulnerability.rb
View File

@@ -5,7 +5,7 @@ require 'vulnerability/urls'
class Vulnerability class Vulnerability
include Vulnerability::Output include Vulnerability::Output
include Vulnerability::Urls include Vulnerability::Urls
attr_accessor :title, :references, :type, :fixed_in attr_accessor :title, :references, :type, :fixed_in
@@ -41,16 +41,16 @@ class Vulnerability
# #
# @return [ Vulnerability ] # @return [ Vulnerability ]
def self.load_from_xml_node(xml_node) def self.load_from_xml_node(xml_node)
references = {} references = {}
refs = xml_node.search('references') refs = xml_node.search('references')
if refs if refs
references[:url] = refs.search('url').map(&:text) references[:url] = refs.search('url').map(&:text)
references[:cve] = refs.search('cve').map(&:text) references[:cve] = refs.search('cve').map(&:text)
references[:secunia] = refs.search('secunia').map(&:text) references[:secunia] = refs.search('secunia').map(&:text)
references[:osvdb] = refs.search('osvdb').map(&:text) references[:osvdb] = refs.search('osvdb').map(&:text)
references[:metasploit] = refs.search('metasploit').map(&:text) references[:metasploit] = refs.search('metasploit').map(&:text)
references[:exploitdb] = refs.search('exploitdb').map(&:text) references[:exploitdb] = refs.search('exploitdb').map(&:text)
end end
new( new(
xml_node.search('title').text, xml_node.search('title').text,
xml_node.search('type').text, xml_node.search('type').text,

12
lib/common/models/vulnerability/output.rb
View File

@@ -8,12 +8,12 @@ class Vulnerability
puts ' |' puts ' |'
puts ' | ' + red("* Title: #{title}") puts ' | ' + red("* Title: #{title}")
references.each do |key, urls| references.each do |key, urls|
methodname = "url_#{key}" methodname = "url_#{key}"
urls.each do |u| urls.each do |u|
url = send(methodname, u) url = send(methodname, u)
puts ' | ' + red("* Reference: #{url}") if url puts ' | ' + red("* Reference: #{url}") if url
end end
end end
if !fixed_in.empty? if !fixed_in.empty?
puts " | * Fixed in: #{fixed_in}" puts " | * Fixed in: #{fixed_in}"
end end

46
lib/common/models/vulnerability/urls.rb
View File

@@ -1,33 +1,33 @@
# encoding: UTF-8 # encoding: UTF-8
class Vulnerability class Vulnerability
module Urls module Urls
# @return [ String ] The url to the metasploit module page # @return [ String ] The url to the metasploit module page
def url_metasploit(module_path) def url_metasploit(module_path)
# remove leading slash # remove leading slash
module_path = module_path.sub(/^\//, '') module_path = module_path.sub(/^\//, '')
"http://www.metasploit.com/modules/#{module_path}" "http://www.metasploit.com/modules/#{module_path}"
end end
def url_url(url) def url_url(url)
url url
end end
def url_cve(cve) def url_cve(cve)
"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-#{cve}" "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-#{cve}"
end end
def url_osvdb(id) def url_osvdb(id)
"http://osvdb.org/#{id}" "http://osvdb.org/#{id}"
end end
def url_secunia(id) def url_secunia(id)
"http://secunia.com/advisories/#{id}" "http://secunia.com/advisories/#{id}"
end end
def url_exploitdb(id) def url_exploitdb(id)
"http://www.exploit-db.com/exploits/#{id}/" "http://www.exploit-db.com/exploits/#{id}/"
end end
end end
end end

6
lib/common/models/wp_item/output.rb
View File

@@ -13,9 +13,9 @@ class WpItem
puts " | Readme: #{readme_url}" if has_readme? puts " | Readme: #{readme_url}" if has_readme?
puts " | Changelog: #{changelog_url}" if has_changelog? puts " | Changelog: #{changelog_url}" if has_changelog?
if respond_to?(:additional_output) if respond_to?(:additional_output)
additional_output(verbose) additional_output(verbose)
end end
vulnerabilities.output vulnerabilities.output

2
lib/common/version_compare.rb
View File

@@ -22,5 +22,5 @@ class VersionCompare
raise raise
end end
return false return false
end end
end end

6
lib/wpstools/plugins/checker/checker_spelling.rb
View File

@@ -36,10 +36,10 @@ class CheckerSpelling < Plugin
file.close file.close
end end
end end
puts puts
puts "[+] Found #{mistakes} spelling mistakes" puts "[+] Found #{mistakes} spelling mistakes"
mistakes mistakes
end end

24
spec/lib/common/models/vulnerability_spec.rb
View File

@@ -21,10 +21,10 @@ describe Vulnerability do
context 'with fixed version argument' do context 'with fixed version argument' do
let(:fixed_version) { '1.0' } let(:fixed_version) { '1.0' }
its(:title) { should be title } its(:title) { should be title }
its(:references) { should be references } its(:references) { should be references }
its(:type) { should be type } its(:type) { should be type }
its(:fixed_in) { should be fixed_version } its(:fixed_in) { should be fixed_version }
end end
end end
@@ -35,14 +35,14 @@ describe Vulnerability do
xml(MODELS_FIXTURES + '/vulnerability/xml_node.xml').xpath('//vulnerability') xml(MODELS_FIXTURES + '/vulnerability/xml_node.xml').xpath('//vulnerability')
} }
expected_refs = { expected_refs = {
:url=>['Ref 1', 'Ref 2'], :url=>['Ref 1', 'Ref 2'],
:cve=>['2011-001'], :cve=>['2011-001'],
:secunia=>['secunia'], :secunia=>['secunia'],
:osvdb=>['osvdb'], :osvdb=>['osvdb'],
:metasploit=>['exploit/ex1'], :metasploit=>['exploit/ex1'],
:exploitdb=>['exploitdb'] :exploitdb=>['exploitdb']
} }
its(:title) { should == 'Vuln Title' } its(:title) { should == 'Vuln Title' }
its(:type) { should == 'CSRF' } its(:type) { should == 'CSRF' }

16
spec/lib/common/models/wp_item_spec.rb
View File

@@ -13,14 +13,14 @@ describe WpItem do
it_behaves_like 'WpItem::Vulnerable' do it_behaves_like 'WpItem::Vulnerable' do
let(:vulns_file) { MODELS_FIXTURES + '/wp_item/vulnerable/items_vulns.xml' } let(:vulns_file) { MODELS_FIXTURES + '/wp_item/vulnerable/items_vulns.xml' }
let(:vulns_xpath) { "//item[@name='neo']/vulnerability" } let(:vulns_xpath) { "//item[@name='neo']/vulnerability" }
let(:expected_refs) { { let(:expected_refs) { {
:url => ['Ref 1', 'Ref 2'], :url => ['Ref 1', 'Ref 2'],
:cve => ['2011-001'], :cve => ['2011-001'],
:secunia => ['secunia'], :secunia => ['secunia'],
:osvdb => ['osvdb'], :osvdb => ['osvdb'],
:metasploit => ['exploit/ex1'], :metasploit => ['exploit/ex1'],
:exploitdb => ['exploitdb'] :exploitdb => ['exploitdb']
} } } }
let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new("I'm the one", 'XSS', expected_refs) } let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new("I'm the one", 'XSS', expected_refs) }
end end

16
spec/lib/common/models/wp_plugin_spec.rb
View File

@@ -7,14 +7,14 @@ describe WpPlugin do
it_behaves_like 'WpItem::Vulnerable' do it_behaves_like 'WpItem::Vulnerable' do
let(:options) { { name: 'white-rabbit' } } let(:options) { { name: 'white-rabbit' } }
let(:vulns_file) { MODELS_FIXTURES + '/wp_plugin/vulnerable/plugins_vulns.xml' } let(:vulns_file) { MODELS_FIXTURES + '/wp_plugin/vulnerable/plugins_vulns.xml' }
let(:expected_refs) { { let(:expected_refs) { {
:url => ['Ref 1', 'Ref 2'], :url => ['Ref 1', 'Ref 2'],
:cve => ['2011-001'], :cve => ['2011-001'],
:secunia => ['secunia'], :secunia => ['secunia'],
:osvdb => ['osvdb'], :osvdb => ['osvdb'],
:metasploit => ['exploit/ex1'], :metasploit => ['exploit/ex1'],
:exploitdb => ['exploitdb'] :exploitdb => ['exploitdb']
} } } }
let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Follow me!', 'REDIRECT', expected_refs) } let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Follow me!', 'REDIRECT', expected_refs) }
end end

16
spec/lib/common/models/wp_theme_spec.rb
View File

@@ -12,14 +12,14 @@ describe WpTheme do
it_behaves_like 'WpItem::Vulnerable' do it_behaves_like 'WpItem::Vulnerable' do
let(:options) { { name: 'the-oracle' } } let(:options) { { name: 'the-oracle' } }
let(:vulns_file) { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.xml' } let(:vulns_file) { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.xml' }
let(:expected_refs) { { let(:expected_refs) { {
:url => ['Ref 1', 'Ref 2'], :url => ['Ref 1', 'Ref 2'],
:cve => ['2011-001'], :cve => ['2011-001'],
:secunia => ['secunia'], :secunia => ['secunia'],
:osvdb => ['osvdb'], :osvdb => ['osvdb'],
:metasploit => ['exploit/ex1'], :metasploit => ['exploit/ex1'],
:exploitdb => ['exploitdb'] :exploitdb => ['exploitdb']
} } } }
let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('I see you', 'FPD', expected_refs) } let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('I see you', 'FPD', expected_refs) }
end end

16
spec/lib/common/models/wp_version_spec.rb
View File

@@ -7,14 +7,14 @@ describe WpVersion do
it_behaves_like 'WpItem::Vulnerable' do it_behaves_like 'WpItem::Vulnerable' do
let(:options) { { number: '3.2' } } let(:options) { { number: '3.2' } }
let(:vulns_file) { MODELS_FIXTURES + '/wp_version/vulnerable/versions_vulns.xml' } let(:vulns_file) { MODELS_FIXTURES + '/wp_version/vulnerable/versions_vulns.xml' }
let(:expected_refs) { { let(:expected_refs) { {
:url => ['Ref 1', 'Ref 2'], :url => ['Ref 1', 'Ref 2'],
:cve => ['2011-001'], :cve => ['2011-001'],
:secunia => ['secunia'], :secunia => ['secunia'],
:osvdb => ['osvdb'], :osvdb => ['osvdb'],
:metasploit => ['exploit/ex1'], :metasploit => ['exploit/ex1'],
:exploitdb => ['exploitdb'] :exploitdb => ['exploitdb']
} } } }
let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Here I Am', 'SQLI', expected_refs) } let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Here I Am', 'SQLI', expected_refs) }
end end