def process_hash_result result
return unless original? result
input = nil
call = result[:call]
if DIGEST_CALLS.include? call.method
if input = user_input_as_arg?(call)
confidence = :high
elsif input = hashing_password?(call)
confidence = :high
else
confidence = :medium
end
else
confidence = :medium
end
message = msg("Weak hashing algorithm used")
case call.target.last
when :MD5
message << ": " << msg_lit("MD5")
when :SHA1
message << ": " << msg_lit("SHA1")
end
warn :result => result,
:warning_type => "Weak Hash",
:warning_code => :weak_hash_digest,
:message => message,
:confidence => confidence,
:user_input => input
end