Finished! Importing wapiti now adds Mdm::WebVulns to the db.

However, I see no way to actually seeing the webvulns in framework
after importing the report.
unstable
root 2012-05-13 13:58:25 -07:00
parent b0b72b05d5
commit d0f49c1213
1 changed files with 42 additions and 10 deletions

View File

@ -3,7 +3,9 @@ require "rex/parser/nokogiri_doc_mixin"
module Rex
module Parser
load_nokoigiri && class WapitiDocument < Nokogiri::XML::SAX::Document
load_nokogiri && class WapitiDocument < Nokogiri::XML::SAX::Document
include NokogiriDocMixin
def start_element(name=nil,attrs=[])
attrs = normalize_attrs(attrs)
@ -11,16 +13,10 @@ module Rex
@state[:current_tag][name] = true
case name
when "report"
when "generateBy"
when "bugTypeList"
when "bugType"
when "bug"
when "timestamp"
@state[:has_text] = true
when "url"
@state[:has_text] = true
when "peer"
when "addr"
@state[:has_text] = true
when "port"
@ -33,8 +29,6 @@ module Rex
@state[:has_text] = true
when "solution"
@state[:has_text] = true
when "references"
when "reference"
when "title"
@state[:has_text] = true
end
@ -66,8 +60,46 @@ module Rex
end
end
def report_vuln
def report_vuln(&block)
p @state.inspect
proto = @state[:url].split(":")[0]
path = '/' + (@state[:url].split("/")[3..(@state[:url].split("/").length - 1)].join('/'))
web_vuln_info = {}
web_vuln_info[:web_site] = proto + "://" + @state[:host] + ":" + @state[:port]
web_vuln_info[:path] = path
web_vuln_info[:query] = @state[:url].split("?")[1]
if @state[:url].index(@state[:parameter])
web_vuln_info[:method] = "GET"
else
web_vuln_info[:method] = "POST"
end
@state[:parameter].split("&").each do |param|
if param.index("%27") #apostrophe
web_vuln_info[:pname] = param #sql injection
break
elsif param.index("alert")
web_vuln_info[:pname] = param #xss
end
end
web_vuln_info[:host] = @state[:host]
web_vuln_info[:port] = @state[:port]
web_vuln_info[:ssl] = (proto =~ /https/)
web_vuln_info[:proof] = ""
web_vuln_info[:risk] = ""
web_vuln_info[:params] = @state[:parameter]
web_vuln_info[:category] = "imported"
web_vuln_info[:confidence] = 90
web_vuln_info[:name] = @state[:info]
db.emit(:web_vuln, web_vuln_info[:name], &block) if block
vuln = db_report(:web_vuln, web_vuln_info)
p vuln.inspect
end
end
end
end