Improves detection of WP Version, Plugins etc by checking 404

2019-10-31 19:56:05 +00:00
parent 85aa9f61cd
commit 6b5e016770
44 changed files with 456 additions and 146 deletions
--- a/spec/app/finders/users/wp_json_api_spec.rb
+++ b/spec/app/finders/users/wp_json_api_spec.rb
@@ -87,6 +87,8 @@ describe WPScan::Finders::Users::WpJsonApi do
  describe '#api_url' do
    let(:fixtures) { super().join('api_url') }

+    before { allow(target).to receive(:sub_dir).and_return(false) }
+
    context 'when url in the homepage' do
      {
        in_scope: 'https://wp.lab/wp-json/wp/v2/users/',
@@ -100,7 +102,7 @@ describe WPScan::Finders::Users::WpJsonApi do
      end

      context 'when subdir' do
-        before { allow(target).to receive(:subdir).and_return('cms') }
+        before { allow(target).to receive(:sub_dir).and_return('cms') }

        {
          in_scope_subdir: 'https://wp.lab/cms/wp-json/wp/v2/users/',