From fb8ad72335d98a1f0d68d9e3075b3b204b3b4bcd Mon Sep 17 00:00:00 2001 From: erwanlr Date: Fri, 21 Nov 2014 16:49:04 +0100 Subject: [PATCH] WpItems detection: Perform the passive check and filter only vulnerable results at the end if required, fixes #727 --- lib/common/collections/wp_items.rb | 2 +- lib/common/collections/wp_items/detectable.rb | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/common/collections/wp_items.rb b/lib/common/collections/wp_items.rb index 78a5dceb..df37c563 100755 --- a/lib/common/collections/wp_items.rb +++ b/lib/common/collections/wp_items.rb @@ -14,7 +14,7 @@ class WpItems < Array self.wp_target = wp_target end - # @param [String,] argv + # @param [String] argv # # @return [ void ] def add(*args) diff --git a/lib/common/collections/wp_items/detectable.rb b/lib/common/collections/wp_items/detectable.rb index 65dd0c77..55dce0c6 100755 --- a/lib/common/collections/wp_items/detectable.rb +++ b/lib/common/collections/wp_items/detectable.rb @@ -23,10 +23,7 @@ class WpItems < Array homepage_hash: wp_target.homepage_hash, exclude_content: options[:exclude_content] ? %r{#{options[:exclude_content]}} : nil } - - # If we only want the vulnerable ones, the passive detection is ignored - # Otherwise, a passive detection is performed, and results will be merged - results = options[:only_vulnerable] ? new : passive_detection(wp_target, options) + results = passive_detection(wp_target, options) targets.each do |target_item| request = browser.forge_request(target_item.url, request_params) @@ -55,8 +52,11 @@ class WpItems < Array # run the remaining requests hydra.run + + results.select!(&:vulnerable?) if options[:only_vulnerable] results.sort! - results # can't just return results.sort because the #sort returns an array, and we want a WpItems + + results # can't just return results.sort as it would return an array, and we want a WpItems end # @param [ Integer ] targets_size