Class: CMSScanner::Vulnerability

Inherits:
Object
  • Object
show all
Defined in:
lib/cms_scanner/vulnerability.rb,
lib/cms_scanner/vulnerability/references.rb

Overview

References related to the vulnerability

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(title, references = {}, type = nil, fixed_in = nil) ⇒ Vulnerability

Returns a new instance of Vulnerability.

Parameters:

  • title (String)
  • references (Hash) (defaults to: {})
  • type (String) (defaults to: nil)
  • fixed_in (String) (defaults to: nil)

Options Hash (references):

  • cve (Array<String>, String)
  • secunia (Array<String>, String)
  • osvdb (Array<String>, String)
  • exploitdb (Array<String>, String)
  • url (Array<String>)

    URL(s) to related advisories etc

  • metasploit (Array<String>, String)

    The related metasploit module(s)



18
19
20
21
22
23
 
# File 'lib/cms_scanner/vulnerability.rb', line 18

def initialize(title, references = {}, type = nil, fixed_in = nil)
  @title      = title
  @references = references
  @type       = type
  @fixed_in   = fixed_in
end

Instance Attribute Details

#fixed_inObject (readonly)

Returns the value of attribute fixed_in.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def fixed_in
  @fixed_in
end

#referencesObject (readonly)

Returns the value of attribute references.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def references
  @references
end

#titleObject (readonly)

Returns the value of attribute title.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def title
  @title
end

#typeObject (readonly)

Returns the value of attribute type.



6
7
8
 
# File 'lib/cms_scanner/vulnerability.rb', line 6

def type
  @type
end

Instance Method Details

#==(other) ⇒ Boolean

param [ Vulnerability ] other

Returns:

  • (Boolean) 


28
29
30
31
32
33
 
# File 'lib/cms_scanner/vulnerability.rb', line 28

def ==(other)
  title == other.title &&
    type == other.type &&
    references == other.references &&
    fixed_in == other.fixed_in
end

#cve_url(cve) ⇒ String

Returns The URL to the CVE.

Returns:

  • (String)

    The URL to the CVE



21
22
23
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 21

def cve_url(cve)
  "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-#{cve}"
end

#cve_urlsArray<String>

Returns:

  • (Array<String>) 


16
17
18
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 16

def cve_urls
  cves.reduce([]) { |a, e| a << cve_url(e) }
end

#cvesArray<String>

Returns The CVEs.

Returns:

  • (Array<String>)

    The CVEs



11
12
13
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 11

def cves
  @cve ||= [*references[:cve]].map(&:to_s)
end

#exploitdb_idsArray<String>

Returns The ExploitDB ID.

Returns:

  • (Array<String>)

    The ExploitDB ID



56
57
58
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 56

def exploitdb_ids
  @exploitdb_ids ||= [*references[:exploitdb]].map(&:to_s)
end

#exploitdb_url(id) ⇒ String

Returns:

  • (String) 


66
67
68
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 66

def exploitdb_url(id)
  "https://www.exploit-db.com/exploits/#{id}/"
end

#exploitdb_urlsArray<String>

Returns:

  • (Array<String>) 


61
62
63
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 61

def exploitdb_urls
  exploitdb_ids.reduce([]) { |a, e| a << exploitdb_url(e) }
end

#msf_modulesArray<String>

Returns The metasploit modules.

Returns:

  • (Array<String>)

    The metasploit modules



76
77
78
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 76

def msf_modules
  @msf_modules ||= [*references[:metasploit]].map(&:to_s)
end

#msf_url(mod) ⇒ String

Returns The URL to the metasploit module page.

Returns:

  • (String)

    The URL to the metasploit module page



86
87
88
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 86

def msf_url(mod)
  "https://www.rapid7.com/db/modules/#{mod.sub(%r{^/}, '')}"
end

#msf_urlsArray<String>

Returns:

  • (Array<String>) 


81
82
83
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 81

def msf_urls
  msf_modules.reduce([]) { |a, e| a << msf_url(e) }
end

#osvdb_idsArray<String>

Returns The OSVDB IDs.

Returns:

  • (Array<String>)

    The OSVDB IDs



41
42
43
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 41

def osvdb_ids
  @osvdb_ids ||= [*references[:osvdb]].map(&:to_s)
end

#osvdb_url(id) ⇒ String

Returns The URL to the ExploitDB advisory.

Returns:

  • (String)

    The URL to the ExploitDB advisory



51
52
53
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 51

def osvdb_url(id)
  "http://osvdb.org/show/osvdb/#{id}"
end

#osvdb_urlsArray<String>

Returns:

  • (Array<String>) 


46
47
48
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 46

def osvdb_urls
  osvdb_ids.reduce([]) { |a, e| a << osvdb_url(e) }
end

#packetstorm_idsArray<String>

Returns The Packetstormsecurity IDs.

Returns:

  • (Array<String>)

    The Packetstormsecurity IDs



91
92
93
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 91

def packetstorm_ids
  @packetstorm_ids ||= [*references[:packetstorm]].map(&:to_s)
end

#packetstorm_url(id) ⇒ String

Returns:

  • (String) 


101
102
103
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 101

def packetstorm_url(id)
  "http://packetstormsecurity.com/files/#{id}/"
end

#packetstorm_urlsArray<String>

Returns:

  • (Array<String>) 


96
97
98
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 96

def packetstorm_urls
  packetstorm_ids.reduce([]) { |a, e| a << packetstorm_url(e) }
end

#references_urlsArray<String>

Returns All the references URLs.

Returns:

  • (Array<String>)

    All the references URLs



5
6
7
8
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 5

def references_urls
  cve_urls + secunia_urls + osvdb_urls + exploitdb_urls + urls + msf_urls +
    packetstorm_urls + securityfocus_urls
end

#secunia_idsArray<String>

Returns The Secunia IDs.

Returns:

  • (Array<String>)

    The Secunia IDs



26
27
28
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 26

def secunia_ids
  @secunia_ids ||= [*references[:secunia]].map(&:to_s)
end

#secunia_url(id) ⇒ String

Returns The URL to the Secunia advisory.

Returns:

  • (String)

    The URL to the Secunia advisory



36
37
38
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 36

def secunia_url(id)
  "https://secunia.com/advisories/#{id}/"
end

#secunia_urlsArray<String>

Returns:

  • (Array<String>) 


31
32
33
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 31

def secunia_urls
  secunia_ids.reduce([]) { |a, e| a << secunia_url(e) }
end

#securityfocus_idsArray<String>

Returns The Security Focus IDs.

Returns:

  • (Array<String>)

    The Security Focus IDs



106
107
108
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 106

def securityfocus_ids
  @securityfocus_ids ||= [*references[:securityfocus]].map(&:to_s)
end

#securityfocus_url(id) ⇒ String

Returns:

  • (String) 


116
117
118
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 116

def securityfocus_url(id)
  "http://www.securityfocus.com/bid/#{id}/"
end

#securityfocus_urlsArray<String>

Returns:

  • (Array<String>) 


111
112
113
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 111

def securityfocus_urls
  securityfocus_ids.reduce([]) { |a, e| a << securityfocus_url(e) }
end

#urlsString<Array>

Returns:

  • (String<Array>) 


71
72
73
 
# File 'lib/cms_scanner/vulnerability/references.rb', line 71

def urls
  @urls ||= [*references[:url]].map(&:to_s)
end