Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
wpscanteam
GitHub Repository: wpscanteam/wpscan
 Path: blob/master/app/controllers/vuln_api.rb
485 views
1
# frozen_string_literal: true

2


3
module WPScan

4
  module Controller

5
    # Controller to handle the API token

6
    class VulnApi < CMSScanner::Controller::Base

7
      ENV_KEY = 'WPSCAN_API_TOKEN'

8


9
      def cli_options

10
        [

11
          OptString.new(

12
            ['--api-token TOKEN',

13
             'The WPScan API Token to display vulnerability data, available at https://wpscan.com/profile']

14
          )

15
        ]

16
      end

17


18
      def before_scan

19
        return unless ParsedCli.api_token || ENV.key?(ENV_KEY)

20


21
        DB::VulnApi.token = ParsedCli.api_token || ENV[ENV_KEY]

22


23
        api_status = DB::VulnApi.status

24


25
        raise Error::InvalidApiToken if api_status['status'] == 'forbidden'

26
        raise Error::ApiLimitReached if api_status['requests_remaining'] == 0

27
        raise api_status['http_error'] if api_status['http_error']

28
      end

29


30
      def after_scan

31
        output('status', status: DB::VulnApi.status, api_requests: WPScan.api_requests)

32
      end

33
    end

34
  end

35
end

36


37