From 5a097d429d3494c201fb67ef0a919e2cb4b47f7b Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Thu, 18 Apr 2013 11:22:19 +0200
Subject: [PATCH] Code Factoring

---
 lib/common/models/wp_item/infos.rb            |  6 +---
 lib/wpscan/web_site.rb                        | 18 +++++++++--
 lib/wpscan/wp_target.rb                       | 15 +++++++--
 spec/lib/wpscan/web_site_spec.rb              | 32 +++++++++++++++++++
 .../wpscan/web_site/has_log/matches.txt       |  2 ++
 .../has_log/matches_after_700_bytes.txt       |  8 +++++
 .../wpscan/web_site/has_log/no_match.txt      |  3 ++
 7 files changed, 73 insertions(+), 11 deletions(-)
 create mode 100644 spec/samples/wpscan/web_site/has_log/matches.txt
 create mode 100644 spec/samples/wpscan/web_site/has_log/matches_after_700_bytes.txt
 create mode 100644 spec/samples/wpscan/web_site/has_log/no_match.txt

diff --git a/lib/common/models/wp_item/infos.rb b/lib/common/models/wp_item/infos.rb
index ef3b5a62..102e9bb4 100644
--- a/lib/common/models/wp_item/infos.rb
+++ b/lib/common/models/wp_item/infos.rb
@@ -49,13 +49,9 @@ class WpItem
     # however can also be found in their specific plugin dir.
     # http://www.exploit-db.com/ghdb/3714/
     #
-    # Only the first 700 bytes are checked to avoid the download
-    # of the whole file which can be very huge (like 2 Go)
-    #
     # @return [ Boolean ]
     def has_error_log?
-      response_body = Browser.get(error_log_url, headers: {'range' => 'bytes=0-700'}).body
-      response_body[%r{PHP Fatal error}i] ? true : false
+      WebSite.has_log?(error_log_url, %r{PHP Fatal error}i)
     end
 
     # @return [ String ] The url to the error_log file
diff --git a/lib/wpscan/web_site.rb b/lib/wpscan/web_site.rb
index 6f4ff7ba..7f7b2504 100644
--- a/lib/wpscan/web_site.rb
+++ b/lib/wpscan/web_site.rb
@@ -117,9 +117,21 @@ class WebSite
   end
 
   # Gets a robots.txt URL
+  #
+  # @return [ String ]
   def robots_url
-    robots = @uri.clone
-    robots.path = '/robots.txt'
-    robots.to_s
+    @uri.merge('robots.txt').to_s
+  end
+
+  # Only the first 700 bytes are checked to avoid the download
+  # of the whole file which can be very huge (like 2 Go)
+  #
+  # @param [ String ] log_url
+  # @param [ RegEx ] pattern
+  #
+  # @return [ Boolean ]
+  def self.has_log?(log_url, pattern)
+    log_body = Browser.get(log_url, headers: {'range' => 'bytes=0-700'}).body
+    log_body[pattern] ? true : false
   end
 end
diff --git a/lib/wpscan/wp_target.rb b/lib/wpscan/wp_target.rb
index 51a6533b..b187d8f9 100644
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -90,6 +90,12 @@ class WpTarget < WebSite
   end
   # :nocov:
 
+  # The version is not yet considerated
+  #
+  # @param [ String ] name
+  # @param [ String ] version
+  #
+  # @return [ Boolean ]
   def has_plugin?(name, version = nil)
     WpPlugin.new(
       @uri,
@@ -100,12 +106,12 @@ class WpTarget < WebSite
     ).exists?
   end
 
+  # @return [ Boolean ]
   def has_debug_log?
-    # We only get the first 700 bytes of the file to avoid loading huge file (like 2Go)
-    response_body = Browser.get(debug_log_url(), headers: {'range' => 'bytes=0-700'}).body
-    response_body[%r{\[[^\]]+\] PHP (?:Warning|Error|Notice):}] ? true : false
+    WebSite.has_log?(debug_log_url, %r{\[[^\]]+\] PHP (?:Warning|Error|Notice):})
   end
 
+  # @return [ String ]
   def debug_log_url
     @uri.merge("#{wp_content_dir()}/debug.log").to_s
   end
@@ -113,10 +119,13 @@ class WpTarget < WebSite
   # Script for replacing strings in wordpress databases
   # reveals databse credentials after hitting submit
   # http://interconnectit.com/124/search-and-replace-for-wordpress-databases/
+  #
+  # @return [ String ]
   def search_replace_db_2_url
     @uri.merge('searchreplacedb2.php').to_s
   end
 
+  # @return [ Boolean ]
   def search_replace_db_2_exists?
     resp = Browser.get(search_replace_db_2_url)
     resp.code == 200 && resp.body[%r{by interconnect}i]
diff --git a/spec/lib/wpscan/web_site_spec.rb b/spec/lib/wpscan/web_site_spec.rb
index b3a86e97..1e16cb6e 100644
--- a/spec/lib/wpscan/web_site_spec.rb
+++ b/spec/lib/wpscan/web_site_spec.rb
@@ -1,5 +1,7 @@
 # encoding: UTF-8
 
+require 'spec_helper'
+
 describe 'WebSite' do
   let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WEB_SITE_DIR }
   subject(:web_site) { WebSite.new('http://example.localhost/') }
@@ -251,4 +253,34 @@ describe 'WebSite' do
       web_site.has_robots?.should be_false
     end
   end
+
+  describe '::has_log?' do
+    let(:log_url) { web_site.uri.merge('log.txt').to_s }
+    let(:pattern) { %r{PHP Fatal error} }
+
+    after do
+      stub_request_to_fixture(url: log_url, fixture: fixtures_dir + "/has_log/#{@file}")
+      WebSite.has_log?(log_url, pattern).should == @expected
+    end
+
+    context 'when the pattern does not match' do
+      it 'returns false' do
+        @file     = 'no_match.txt'
+        @expected = false
+      end
+    end
+
+    context 'when the pattern matches' do
+      it 'returns true' do
+        @file     = 'matches.txt'
+        @expected = true
+      end
+    end
+
+    # This doesn't work in rspec, WebMock or Typhoeus returns the whole file
+    #it 'only checks the first 700 bytes' do
+    #  @file     = 'matches_after_700_bytes.txt'
+    #  @expected = false
+    #end
+  end
 end
diff --git a/spec/samples/wpscan/web_site/has_log/matches.txt b/spec/samples/wpscan/web_site/has_log/matches.txt
new file mode 100644
index 00000000..edfa5b17
--- /dev/null
+++ b/spec/samples/wpscan/web_site/has_log/matches.txt
@@ -0,0 +1,2 @@
+[13-Jan-2009 01:53:25] PHP Fatal error:  Class 'Log' not found in /home/****/public_html/wp-content/plugins/fbconnect/Log/null.php on line 19
+[13-Jan-2009 01:55:58] PHP Fatal error:  Class 'Log' not found in /home/****/public_html/wp-content/plugins/fbconnect/Log/file.php on line 20
diff --git a/spec/samples/wpscan/web_site/has_log/matches_after_700_bytes.txt b/spec/samples/wpscan/web_site/has_log/matches_after_700_bytes.txt
new file mode 100644
index 00000000..12f8ef7b
--- /dev/null
+++ b/spec/samples/wpscan/web_site/has_log/matches_after_700_bytes.txt
@@ -0,0 +1,8 @@
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+[13-Jan-2009 01:53:25] PHP Fatal error:  Class 'Log' not found in /home/****/public_html/wp-content/plugins/fbconnect/Log/null.php on line 19
diff --git a/spec/samples/wpscan/web_site/has_log/no_match.txt b/spec/samples/wpscan/web_site/has_log/no_match.txt
new file mode 100644
index 00000000..edbf8dcc
--- /dev/null
+++ b/spec/samples/wpscan/web_site/has_log/no_match.txt
@@ -0,0 +1,3 @@
+aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+ccccccccccccccccccccccccccccccccc