From 0b5d7ad147a48ca0e5b7182dba7a464771f9588d Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Sat, 19 Jan 2013 15:03:58 +0100
Subject: [PATCH] Fix #112 Multiple redirections detection

---
 lib/wpscan/modules/web_site.rb           | 10 ++++++++--
 spec/lib/wpscan/modules/web_site_spec.rb | 19 ++++++++++++++++++-
 spec/lib/wpscan/wp_target_spec.rb        |  3 ++-
 3 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/lib/wpscan/modules/web_site.rb b/lib/wpscan/modules/web_site.rb
index 2449d295..a815b641 100644
--- a/lib/wpscan/modules/web_site.rb
+++ b/lib/wpscan/modules/web_site.rb
@@ -70,8 +70,9 @@ module WebSite
     @xmlrpc_url
   end
 
-  # see if the remote url returns 30x redirect
-  # return a string with the redirection or nil
+  # See if the remote url returns 30x redirect
+  # This method is recursive
+  # Return a string with the redirection or nil
   def redirection(url = nil)
     redirection = nil
     url ||= @uri.to_s
@@ -79,6 +80,11 @@ module WebSite
 
     if response.code == 301 || response.code == 302
       redirection = response.headers_hash['location']
+
+      # Let's check if there is a redirection in the redirection
+      if other_redirection = redirection(redirection)
+        redirection = other_redirection
+      end
     end
 
     redirection
diff --git a/spec/lib/wpscan/modules/web_site_spec.rb b/spec/lib/wpscan/modules/web_site_spec.rb
index fe2a3caa..7593c28a 100644
--- a/spec/lib/wpscan/modules/web_site_spec.rb
+++ b/spec/lib/wpscan/modules/web_site_spec.rb
@@ -112,12 +112,29 @@ shared_examples_for "WebSite" do
 
     [301, 302].each do |status_code|
       it "should return http://new-location.com if the status code is #{status_code}" do
+        new_location = "http://new-location.com"
+
         stub_request(:get, web_site.url).
-          to_return(:status => status_code, :headers => {:location => "http://new-location.com"})
+          to_return(:status => status_code, :headers => { :location => new_location })
+
+        stub_request(:get, new_location).to_return(:status => 200)
 
         web_site.redirection.should === "http://new-location.com"
       end
     end
+
+    context "when multiple redirections" do
+      it "should return the last redirection" do
+        first_redirection = "www.redirection.com"
+        last_redirection   = "redirection.com"
+
+        stub_request(:get, web_site.url).to_return(:status => 301, :headers => { :location => first_redirection })
+        stub_request(:get, first_redirection).to_return(:status => 302, :headers => { :location => last_redirection })
+        stub_request(:get, last_redirection).to_return(:status => 200)
+
+        web_site.redirection.should === last_redirection
+      end
+    end
   end
 
   describe "#page_hash" do
diff --git a/spec/lib/wpscan/wp_target_spec.rb b/spec/lib/wpscan/wp_target_spec.rb
index d5dcdf56..d087f5bd 100644
--- a/spec/lib/wpscan/wp_target_spec.rb
+++ b/spec/lib/wpscan/wp_target_spec.rb
@@ -77,7 +77,8 @@ describe WpTarget do
     it "should return the redirection url if there is one (ie: for https)" do
       https_login_url = login_url.gsub(/^http:/, "https:")
 
-      stub_request(:get, login_url).to_return(:status => 302, :headers => {:location => https_login_url})
+      stub_request(:get, login_url).to_return(:status => 302, :headers => { :location => https_login_url })
+      stub_request(:get, https_login_url).to_return(:status => 200)
 
       @wp_target.login_url.should === https_login_url
     end