garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix rspecs for new json

Browse Source
This commit is contained in:
ethicalhack3r
2014-07-31 14:08:49 +02:00
parent 187e2f1330
commit 420ad6cd37
7 changed files with 30 additions and 22470 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13608
data/plugin_vulns.xml
View File

File diff suppressed because it is too large Load Diff

3585
data/theme_vulns.xml
View File

File diff suppressed because it is too large Load Diff

5196
data/wp_vulns.xml
View File

File diff suppressed because it is too large Load Diff

2
lib/common/common_helper.rb
View File

@@ -159,7 +159,7 @@ def json(file)
begin begin
JSON.parse(content) JSON.parse(content)
rescue => e rescue => e
puts "[ERROR] In JSON file parsing #{e} #{e.backtrace}" raise "[ERROR] In JSON file parsing #{file} #{e} #{e.backtrace}"
end end
end end

21
lib/wpstools/plugins/stats/stats_plugin.rb
View File

@@ -60,26 +60,27 @@ class StatsPlugin < Plugin
end end
def version_vulns_count(file=WP_VULNS_FILE) def version_vulns_count(file=WP_VULNS_FILE)
xml(file).xpath('count(//vulnerability)').to_i asset_vulns_count(json(file))
end end
def fix_version_count(file=WP_VULNS_FILE) def fix_version_count(file=WP_VULNS_FILE)
xml(file).xpath('count(//fixed_in)').to_i asset_fixed_in_count(json(file))
end end
def plugin_vulns_count(file=PLUGINS_VULNS_FILE) def plugin_vulns_count(file=PLUGINS_VULNS_FILE)
json(file).xpath('count(//vulnerability)').to_i asset_vulns_count(json(file))
end end
def fix_plugin_count(file=PLUGINS_VULNS_FILE) def fix_plugin_count(file=PLUGINS_VULNS_FILE)
xml(file).xpath('count(//fixed_in)').to_i asset_fixed_in_count(json(file))
end end
def theme_vulns_count(file=THEMES_VULNS_FILE) def theme_vulns_count(file=THEMES_VULNS_FILE)
xml(file).xpath('count(//vulnerability)').to_i asset_vulns_count(json(file))
end end
def fix_theme_count(file=THEMES_VULNS_FILE) def fix_theme_count(file=THEMES_VULNS_FILE)
xml(file).xpath('count(//fixed_in)').to_i asset_fixed_in_count(json(file))
end end
def total_plugins(file=PLUGINS_FULL_FILE) def total_plugins(file=PLUGINS_FULL_FILE)
@@ -94,4 +95,12 @@ class StatsPlugin < Plugin
IO.readlines(file).size IO.readlines(file).size
end end
def asset_vulns_count(json)
json.map { |asset| asset[asset.keys.inject]['vulnerabilities'].size }.inject(:+)
end
def asset_fixed_in_count(json)
json.map { |asset| asset[asset.keys.inject]['vulnerabilities'].map {|a| a['fixed_in'].nil? ? 0 : 1 }.inject(:+) }.inject(:+)
end
end end

26
spec/shared_examples/wp_items_detectable.rb
View File

@@ -52,13 +52,14 @@ shared_examples 'WpItems::Detectable' do
end end
end end
context 'when an empty file' do # should raise error.
let(:file) { empty_file } # context 'when an empty file' do
# let(:file) { empty_file }
it 'returns an empty Array' do # it 'returns an empty Array' do
@expected = [] # @expected = []
end # end
end # end
context 'when a file' do context 'when a file' do
let(:file) { targets_items_file } let(:file) { targets_items_file }
@@ -82,13 +83,14 @@ shared_examples 'WpItems::Detectable' do
end end
end end
context 'when an empty file' do # should raise error.
let(:vulns_file) { empty_file } # context 'when an empty file' do
# let(:file) { empty_file }
it 'returns an empty Array' do # it 'returns an empty Array' do
@expected = [] # @expected = []
end # end
end # end
context 'when a file' do context 'when a file' do
it 'returns the expected Array of WpItem' do it 'returns the expected Array of WpItem' do

62
spec/xml_checks_spec.rb
View File

@@ -20,26 +20,11 @@ describe 'XSD checks' do
end end
end end
it 'check plugin_vulns.xml for syntax errors' do
@file = PLUGINS_VULNS_FILE
@xsd = VULNS_XSD
end
it 'check theme_vulns.xml for syntax errors' do
@file = THEMES_VULNS_FILE
@xsd = VULNS_XSD
end
it 'check wp_versions.xml for syntax errors' do it 'check wp_versions.xml for syntax errors' do
@file = WP_VERSIONS_FILE @file = WP_VERSIONS_FILE
@xsd = WP_VERSIONS_XSD @xsd = WP_VERSIONS_XSD
end end
it 'check wp_vulns.xml for syntax errors' do
@file = WP_VULNS_FILE
@xsd = VULNS_XSD
end
it 'check local_vulnerable_files.xml for syntax errors' do it 'check local_vulnerable_files.xml for syntax errors' do
@file = LOCAL_FILES_FILE @file = LOCAL_FILES_FILE
@xsd = LOCAL_FILES_XSD @xsd = LOCAL_FILES_XSD
@@ -57,58 +42,11 @@ describe 'Well formed XML checks' do
end end
end end
it 'check plugin_vulns.xml for syntax errors' do
@file = PLUGINS_VULNS_FILE
end
it 'check theme_vulns.xml for syntax errors' do
@file = THEMES_VULNS_FILE
end
it 'check wp_versions.xml for syntax errors' do it 'check wp_versions.xml for syntax errors' do
@file = WP_VERSIONS_FILE @file = WP_VERSIONS_FILE
end end
it 'check wp_vulns.xml for syntax errors' do
@file = WP_VULNS_FILE
end
it 'check local_vulnerable_files.xml for syntax errors' do it 'check local_vulnerable_files.xml for syntax errors' do
@file = LOCAL_FILES_FILE @file = LOCAL_FILES_FILE
end end
end end
describe 'XML content' do
before :all do
@vuln_plugins = xml(PLUGINS_VULNS_FILE)
@vuln_themes = xml(THEMES_VULNS_FILE)
end
after :each do
expect(@result.size).to eq(0), "Items:\n#{@result.join("\n")}"
end
it 'each plugin vuln needs a type node' do
@result = @vuln_plugins.xpath('//vulnerability[not(type)]/title/text()').map(&:text)
end
it 'each theme vuln needs a type node' do
@result = @vuln_themes.xpath('//vulnerability[not(type)]/title/text()').map(&:text)
end
it 'each plugin vuln needs a title node' do
@result = @vuln_plugins.xpath('//vulnerability[not(title)]/../@name').map(&:text)
end
it 'each theme vuln needs a title node' do
@result = @vuln_themes.xpath('//vulnerability[not(title)]/../@name').map(&:text)
end
it 'each plugin vuln needs a references node' do
@result = @vuln_plugins.xpath('//vulnerability[not(references)]/title/text()').map(&:text)
end
it 'each theme vuln needs a references node' do
@result = @vuln_themes.xpath('//vulnerability[not(references)]/title/text()').map(&:text)
end
end