Merge pull request #909 from wpscanteam/ruby_version

drop ruby 1.9 and 2.0 support, whitespaces
2016-02-26 14:08:38 +01:00
parent a78a13bf3f 08650ce156
commit 1e1c79aa56
29 changed files with 680 additions and 725 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -2,15 +2,7 @@ language: ruby
 sudo: false
 cache: bundler
 rvm:
-  - 1.9.2
-  - 1.9.3
-  - 2.0.0
-  - 2.1.0
-  - 2.1.1
-  - 2.1.2
-  - 2.1.3
-  - 2.1.4
-  - 2.1.5
+  - 2.1.8
  - 2.2.0
  - 2.2.1
  - 2.2.2
@@ -23,9 +15,6 @@ script: bundle exec rspec
 notifications:
  email:
    - team@wpscan.org
-matrix:
-  allow_failures:
-    - rvm: 1.9.2
 # do not build gh-pages branch
 branches:
  except:
--- a/README.md
+++ b/README.md
@@ -92,7 +92,7 @@ WPScan comes pre-installed on the following Linux distributions:

 Prerequisites:

- Ruby >= 1.9.2 - Recommended: 2.3.0
+- Ruby >= 2.1.8 - Recommended: 2.3.0
 - Curl >= 7.21  - Recommended: latest - FYI the 7.29 has a segfault
 - RubyGems      - Recommended: latest
 - Git
@@ -156,8 +156,8 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install
    curl -sSL https://get.rvm.io | bash -s stable
    source ~/.rvm/scripts/rvm
    echo "source ~/.rvm/scripts/rvm" >> ~/.bashrc
-    rvm install 2.2.4
-    rvm use 2.2.4 --default
+    rvm install 2.3.0
+    rvm use 2.3.0 --default
    echo "gem: --no-ri --no-rdoc" > ~/.gemrc
    gem install bundler
    git clone https://github.com/wpscanteam/wpscan.git
@@ -192,7 +192,7 @@ Apple Xcode, Command Line Tools and the libffi are needed (to be able to install

      Then, open the directory of the readline gem (you have to locate it)

-        cd ~/.rvm/src/ruby-1.9.2-p180/ext/readline
+        cd ~/.rvm/src/ruby-XXXX/ext/readline
        ruby extconf.rb
        make
        make install
--- a/lib/common/cache_file_store.rb
+++ b/lib/common/cache_file_store.rb
@@ -23,9 +23,7 @@ class CacheFileStore
    @storage_path = File.expand_path(File.join(storage_path, storage_dir))
    @serializer   = serializer

-    # File.directory? for ruby <= 1.9 otherwise,
-    # it makes more sense to do Dir.exist? :/
-    unless File.directory?(@storage_path)
+    unless Dir.exist?(@storage_path)
      FileUtils.mkdir_p(@storage_path)
    end
  end
--- a/lib/common/common_helper.rb
+++ b/lib/common/common_helper.rb
@@ -28,7 +28,9 @@ LOCAL_FILES_XSD   = File.join(DATA_DIR, 'local_vulnerable_files.xsd')
 USER_AGENTS_FILE  = File.join(DATA_DIR, 'user-agents.txt')
 LAST_UPDATE_FILE  = File.join(DATA_DIR, '.last_update')

-WPSCAN_VERSION       = '2.9'
+MIN_RUBY_VERSION = '2.1.8'
+
+WPSCAN_VERSION = '2.9'

 $LOAD_PATH.unshift(LIB_DIR)
 $LOAD_PATH.unshift(WPSCAN_LIB_DIR)
@@ -266,3 +268,7 @@ end
 def directory_listing_enabled?(url)
  Browser.get(url.to_s).body[%r{<title>Index of}] ? true : false
 end
+
+def url_encode(str)
+  CGI.escape(str).gsub("+", "%20")
+end
--- a/lib/common/hacks.rb
+++ b/lib/common/hacks.rb
@@ -1,35 +1,5 @@
 # encoding: UTF-8

-# Since ruby 1.9.2, URI::escape is obsolete
-# See http://rosettacode.org/wiki/URL_encoding#Ruby and http://www.ruby-forum.com/topic/207489
-if RUBY_VERSION >= '1.9.2'
-  module URI
-    extend self
-
-    def escape(str)
-      URI::Parser.new.escape(str)
-    end
-    alias :encode :escape
-
-  end
-end
-
-if RUBY_VERSION < '1.9'
-  class Array
-    # Fix for grep with symbols in ruby <= 1.8.7
-    def _grep_(regexp)
-      matches = []
-      self.each do |value|
-        value = value.to_s
-        matches << value if value.match(regexp)
-      end
-      matches
-    end
-
-    alias_method :grep, :_grep_
-  end
-end
-
 # This is used in WpItem::Existable
 module Typhoeus
  class Response
--- a/lib/common/models/wp_item.rb
+++ b/lib/common/models/wp_item.rb
@@ -100,9 +100,7 @@ class WpItem
  #
  # @return [ void ]
  def path=(path)
-    @path = URI.encode(
-      path.gsub(/\$wp-plugins\$/i, wp_plugins_dir).gsub(/\$wp-content\$/i, wp_content_dir)
-    )
+    @path = path.gsub(/\$wp-plugins\$/i, wp_plugins_dir).gsub(/\$wp-content\$/i, wp_content_dir)
  end

  # @param [ WpItem ] other
--- a/lib/common/models/wp_plugin.rb
+++ b/lib/common/models/wp_plugin.rb
@@ -7,7 +7,7 @@ class WpPlugin < WpItem
  #
  # @return [ void ]
  def forge_uri(target_base_uri)
-    @uri = target_base_uri.merge(URI.encode(wp_plugins_dir + '/' + name + '/'))
+    @uri = target_base_uri.merge("#{wp_plugins_dir}/#{url_encode(name)}/")
  end

  def db_file
--- a/lib/common/models/wp_theme.rb
+++ b/lib/common/models/wp_theme.rb
@@ -23,7 +23,7 @@ class WpTheme < WpItem
  #
  # @return [ void ]
  def forge_uri(target_base_uri)
-    @uri = target_base_uri.merge(URI.encode(wp_content_dir + '/themes/' + name + '/'))
+    @uri = target_base_uri.merge("#{wp_content_dir}/themes/#{url_encode(name)}/")
  end

  # @return [ String ] The url to the theme stylesheet
--- a/lib/common/models/wp_version/findable.rb
+++ b/lib/common/models/wp_version/findable.rb
@@ -130,8 +130,6 @@ class WpVersion < WpItem
    def find_from_advanced_fingerprinting(target_uri, wp_content_dir, wp_plugins_dir, versions_xml)
      xml     = xml(versions_xml)

-      # This wp_item will take care of encoding the path
-      # and replace variables like $wp-content$ & $wp-plugins$
      wp_item = WpItem.new(target_uri,
                           wp_content_dir: wp_content_dir,
                           wp_plugins_dir: wp_plugins_dir)
--- a/lib/environment.rb
+++ b/lib/environment.rb
@@ -3,8 +3,9 @@
 require 'rubygems'

 version = RUBY_VERSION.dup
-if Gem::Version.create(version) < Gem::Version.create(1.9)
-  puts "Ruby >= 1.9 required to run wpscan (You have #{version})"
+
+if Gem::Version.create(version) < Gem::Version.create(MIN_RUBY_VERSION)
+  puts "Ruby >= #{MIN_RUBY_VERSION} required to run wpscan (You have #{version})"
  exit(1)
 end

--- a/lib/wpscan/wp_target/wp_config_backup.rb
+++ b/lib/wpscan/wp_target/wp_config_backup.rb
@@ -14,7 +14,7 @@ class WpTarget < WebSite
      queue_count = 0

      backups.each do |file|
-        file_url = @uri.merge(URI.escape(file)).to_s
+        file_url = @uri.merge(url_encode(file)).to_s
        request = browser.forge_request(file_url)

        request.on_complete do |response|
--- a/spec/lib/common/models/wp_item_spec.rb
+++ b/spec/lib/common/models/wp_item_spec.rb
@@ -105,11 +105,6 @@ describe WpItem do
        @expected = 'plugins/readme.txt'
      end
    end
-
-    it 'also encodes chars' do
-      @path     = 'some dir with spaces'
-      @expected = 'some%20dir%20with%20spaces'
-    end
  end

  describe '#uri' do
--- a/spec/shared_examples/wp_target/wp_config_backup.rb
+++ b/spec/shared_examples/wp_target/wp_config_backup.rb
@@ -10,7 +10,7 @@ shared_examples 'WpTarget::WpConfigBackup' do
    # set all @config_backup_files to point to a 404
    before :each do
      config_backup_files.each do |backup_file|
-        file_url = wp_target.uri.merge(URI.escape(backup_file)).to_s
+        file_url = wp_target.uri.merge(url_encode(backup_file)).to_s

        stub_request(:get, file_url).to_return(status: 404)
      end
@@ -24,7 +24,7 @@ shared_examples 'WpTarget::WpConfigBackup' do
      expected = []

      config_backup_files.sample(1).each do |backup_file|
-        file_url = wp_target.uri.merge(URI.escape(backup_file)).to_s
+        file_url = wp_target.uri.merge(url_encode(backup_file)).to_s
        expected << file_url

        stub_request_to_fixture(url: file_url, fixture: fixtures_dir + '/wp-config.php')
@@ -40,7 +40,7 @@ shared_examples 'WpTarget::WpConfigBackup' do
      expected = []

      config_backup_files.sample(2).each do |backup_file|
-        file_url = wp_target.uri.merge(URI.escape(backup_file)).to_s
+        file_url = wp_target.uri.merge(url_encode(backup_file)).to_s
        expected << file_url

        stub_request_to_fixture(url: file_url, fixture: fixtures_dir + '/wp-config.php')