From e2d48bedd94346c8464e5964e4066c4c03c5c754 Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Tue, 11 Feb 2020 16:28:59 +0000
Subject: [PATCH] Better fix for #1451, adds target IP address to output, ref
 #1088

---
 lib/wpscan/db/updater.rb     | 8 ++++----
 lib/wpscan/db/vuln_api.rb    | 9 +++------
 spec/lib/db/vuln_api_spec.rb | 3 ++-
 wpscan.gemspec               | 2 +-
 4 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/lib/wpscan/db/updater.rb b/lib/wpscan/db/updater.rb
index 7e910eb83..38c841f9b 100644
--- a/lib/wpscan/db/updater.rb
+++ b/lib/wpscan/db/updater.rb
@@ -67,13 +67,13 @@ def missing_files?
       # @return [ Hash ] The params for Typhoeus::Request
       # @note Those params can't be overriden by CLI options
       def request_params
-        @request_params ||= {
+        @request_params ||= Browser.instance.default_connect_request_params.merge(
           timeout: 600,
           connecttimeout: 300,
           accept_encoding: 'gzip, deflate',
           cache_ttl: 0,
           headers: { 'User-Agent' => Browser.instance.default_user_agent, 'Referer' => nil }
-        }
+        )
       end
 
       # @return [ String ] The raw file URL associated with the given filename
@@ -85,7 +85,7 @@ def remote_file_url(filename)
       def remote_file_checksum(filename)
         url = "#{remote_file_url(filename)}.sha512"
 
-        res = Browser.get(url, request_params)
+        res = Typhoeus.get(url, request_params)
         raise Error::Download, res if res.timed_out? || res.code != 200
 
         res.body.chomp
@@ -126,7 +126,7 @@ def download(filename)
         file_path = local_file_path(filename)
         file_url  = remote_file_url(filename)
 
-        res = Browser.get(file_url, request_params)
+        res = Typhoeus.get(file_url, request_params)
         raise Error::Download, res if res.timed_out? || res.code != 200
 
         File.open(file_path, 'wb') { |f| f.write(res.body) }
diff --git a/lib/wpscan/db/vuln_api.rb b/lib/wpscan/db/vuln_api.rb
index 228a3f368..e86a1b488 100644
--- a/lib/wpscan/db/vuln_api.rb
+++ b/lib/wpscan/db/vuln_api.rb
@@ -66,17 +66,14 @@ def self.status
       end
 
       # @return [ Hash ]
-      # Those params can not be overriden by CLI options, except for the cache_ttl
+      # @note Those params can not be overriden by CLI options
       def self.default_request_params
-        @default_request_params ||= {
-          timeout: 30,
-          connecttimeout: 15,
-          cache_ttl: Browser.instance.cache_ttl,
+        Browser.instance.default_connect_request_params.merge(
           headers: {
             'User-Agent' => Browser.instance.default_user_agent,
             'Authorization' => "Token token=#{token}"
           }
-        }
+        )
       end
     end
   end
diff --git a/spec/lib/db/vuln_api_spec.rb b/spec/lib/db/vuln_api_spec.rb
index 3ef9d44de..df5a75700 100644
--- a/spec/lib/db/vuln_api_spec.rb
+++ b/spec/lib/db/vuln_api_spec.rb
@@ -5,8 +5,9 @@
 
   let(:request_headers) do
     {
+      'Expect' => nil,
       'User-Agent' => WPScan::Browser.instance.default_user_agent,
-      'Authorization' => 'Token token=s3cRet'
+      'Authorization' => 'Token token=' + api.token
     }
   end
 
diff --git a/wpscan.gemspec b/wpscan.gemspec
index f9fbf1c53..cbc1dce16 100644
--- a/wpscan.gemspec
+++ b/wpscan.gemspec
@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
   s.executables           = ['wpscan']
   s.require_paths         = ['lib']
 
-  s.add_dependency 'cms_scanner', '~> 0.8.1'
+  s.add_dependency 'cms_scanner', '~> 0.8.2'
 
   s.add_development_dependency 'bundler',             '>= 1.6'
   s.add_development_dependency 'coveralls',           '~> 0.8.0'