garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

New json structure implemented #853

Browse Source
This commit is contained in:
ethicalhack3r
2015-09-03 22:04:44 +02:00
parent 57f6206aee
commit e6d29f6f18
9 changed files with 78 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/common/collections/wp_items/detectable.rb
View File

@@ -172,19 +172,19 @@ class WpItems < Array
case type case type
when :vulnerable when :vulnerable
item_names = json.select { |item| !item['vulnerabilities'].empty? }.map {|item| item['name'] } items = json.select { |item| !json[item]['vulnerabilities'].empty? }
when :popular when :popular
item_names = json.select { |item| item['popular'] == true }.map {|item| item['name'] } items = json.select { |item| json[item]['popular'] == true }
when :all when :all
item_names = [*json].map { |item| item['name'] } items = [*json]
else else
raise "Unknown type #{type}" raise "Unknown type #{type}"
end end
item_names.each do |item_name| items.each do |item|
targets << create_item( targets << create_item(
item_class, item_class,
item_name, item[0],
wp_target, wp_target,
vulns_file vulns_file
) )

16
lib/common/models/wp_item/vulnerable.rb
View File

@@ -8,21 +8,15 @@ class WpItem
# Filters out already fixed vulnerabilities # Filters out already fixed vulnerabilities
# #
# @return [ Vulnerabilities ] # @return [ Vulnerabilities ]
def vulnerabilities def vulnerabilities
json = json(vulns_file) json = json(vulns_file)
vulnerabilities = Vulnerabilities.new vulnerabilities = Vulnerabilities.new
json.each do |item| return vulnerabilities if json.empty?
asset = item['version'] || item['name']
next unless asset == identifier json[identifier]['vulnerabilities'].each do |vulnerability|
vulnerability = Vulnerability.load_from_json_item(vulnerability)
item['vulnerabilities'].each do |vulnerability| vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
vulnerability = Vulnerability.load_from_json_item(vulnerability)
vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
end
break # No need to iterate any further
end end
vulnerabilities vulnerabilities

10
spec/samples/common/collections/wp_items/detectable/vulns.json
View File

@@ -1,6 +1,5 @@
[ {
{ "mr-smith": {
"name": "mr-smith",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2989, "id":2989,
@@ -48,8 +47,7 @@
} }
] ]
}, },
{ "neo": {
"name": "neo",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2993, "id":2993,
@@ -63,4 +61,4 @@
} }
] ]
} }
] }

10
spec/samples/common/collections/wp_plugins/detectable/vulns.json
View File

@@ -1,6 +1,5 @@
[ {
{ "mr-smith": {
"name": "mr-smith",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2989, "id":2989,
@@ -48,8 +47,7 @@
} }
] ]
}, },
{ "neo": {
"name":"neo",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2993, "id":2993,
@@ -63,4 +61,4 @@
} }
] ]
} }
] }

11
spec/samples/common/collections/wp_themes/detectable/vulns.json
View File

@@ -1,6 +1,5 @@
[ {
{ "shopperpress": {
"name": "shopperpress",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2989, "id":2989,
@@ -48,8 +47,7 @@
} }
] ]
}, },
{ "webfolio": {
"name": "webfolio",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2993, "id":2993,
@@ -63,4 +61,5 @@
} }
] ]
} }
] }

10
spec/samples/common/models/wp_item/vulnerable/items_vulns.json
View File

@@ -1,6 +1,5 @@
[ {
{ "not-this-one": {
"name": "not-this-one",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2989, "id":2989,
@@ -13,8 +12,7 @@
} }
] ]
}, },
{ "neo": {
"name": "neo",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2993, "id":2993,
@@ -34,4 +32,4 @@
} }
] ]
} }
] }

48
spec/samples/common/models/wp_plugin/vulnerable/plugins.json
View File

@@ -1,6 +1,5 @@
[ {
{ "mr-smith": {
"name": "mr-smith",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2993, "id":2993,
@@ -36,25 +35,24 @@
} }
] ]
}, },
{ "white-rabbit": {
"name": "white-rabbit", "vulnerabilities": [
"vulnerabilities": [ {
{ "id":2993,
"id":2993, "title":"Follow me!",
"title":"Follow me!", "references": {
"references": { "url": ["Ref 1", "Ref 2"],
"url": ["Ref 1", "Ref 2"], "osvdb": ["osvdb"],
"osvdb": ["osvdb"], "cve": ["2011-001"],
"cve": ["2011-001"], "secunia": ["secunia"],
"secunia": ["secunia"], "metasploit": ["exploit/ex1"],
"metasploit": ["exploit/ex1"], "exploitdb": ["exploitdb"]
"exploitdb": ["exploitdb"] },
}, "type":"REDIRECT",
"type":"REDIRECT", "fixed_in":"",
"fixed_in":"", "created_at":"2014-07-28T12:10:07.000Z",
"created_at":"2014-07-28T12:10:07.000Z", "updated_at":"2014-07-28T12:10:07.000Z"
"updated_at":"2014-07-28T12:10:07.000Z" }
} ]
] }
} }
]

47
spec/samples/common/models/wp_theme/vulnerable/themes_vulns.json
View File

@@ -1,6 +1,5 @@
[ {
{ "mr-smith": {
"name": "mr-smith",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2989, "id":2989,
@@ -36,25 +35,25 @@
} }
] ]
}, },
{ "the-oracle": {
"name": "the-oracle", "vulnerabilities":[
"vulnerabilities":[ {
{ "id":2993,
"id":2993, "title":"I see you",
"title":"I see you", "references": {
"references": { "url": ["Ref 1", "Ref 2"],
"url": ["Ref 1", "Ref 2"], "osvdb": ["osvdb"],
"osvdb": ["osvdb"], "cve": ["2011-001"],
"cve": ["2011-001"], "secunia": ["secunia"],
"secunia": ["secunia"], "metasploit": ["exploit/ex1"],
"metasploit": ["exploit/ex1"], "exploitdb": ["exploitdb"]
"exploitdb": ["exploitdb"] },
}, "type":"FPD",
"type":"FPD", "fixed_in":"",
"fixed_in":"", "created_at":"2014-07-28T12:10:07.000Z",
"created_at":"2014-07-28T12:10:07.000Z", "updated_at":"2014-07-28T12:10:07.000Z"
"updated_at":"2014-07-28T12:10:07.000Z" }
} ]
]
} }
] }

12
spec/samples/common/models/wp_version/vulnerable/versions_vulns.json
View File

@@ -1,6 +1,5 @@
[ {
{ "3.5": {
"version": "3.5",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2989, "id":2989,
@@ -19,9 +18,8 @@
"updated_at":"2014-07-28T12:10:07.000Z" "updated_at":"2014-07-28T12:10:07.000Z"
} }
] ]
}, },
{ "3.2": {
"version": "3.2",
"vulnerabilities":[ "vulnerabilities":[
{ {
"id":2993, "id":2993,
@@ -41,4 +39,4 @@
} }
] ]
} }
] }