/**
* @param $name
* @return bool|null|\VulnModule\Vulnerability
*/
public function hasVulnerabilityInTree($name)
{
if (!is_string($name)) {
throw new \InvalidArgumentException("Vulnerability name must be a string. Provided: '{$name}'");
}
if ($this->vulnerabilitySet->hasOwnVulnerability($name)) {
return true;
} else {
if ($this->getParent()) {
return $this->getParent()->hasVulnerabilityInTree($name);
} else {
return false;
}
}
}
/**
* Builds vulnerability set from list of vulns
* @param $vulnList
* @return VulnerabilitySet
*/
protected function buildVulnerabilitySetFromArray($vulnList)
{
$resultSet = new VulnerabilitySet();
if (!is_array($vulnList) || empty($vulnList)) {
return $resultSet;
}
$factory = VulnerabilityFactory::instance();
foreach ($vulnList as $name => $data) {
if (!$factory->exists($name)) {
continue;
}
$vuln = $factory->create($name);
$vuln->fillFromArray($data);
$resultSet->set($vuln);
}
return $resultSet;
}
protected function buildAllVulnerabilitiesForm()
{
$allVulnsSet = new VulnerabilitySet();
$vulns = VulnerabilityFactory::instance()->getAllVulnerabilityNames();
foreach ($vulns as $vulnName) {
$vulnType = 'VulnModule\\Vulnerability\\' . $vulnName;
if (class_exists($vulnType)) {
$vuln = new $vulnType();
} else {
$vuln = new V();
}
$allVulnsSet->set($vuln);
}
$vulnBuilder = $this->getFormFactory()->createBuilder('form', ['__ALL_VULNS__' => $allVulnsSet])->add('__ALL_VULNS__', 'vulnerability_set');
return $vulnBuilder->getForm();
}
/**
* @param $vulnerabilities
* @return VulnerabilitySet
*/
protected function buildVulnerabilitySetFromArray($vulnerabilities)
{
$vulnerabilitySet = new VulnerabilitySet();
if (!is_array($vulnerabilities)) {
return $vulnerabilitySet;
}
$vulnNames = self::getVulnerabilityNames();
$factory = VulnerabilityFactory::instance();
// Vulnerabilities are set as array values
foreach ($vulnNames as $oldName => $newName) {
if (in_array($oldName, $vulnerabilities)) {
$vulnerabilitySet->set($factory->create($newName));
}
}
// Vulnerabilities are set as array keys
foreach ($vulnNames as $oldName => $newName) {
if (!array_key_exists($oldName, $vulnerabilities)) {
continue;
}
$vuln = $factory->create($newName);
if (is_array($vulnerabilities[$oldName])) {
if (array_key_exists('enabled', $vulnerabilities[$oldName])) {
$vuln->setEnabled(!!$vulnerabilities[$oldName]['enabled']);
}
if ($oldName === 'xss') {
if (array_key_exists('stored', $vulnerabilities[$oldName])) {
/** @var XSS $vuln */
$vuln->setStored($vulnerabilities[$oldName]['stored']);
}
}
if ($oldName === 'sql') {
if (array_key_exists('blind', $vulnerabilities[$oldName])) {
/** @var SQL $vuln */
$vuln->setBlind($vulnerabilities[$oldName]['blind']);
}
}
} else {
$vuln->setEnabled(!!$vulnerabilities[$oldName]);
// It's enabled or not
}
$vulnerabilitySet->set($vuln);
}
return $vulnerabilitySet;
}
