Bumps version

Merge branch 'master' of github.com:wpscanteam/wpscan
Better code related to CVSS
2020-04-16 11:02:15 +02:00 · 2020-04-16 10:20:09 +02:00 · 2020-04-16 10:06:28 +02:00 · 2020-04-16 09:37:15 +02:00 · 2020-04-15 17:02:44 +02:00 · 2020-04-15 14:46:06 +02:00
15 changed files with 48 additions and 48 deletions
--- a/README.md
+++ b/README.md
@@ -7,10 +7,10 @@
 <h3 align="center">WPScan</h3>

 <p align="center">
-  WordPress Vulnerability Scanner
+  WordPress Security Scanner
  <br>
  <br>
-  <a href="https://wpscan.org/" title="homepage" target="_blank">Homepage</a> - <a href="https://wpscan.io/" title="wpscan.io" target="_blank">WPScan.io</a> - <a href="https://wpvulndb.com/" title="vulnerability database" target="_blank">Vulnerability Database</a> - <a href="https://wordpress.org/plugins/wpscan/" title="wordpress plugin" target="_blank">WordPress Plugin</a>
+  <a href="https://wpscan.org/" title="homepage" target="_blank">Homepage</a> - <a href="https://wpscan.io/" title="wpscan.io" target="_blank">WPScan.io</a> - <a href="https://wpvulndb.com/" title="vulnerability database" target="_blank">Vulnerability Database</a> - <a href="https://wordpress.org/plugins/wpscan/" title="wordpress security plugin" target="_blank">WordPress Security Plugin</a>
 </p>

 <p align="center">
--- a/app/models/timthumb.rb
+++ b/app/models/timthumb.rb
@@ -40,9 +40,9 @@ module WPScan
      def rce_132_vuln
        Vulnerability.new(
          'Timthumb <= 1.32 Remote Code Execution',
-          { exploitdb: ['17602'] },
-          'RCE',
-          '1.33'
+          references: { exploitdb: ['17602'] },
+          type: 'RCE',
+          fixed_in: '1.33'
        )
      end

@@ -50,12 +50,12 @@ module WPScan
      def rce_webshot_vuln
        Vulnerability.new(
          'Timthumb <= 2.8.13 WebShot Remote Code Execution',
-          {
+          references: {
            url: ['http://seclists.org/fulldisclosure/2014/Jun/117', 'https://github.com/wpscanteam/wpscan/issues/519'],
            cve: '2014-4663'
          },
-          'RCE',
-          '2.8.14'
+          type: 'RCE',
+          fixed_in: '2.8.14'
        )
      end

--- a/app/views/cli/vulnerability.erb
+++ b/app/views/cli/vulnerability.erb
@@ -1,4 +1,7 @@
 | <%= critical_icon %> Title: <%= @v.title %>
+<% if @v.cvss -%>
+ |     CVSS: <%= @v.cvss[:score] %> (<%= @v.cvss[:vector] %>)
+<% end -%>
 <% if @v.fixed_in -%>
 |     Fixed in: <%= @v.fixed_in %>
 <% end -%>
--- a/app/views/json/finding.erb
+++ b/app/views/json/finding.erb
@@ -19,6 +19,9 @@
  <% vulns.each_with_index do |v, index| -%>
  {
    "title": <%= v.title.to_json %>,
+    <% if v.cvss -%>
+    "cvss": <%= v.cvss.to_json %>,
+    <% end -%>
    "fixed_in": <%= v.fixed_in.to_json %>,
    "references": <%= v.references.to_json %>
  }<% unless index == last_index -%>,<% end -%>
--- a/lib/wpscan/references.rb
+++ b/lib/wpscan/references.rb
@@ -2,7 +2,7 @@

 module WPScan
  # References module (which should be included along with the CMSScanner::References)
-  # to allow the use of the wpvulndb reference
+  # to allow the use of the wpvulndb reference.
  module References
    extend ActiveSupport::Concern

--- a/lib/wpscan/version.rb
+++ b/lib/wpscan/version.rb
@@ -2,5 +2,5 @@

 # Version
 module WPScan
-  VERSION = '3.8.0'
+  VERSION = '3.8.1'
 end
--- a/lib/wpscan/vulnerability.rb
+++ b/lib/wpscan/vulnerability.rb
@@ -18,9 +18,10 @@ module WPScan

      new(
        json_data['title'],
-        references,
-        json_data['vuln_type'],
-        json_data['fixed_in']
+        references: references,
+        type: json_data['vuln_type'],
+        fixed_in: json_data['fixed_in'],
+        cvss: json_data['cvss']&.symbolize_keys
      )
    end
  end
--- a/spec/app/models/plugin_spec.rb
+++ b/spec/app/models/plugin_spec.rb
@@ -202,11 +202,11 @@ describe WPScan::Model::Plugin do
          [
            WPScan::Vulnerability.new(
              'First Vuln <= 6.3.10 - LFI',
-              { wpvulndb: '1' },
-              'LFI',
-              '6.3.10'
+              references: { wpvulndb: '1' },
+              type: 'LFI',
+              fixed_in: '6.3.10'
            ),
-            WPScan::Vulnerability.new('No Fixed In', wpvulndb: '2')
+            WPScan::Vulnerability.new('No Fixed In', references: { wpvulndb: '2' })
          ]
        end

--- a/spec/app/models/theme_spec.rb
+++ b/spec/app/models/theme_spec.rb
@@ -224,11 +224,11 @@ describe WPScan::Model::Theme do
          [
            WPScan::Vulnerability.new(
              'First Vuln',
-              { wpvulndb: '1' },
-              'LFI',
-              '6.3.10'
+              references: { wpvulndb: '1' },
+              type: 'LFI',
+              fixed_in: '6.3.10'
            ),
-            WPScan::Vulnerability.new('No Fixed In', wpvulndb: '2')
+            WPScan::Vulnerability.new('No Fixed In', references: { wpvulndb: '2' })
          ]
        end

--- a/spec/app/models/wp_version_spec.rb
+++ b/spec/app/models/wp_version_spec.rb
@@ -55,31 +55,15 @@ describe WPScan::Model::WpVersion do
        expect(version).to be_vulnerable
      end

-      let(:all_vulns) do
-        [
-          WPScan::Vulnerability.new(
-            'WP 3.8.1 - Vuln 1',
-            { wpvulndb: '1' },
-            'SQLI'
-          ),
-          WPScan::Vulnerability.new(
-            'WP 3.8.1 - Vuln 2',
-            { url: %w[url-2 url-3], osvdb: %w[10], cve: %w[2014-0166], wpvulndb: '2' },
-            nil,
-            '3.8.2'
-          )
-        ]
-      end
-
      context 'when a signle vuln' do
-        let(:number) { '3.8.1' }
+        let(:number) { '3.8' }
        let(:db_data) { vuln_api_data_for('wordpresses/38') }

        it 'returns the expected result' do
          @expected = [WPScan::Vulnerability.new(
            'WP 3.8 - Vuln 1',
-            { url: %w[url-4], wpvulndb: '3' },
-            'AUTHBYPASS'
+            references: { url: %w[url-4], wpvulndb: '3' },
+            type: 'AUTHBYPASS'
          )]
        end
      end
@@ -92,14 +76,14 @@ describe WPScan::Model::WpVersion do
          @expected = [
            WPScan::Vulnerability.new(
              'WP 3.8.1 - Vuln 1',
-              { wpvulndb: '1' },
-              'SQLI'
+              references: { wpvulndb: '1' },
+              type: 'SQLI',
+              cvss: { score: '5.4', vector: 'VECTOR' }
            ),
            WPScan::Vulnerability.new(
              'WP 3.8.1 - Vuln 2',
-              { url: %w[url-2 url-3], cve: %w[2014-0166], wpvulndb: '2' },
-              nil,
-              '3.8.2'
+              references: { url: %w[url-2 url-3], cve: %w[2014-0166], wpvulndb: '2' },
+              fixed_in: '3.8.2'
            )
          ]
        end
--- a/spec/fixtures/db/vuln_api/wordpresses/381.json
+++ b/spec/fixtures/db/vuln_api/wordpresses/381.json
@@ -9,7 +9,11 @@
      "id" : 1,
      "vuln_type" : "SQLI",
      "published_date" : null,
-      "fixed_in" : null
+      "fixed_in" : null,
+      "cvss": {
+        "score": "5.4",
+        "vector": "VECTOR"
+      }
     },
     {
      "references" : {
--- a/spec/lib/vulnerability_spec.rb
+++ b/spec/lib/vulnerability_spec.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: true

 describe WPScan::Vulnerability do
-  subject(:vuln)   { described_class.new(title, references) }
+  subject(:vuln)   { described_class.new(title, references: references) }
  let(:title)      { 'Test Vuln' }
  let(:references) { {} }

--- a/spec/output/wp_version/with_vulns.cli_no_colour
+++ b/spec/output/wp_version/with_vulns.cli_no_colour
@@ -4,6 +4,7 @@
 | [!] 2 vulnerabilities identified:
 |
 | [!] Title: WP 3.8.1 - Vuln 1
+ |     CVSS: 5.4 (VECTOR)
 |     Reference: https://wpvulndb.com/vulnerabilities/1
 |
 | [!] Title: WP 3.8.1 - Vuln 2
--- a/spec/output/wp_version/with_vulns.json
+++ b/spec/output/wp_version/with_vulns.json
@@ -14,6 +14,10 @@
    "vulnerabilities": [
      {
        "title": "WP 3.8.1 - Vuln 1",
+        "cvss": {
+          "score": "5.4",
+          "vector": "VECTOR"
+        },
        "fixed_in": null,
        "references": {
          "wpvulndb": [
--- a/wpscan.gemspec
+++ b/wpscan.gemspec
@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
  s.executables           = ['wpscan']
  s.require_paths         = ['lib']

-  s.add_dependency 'cms_scanner', '~> 0.9.0'
+  s.add_dependency 'cms_scanner', '~> 0.10.0'

  s.add_development_dependency 'bundler',             '>= 1.6'
  s.add_development_dependency 'memory_profiler',     '~> 0.9.13'
Author	SHA1	Message	Date
erwanlr	b0db15099d	Bumps version	2020-04-16 11:02:15 +02:00
erwanlr	6fbd2369ba	Merge branch 'master' of github.com:wpscanteam/wpscan	2020-04-16 10:20:09 +02:00
erwanlr	f4a6674eed	Better code related to CVSS	2020-04-16 10:06:28 +02:00
Ryan Dewhurst	c0567ad4f5	Change wording to security scanner	2020-04-16 09:37:15 +02:00
erwanlr	f146ee7e9f	Adds YT references and CVSS to output	2020-04-15 17:02:44 +02:00
erwanlr	e606f4ce18	Adds YT references in output	2020-04-15 14:46:06 +02:00
Ryan Dewhurst	945b589a58	Update README.md SEO tweak	2020-04-14 09:44:36 +02:00
Erwan	b18042c4a8	Reverts previous commit. spec folder already excluded via .dockerignore	2020-04-13 16:44:27 +02:00
Erwan	a9ff39104b	Removes specs folder from Docker build	2020-04-13 16:21:17 +02:00