/** * @param $name * @return bool|null|\VulnModule\Vulnerability */ public function hasVulnerabilityInTree($name) { if (!is_string($name)) { throw new \InvalidArgumentException("Vulnerability name must be a string. Provided: '{$name}'"); } if ($this->vulnerabilitySet->hasOwnVulnerability($name)) { return true; } else { if ($this->getParent()) { return $this->getParent()->hasVulnerabilityInTree($name); } else { return false; } } }
/** * Builds vulnerability set from list of vulns * @param $vulnList * @return VulnerabilitySet */ protected function buildVulnerabilitySetFromArray($vulnList) { $resultSet = new VulnerabilitySet(); if (!is_array($vulnList) || empty($vulnList)) { return $resultSet; } $factory = VulnerabilityFactory::instance(); foreach ($vulnList as $name => $data) { if (!$factory->exists($name)) { continue; } $vuln = $factory->create($name); $vuln->fillFromArray($data); $resultSet->set($vuln); } return $resultSet; }
protected function buildAllVulnerabilitiesForm() { $allVulnsSet = new VulnerabilitySet(); $vulns = VulnerabilityFactory::instance()->getAllVulnerabilityNames(); foreach ($vulns as $vulnName) { $vulnType = 'VulnModule\\Vulnerability\\' . $vulnName; if (class_exists($vulnType)) { $vuln = new $vulnType(); } else { $vuln = new V(); } $allVulnsSet->set($vuln); } $vulnBuilder = $this->getFormFactory()->createBuilder('form', ['__ALL_VULNS__' => $allVulnsSet])->add('__ALL_VULNS__', 'vulnerability_set'); return $vulnBuilder->getForm(); }
/** * @param $vulnerabilities * @return VulnerabilitySet */ protected function buildVulnerabilitySetFromArray($vulnerabilities) { $vulnerabilitySet = new VulnerabilitySet(); if (!is_array($vulnerabilities)) { return $vulnerabilitySet; } $vulnNames = self::getVulnerabilityNames(); $factory = VulnerabilityFactory::instance(); // Vulnerabilities are set as array values foreach ($vulnNames as $oldName => $newName) { if (in_array($oldName, $vulnerabilities)) { $vulnerabilitySet->set($factory->create($newName)); } } // Vulnerabilities are set as array keys foreach ($vulnNames as $oldName => $newName) { if (!array_key_exists($oldName, $vulnerabilities)) { continue; } $vuln = $factory->create($newName); if (is_array($vulnerabilities[$oldName])) { if (array_key_exists('enabled', $vulnerabilities[$oldName])) { $vuln->setEnabled(!!$vulnerabilities[$oldName]['enabled']); } if ($oldName === 'xss') { if (array_key_exists('stored', $vulnerabilities[$oldName])) { /** @var XSS $vuln */ $vuln->setStored($vulnerabilities[$oldName]['stored']); } } if ($oldName === 'sql') { if (array_key_exists('blind', $vulnerabilities[$oldName])) { /** @var SQL $vuln */ $vuln->setBlind($vulnerabilities[$oldName]['blind']); } } } else { $vuln->setEnabled(!!$vulnerabilities[$oldName]); // It's enabled or not } $vulnerabilitySet->set($vuln); } return $vulnerabilitySet; }