WpTheme::Findable specs

2013-03-26 15:34:20 +01:00
parent 1168cf7305
commit 40f4057d47
10 changed files with 188 additions and 269 deletions
--- a/lib/common/models/wp_plugin/vulnerable.rb
+++ b/lib/common/models/wp_plugin/vulnerable.rb
@@ -3,6 +3,7 @@
 class WpPlugin < WpItem
  module Vulnerable

+    # @return [ String ] The path to the file containing vulnerabilities
    def vulns_file
      unless @vulns_file
        @vulns_file = PLUGINS_VULNS_FILE
@@ -10,6 +11,7 @@ class WpPlugin < WpItem
      @vulns_file
    end

+    # @return [ String ]
    def vulns_xpath
      "//plugin[@name='#{@name}']/vulnerability"
    end
--- a/lib/common/models/wp_theme/findable.rb
+++ b/lib/common/models/wp_theme/findable.rb
@@ -4,19 +4,28 @@ class WpTheme < WpItem
  module Findable

    # Find the main theme of the blog
-    # returns a WpTheme object or nil
+    #
+    # @param [ URI ] target_uri
+    #
+    # @return [ WpTheme ]
    def find(target_uri)
-      methods.grep(/find_from_/).each do |method|
+      methods.grep(/^find_from_/).each do |method|
        if wp_theme = self.send(method, target_uri)
          wp_theme.found_from = method

          return wp_theme
        end
      end
+      nil
    end

    protected
-    # Discover the wordpress theme name by parsing the css link rel
+
+    # Discover the wordpress theme by parsing the css link rel
+    #
+    # @param [ URI ] target_uri
+    #
+    # @return [ WpTheme ]
    def find_from_css_link(target_uri)
      response = Browser.instance.get_and_follow_location(target_uri.to_s)

@@ -35,22 +44,25 @@ class WpTheme < WpItem
    end

    # http://code.google.com/p/wpscan/issues/detail?id=141
+    #
+    # @param [ URI ] target_uri
+    #
+    # @return [ WpTheme ]
    def find_from_wooframework(target_uri)
      body = Browser.instance.get(target_uri.to_s).body
      regexp = %r{<meta name="generator" content="([^\s"]+)\s?([^"]+)?" />\s+<meta name="generator" content="WooFramework\s?([^"]+)?" />}

-      matches = regexp.match(body)
-      if matches
+
+      if matches = regexp.match(body)
        woo_theme_name = matches[1]
        woo_theme_version = matches[2]
-        woo_framework_version = matches[3] # Not used at this time
+        #woo_framework_version = matches[3] # Not used at this time

        return new(
          target_uri,
          {
            name:    woo_theme_name,
            version: woo_theme_version
-            #path:   woo_theme_name
          }
        )
      end