pvdl/check.rb

## check.rb
require 'typhoeus'
require 'nokogiri'
#require 'ruby-progressbar'

db_dir = 'data'
@plugin_vulns  = Nokogiri::XML.parse(open(db_dir + '/plugin_vulns.xml')).to_s
@theme_vulns   = Nokogiri::XML.parse(open(db_dir + '/theme_vulns.xml')).to_s
@version_vulns = Nokogiri::XML.parse(open(db_dir + '/wp_vulns.xml')).to_s

class AdvisoriesParser

  @@pagination = 0
  def self.pagination
    @@pagination
  end

  def search_url
    nil
  end

  def nextpage
    @@pagination = @@pagination+1
  end

  def index(i=0)
    @@pagination = i
  end


  def parse(url = nil)
    @url = url || self.search_url
    @page = Nokogiri::HTML.parse(Typhoeus.get(@url).body)

    p 'Parsing ' + @url
    return results = parse_current_page

    results
  end
end

class SecuniaParser < AdvisoriesParser
  def search_url
    'http://secunia.com/community/advisories/search/?search=Wordpress&page=' + AdvisoriesParser.pagination.to_s
  end

  def parse_current_page
    results = []

    @page.search('tr[bgcolor="#FFFFFF"] td[style="padding-left: 6px;"] a').each do |node|
      temp = node.attribute('href').text
      results << temp.match(/\d+/)
    end
    results
  end
end

class OsvdbParser < AdvisoriesParser
  # Fake example: http://osvdb.org/94686

  def search_url
    'http://osvdb.org/search/search?search[vuln_title]=wordpress&search[text_type]=titles&page=' + AdvisoriesParser.pagination.next.to_s
  end

  # return an Array of osvdb ids
  def parse_current_page
    results = []

    @page.xpath('//a[@href[contains(.,"/show/osvdb/")]]').each do |node|
      results << node.text
    end
    results
  end
end

class ExploitdbParser < AdvisoriesParser

  def search_url
    'http://www.exploit-db.com/search/?action=search&filter_description=wordpress&filter_page=' + AdvisoriesParser.pagination.next.to_s
  end

  # return an Array of explot-db ids
  def parse_current_page
    results = []

    @page.search('td.list_explot_description a').each do |node|
      temp = node.attribute('href').text
      results << temp.match(/\d+/)
    end

    results
  end
end

class PacketstormParser < AdvisoriesParser

  def search_url
    'http://packetstormsecurity.com/search/files/page' + AdvisoriesParser.pagination.next.to_s + '/?q=wordpress'
  end

  # return an Array of ids
  def parse_current_page
    results = []

    @page.search('dt a').each do |node|
      temp = node.attribute('href').text
      results << temp.match(/\d+/)
    end
    results
  end
end

class SecurityfocusParser < AdvisoriesParser

  def search_url
    'http://www.securityfocus.com/cgi-bin/index.cgi?o=' + (AdvisoriesParser.pagination * 30).to_s + '&l=' + (AdvisoriesParser.pagination * 30 + 30).to_s + '&c=12&op=display_list&vendor=W
ordPress&version=&title=&CVE='
  end

  # return an Array of explot-db ids
  def parse_current_page
    results = []

    @page.search('div a').each do |node|
      temp = node.attribute('href').text
      results << temp.match(/\d{5,6}/)
    end
    results.uniq
  end
end


def in_db?(tag)
  [@plugin_vulns, @theme_vulns, @version_vulns].each do |vulns_file|
    return true if vulns_file =~ %r{#{tag}}
  end
  false
end

global        = AdvisoriesParser.new
global.index(ARGV[0].to_i)
osvdb         = OsvdbParser.new
secunia       = SecuniaParser.new
exploitdb     = ExploitdbParser.new
packetstorm   = PacketstormParser.new
securityfocus = SecurityfocusParser.new

# puts global.nextpage
advisories = osvdb.parse
advisories.each do |advisory|
  tag =  "<osvdb>#{advisory}</osvdb>"
  url = "http://osvdb.org/#{advisory}"

  print url + ' '

  if in_db?(tag)
    puts 'OK'
  else
    puts 'Not in DB'
  end
end

advisories = secunia.parse
advisories.each do |advisory|
  tag =  "<secunia>#{advisory}</secunia>"
  url = "http://secunia.com/advisories/#{advisory}"

  print url + ' '

  if in_db?(tag)
    puts 'OK'
  else
    puts 'Not in DB'
  end
end

advisories = exploitdb.parse
advisories.each do |advisory|
  tag =  "<exploitdb>#{advisory}</exploitdb>"
  url = "http://www.exploit-db.com/exploits/#{advisory}"

  print url + ' '

  if in_db?(tag)
    puts 'OK'
  else
    puts 'Not in DB'
  end
end


advisories = packetstorm.parse
advisories.each do |advisory|
  tag =  "<url>http://packetstormsecurity.com/files/#{advisory}/</url>"
  url = "http://packetstormsecurity.com/files/#{advisory}/"

  print url + ' '

  if in_db?(tag)
    puts 'OK'
  else
    puts 'Not in DB'
  end
end

advisories = securityfocus.parse
advisories.each do |advisory|
  tag =  "<url>http://www.securityfocus.com/bid/#{advisory}</url>"
  url = "http://www.securityfocus.com/bid/#{advisory}"

  print url + ' '

  if in_db?(tag)
    puts 'OK'
  else
    puts 'Not in DB'
  end
end
	require 'typhoeus'
	require 'nokogiri'
	#require 'ruby-progressbar'

	db_dir = 'data'
	@plugin_vulns = Nokogiri::XML.parse(open(db_dir + '/plugin_vulns.xml')).to_s
	@theme_vulns = Nokogiri::XML.parse(open(db_dir + '/theme_vulns.xml')).to_s
	@version_vulns = Nokogiri::XML.parse(open(db_dir + '/wp_vulns.xml')).to_s

	class AdvisoriesParser

	@@pagination = 0
	def self.pagination
	@@pagination
	end

	def search_url
	nil
	end

	def nextpage
	@@pagination = @@pagination+1
	end

	def index(i=0)
	@@pagination = i
	end


	def parse(url = nil)
	@url = url \|\| self.search_url
	@page = Nokogiri::HTML.parse(Typhoeus.get(@url).body)

	p 'Parsing ' + @url
	return results = parse_current_page

	results
	end
	end

	class SecuniaParser < AdvisoriesParser
	def search_url
	'http://secunia.com/community/advisories/search/?search=Wordpress&page=' + AdvisoriesParser.pagination.to_s
	end

	def parse_current_page
	results = []

	@page.search('tr[bgcolor="#FFFFFF"] td[style="padding-left: 6px;"] a').each do \|node\|
	temp = node.attribute('href').text
	results << temp.match(/\d+/)
	end
	results
	end
	end

	class OsvdbParser < AdvisoriesParser
	# Fake example: http://osvdb.org/94686

	def search_url
	'http://osvdb.org/search/search?search[vuln_title]=wordpress&search[text_type]=titles&page=' + AdvisoriesParser.pagination.next.to_s
	end

	# return an Array of osvdb ids
	def parse_current_page
	results = []

	@page.xpath('//a[@href[contains(.,"/show/osvdb/")]]').each do \|node\|
	results << node.text
	end
	results
	end
	end

	class ExploitdbParser < AdvisoriesParser

	def search_url
	'http://www.exploit-db.com/search/?action=search&filter_description=wordpress&filter_page=' + AdvisoriesParser.pagination.next.to_s
	end

	# return an Array of explot-db ids
	def parse_current_page
	results = []

	@page.search('td.list_explot_description a').each do \|node\|
	temp = node.attribute('href').text
	results << temp.match(/\d+/)
	end

	results
	end
	end

	class PacketstormParser < AdvisoriesParser

	def search_url
	'http://packetstormsecurity.com/search/files/page' + AdvisoriesParser.pagination.next.to_s + '/?q=wordpress'
	end

	# return an Array of ids
	def parse_current_page
	results = []

	@page.search('dt a').each do \|node\|
	temp = node.attribute('href').text
	results << temp.match(/\d+/)
	end
	results
	end
	end

	class SecurityfocusParser < AdvisoriesParser

	def search_url
	'http://www.securityfocus.com/cgi-bin/index.cgi?o=' + (AdvisoriesParser.pagination * 30).to_s + '&l=' + (AdvisoriesParser.pagination * 30 + 30).to_s + '&c=12&op=display_list&vendor=W
	ordPress&version=&title=&CVE='
	end

	# return an Array of explot-db ids
	def parse_current_page
	results = []

	@page.search('div a').each do \|node\|
	temp = node.attribute('href').text
	results << temp.match(/\d{5,6}/)
	end
	results.uniq
	end
	end


	def in_db?(tag)
	[@plugin_vulns, @theme_vulns, @version_vulns].each do \|vulns_file\|
	return true if vulns_file =~ %r{#{tag}}
	end
	false
	end

	global = AdvisoriesParser.new
	global.index(ARGV[0].to_i)
	osvdb = OsvdbParser.new
	secunia = SecuniaParser.new
	exploitdb = ExploitdbParser.new
	packetstorm = PacketstormParser.new
	securityfocus = SecurityfocusParser.new

	# puts global.nextpage
	advisories = osvdb.parse
	advisories.each do \|advisory\|
	tag = "<osvdb>#{advisory}</osvdb>"
	url = "http://osvdb.org/#{advisory}"

	print url + ' '

	if in_db?(tag)
	puts 'OK'
	else
	puts 'Not in DB'
	end
	end

	advisories = secunia.parse
	advisories.each do \|advisory\|
	tag = "<secunia>#{advisory}</secunia>"
	url = "http://secunia.com/advisories/#{advisory}"

	print url + ' '

	if in_db?(tag)
	puts 'OK'
	else
	puts 'Not in DB'
	end
	end

	advisories = exploitdb.parse
	advisories.each do \|advisory\|
	tag = "<exploitdb>#{advisory}</exploitdb>"
	url = "http://www.exploit-db.com/exploits/#{advisory}"

	print url + ' '

	if in_db?(tag)
	puts 'OK'
	else
	puts 'Not in DB'
	end
	end


	advisories = packetstorm.parse
	advisories.each do \|advisory\|
	tag = "<url>http://packetstormsecurity.com/files/#{advisory}/</url>"
	url = "http://packetstormsecurity.com/files/#{advisory}/"

	print url + ' '

	if in_db?(tag)
	puts 'OK'
	else
	puts 'Not in DB'
	end
	end

	advisories = securityfocus.parse
	advisories.each do \|advisory\|
	tag = "<url>http://www.securityfocus.com/bid/#{advisory}</url>"
	url = "http://www.securityfocus.com/bid/#{advisory}"

	print url + ' '

	if in_db?(tag)
	puts 'OK'
	else
	puts 'Not in DB'
	end
	end