diff --git a/CHANGELOG/current/add_check_cwe_nuclei.md b/CHANGELOG/current/add_check_cwe_nuclei.md new file mode 100644 index 00000000..ff6b3fbe --- /dev/null +++ b/CHANGELOG/current/add_check_cwe_nuclei.md @@ -0,0 +1 @@ +[FIX] Nuclei's plugin check if the cwe is null and add retrocompability for newer versions for wpscan plugin diff --git a/faraday_plugins/plugins/repo/nuclei/plugin.py b/faraday_plugins/plugins/repo/nuclei/plugin.py index a6b4baa4..bd729ae5 100644 --- a/faraday_plugins/plugins/repo/nuclei/plugin.py +++ b/faraday_plugins/plugins/repo/nuclei/plugin.py @@ -97,11 +97,11 @@ def parseOutputString(self, output, debug=False): if cve: cve = [x.upper() for x in cve] - # TODO CVSSv2, CVSSv3, CWE and CAPEC - #cvssv2 = vuln_dict['info'].get('classification', {}).get('cvss-score') - #cvssv3 = vuln_dict['info'].get('classification', {}).get('cvss-metrics') + vector_string = vuln_dict['info'].get('classification', {}).get('cvss-metrics') + cvss3 = {"vector_string": vector_string} if vector_string else None cwe = vuln_dict['info'].get('classification', {}).get('cwe-id', []) - cwe = [x.upper() for x in cwe] + if cwe: + cwe = [x.upper() for x in cwe] #capec = vuln_dict['info'].get('metadata', {}).get('capec', []) #if isinstance(capec, str): # capec = capec.upper().split(',') @@ -162,7 +162,8 @@ def parseOutputString(self, output, debug=False): path=matched_data.path, data="\n".join(data), external_id=f"NUCLEI-{vuln_dict.get('template-id', '')}", - run_date=run_date + run_date=run_date, + cvss3=cvss3 ) def processCommandString(self, username, current_path, command_string): diff --git a/faraday_plugins/plugins/repo/wpscan/plugin.py b/faraday_plugins/plugins/repo/wpscan/plugin.py index 4ef763d2..1c01efab 100644 --- a/faraday_plugins/plugins/repo/wpscan/plugin.py +++ b/faraday_plugins/plugins/repo/wpscan/plugin.py @@ -54,7 +54,8 @@ def __init__(self, *arg, **kwargs): self.name = "WPscan" self.plugin_version = "0.2" self.version = "3.4.5" - self.json_keys = {"target_url", "effective_url", "interesting_findings"} + self.json_keys = [{"target_url", "effective_url", "interesting_findings"}, + {"target_url", "effective_url", "plugins"}] self._command_regex = re.compile(r'^(sudo wpscan|wpscan)\s+.*?') self._use_temp_file = True self._temp_file_extension = "json" @@ -74,16 +75,18 @@ def parseOutputString(self, output): for user, data in parser.json_data.get('users', {}).items(): self.createAndAddCredToService(host_id, service_id, user, "") main_theme = parser.json_data.get("main_theme", {}) - for vuln in main_theme.get("vulnerabilities", []): - wpvulndb = ",".join(vuln['references'].get('wpvulndb', [])) - self.createAndAddVulnWebToService(host_id, service_id, vuln['title'], ref=vuln['references'].get('url', []), - severity='unclassified', external_id=wpvulndb) + if main_theme: + for vuln in main_theme.get("vulnerabilities", []): + wpvulndb = ",".join(vuln['references'].get('wpvulndb', [])) + self.createAndAddVulnWebToService(host_id, service_id, vuln['title'], ref=vuln['references'].get('url', []), + severity='unclassified', external_id=wpvulndb) for plugin, plugin_data in parser.json_data.get("plugins", {}).items(): for vuln in plugin_data['vulnerabilities']: wpvulndb = ",".join(vuln['references'].get('wpvulndb', [])) + cve = ["CVE-"+ cve for cve in vuln['references'].get('cve')] if vuln['references'].get('cve') else [] self.createAndAddVulnWebToService(host_id, service_id, f"{plugin}: {vuln['title']}", ref=vuln['references'].get('url', []), - severity='unclassified', external_id=wpvulndb) + severity='unclassified', external_id=wpvulndb, cve=cve) for vuln in parser.json_data.get("interesting_findings", []): if vuln['to_s'].startswith('http'): vuln_name = f"{vuln['type']}: {vuln['to_s']}"