Fixes #1322
This commit is contained in:
erwanlr
@@ -25,10 +25,10 @@ describe WPScan::Finders::DbExports::KnownLocations do
|
||||
describe '#aggressive' do
|
||||
before do
|
||||
expect(target).to receive(:sub_dir).at_least(1).and_return(false)
|
||||
expect(target).to receive(:homepage_or_404?).at_least(1).and_return(false)
|
||||
expect(target).to receive(:head_or_get_request_params).and_return(method: :head)
|
||||
|
||||
finder.potential_urls(opts).each_key do |url|
|
||||
stub_request(:get, url).to_return(status: 404)
|
||||
stub_request(:head, url).to_return(status: 404)
|
||||
end
|
||||
end
|
||||
|
||||
@@ -38,20 +38,28 @@ describe WPScan::Finders::DbExports::KnownLocations do
|
||||
end
|
||||
end
|
||||
|
||||
context 'when a zip returns a 200' do
|
||||
xit
|
||||
end
|
||||
|
||||
context 'when some files exist' do
|
||||
let(:files) { %w[ex.sql backups/db_backup.sql] }
|
||||
let(:found_files) { %w[ex.sql backups/db_backup.sql] }
|
||||
let(:db_export) { File.read(fixtures.join('dump.sql')) }
|
||||
|
||||
before do
|
||||
files.each do |file|
|
||||
stub_request(:get, "#{url}#{file}").to_return(body: db_export)
|
||||
found_files.each do |file|
|
||||
stub_request(:head, "#{url}#{file}").to_return(status: 200)
|
||||
|
||||
stub_request(:get, "#{url}#{file}")
|
||||
.with(headers: { 'Range' => 'bytes=0-3000' })
|
||||
.to_return(body: db_export)
|
||||
end
|
||||
end
|
||||
|
||||
it 'returns the expected Array<DbExport>' do
|
||||
expected = []
|
||||
|
||||
files.each do |file|
|
||||
found_files.each do |file|
|
||||
url = "#{target.url}#{file}"
|
||||
expected << WPScan::DbExport.new(
|
||||
url,
|
||||
|
||||
@@ -6,13 +6,16 @@ describe WPScan::Finders::InterestingFindings::UploadSQLDump do
|
||||
let(:wp_content) { 'wp-content' }
|
||||
|
||||
describe '#aggressive' do
|
||||
before { expect(target).to receive(:content_dir).at_least(1).and_return(wp_content) }
|
||||
before do
|
||||
expect(target).to receive(:content_dir).at_least(1).and_return(wp_content)
|
||||
expect(target).to receive(:head_or_get_request_params).and_return(method: :head)
|
||||
end
|
||||
|
||||
after { expect(finder.aggressive).to eql @expected }
|
||||
after { expect(finder.aggressive).to eql @expected }
|
||||
|
||||
context 'when not a 200' do
|
||||
it 'returns nil' do
|
||||
stub_request(:get, finder.dump_url).to_return(status: 404)
|
||||
stub_request(:head, finder.dump_url).to_return(status: 404)
|
||||
|
||||
@expected = nil
|
||||
end
|
||||
@@ -20,8 +23,11 @@ describe WPScan::Finders::InterestingFindings::UploadSQLDump do
|
||||
|
||||
context 'when a 200' do
|
||||
before do
|
||||
stub_request(:head, finder.dump_url).to_return(status: 200)
|
||||
|
||||
stub_request(:get, finder.dump_url)
|
||||
.to_return(status: 200, body: File.read(fixtures.join(fixture)))
|
||||
.with(headers: { 'Range' => 'bytes=0-3000' })
|
||||
.to_return(body: File.read(fixtures.join(fixture)))
|
||||
end
|
||||
|
||||
context 'when the body does not match a SQL dump' do
|
||||
|
||||
Reference in New Issue
Block a user