Skip to content

Commit

Permalink
Merge branch 'tkt_287_nuclei_cwe_can_be_empty' into 'dev'
Browse files Browse the repository at this point in the history 
Adds check to nuclei y wpscan

Closes #287

See merge request faradaysec/faraday-plugins!215
  • Loading branch information
Nicolas Rebagliati committed Nov 16, 2022
2 parents a99d675 + 87ce65a commit b6082ac
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 11 deletions.
1 change: 1 addition & 0 deletions CHANGELOG/current/add_check_cwe_nuclei.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
[FIX] Nuclei's plugin check if the cwe is null and add retrocompability for newer versions for wpscan plugin
11 changes: 6 additions & 5 deletions faraday_plugins/plugins/repo/nuclei/plugin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,11 +97,11 @@ def parseOutputString(self, output, debug=False):
if cve:
cve = [x.upper() for x in cve]

# TODO CVSSv2, CVSSv3, CWE and CAPEC
#cvssv2 = vuln_dict['info'].get('classification', {}).get('cvss-score')
#cvssv3 = vuln_dict['info'].get('classification', {}).get('cvss-metrics')
vector_string = vuln_dict['info'].get('classification', {}).get('cvss-metrics')
cvss3 = {"vector_string": vector_string} if vector_string else None
cwe = vuln_dict['info'].get('classification', {}).get('cwe-id', [])
cwe = [x.upper() for x in cwe]
if cwe:
cwe = [x.upper() for x in cwe]
#capec = vuln_dict['info'].get('metadata', {}).get('capec', [])
#if isinstance(capec, str):
# capec = capec.upper().split(',')
Expand Down Expand Up @@ -162,7 +162,8 @@ def parseOutputString(self, output, debug=False):
path=matched_data.path,
data="\n".join(data),
external_id=f"NUCLEI-{vuln_dict.get('template-id', '')}",
run_date=run_date
run_date=run_date,
cvss3=cvss3
)

def processCommandString(self, username, current_path, command_string):
Expand Down
15 changes: 9 additions & 6 deletions faraday_plugins/plugins/repo/wpscan/plugin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,8 @@ def __init__(self, *arg, **kwargs):
self.name = "WPscan"
self.plugin_version = "0.2"
self.version = "3.4.5"
self.json_keys = {"target_url", "effective_url", "interesting_findings"}
self.json_keys = [{"target_url", "effective_url", "interesting_findings"},
{"target_url", "effective_url", "plugins"}]
self._command_regex = re.compile(r'^(sudo wpscan|wpscan)\s+.*?')
self._use_temp_file = True
self._temp_file_extension = "json"
Expand All @@ -74,16 +75,18 @@ def parseOutputString(self, output):
for user, data in parser.json_data.get('users', {}).items():
self.createAndAddCredToService(host_id, service_id, user, "")
main_theme = parser.json_data.get("main_theme", {})
for vuln in main_theme.get("vulnerabilities", []):
wpvulndb = ",".join(vuln['references'].get('wpvulndb', []))
self.createAndAddVulnWebToService(host_id, service_id, vuln['title'], ref=vuln['references'].get('url', []),
severity='unclassified', external_id=wpvulndb)
if main_theme:
for vuln in main_theme.get("vulnerabilities", []):
wpvulndb = ",".join(vuln['references'].get('wpvulndb', []))
self.createAndAddVulnWebToService(host_id, service_id, vuln['title'], ref=vuln['references'].get('url', []),
severity='unclassified', external_id=wpvulndb)
for plugin, plugin_data in parser.json_data.get("plugins", {}).items():
for vuln in plugin_data['vulnerabilities']:
wpvulndb = ",".join(vuln['references'].get('wpvulndb', []))
cve = ["CVE-"+ cve for cve in vuln['references'].get('cve')] if vuln['references'].get('cve') else []
self.createAndAddVulnWebToService(host_id, service_id, f"{plugin}: {vuln['title']}",
ref=vuln['references'].get('url', []),
severity='unclassified', external_id=wpvulndb)
severity='unclassified', external_id=wpvulndb, cve=cve)
for vuln in parser.json_data.get("interesting_findings", []):
if vuln['to_s'].startswith('http'):
vuln_name = f"{vuln['type']}: {vuln['to_s']}"
Expand Down

0 comments on commit b6082ac

Please sign in to comment.