Creation of a function xml instead of a hack for Nokogiri::XML

2013-03-11 17:59:26 +01:00
parent 64c3c29597
commit de3d62ba92
7 changed files with 15 additions and 22 deletions
--- a/lib/common/common_helper.rb
+++ b/lib/common/common_helper.rb
@@ -147,3 +147,9 @@ def get_metasploit_url(module_path)
  module_path = module_path.sub(/^\//, '')
  "http://www.metasploit.com/modules/#{module_path}"
 end
 def xml(file)
  Nokogiri::XML(File.open(file)) do |config|
    config.noblanks
  end
 end
--- a/lib/common/hacks.rb
+++ b/lib/common/hacks.rb
@@ -1,14 +1,5 @@
 # encoding: UTF-8
 # Default option changed from DEFAULT_XML to NOBLANKS
 module Nokogiri
  class << self
    def XML thing, url = nil, encoding = nil, options = XML::ParseOptions::NOBLANKS, &block
      Nokogiri::XML::Document.parse(thing, url, encoding, options, &block)
    end
  end
 end
 # Since ruby 1.9.2, URI::escape is obsolete
 # See http://rosettacode.org/wiki/URL_encoding#Ruby and http://www.ruby-forum.com/topic/207489
 if RUBY_VERSION >= '1.9.2'
--- a/lib/wpscan/vulnerable.rb
+++ b/lib/wpscan/vulnerable.rb
@@ -23,7 +23,7 @@ class Vulnerable
  # @return an array of WpVulnerability (can be empty)
  def vulnerabilities
-    xml             = Nokogiri::XML(File.open(@vulns_file))
+    xml             = xml(@vulns_file)
    vulnerabilities = []
    xml.xpath(@vulns_xpath).each do |node|
--- a/lib/wpscan/wp_enumerator.rb
+++ b/lib/wpscan/wp_enumerator.rb
@@ -121,7 +121,7 @@ class WpEnumerator
    # Timthumbs have no XML file
    unless type =~ /timthumbs/i
-      xml = Nokogiri::XML(File.open(vulns_file))
+      xml = xml(vulns_file)
      # We check if the plugin name from the plugin_vulns_file is already in targets, otherwise we add it
      xml.xpath(options[:vulns_xpath_2]).each do |node|
--- a/lib/wpscan/wp_version.rb
+++ b/lib/wpscan/wp_version.rb
@@ -146,7 +146,7 @@ class WpVersion < Vulnerable
    version_xml = options[:version_xml] || WP_VERSIONS_FILE # needed for rpsec
    wp_content  = options[:wp_content_dir]
    wp_plugins  = "#{wp_content}/plugins"
-    xml         = Nokogiri::XML(File.open(version_xml))
+    xml         = xml(version_xml)
    xml.xpath('//file').each do |node|
      file_src = node.attribute('src').text
--- a/lib/wpstools/plugins/checker/checker_plugin.rb
+++ b/lib/wpstools/plugins/checker/checker_plugin.rb
@@ -46,7 +46,7 @@ class CheckerPlugin < Plugin
    puts '[+] Checking vulnerabilities reference urls'
    vuln_ref_files.each do |vuln_ref_file|
-      xml = Nokogiri::XML(File.open(vuln_ref_file))
+      xml = xml(vuln_ref_file)
      urls = []
      xml.xpath('//reference').each { |node| urls << node.text }
@@ -111,7 +111,7 @@ class CheckerPlugin < Plugin
      puts '[+] Checking for vulnerable files ...'
-      xml = Nokogiri::XML(File.open(xml_file))
+      xml = xml(xml_file)
      xml.xpath('//hash').each do |node|
        sha1sum = node.attribute('sha1').text
--- a/lib/wpstools/plugins/stats/stats_plugin.rb
+++ b/lib/wpstools/plugins/stats/stats_plugin.rb
@@ -44,24 +44,20 @@ class StatsPlugin < Plugin
    end
  end
  def xml(file)
    Nokogiri::XML(File.open(file))
  end
  def vuln_plugin_count(file=PLUGINS_VULNS_FILE)
-    self.xml(file).xpath("count(//plugin)").to_i
+    xml(file).xpath("count(//plugin)").to_i
  end
  def vuln_theme_count(file=THEMES_VULNS_FILE)
-    self.xml(file).xpath("count(//theme)").to_i
+    xml(file).xpath("count(//theme)").to_i
  end
  def plugin_vulns_count(file=PLUGINS_VULNS_FILE)
-    self.xml(file).xpath("count(//vulnerability)").to_i
+    xml(file).xpath("count(//vulnerability)").to_i
  end
  def theme_vulns_count(file=THEMES_VULNS_FILE)
-    self.xml(file).xpath("count(//vulnerability)").to_i
+    xml(file).xpath("count(//vulnerability)").to_i
  end
  def total_plugins(file=PLUGINS_FULL_FILE, xml=PLUGINS_VULNS_FILE)