cms_scanner 0.0.34 → 0.0.35

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 452fa0c8c2290b87448608c952c7209f789b9ca2
-  data.tar.gz: 5ea8b78419089ff26a041cd62787b785f816a5cb
+  metadata.gz: 49d944ff5035f864246c90eb6044bdb6064e96e2
+  data.tar.gz: cba3e1cb7d04fd52896abf993fa65566d326bbee
 SHA512:
-  metadata.gz: 16e142c0b57688548e12b6b7e9df53204d40d46ac4dce1c3d27a5bdd7adf8a0af936bb9123dad7d33ca9cb667a3484874797ac339dd5a415a71d89e24721b498
-  data.tar.gz: ca319bb0fcaf4c4f207f8aff69ea31a42119be99d68d473d102f224d2cd435d84808c9e00ffce0928d007b9de9341631a1e46919c292a09e6d39e7868d0de769
+  metadata.gz: be3c89a67f52b7311cfb50e3008244fc9a8d8c4a0edb95194cc5973380deae385d9d5cd6fca207724a8450eff39e2137dd663ba8e8ebf7328e0e3812a6860167
+  data.tar.gz: d87566916dd0aba9415eda327b1ade9fe4724c1b5e826450ad085c189e170846fd65b0ddd3a500ba814cadb18785c30d4720f0366f4ae5b5637aa724d98c967f

data/app/finders/interesting_findings/search_replace_db_2.rb

@@ -20,7 +20,7 @@ module CMSScanner
         end
 
         def references
-          %w(https://interconnectit.com/products/search-and-replace-for-wordpress-databases/)
+          { url: 'https://interconnectit.com/products/search-and-replace-for-wordpress-databases/' }
         end
       end
     end

data/app/models/fantastico_fileslist.rb

@@ -14,7 +14,7 @@ module CMSScanner
     end
 
     def references
-      %w(http://www.acunetix.com/vulnerabilities/fantastico-fileslist/)
+      { url: 'http://www.acunetix.com/vulnerabilities/fantastico-fileslist/' }
     end
   end
 end

data/app/views/cli/interesting_findings/findings.erb

@@ -18,6 +18,6 @@ Interesting Finding(s):
 <% end -%>
 <% end -%>
 <% end -%>
-<%= render('_array', a: finding.references, s: 'Reference', p: 'References') -%>
+<%= render('_array', a: finding.references_urls, s: 'Reference', p: 'References') -%>
 <% end -%>
 <% end %>

data/cms_scanner.gemspec

@@ -9,7 +9,7 @@ Gem::Specification.new do |s|
   s.version               = CMSScanner::VERSION
   s.platform              = Gem::Platform::RUBY
   s.required_ruby_version = '>= 2.1.0'
-  s.authors               = ['WPScanTeam ']
+  s.authors               = ['WPScanTeam']
   s.email                 = ['team@wpscan.org']
   s.summary               = 'CMS Scanner Framework (experimental)'
   s.description           = 'Framework to provide an easy way to implement CMS Scanners'

data/lib/cms_scanner/finders/finding.rb

@@ -1,16 +1,18 @@
+require 'cms_scanner/references'
+
 module CMSScanner
   module Finders
     # Finding
     module Finding
+      # Fix for "Double/Dynamic Inclusion Problem"
+      def self.included(base)
+        base.send(:include, References)
+      end
+
       FINDING_OPTS = [:confidence, :confirmed_by, :references, :found_by, :interesting_entries]
 
       attr_accessor(*FINDING_OPTS)
 
-      # @return [ Array ]
-      def references
-        @references ||= []
-      end
-
       # @return [ Array ]
       def confirmed_by
         @confirmed_by ||= []
@@ -33,7 +35,6 @@ module CMSScanner
       end
 
       # @param [ Hash ] opts
-      # TODO: Maybe use instance_variable_set ?
       def parse_finding_options(opts = {})
         FINDING_OPTS.each { |opt| send("#{opt}=", opts[opt]) if opts.key?(opt) }
       end

data/lib/cms_scanner/{vulnerability/references.rb → references.rb}

@@ -1,6 +1,25 @@
 module CMSScanner
-  # References related to the vulnerability
-  class Vulnerability
+  # References related to the issue
+  module References
+    # @return [ Array<Symbol> ]
+    def references_keys
+      [:cve, :secunia, :osvdb, :exploitdb, :url, :metasploit, :packetstorm, :securityfocus]
+    end
+
+    # @param [ Hash ] refs
+    def references=(refs)
+      @references = {}
+
+      references_keys.each do |key|
+        @references[key] = [*refs[key]].map(&:to_s) if refs.key?(key)
+      end
+    end
+
+    # @return [ Hash ]
+    def references
+      @references ||= {}
+    end
+
     # @return [ Array<String> ] All the references URLs
     def references_urls
       cve_urls + secunia_urls + osvdb_urls + exploitdb_urls + urls + msf_urls +
@@ -9,7 +28,7 @@ module CMSScanner
 
     # @return [ Array<String> ] The CVEs
     def cves
-      @cve ||= [*references[:cve]].map(&:to_s)
+      @cve ||= references[:cve] || []
     end
 
     # @return [ Array<String> ]
@@ -24,7 +43,7 @@ module CMSScanner
 
     # @return [ Array<String> ] The Secunia IDs
     def secunia_ids
-      @secunia_ids ||= [*references[:secunia]].map(&:to_s)
+      @secunia_ids ||= references[:secunia] || []
     end
 
     # @return [ Array<String> ]
@@ -39,7 +58,7 @@ module CMSScanner
 
     # @return [ Array<String> ] The OSVDB IDs
     def osvdb_ids
-      @osvdb_ids ||= [*references[:osvdb]].map(&:to_s)
+      @osvdb_ids ||= references[:osvdb] || []
     end
 
     # @return [ Array<String> ]
@@ -54,7 +73,7 @@ module CMSScanner
 
     # @return [ Array<String> ] The ExploitDB ID
     def exploitdb_ids
-      @exploitdb_ids ||= [*references[:exploitdb]].map(&:to_s)
+      @exploitdb_ids ||= references[:exploitdb] || []
     end
 
     # @return [ Array<String> ]
@@ -69,12 +88,12 @@ module CMSScanner
 
     # @return [ String<Array> ]
     def urls
-      @urls ||= [*references[:url]].map(&:to_s)
+      @urls ||= references[:url] || []
     end
 
     # @return [ Array<String> ] The metasploit modules
     def msf_modules
-      @msf_modules ||= [*references[:metasploit]].map(&:to_s)
+      @msf_modules ||= references[:metasploit] || []
     end
 
     # @return [ Array<String> ]
@@ -89,7 +108,7 @@ module CMSScanner
 
     # @return [ Array<String> ] The Packetstormsecurity IDs
     def packetstorm_ids
-      @packetstorm_ids ||= [*references[:packetstorm]].map(&:to_s)
+      @packetstorm_ids ||= references[:packetstorm] || []
     end
 
     # @return [ Array<String> ]
@@ -104,7 +123,7 @@ module CMSScanner
 
     # @return [ Array<String> ] The Security Focus IDs
     def securityfocus_ids
-      @securityfocus_ids ||= [*references[:securityfocus]].map(&:to_s)
+      @securityfocus_ids ||= references[:securityfocus] || []
     end
 
     # @return [ Array<String> ]

data/lib/cms_scanner/version.rb

@@ -1,4 +1,4 @@
 # Version
 module CMSScanner
-  VERSION = '0.0.34'
+  VERSION = '0.0.35'
 end

data/lib/cms_scanner/vulnerability.rb

@@ -1,9 +1,11 @@
-require 'cms_scanner/vulnerability/references'
+require 'cms_scanner/references'
 
 module CMSScanner
   # Generic Vulnerability
   class Vulnerability
-    attr_reader :title, :references, :type, :fixed_in
+    include References
+
+    attr_reader :title, :type, :fixed_in
 
     # @param [ String ] title
     # @param [ Hash ] references
@@ -16,10 +18,11 @@ module CMSScanner
     # @param [ String ] type
     # @param [ String ] fixed_in
     def initialize(title, references = {}, type = nil, fixed_in = nil)
-      @title      = title
-      @references = references
-      @type       = type
-      @fixed_in   = fixed_in
+      @title    = title
+      @type     = type
+      @fixed_in = fixed_in
+
+      self.references = references
     end
 
     # param [ Vulnerability ] other

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: cms_scanner
 version: !ruby/object:Gem::Version
-  version: 0.0.34
+  version: 0.0.35
 platform: ruby
 authors:
-- 'WPScanTeam '
+- WPScanTeam
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-07-13 00:00:00.000000000 Z
+date: 2015-07-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: opt_parse_validator
@@ -280,6 +280,7 @@ files:
 - lib/cms_scanner/formatter/buffer.rb
 - lib/cms_scanner/helper.rb
 - lib/cms_scanner/public_suffix/domain.rb
+- lib/cms_scanner/references.rb
 - lib/cms_scanner/target.rb
 - lib/cms_scanner/target/hashes.rb
 - lib/cms_scanner/target/platform.rb
@@ -294,7 +295,6 @@ files:
 - lib/cms_scanner/typhoeus/response.rb
 - lib/cms_scanner/version.rb
 - lib/cms_scanner/vulnerability.rb
-- lib/cms_scanner/vulnerability/references.rb
 - lib/cms_scanner/web_site.rb
 homepage: https://github.com/wpscanteam/CMSScanner
 licenses: