Fixes #1277

2019-02-10 15:32:30 +00:00
parent eb75d38716
commit 1780399050
6 changed files with 148 additions and 20 deletions
--- a/spec/shared_examples/target/platform/wordpress.rb
+++ b/spec/shared_examples/target/platform/wordpress.rb
@@ -3,28 +3,65 @@ require_relative 'wordpress/custom_directories'
 shared_examples WPScan::Target::Platform::WordPress do
  it_behaves_like 'WordPress::CustomDirectories'

-  let(:fixtures) { File.join(FIXTURES, 'target', 'platform', 'wordpress') }
+  let(:fixtures) { FIXTURES.join('target', 'platform', 'wordpress') }

  describe '#wordpress?' do
-    let(:fixtures) { File.join(super(), 'detection') }
+    let(:fixtures) { super().join('detection') }

    before do
-      stub_request(:get, target.url).to_return(body: File.read(File.join(fixtures, "#{body}.html")))
+      stub_request(:get, target.url).to_return(body: File.read(fixtures.join("#{homepage}.html")))
    end

-    %w[default wp_includes only_scripts meta_generator comments mu_plugins].each do |file|
-      context "when a wordpress page (#{file}.html)" do
-        let(:body) { file }
+    context 'when pattern/s in the homepage' do
+      %w[default wp_includes only_scripts meta_generator comments mu_plugins].each do |file|
+        context "when a wordpress page (#{file}.html)" do
+          let(:homepage) { file }

-        its(:wordpress?) { should be true }
+          it 'returns true' do
+            expect(subject.wordpress?(:mixed)).to be true
+          end
+        end
      end
    end

-    %w[not_wp].each do |file|
-      context "when not a wordpress page (#{file}.html)" do
-        let(:body) { file }
+    context 'when no clues in the homepage' do
+      let(:homepage) { 'not_wp' }

-        its(:wordpress?) { should be false }
+      context 'when only passive detection mode' do
+        it 'returns false' do
+          expect(subject.wordpress?(:passive)).to be false
+        end
+      end
+
+      context 'when mixed or aggressive detection modes' do
+        context 'when wp-admin/install.php and wp-login.php not there' do
+          it 'returns false' do
+            %w[wp-admin/install.php wp-login.php].each do |path|
+              stub_request(:get, target.url(path)).to_return(status: 404)
+            end
+
+            expect(subject.wordpress?(:mixed)).to be false
+          end
+        end
+
+        context 'when wp-admin/install.php is matching a WP install' do
+          it 'returns true' do
+            stub_request(:get, target.url('wp-admin/install.php'))
+              .to_return(body: File.read(fixtures.join('wp-admin-install.php')))
+
+            expect(subject.wordpress?(:mixed)).to be true
+          end
+        end
+
+        context 'when wp-admin/install.php not there but wp-login.php is matching a WP install' do
+          it 'returns true' do
+            stub_request(:get, target.url('wp-admin/install.php')).to_return(status: 404)
+            stub_request(:get, target.url('wp-login.php'))
+              .to_return(body: File.read(fixtures.join('wp-login.php')))
+
+            expect(subject.wordpress?(:mixed)).to be true
+          end
+        end
      end
    end
  end