Fixes a bug where -e vp was displaying non vulnerable plugins - Ref #853

wpscanteam · Sep 6, 2015 · aa464b4 · aa464b4
1 parent 3c92712
commit aa464b4
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 72 deletions.
diff --git a/lib/common/collections/wp_items/detectable.rb b/lib/common/collections/wp_items/detectable.rb
@@ -32,11 +32,7 @@ def aggressive_detection(wp_target, options = {})
           progress_bar.progress += 1 if options[:show_progression]
 
           if target_item.exists?(exist_options, response)
-            unless results.include?(target_item)
-              if !options[:only_vulnerable] || options[:only_vulnerable] && target_item.vulnerable?
-                results << target_item
-              end
-            end
+            results << target_item unless results.include?(target_item)
           end
         end
 
@@ -53,7 +49,7 @@ def aggressive_detection(wp_target, options = {})
       # run the remaining requests
       hydra.run
 
-      results.select!(&:vulnerable?) if options[:only_vulnerable]
+      results.select!(&:vulnerable?) if options[:type] == :vulnerable
       results.sort!
 
       results  # can't just return results.sort as it would return an array, and we want a WpItems
@@ -155,7 +151,7 @@ def targets_items(wp_target, options = {})
       item_class = self.item_class
       vulns_file = self.vulns_file
 
-      targets = target_items(wp_target, item_class, vulns_file, options[:type])
+      targets = target_items_from_type(wp_target, item_class, vulns_file, options[:type])
 
       targets.uniq! { |t| t.name }
       targets.sort_by { rand }
@@ -166,7 +162,7 @@ def targets_items(wp_target, options = {})
     # @param [ String ] vulns_file
     #
     # @return [ Array<WpItem> ]
-    def target_items(wp_target, item_class, vulns_file, type)
+    def target_items_from_type(wp_target, item_class, vulns_file, type)
       targets = []
       json    = json(vulns_file)
 

diff --git a/spec/shared_examples/wp_items_detectable.rb b/spec/shared_examples/wp_items_detectable.rb
@@ -39,66 +39,6 @@
     end
   end
 
-  describe '::targets_items_from_file' do
-    after do
-      results = subject.send(:targets_items_from_file, file, wp_target, item_class, vulns_file)
-
-      expect(results.map { |i| i.name }).to eq @expected.map { |i| i.name }
-
-      unless results.empty?
-        results.each do |item|
-          expect(item).to be_a item_class
-        end
-      end
-    end
-
-    # should raise error.
-    # context 'when an empty file' do
-    #   let(:file) { empty_file }
-
-    #   it 'returns an empty Array' do
-    #     @expected = []
-    #   end
-    # end
-
-    context 'when a file' do
-      let(:file) { targets_items_file }
-
-      it 'returns the expected Array of WpItem' do
-        @expected = expected[:targets_items_from_file]
-      end
-    end
-  end
-
-  describe '::target_items' do
-    after do
-      results = subject.send(:target_items, wp_target, item_class, vulns_file, :all)
-
-      expect(results.map { |i| i.name }).to eq @expected.map { |i| i.name }
-
-      unless results.empty?
-        results.each do |item|
-          expect(item).to be_a item_class
-        end
-      end
-    end
-
-    # should raise error.
-    # context 'when an empty file' do
-    #   let(:file) { empty_file }
-
-    #   it 'returns an empty Array' do
-    #     @expected = []
-    #   end
-    # end
-
-    context 'when a file' do
-      it 'returns the expected Array of WpItem' do
-        @expected = expected[:vulnerable_targets_items]
-      end
-    end
-  end
-
   describe '::targets_items' do
     let(:options) { { type: :all } }
 
@@ -110,7 +50,7 @@
       end
     end
 
-    context 'when :only_vulnerable' do
+    context 'when :type = :vulnerable' do
       let(:options) { { type: :vulnerable } }
 
       it 'returns the expected Array of WpItem' do
@@ -160,8 +100,8 @@ def stub_targets_dont_exist(targets)
       expect(result.sort.map { |i| i.name }).to eq @expected.sort.map { |i| i.name }
     end
 
-    context 'when :only_vulnerable' do
-      let(:options) { { only_vulnerable: true } }
+    context 'when :type = :vulnerable' do
+      let(:options) { { type: :vulnerable } }
       let(:targets) { expected[:vulnerable_targets_items] }
 
       it 'only checks and return vulnerable targets' do
@@ -191,7 +131,7 @@ def stub_targets_dont_exist(targets)
       end
     end
 
-    context 'when no :only_vulnerable' do
+    context 'when no :type = :vulnerable' do
       let(:targets) { (expected[:vulnerable_targets_items] + expected[:targets_items_from_file]).uniq { |t| t.name } }
 
       it 'checks all targets, and merge the results with passive_detection' do