garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WpTheme::Findable specs

Browse Source
This commit is contained in:
erwanlr
2013-03-26 15:34:20 +01:00
parent 1168cf7305
commit 40f4057d47
10 changed files with 188 additions and 269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/common/models/wp_plugin/vulnerable.rb
View File

@@ -3,6 +3,7 @@
class WpPlugin < WpItem
module Vulnerable
# @return [ String ] The path to the file containing vulnerabilities
def vulns_file
unless @vulns_file
@vulns_file = PLUGINS_VULNS_FILE
@@ -10,6 +11,7 @@ class WpPlugin < WpItem
@vulns_file
end
# @return [ String ]
def vulns_xpath
"//plugin[@name='#{@name}']/vulnerability"
end

26
lib/common/models/wp_theme/findable.rb
View File

@@ -4,19 +4,28 @@ class WpTheme < WpItem
module Findable
# Find the main theme of the blog
# returns a WpTheme object or nil
#
# @param [ URI ] target_uri
#
# @return [ WpTheme ]
def find(target_uri)
methods.grep(/find_from_/).each do |method|
methods.grep(/^find_from_/).each do |method|
if wp_theme = self.send(method, target_uri)
wp_theme.found_from = method
return wp_theme
end
end
nil
end
protected
# Discover the wordpress theme name by parsing the css link rel
# Discover the wordpress theme by parsing the css link rel
#
# @param [ URI ] target_uri
#
# @return [ WpTheme ]
def find_from_css_link(target_uri)
response = Browser.instance.get_and_follow_location(target_uri.to_s)
@@ -35,22 +44,25 @@ class WpTheme < WpItem
end
# http://code.google.com/p/wpscan/issues/detail?id=141
#
# @param [ URI ] target_uri
#
# @return [ WpTheme ]
def find_from_wooframework(target_uri)
body = Browser.instance.get(target_uri.to_s).body
regexp = %r{<meta name="generator" content="([^\s"]+)\s?([^"]+)?" />\s+<meta name="generator" content="WooFramework\s?([^"]+)?" />}
matches = regexp.match(body)
if matches
if matches = regexp.match(body)
woo_theme_name = matches[1]
woo_theme_version = matches[2]
woo_framework_version = matches[3] # Not used at this time
#woo_framework_version = matches[3] # Not used at this time
return new(
target_uri,
{
name: woo_theme_name,
version: woo_theme_version
#path: woo_theme_name
}
)
end

135
spec/lib/common/models/wp_theme/findable_spec.rb Normal file
View File

@@ -0,0 +1,135 @@
# encoding: UTF-8
require 'spec_helper'
describe 'WpTheme::Findable' do
let(:fixtures_dir) { MODELS_FIXTURES + '/wp_theme/findable' }
let(:uri) { URI.parse('http://example.com/') }
describe '::find_from_css_link' do
after do
@body ||= File.new(fixtures_dir + '/css_link/' + @file)
stub_request(:get, uri.to_s).to_return(status: 200, body: @body)
wp_theme = WpTheme.send(:find_from_css_link, uri)
if @expected
wp_theme.should be_a WpTheme
end
wp_theme.should == @expected
end
context 'when theme is not present' do
it 'returns nil' do
@body = ''
@expected = nil
end
end
context 'when the theme name has spaces or special chars' do
it 'returns the WpTheme' do
@file = 'theme-name-with-spaces.html'
@expected = WpTheme.new(uri, name: 'Copia di simplefolio')
end
end
context 'when <link> is inline' do
it 'returns the WpTheme' do
@file = 'inline_link_tag.html'
@expected = WpTheme.new(uri, name: 'inline')
end
end
# FIXME: the style_url should be checked in WpTheme for absolute / relative
context 'when relative url is used' do
it 'returns the WpTheme' do
@file = 'relative_urls.html'
@expected = WpTheme.new(uri, name: 'theme_name')
end
end
end
describe '::find_from_wooframework' do
after do
@body ||= File.new(fixtures_dir + '/wooframework/' + @file)
stub_request(:get, uri.to_s).to_return(status: 200, body: @body)
wp_theme = WpTheme.send(:find_from_wooframework, uri)
if @expected
wp_theme.should be_a WpTheme
end
wp_theme.should == @expected
end
context 'when theme is not present' do
it 'returns nil' do
@body = ''
@expected = nil
end
end
it 'returns the WpTheme' do
@file = 'merchant-no-version.html'
@expected = WpTheme.new(uri, name: 'Merchant')
end
context 'when the version is present' do
it 'returns the WpTheme with it' do
@file = 'editorial-1.3.5.html'
@expected = WpTheme.new(uri, name: 'Editorial', version: '1.3.5')
end
end
end
describe '::find' do
# Stub all WpTheme::find_from_* to return nil
def stub_all_to_nil
WpTheme.methods.grep(/^find_from_/).each do |method|
WpTheme.stub(method).and_return(nil)
end
end
context 'when a method is named s_find_from_s' do
it 'does not call it' do
class WpTheme
module Findable
extend self
def s_find_from_s(s); raise 'I should not be called by ::find' end
end
end
stub_all_to_nil()
expect { WpTheme.find(uri) }.to_not raise_error
end
end
context 'when the theme is not found' do
it 'returns nil' do
stub_all_to_nil()
WpTheme.find(uri).should be_nil
end
end
context 'when the theme is found' do
it 'returns it, with the :found_from sets' do
stub_all_to_nil()
expected = WpTheme.new(uri, name: 'the-oracle')
WpTheme.stub(:find_from_css_link).and_return(expected)
wp_theme = WpTheme.find(uri)
wp_theme.should be_a WpTheme
wp_theme.should == expected
wp_theme.found_from.should === 'css link'
end
end
end
end

0
spec/samples/wpscan/wp_theme/find/css_link/inline_link_tag.html → spec/samples/common/models/wp_theme/findable/css_link/inline_link_tag.html
View File

0
spec/samples/wpscan/wp_theme/find/css_link/relative_urls.html → spec/samples/common/models/wp_theme/findable/css_link/relative_urls.html
View File

32
spec/samples/common/models/wp_theme/findable/css_link/theme-name-with-spaces.html Normal file
View File

@@ -0,0 +1,32 @@
<!DOCTYPE html>
<!--[if IE 6]>
<html id="ie6" dir="ltr" lang="en-US">
<![endif]-->
<!--[if IE 7]>
<html id="ie7" dir="ltr" lang="en-US">
<![endif]-->
<!--[if IE 8]>
<html id="ie8" dir="ltr" lang="en-US">
<![endif]-->
<!--[if !(IE 6) | !(IE 7) | !(IE 8) ]><!-->
<html dir="ltr" lang="en-US">
<!--<![endif]-->
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width" />
<title>wordpress-3.2.1 | Just another WordPress site</title>
<link rel="profile" href="http://gmpg.org/xfn/11" />
<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.2.1/wp-content/themes/Copia di simplefolio/style.css" />
<link rel="pingback" href="http://lamp/wordpress-3.2.1/xmlrpc.php" />
<!--[if lt IE 9]>
<script src="http://lamp/wordpress-3.2.1/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
<![endif]-->
<link rel="alternate" type="application/rss+xml" title="wordpress-3.2.1 &raquo; Feed" href="http://192.168.1.103/wordpress-3.2.1/?feed=rss2" />
<link rel="alternate" type="application/rss+xml" title="wordpress-3.2.1 &raquo; Comments Feed" href="http://192.168.1.103/wordpress-3.2.1/?feed=comments-rss2" />
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.2.1/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.2.1/wp-includes/wlwmanifest.xml" />
<link rel='index' title='wordpress-3.2.1' href='http://192.168.1.103/wordpress-3.2.1' />
<meta name="generator" content="WordPress 3.2.1" />
<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
</head>
</html>

0
spec/samples/wpscan/wp_theme/find/wooframework/editorial-1.3.5.html → spec/samples/common/models/wp_theme/findable/wooframework/editorial-1.3.5.html
View File

0
spec/samples/wpscan/wp_theme/find/wooframework/merchant-no-version.html → spec/samples/common/models/wp_theme/findable/wooframework/merchant-no-version.html
View File

131
spec/samples/wpscan/wp_theme/find/css_link/theme-name-with-spaces.html
View File

@@ -1,131 +0,0 @@
<!DOCTYPE html>
<!--[if IE 6]>
<html id="ie6" dir="ltr" lang="en-US">
<![endif]-->
<!--[if IE 7]>
<html id="ie7" dir="ltr" lang="en-US">
<![endif]-->
<!--[if IE 8]>
<html id="ie8" dir="ltr" lang="en-US">
<![endif]-->
<!--[if !(IE 6) | !(IE 7) | !(IE 8) ]><!-->
<html dir="ltr" lang="en-US">
<!--<![endif]-->
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width" />
<title>wordpress-3.2.1 | Just another WordPress site</title>
<link rel="profile" href="http://gmpg.org/xfn/11" />
<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.2.1/wp-content/themes/Copia di simplefolio/style.css" />
<link rel="pingback" href="http://lamp/wordpress-3.2.1/xmlrpc.php" />
<!--[if lt IE 9]>
<script src="http://lamp/wordpress-3.2.1/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
<![endif]-->
<link rel="alternate" type="application/rss+xml" title="wordpress-3.2.1 &raquo; Feed" href="http://192.168.1.103/wordpress-3.2.1/?feed=rss2" />
<link rel="alternate" type="application/rss+xml" title="wordpress-3.2.1 &raquo; Comments Feed" href="http://192.168.1.103/wordpress-3.2.1/?feed=comments-rss2" />
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.2.1/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.2.1/wp-includes/wlwmanifest.xml" />
<link rel='index' title='wordpress-3.2.1' href='http://192.168.1.103/wordpress-3.2.1' />
<meta name="generator" content="WordPress 3.2.1" />
<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
</head>
<body class="home blog single-author two-column right-sidebar">
<div id="page" class="hfeed">
<header id="branding" role="banner">
<hgroup>
<h1 id="site-title"><span><a href="http://192.168.1.103/wordpress-3.2.1/" title="wordpress-3.2.1" rel="home">wordpress-3.2.1</a></span></h1>
<h2 id="site-description">Just another WordPress site</h2>
</hgroup>
<a href="http://192.168.1.103/wordpress-3.2.1/">
<img src="http://lamp/wordpress-3.2.1/wp-content/themes/twentyeleven/images/headers/willow.jpg" width="1000" height="288" alt="" />
</a>
<form method="get" id="searchform" action="http://192.168.1.103/wordpress-3.2.1/">
<label for="s" class="assistive-text">Search</label>
<input type="text" class="field" name="s" id="s" placeholder="Search" />
<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
</form>
<nav id="access" role="navigation">
<h3 class="assistive-text">Main menu</h3>
<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
<div class="menu"><ul><li class="current_page_item"><a href="http://192.168.1.103/wordpress-3.2.1/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://192.168.1.103/wordpress-3.2.1/?page_id=2" title="Sample Page">Sample Page</a></li></ul></div>
</nav><!-- #access -->
</header><!-- #branding -->
<div id="main">
<div id="primary">
<div id="content" role="main">
<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
<header class="entry-header">
<h1 class="entry-title"><a href="http://192.168.1.103/wordpress-3.2.1/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
<div class="entry-meta">
<span class="sep">Posted on </span><a href="http://192.168.1.103/wordpress-3.2.1/?p=1" title="11:55 pm" rel="bookmark"><time class="entry-date" datetime="2011-07-12T23:55:11+00:00" pubdate>July 12, 2011</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://192.168.1.103/wordpress-3.2.1/?author=1" title="View all posts by admin" rel="author">admin</a></span></span> </div><!-- .entry-meta -->
<div class="comments-link">
<a href="http://192.168.1.103/wordpress-3.2.1/?p=1#comments" title="Comment on Hello world!">1</a> </div>
</header><!-- .entry-header -->
<div class="entry-content">
<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
</div><!-- .entry-content -->
<footer class="entry-meta">
<span class="cat-links">
<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://192.168.1.103/wordpress-3.2.1/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a> </span>
<span class="sep"> | </span>
<span class="comments-link"><a href="http://192.168.1.103/wordpress-3.2.1/?p=1#comments" title="Comment on Hello world!"><b>1</b> Reply</a></span>
</footer><!-- #entry-meta -->
</article><!-- #post-1 -->
</div><!-- #content -->
</div><!-- #primary -->
<div id="secondary" class="widget-area" role="complementary">
<aside id="archives" class="widget">
<h3 class="widget-title">Archives</h3>
<ul>
<li><a href='http://192.168.1.103/wordpress-3.2.1/?m=201107' title='July 2011'>July 2011</a></li>
</ul>
</aside>
<aside id="meta" class="widget">
<h3 class="widget-title">Meta</h3>
<ul>
<li><a href="http://lamp/wordpress-3.2.1/wp-login.php">Log in</a></li>
</ul>
</aside>
</div><!-- #secondary .widget-area -->
</div><!-- #main -->
<footer id="colophon" role="contentinfo">
<div id="site-generator">
<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
</div>
</footer><!-- #colophon -->
</div><!-- #page -->
</body>
</html>

131
spec/samples/wpscan/wp_theme/find/css_link/wordpress-twentyeleven.htm
View File

@@ -1,131 +0,0 @@
<!DOCTYPE html>
<!--[if IE 6]>
<html id="ie6" dir="ltr" lang="en-US">
<![endif]-->
<!--[if IE 7]>
<html id="ie7" dir="ltr" lang="en-US">
<![endif]-->
<!--[if IE 8]>
<html id="ie8" dir="ltr" lang="en-US">
<![endif]-->
<!--[if !(IE 6) | !(IE 7) | !(IE 8) ]><!-->
<html dir="ltr" lang="en-US">
<!--<![endif]-->
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width" />
<title>wordpress-3.2.1 | Just another WordPress site</title>
<link rel="profile" href="http://gmpg.org/xfn/11" />
<link rel="stylesheet" type="text/css" media="all" href="http://lamp/wordpress-3.2.1/wp-content/themes/twentyeleven/style.css" />
<link rel="pingback" href="http://lamp/wordpress-3.2.1/xmlrpc.php" />
<!--[if lt IE 9]>
<script src="http://lamp/wordpress-3.2.1/wp-content/themes/twentyeleven/js/html5.js" type="text/javascript"></script>
<![endif]-->
<link rel="alternate" type="application/rss+xml" title="wordpress-3.2.1 &raquo; Feed" href="http://192.168.1.103/wordpress-3.2.1/?feed=rss2" />
<link rel="alternate" type="application/rss+xml" title="wordpress-3.2.1 &raquo; Comments Feed" href="http://192.168.1.103/wordpress-3.2.1/?feed=comments-rss2" />
<link rel="EditURI" type="application/rsd+xml" title="RSD" href="http://lamp/wordpress-3.2.1/xmlrpc.php?rsd" />
<link rel="wlwmanifest" type="application/wlwmanifest+xml" href="http://lamp/wordpress-3.2.1/wp-includes/wlwmanifest.xml" />
<link rel='index' title='wordpress-3.2.1' href='http://192.168.1.103/wordpress-3.2.1' />
<meta name="generator" content="WordPress 3.2.1" />
<style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style>
</head>
<body class="home blog single-author two-column right-sidebar">
<div id="page" class="hfeed">
<header id="branding" role="banner">
<hgroup>
<h1 id="site-title"><span><a href="http://192.168.1.103/wordpress-3.2.1/" title="wordpress-3.2.1" rel="home">wordpress-3.2.1</a></span></h1>
<h2 id="site-description">Just another WordPress site</h2>
</hgroup>
<a href="http://192.168.1.103/wordpress-3.2.1/">
<img src="http://lamp/wordpress-3.2.1/wp-content/themes/twentyeleven/images/headers/willow.jpg" width="1000" height="288" alt="" />
</a>
<form method="get" id="searchform" action="http://192.168.1.103/wordpress-3.2.1/">
<label for="s" class="assistive-text">Search</label>
<input type="text" class="field" name="s" id="s" placeholder="Search" />
<input type="submit" class="submit" name="submit" id="searchsubmit" value="Search" />
</form>
<nav id="access" role="navigation">
<h3 class="assistive-text">Main menu</h3>
<div class="skip-link"><a class="assistive-text" href="#content" title="Skip to primary content">Skip to primary content</a></div>
<div class="skip-link"><a class="assistive-text" href="#secondary" title="Skip to secondary content">Skip to secondary content</a></div>
<div class="menu"><ul><li class="current_page_item"><a href="http://192.168.1.103/wordpress-3.2.1/" title="Home">Home</a></li><li class="page_item page-item-2"><a href="http://192.168.1.103/wordpress-3.2.1/?page_id=2" title="Sample Page">Sample Page</a></li></ul></div>
</nav><!-- #access -->
</header><!-- #branding -->
<div id="main">
<div id="primary">
<div id="content" role="main">
<article id="post-1" class="post-1 post type-post status-publish format-standard hentry category-uncategorized">
<header class="entry-header">
<h1 class="entry-title"><a href="http://192.168.1.103/wordpress-3.2.1/?p=1" title="Permalink to Hello world!" rel="bookmark">Hello world!</a></h1>
<div class="entry-meta">
<span class="sep">Posted on </span><a href="http://192.168.1.103/wordpress-3.2.1/?p=1" title="11:55 pm" rel="bookmark"><time class="entry-date" datetime="2011-07-12T23:55:11+00:00" pubdate>July 12, 2011</time></a><span class="by-author"> <span class="sep"> by </span> <span class="author vcard"><a class="url fn n" href="http://192.168.1.103/wordpress-3.2.1/?author=1" title="View all posts by admin" rel="author">admin</a></span></span> </div><!-- .entry-meta -->
<div class="comments-link">
<a href="http://192.168.1.103/wordpress-3.2.1/?p=1#comments" title="Comment on Hello world!">1</a> </div>
</header><!-- .entry-header -->
<div class="entry-content">
<p>Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!</p>
</div><!-- .entry-content -->
<footer class="entry-meta">
<span class="cat-links">
<span class="entry-utility-prep entry-utility-prep-cat-links">Posted in</span> <a href="http://192.168.1.103/wordpress-3.2.1/?cat=1" title="View all posts in Uncategorized" rel="category">Uncategorized</a> </span>
<span class="sep"> | </span>
<span class="comments-link"><a href="http://192.168.1.103/wordpress-3.2.1/?p=1#comments" title="Comment on Hello world!"><b>1</b> Reply</a></span>
</footer><!-- #entry-meta -->
</article><!-- #post-1 -->
</div><!-- #content -->
</div><!-- #primary -->
<div id="secondary" class="widget-area" role="complementary">
<aside id="archives" class="widget">
<h3 class="widget-title">Archives</h3>
<ul>
<li><a href='http://192.168.1.103/wordpress-3.2.1/?m=201107' title='July 2011'>July 2011</a></li>
</ul>
</aside>
<aside id="meta" class="widget">
<h3 class="widget-title">Meta</h3>
<ul>
<li><a href="http://lamp/wordpress-3.2.1/wp-login.php">Log in</a></li>
</ul>
</aside>
</div><!-- #secondary .widget-area -->
</div><!-- #main -->
<footer id="colophon" role="contentinfo">
<div id="site-generator">
<a href="http://wordpress.org/" title="Semantic Personal Publishing Platform" rel="generator">Proudly powered by WordPress</a>
</div>
</footer><!-- #colophon -->
</div><!-- #page -->
</body>
</html>