Class: WPScan::Controller::VulnApi

Inherits:
Base
  • Object
show all
Defined in:
app/controllers/vuln_api.rb

Overview

Controller to handle the API token

Constant Summary collapse

ENV_KEY = 
'WPSCAN_API_TOKEN'

Constants included from OptParseValidator

OptParseValidator::VERSION

Instance Method Summary collapse

Methods inherited from Base

#==, #datastore, #formatter, #option_parser, option_parser=, #output, #render, reset, #run, #target, #tmp_directory, #user_interaction?

Instance Method Details

#after_scanObject 



36
37
38
 
# File 'app/controllers/vuln_api.rb', line 36

def after_scan
  output('status', status: DB::VulnApi.status, api_requests: WPScan.api_requests)
end

#before_scanObject

Raises:



24
25
26
27
28
29
30
31
32
33
34
 
# File 'app/controllers/vuln_api.rb', line 24

def before_scan
  return unless ParsedCli.api_token || ENV.key?(ENV_KEY)

  DB::VulnApi.token = ParsedCli.api_token || ENV.fetch(ENV_KEY, nil)

  api_status = DB::VulnApi.status

  raise Error::InvalidApiToken if api_status['status'] == 'forbidden'
  raise Error::ApiLimitReached if api_status['requests_remaining'] == 0
  raise Error::ApiConnectionError, api_status['http_error'] if api_status['http_error']
end

#cli_optionsObject 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
 
# File 'app/controllers/vuln_api.rb', line 9

def cli_options
  [
    OptString.new(
      ['--api-token TOKEN',
       'The WPScan API Token to display vulnerability data, available at https://wpscan.com/profile']
    ),
    OptBoolean.new(
      ['--proxy-target-only',
       'When used with --proxy, the proxy is only applied to requests made to the target, ' \
       'not to requests made to the WPScan API or database repository (data.wpscan.org). ' \
       'Has no effect unless --proxy is also set.']
    )
  ]
end