Added the --import option to all commands (closes #58).

lib/ronin/vulns/cli/commands/command_injection.rb

@@ -34,6 +34,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/commands/lfi.rb

@@ -34,6 +34,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/commands/open_redirect.rb

@@ -34,6 +34,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/commands/reflected_xss.rb

@@ -34,6 +34,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/commands/rfi.rb

@@ -34,6 +34,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/commands/scan.rb

@@ -34,6 +34,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/commands/sqli.rb

@@ -34,6 +34,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/commands/ssti.rb

@@ -35,6 +35,10 @@ module Commands
         #
         # ## Options
         #
+        #         --db NAME                    The database to connect to (Default: default)
+        #         --db-uri URI                 The database URI to connect to
+        #         --db-file PATH               The sqlite3 database file to use
+        #         --import                     Imports discovered vulnerabilities into the database
         #         --first                      Only find the first vulnerability for each URL
         #     -A, --all                        Find all vulnerabilities for each URL
         #         --print-curl                 Also prints an example curl command for each vulnerability

lib/ronin/vulns/cli/web_vuln_command.rb

@@ -19,6 +19,7 @@
 #
 
 require 'ronin/vulns/cli/command'
+require 'ronin/vulns/cli/importable'
 require 'ronin/vulns/cli/logging'
 
 require 'ronin/support/network/http/cookie'
@@ -35,7 +36,9 @@ class CLI
       class WebVulnCommand < Command
 
         include Logging
+        include Importable
 
+        option :import, desc: 'Imports discovered vulnerabilities into the database'
         option :first, short: '-F',
                        desc:  'Only find the first vulnerability for each URL' do
                          @scan_mode = :first
@@ -245,6 +248,8 @@ def run(*urls)
             exit(-1)
           end
 
+          db_connect if options[:import]
+
           vulns_discovered = false
 
           if options[:input]
@@ -283,13 +288,13 @@ def process_url(url)
 
           if @scan_mode == :first
             if (first_vuln = test_url(url))
-              log_vuln(first_vuln)
+              process_vuln(first_vuln)
 
               vuln_discovered = true
             end
           else
             scan_url(url) do |vuln|
-              log_vuln(vuln)
+              process_vuln(vuln)
 
               vuln_discovered = true
             end
@@ -298,6 +303,19 @@ def process_url(url)
           return vuln_discovered
         end
 
+        #
+        # Logs and optioanlly imports a new discovered web vulnerability.
+        #
+        # @param [WebVuln] vuln
+        #   The discovered web vulnerability.
+        #
+        # @since 0.2.0
+        #
+        def process_vuln(vuln)
+          log_vuln(vuln)
+          import_vuln(vuln) if options[:import]
+        end
+
         #
         # Logs a discovered web vulnerability.
         #

man/ronin-vulns-command-injection.1.md

@@ -17,6 +17,19 @@ option.
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.
 

man/ronin-vulns-lfi.1.md

@@ -17,6 +17,19 @@ option.
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.
 

man/ronin-vulns-open-redirect.1.md

@@ -16,6 +16,19 @@ as additional arguments or read from a file using the `--input` option.
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.
 

man/ronin-vulns-reflected-xss.1.md

@@ -17,6 +17,19 @@ to scan can be given as additional arguments or read from a file using the
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.
 

man/ronin-vulns-rfi.1.md

@@ -17,6 +17,19 @@ option.
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.
 

man/ronin-vulns-scan.1.md

@@ -16,6 +16,19 @@ additional arguments or read from a file using the `--input` option.
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.
 

man/ronin-vulns-sqli.1.md

@@ -17,6 +17,19 @@ option.
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.
 

man/ronin-vulns-ssti.1.md

@@ -17,6 +17,19 @@ to scan can be given as additional arguments or read from a file using the
 
 ## OPTIONS
 
+`--db` *NAME*
+  The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+  The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+  The sqlite3 database file to use.
+
+`--import`
+  Imports discovered vulnerabilities into the database.
+
 `--first`
   Only find the first vulnerability for each URL.