Class: CMSScanner::Vulnerability

Inherits:
Object
  • Object
show all
Defined in:
lib/cms_scanner/vulnerability.rb,
lib/cms_scanner/vulnerability/references.rb

Overview

References related to the vulnerability

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(title, references = {}, type = nil, fixed_in = nil) ⇒ Vulnerability

Returns a new instance of Vulnerability.

Parameters:

  • title (String)
  • references (Hash) (defaults to: {})
  • type (String) (defaults to: nil)
  • fixed_in (String) (defaults to: nil)

Options Hash (references):

  • cve (Array<String>, String)
  • secunia (Array<String>, String)
  • osvdb (Array<String>, String)
  • exploitdb (Array<String>, String)
  • url (Array<String>)

    URL(s) to related advisories etc

  • metasploit (Array<String>, String)

    The related metasploit module(s)



18
19
20
21
22
23
 
# File 'lib/cms_scanner/vulnerability.rb', line 18

def initialize(title, references = {}, type = nil, fixed_in = nil)
  @title      = title
  @references = references
  @type       = type
  @fixed_in   = fixed_in
end

Instance Attribute Details

#fixed_inObject (readonly)

Returns the value of attribute fixed_in.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def fixed_in
  @fixed_in
end

#referencesObject (readonly)

Returns the value of attribute references.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def references
  @references
end

#titleObject (readonly)

Returns the value of attribute title.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def title
  @title
end

#typeObject (readonly)

Returns the value of attribute type.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def type
  @type
end

Instance Method Details

#==(other) ⇒ Boolean

param [ Vulnerability ] other

Returns:

  • (Boolean) 


28
29
30
31
32
33
 
# File 'lib/cms_scanner/vulnerability.rb', line 28

def ==(other)
  title == other.title &&
    type == other.type &&
    references == other.references &&
    fixed_in == other.fixed_in
end

#cve_url(cve) ⇒ String

Returns The URL to the CVE.

Returns:

  • (String)

    The URL to the CVE



20
21
22
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 20

def cve_url(cve)
  "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-#{cve}"
end

#cve_urlsArray<String>

Returns:

  • (Array<String>) 


15
16
17
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 15

def cve_urls
  cves.reduce([]) { |a, e| a << cve_url(e) }
end

#cvesArray<String>

Returns The CVEs.

Returns:

  • (Array<String>)

    The CVEs



10
11
12
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 10

def cves
  @cve ||= [*references[:cve]].map(&:to_s)
end

#exploitdb_idsArray<String>

Returns The ExploitDB ID.

Returns:

  • (Array<String>)

    The ExploitDB ID



55
56
57
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 55

def exploitdb_ids
  @exploitdb_ids ||= [*references[:exploitdb]].map(&:to_s)
end

#exploitdb_url(id) ⇒ String

Returns:

  • (String) 


65
66
67
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 65

def exploitdb_url(id)
  "https://www.exploit-db.com/exploits/#{id}/"
end

#exploitdb_urlsArray<String>

Returns:

  • (Array<String>) 


60
61
62
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 60

def exploitdb_urls
  exploitdb_ids.reduce([]) { |a, e| a << exploitdb_url(e) }
end

#msf_modulesArray<String>

Returns The metasploit modules.

Returns:

  • (Array<String>)

    The metasploit modules



75
76
77
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 75

def msf_modules
  @msf_modules ||= [*references[:metasploit]].map(&:to_s)
end

#msf_url(mod) ⇒ String

Returns The URL to the metasploit module page.

Returns:

  • (String)

    The URL to the metasploit module page



85
86
87
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 85

def msf_url(mod)
  "http://www.rapid7.com/db/modules/#{mod.sub(%r{^/}, '')}"
end

#msf_urlsArray<String>

Returns:

  • (Array<String>) 


80
81
82
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 80

def msf_urls
  msf_modules.reduce([]) { |a, e| a << msf_url(e) }
end

#osvdb_idsArray<String>

Returns The OSVDB IDs.

Returns:

  • (Array<String>)

    The OSVDB IDs



40
41
42
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 40

def osvdb_ids
  @osvdb_ids ||= [*references[:osvdb]].map(&:to_s)
end

#osvdb_url(id) ⇒ String

Returns The URL to the ExploitDB advisory.

Returns:

  • (String)

    The URL to the ExploitDB advisory



50
51
52
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 50

def osvdb_url(id)
  "http://osvdb.org/#{id}"
end

#osvdb_urlsArray<String>

Returns:

  • (Array<String>) 


45
46
47
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 45

def osvdb_urls
  osvdb_ids.reduce([]) { |a, e| a << osvdb_url(e) }
end

#packetstorm_idsArray<String>

Returns The Packetstormsecurity ID.

Returns:

  • (Array<String>)

    The Packetstormsecurity ID



90
91
92
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 90

def packetstorm_ids
  @packetstorm_ids ||= [*references[:packetstorm]].map(&:to_s)
end

#packetstorm_url(id) ⇒ String

Returns:

  • (String) 


100
101
102
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 100

def packetstorm_url(id)
  "http://packetstormsecurity.com/files/#{id}/"
end

#packetstorm_urlsArray<String>

Returns:

  • (Array<String>) 


95
96
97
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 95

def packetstorm_urls
  packetstorm_ids.reduce([]) { |a, e| a << packetstorm_url(e) }
end

#references_urlsArray<String>

Returns All the references URLs.

Returns:

  • (Array<String>)

    All the references URLs



5
6
7
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 5

def references_urls
  cve_urls + secunia_urls + osvdb_urls + exploitdb_urls + urls + msf_urls + packetstorm_urls
end

#secunia_idsArray<String>

Returns The Secunia IDs.

Returns:

  • (Array<String>)

    The Secunia IDs



25
26
27
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 25

def secunia_ids
  @secunia_ids ||= [*references[:secunia]].map(&:to_s)
end

#secunia_url(id) ⇒ String

Returns The URL to the Secunia advisory.

Returns:

  • (String)

    The URL to the Secunia advisory



35
36
37
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 35

def secunia_url(id)
  "https://secunia.com/advisories/#{id}"
end

#secunia_urlsArray<String>

Returns:

  • (Array<String>) 


30
31
32
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 30

def secunia_urls
  secunia_ids.reduce([]) { |a, e| a << secunia_url(e) }
end

#urlsString<Array>

Returns:

  • (String<Array>) 


70
71
72
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 70

def urls
  @urls ||= [*references[:url]].map(&:to_s)
end