Creation of a function xml instead of a hack for Nokogiri::XML

2013-03-11 17:59:26 +01:00
parent 64c3c29597
commit de3d62ba92
7 changed files with 15 additions and 22 deletions
--- a/lib/wpscan/vulnerable.rb
+++ b/lib/wpscan/vulnerable.rb
@@ -23,7 +23,7 @@ class Vulnerable

  # @return an array of WpVulnerability (can be empty)
  def vulnerabilities
-    xml             = Nokogiri::XML(File.open(@vulns_file))
+    xml             = xml(@vulns_file)
    vulnerabilities = []

    xml.xpath(@vulns_xpath).each do |node|
--- a/lib/wpscan/wp_enumerator.rb
+++ b/lib/wpscan/wp_enumerator.rb
@@ -121,7 +121,7 @@ class WpEnumerator

    # Timthumbs have no XML file
    unless type =~ /timthumbs/i
-      xml = Nokogiri::XML(File.open(vulns_file))
+      xml = xml(vulns_file)

      # We check if the plugin name from the plugin_vulns_file is already in targets, otherwise we add it
      xml.xpath(options[:vulns_xpath_2]).each do |node|
--- a/lib/wpscan/wp_version.rb
+++ b/lib/wpscan/wp_version.rb
@@ -146,7 +146,7 @@ class WpVersion < Vulnerable
    version_xml = options[:version_xml] || WP_VERSIONS_FILE # needed for rpsec
    wp_content  = options[:wp_content_dir]
    wp_plugins  = "#{wp_content}/plugins"
-    xml         = Nokogiri::XML(File.open(version_xml))
+    xml         = xml(version_xml)

    xml.xpath('//file').each do |node|
      file_src = node.attribute('src').text