diff --git a/lib/common/collections/wp_items/detectable.rb b/lib/common/collections/wp_items/detectable.rb index cbcfd47d..1085e748 100755 --- a/lib/common/collections/wp_items/detectable.rb +++ b/lib/common/collections/wp_items/detectable.rb @@ -172,19 +172,19 @@ class WpItems < Array case type when :vulnerable - item_names = json.select { |item| !item['vulnerabilities'].empty? }.map {|item| item['name'] } + items = json.select { |item| !json[item]['vulnerabilities'].empty? } when :popular - item_names = json.select { |item| item['popular'] == true }.map {|item| item['name'] } + items = json.select { |item| json[item]['popular'] == true } when :all - item_names = [*json].map { |item| item['name'] } + items = [*json] else raise "Unknown type #{type}" end - item_names.each do |item_name| + items.each do |item| targets << create_item( item_class, - item_name, + item[0], wp_target, vulns_file ) diff --git a/lib/common/models/wp_item/vulnerable.rb b/lib/common/models/wp_item/vulnerable.rb index 2f4a5fc4..a62aa33f 100755 --- a/lib/common/models/wp_item/vulnerable.rb +++ b/lib/common/models/wp_item/vulnerable.rb @@ -8,21 +8,15 @@ class WpItem # Filters out already fixed vulnerabilities # # @return [ Vulnerabilities ] - def vulnerabilities + def vulnerabilities json = json(vulns_file) vulnerabilities = Vulnerabilities.new - json.each do |item| - asset = item['version'] || item['name'] + return vulnerabilities if json.empty? - next unless asset == identifier - - item['vulnerabilities'].each do |vulnerability| - vulnerability = Vulnerability.load_from_json_item(vulnerability) - vulnerabilities << vulnerability if vulnerable_to?(vulnerability) - end - - break # No need to iterate any further + json[identifier]['vulnerabilities'].each do |vulnerability| + vulnerability = Vulnerability.load_from_json_item(vulnerability) + vulnerabilities << vulnerability if vulnerable_to?(vulnerability) end vulnerabilities diff --git a/spec/samples/common/collections/wp_items/detectable/vulns.json b/spec/samples/common/collections/wp_items/detectable/vulns.json index ebd99762..80ee2ba6 100644 --- a/spec/samples/common/collections/wp_items/detectable/vulns.json +++ b/spec/samples/common/collections/wp_items/detectable/vulns.json @@ -1,6 +1,5 @@ -[ - { - "name": "mr-smith", +{ + "mr-smith": { "vulnerabilities":[ { "id":2989, @@ -48,8 +47,7 @@ } ] }, - { - "name": "neo", + "neo": { "vulnerabilities":[ { "id":2993, @@ -63,4 +61,4 @@ } ] } -] \ No newline at end of file +} diff --git a/spec/samples/common/collections/wp_plugins/detectable/vulns.json b/spec/samples/common/collections/wp_plugins/detectable/vulns.json index 53777e54..6b0e28cc 100644 --- a/spec/samples/common/collections/wp_plugins/detectable/vulns.json +++ b/spec/samples/common/collections/wp_plugins/detectable/vulns.json @@ -1,6 +1,5 @@ -[ - { - "name": "mr-smith", +{ + "mr-smith": { "vulnerabilities":[ { "id":2989, @@ -48,8 +47,7 @@ } ] }, - { - "name":"neo", + "neo": { "vulnerabilities":[ { "id":2993, @@ -63,4 +61,4 @@ } ] } -] \ No newline at end of file +} diff --git a/spec/samples/common/collections/wp_themes/detectable/vulns.json b/spec/samples/common/collections/wp_themes/detectable/vulns.json index fdcc83dc..086ae752 100644 --- a/spec/samples/common/collections/wp_themes/detectable/vulns.json +++ b/spec/samples/common/collections/wp_themes/detectable/vulns.json @@ -1,6 +1,5 @@ -[ - { - "name": "shopperpress", +{ + "shopperpress": { "vulnerabilities":[ { "id":2989, @@ -48,8 +47,7 @@ } ] }, - { - "name": "webfolio", + "webfolio": { "vulnerabilities":[ { "id":2993, @@ -63,4 +61,5 @@ } ] } -] +} + diff --git a/spec/samples/common/models/wp_item/vulnerable/items_vulns.json b/spec/samples/common/models/wp_item/vulnerable/items_vulns.json index 1d1685cc..b221ffc9 100644 --- a/spec/samples/common/models/wp_item/vulnerable/items_vulns.json +++ b/spec/samples/common/models/wp_item/vulnerable/items_vulns.json @@ -1,6 +1,5 @@ -[ - { - "name": "not-this-one", +{ + "not-this-one": { "vulnerabilities":[ { "id":2989, @@ -13,8 +12,7 @@ } ] }, - { - "name": "neo", + "neo": { "vulnerabilities":[ { "id":2993, @@ -34,4 +32,4 @@ } ] } -] \ No newline at end of file +} diff --git a/spec/samples/common/models/wp_plugin/vulnerable/plugins.json b/spec/samples/common/models/wp_plugin/vulnerable/plugins.json index fbd1ce83..7498bd34 100644 --- a/spec/samples/common/models/wp_plugin/vulnerable/plugins.json +++ b/spec/samples/common/models/wp_plugin/vulnerable/plugins.json @@ -1,6 +1,5 @@ -[ - { - "name": "mr-smith", +{ + "mr-smith": { "vulnerabilities":[ { "id":2993, @@ -36,25 +35,24 @@ } ] }, - { - "name": "white-rabbit", - "vulnerabilities": [ - { - "id":2993, - "title":"Follow me!", - "references": { - "url": ["Ref 1", "Ref 2"], - "osvdb": ["osvdb"], - "cve": ["2011-001"], - "secunia": ["secunia"], - "metasploit": ["exploit/ex1"], - "exploitdb": ["exploitdb"] - }, - "type":"REDIRECT", - "fixed_in":"", - "created_at":"2014-07-28T12:10:07.000Z", - "updated_at":"2014-07-28T12:10:07.000Z" - } - ] - } -] + "white-rabbit": { + "vulnerabilities": [ + { + "id":2993, + "title":"Follow me!", + "references": { + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] + }, + "type":"REDIRECT", + "fixed_in":"", + "created_at":"2014-07-28T12:10:07.000Z", + "updated_at":"2014-07-28T12:10:07.000Z" + } + ] + } +} diff --git a/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json b/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json index b4cff81a..c123ae9f 100644 --- a/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json +++ b/spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json @@ -1,6 +1,5 @@ -[ - { - "name": "mr-smith", +{ + "mr-smith": { "vulnerabilities":[ { "id":2989, @@ -36,25 +35,25 @@ } ] }, - { - "name": "the-oracle", - "vulnerabilities":[ - { - "id":2993, - "title":"I see you", - "references": { - "url": ["Ref 1", "Ref 2"], - "osvdb": ["osvdb"], - "cve": ["2011-001"], - "secunia": ["secunia"], - "metasploit": ["exploit/ex1"], - "exploitdb": ["exploitdb"] - }, - "type":"FPD", - "fixed_in":"", - "created_at":"2014-07-28T12:10:07.000Z", - "updated_at":"2014-07-28T12:10:07.000Z" - } - ] + "the-oracle": { + "vulnerabilities":[ + { + "id":2993, + "title":"I see you", + "references": { + "url": ["Ref 1", "Ref 2"], + "osvdb": ["osvdb"], + "cve": ["2011-001"], + "secunia": ["secunia"], + "metasploit": ["exploit/ex1"], + "exploitdb": ["exploitdb"] + }, + "type":"FPD", + "fixed_in":"", + "created_at":"2014-07-28T12:10:07.000Z", + "updated_at":"2014-07-28T12:10:07.000Z" + } + ] } -] +} + diff --git a/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json b/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json index 8df891a6..2d2407e4 100644 --- a/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json +++ b/spec/samples/common/models/wp_version/vulnerable/versions_vulns.json @@ -1,6 +1,5 @@ -[ - { - "version": "3.5", +{ + "3.5": { "vulnerabilities":[ { "id":2989, @@ -19,9 +18,8 @@ "updated_at":"2014-07-28T12:10:07.000Z" } ] - }, - { - "version": "3.2", + }, + "3.2": { "vulnerabilities":[ { "id":2993, @@ -41,4 +39,4 @@ } ] } -] +}