#
# WPScan - WordPress Security Scanner
# Copyright (C) 2011  Ryan Dewhurst AKA ethicalhack3r
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#

module Malwares
  # Used as cache : nil => malwares not checked, [] => no malwares, otherwise array of malwares url found
  @malwares = nil

  def has_malwares?(malwares_file_path = nil)
    !malwares(malwares_file_path).empty?
  end

  # return array of string (url of malwares found)
  def malwares(malwares_file_path = nil)
    if @malwares.nil?
      malwares_found  = []
      malwares_file   = Malwares.malwares_file(malwares_file_path)
      index_page_body = Browser.instance.get(@uri.to_s).body

      File.open(malwares_file, 'r') do |file|
        file.readlines.collect do |url|
          chomped_url = url.chomp

          if chomped_url.length > 0
            malwares_found += index_page_body.scan(Malwares.malware_pattern(chomped_url))
          end
        end
      end

      malwares_found.flatten!
      malwares_found.uniq!

      @malwares = malwares_found
    end
    @malwares
  end

  def self.malwares_file(malwares_file_path)
    malwares_file_path || DATA_DIR + '/malwares.txt'
  end

  def self.malware_pattern(url)
    %r{<(?:script|iframe).* src=(?:"|')(#{url}[^"']*)(?:"|')[^>]*>}i
  end
end