From 7a0f98b2cb74ddd92eb86ca25c2c4e9709deadc4 Mon Sep 17 00:00:00 2001 From: erwanlr Date: Mon, 11 Feb 2019 19:30:49 +0000 Subject: [PATCH] Uses Pathname#join rather than File#join when possible --- app/controllers/enumeration/cli_options.rb | 6 +++--- lib/wpscan.rb | 2 +- lib/wpscan/browser.rb | 2 +- lib/wpscan/db/dynamic_finders/base.rb | 2 +- lib/wpscan/db/fingerprints.rb | 2 +- lib/wpscan/db/plugin.rb | 2 +- lib/wpscan/db/theme.rb | 2 +- lib/wpscan/db/updater.rb | 16 +++++++++------- lib/wpscan/db/wp_version.rb | 2 +- .../config_backups/known_filenames_spec.rb | 6 +++--- .../finders/db_exports/known_locations_spec.rb | 6 +++--- .../interesting_findings/backup_db_spec.rb | 4 ++-- .../interesting_findings/debug_log_spec.rb | 4 ++-- .../duplicator_installer_log_spec.rb | 4 ++-- .../emergency_pwd_reset_script_spec.rb | 2 +- .../full_path_disclosure_spec.rb | 4 ++-- .../interesting_findings/mu_plugins_spec.rb | 2 +- .../interesting_findings/multisite_spec.rb | 2 +- .../finders/interesting_findings/readme_spec.rb | 4 ++-- .../interesting_findings/registration_spec.rb | 2 +- .../interesting_findings/tmm_db_migrate_spec.rb | 2 +- .../upload_direcrory_listing_spec.rb | 2 +- .../interesting_findings/upload_sql_dump_spec.rb | 4 ++-- spec/app/finders/main_theme/css_style_spec.rb | 4 ++-- .../finders/main_theme/urls_in_homepage_spec.rb | 4 ++-- .../woo_framework_meta_generator_spec.rb | 4 ++-- .../medias/attachment_brute_forcing_spec.rb | 2 +- spec/app/finders/plugin_version/readme_spec.rb | 4 ++-- spec/app/finders/plugins/body_pattern_spec.rb | 2 +- spec/app/finders/plugins/comment_spec.rb | 2 +- spec/app/finders/plugins/config_parser_spec.rb | 2 +- spec/app/finders/plugins/header_pattern_spec.rb | 4 ++-- spec/app/finders/plugins/javascript_var_spec.rb | 2 +- spec/app/finders/plugins/known_locations_spec.rb | 2 +- spec/app/finders/plugins/query_parameter_spec.rb | 2 +- .../app/finders/plugins/urls_in_homepage_spec.rb | 4 ++-- spec/app/finders/plugins/xpath_spec.rb | 2 +- spec/app/finders/theme_version/style_spec.rb | 6 +++--- .../woo_framework_meta_generator_spec.rb | 4 ++-- spec/app/finders/themes/known_locations_spec.rb | 2 +- spec/app/finders/themes/urls_in_homepage_spec.rb | 2 +- .../finders/timthumb_version/bad_request_spec.rb | 4 ++-- .../finders/timthumbs/known_locations_spec.rb | 2 +- .../users/author_id_brute_forcing_spec.rb | 8 ++++---- spec/app/finders/users/author_posts_spec.rb | 4 ++-- .../finders/users/login_error_messages_spec.rb | 2 +- spec/app/finders/users/oembed_api_spec.rb | 8 ++++---- spec/app/finders/users/rss_generator_spec.rb | 4 ++-- .../finders/wp_version/atom_generator_spec.rb | 4 ++-- .../app/finders/wp_version/rdf_generator_spec.rb | 2 +- spec/app/finders/wp_version/readme_spec.rb | 4 ++-- .../app/finders/wp_version/rss_generator_spec.rb | 2 +- .../wp_version/unique_fingerprinting_spec.rb | 2 +- spec/app/models/theme_spec.rb | 10 +++++----- spec/app/models/timthumb_spec.rb | 4 ++-- spec/app/views_spec.rb | 4 ++-- spec/lib/browser_spec.rb | 2 +- .../dynamic_finder/plugin_version_spec.rb | 8 ++++---- .../finders/dynamic_finder/wp_version_spec.rb | 8 ++++---- spec/shared_examples/dynamic_finders/wp_items.rb | 4 ++-- .../finders/wp_items/urls_in_homepage.rb | 2 +- .../platform/wordpress/custom_directories.rb | 6 ++---- spec/shared_examples/views/main_theme.rb | 2 +- spec/spec_helper.rb | 2 +- 64 files changed, 118 insertions(+), 118 deletions(-) diff --git a/app/controllers/enumeration/cli_options.rb b/app/controllers/enumeration/cli_options.rb index bc91ade6..20032333 100644 --- a/app/controllers/enumeration/cli_options.rb +++ b/app/controllers/enumeration/cli_options.rb @@ -98,7 +98,7 @@ module WPScan [ OptFilePath.new( ['--timthumbs-list FILE-PATH', 'List of timthumbs\' location to use'], - exists: true, default: File.join(DB_DIR, 'timthumbs-v3.txt'), advanced: true + exists: true, default: DB_DIR.join('timthumbs-v3.txt').to_s, advanced: true ), OptChoice.new( ['--timthumbs-detection MODE', @@ -113,7 +113,7 @@ module WPScan [ OptFilePath.new( ['--config-backups-list FILE-PATH', 'List of config backups\' filenames to use'], - exists: true, default: File.join(DB_DIR, 'config_backups.txt'), advanced: true + exists: true, default: DB_DIR.join('config_backups.txt').to_s, advanced: true ), OptChoice.new( ['--config-backups-detection MODE', @@ -128,7 +128,7 @@ module WPScan [ OptFilePath.new( ['--db-exports-list FILE-PATH', 'List of DB exports\' paths to use'], - exists: true, default: File.join(DB_DIR, 'db_exports.txt'), advanced: true + exists: true, default: DB_DIR.join('db_exports.txt').to_s, advanced: true ), OptChoice.new( ['--db-exports-detection MODE', diff --git a/lib/wpscan.rb b/lib/wpscan.rb index e989dd27..78f1345c 100644 --- a/lib/wpscan.rb +++ b/lib/wpscan.rb @@ -33,7 +33,7 @@ module WPScan include CMSScanner APP_DIR = Pathname.new(__FILE__).dirname.join('..', 'app').expand_path - DB_DIR = File.join(Dir.home, '.wpscan', 'db') + DB_DIR = Pathname.new(Dir.home).join('.wpscan', 'db') # Override, otherwise it would be returned as 'wp_scan' # diff --git a/lib/wpscan/browser.rb b/lib/wpscan/browser.rb index 55f3b74c..7bb07fb1 100644 --- a/lib/wpscan/browser.rb +++ b/lib/wpscan/browser.rb @@ -5,7 +5,7 @@ module WPScan # @return [ String ] The path to the user agents list def user_agents_list - @user_agents_list ||= File.join(DB_DIR, 'user-agents.txt') + @user_agents_list ||= DB_DIR.join('user-agents.txt').to_s end # @return [ String ] diff --git a/lib/wpscan/db/dynamic_finders/base.rb b/lib/wpscan/db/dynamic_finders/base.rb index 6de0f903..bc795a16 100644 --- a/lib/wpscan/db/dynamic_finders/base.rb +++ b/lib/wpscan/db/dynamic_finders/base.rb @@ -4,7 +4,7 @@ module WPScan class Base # @return [ String ] def self.db_file - @db_file ||= File.join(DB_DIR, 'dynamic_finders.yml') + @db_file ||= DB_DIR.join('dynamic_finders.yml') end # @return [ Hash ] diff --git a/lib/wpscan/db/fingerprints.rb b/lib/wpscan/db/fingerprints.rb index 952de67a..03c9ac93 100644 --- a/lib/wpscan/db/fingerprints.rb +++ b/lib/wpscan/db/fingerprints.rb @@ -33,7 +33,7 @@ module WPScan # @return [ String ] def self.wp_fingerprints_path - @wp_fingerprints_path ||= File.join(DB_DIR, 'wp_fingerprints.json') + @wp_fingerprints_path ||= DB_DIR.join('wp_fingerprints.json') end # @return [ Hash ] diff --git a/lib/wpscan/db/plugin.rb b/lib/wpscan/db/plugin.rb index 1e858761..9e6a0d7b 100644 --- a/lib/wpscan/db/plugin.rb +++ b/lib/wpscan/db/plugin.rb @@ -4,7 +4,7 @@ module WPScan class Plugin < WpItem # @return [ String ] def self.db_file - @db_file ||= File.join(DB_DIR, 'plugins.json') + @db_file ||= DB_DIR.join('plugins.json') end end end diff --git a/lib/wpscan/db/theme.rb b/lib/wpscan/db/theme.rb index 99f83a66..f21542c6 100644 --- a/lib/wpscan/db/theme.rb +++ b/lib/wpscan/db/theme.rb @@ -4,7 +4,7 @@ module WPScan class Theme < WpItem # @return [ String ] def self.db_file - @db_file ||= File.join(DB_DIR, 'themes.json') + @db_file ||= DB_DIR.join('themes.json') end end end diff --git a/lib/wpscan/db/updater.rb b/lib/wpscan/db/updater.rb index a223d700..6104c64b 100644 --- a/lib/wpscan/db/updater.rb +++ b/lib/wpscan/db/updater.rb @@ -15,11 +15,11 @@ module WPScan attr_reader :repo_directory def initialize(repo_directory) - @repo_directory = repo_directory + @repo_directory = Pathname.new(repo_directory).expand_path - FileUtils.mkdir_p(repo_directory) unless Dir.exist?(repo_directory) + FileUtils.mkdir_p(repo_directory.to_s) unless Dir.exist?(repo_directory.to_s) - raise "#{repo_directory} is not writable" unless Pathname.new(repo_directory).writable? + raise "#{repo_directory} is not writable" unless repo_directory.writable? delete_old_files end @@ -41,7 +41,7 @@ module WPScan # @return [ String ] def last_update_file - @last_update_file ||= File.join(repo_directory, '.last_update') + @last_update_file ||= repo_directory.join('.last_update').to_s end # @return [ Boolean ] @@ -54,7 +54,7 @@ module WPScan # @return [ Boolean ] def missing_files? FILES.each do |file| - return true unless File.exist?(File.join(repo_directory, file)) + return true unless File.exist?(repo_directory.join(file)) end false end @@ -85,16 +85,18 @@ module WPScan res.body.chomp end + # @return [ String ] def local_file_path(filename) - File.join(repo_directory, filename.to_s) + repo_directory.join(filename.to_s).to_s end def local_file_checksum(filename) Digest::SHA512.file(local_file_path(filename)).hexdigest end + # @return [ String ] def backup_file_path(filename) - File.join(repo_directory, "#{filename}.back") + repo_directory.join("#{filename}.back").to_s end def create_backup(filename) diff --git a/lib/wpscan/db/wp_version.rb b/lib/wpscan/db/wp_version.rb index de43e74f..fc6a0ab1 100644 --- a/lib/wpscan/db/wp_version.rb +++ b/lib/wpscan/db/wp_version.rb @@ -4,7 +4,7 @@ module WPScan class Version < WpItem # @return [ String ] def self.db_file - @db_file ||= File.join(DB_DIR, 'wordpresses.json') + @db_file ||= DB_DIR.join('wordpresses.json') end end end diff --git a/spec/app/finders/config_backups/known_filenames_spec.rb b/spec/app/finders/config_backups/known_filenames_spec.rb index add21c3d..ba8c97a7 100644 --- a/spec/app/finders/config_backups/known_filenames_spec.rb +++ b/spec/app/finders/config_backups/known_filenames_spec.rb @@ -2,8 +2,8 @@ describe WPScan::Finders::ConfigBackups::KnownFilenames do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'config_backups') } - let(:opts) { { list: File.join(WPScan::DB_DIR, 'config_backups.txt') } } + let(:fixtures) { FINDERS_FIXTURES.join('config_backups') } + let(:opts) { { list: WPScan::DB_DIR.join('config_backups.txt').to_s } } describe '#aggressive' do before do @@ -23,7 +23,7 @@ describe WPScan::Finders::ConfigBackups::KnownFilenames do context 'when some files exist' do let(:files) { ['%23wp-config.php%23', 'wp-config.bak'] } - let(:config_backup) { File.read(File.join(fixtures, 'wp-config.php')) } + let(:config_backup) { File.read(fixtures.join('wp-config.php')) } before do files.each do |file| diff --git a/spec/app/finders/db_exports/known_locations_spec.rb b/spec/app/finders/db_exports/known_locations_spec.rb index 0682ed48..bd58713e 100644 --- a/spec/app/finders/db_exports/known_locations_spec.rb +++ b/spec/app/finders/db_exports/known_locations_spec.rb @@ -2,8 +2,8 @@ describe WPScan::Finders::DbExports::KnownLocations do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/aa/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'db_exports') } - let(:opts) { { list: File.join(WPScan::DB_DIR, 'db_exports.txt') } } + let(:fixtures) { FINDERS_FIXTURES.join('db_exports') } + let(:opts) { { list: WPScan::DB_DIR.join('db_exports.txt').to_s } } describe '#potential_urls' do before do @@ -40,7 +40,7 @@ describe WPScan::Finders::DbExports::KnownLocations do context 'when some files exist' do let(:files) { %w[ex.sql backups/db_backup.sql] } - let(:db_export) { File.read(File.join(fixtures, 'dump.sql')) } + let(:db_export) { File.read(fixtures.join('dump.sql')) } before do files.each do |file| diff --git a/spec/app/finders/interesting_findings/backup_db_spec.rb b/spec/app/finders/interesting_findings/backup_db_spec.rb index d3bef5d7..a12a4cdf 100644 --- a/spec/app/finders/interesting_findings/backup_db_spec.rb +++ b/spec/app/finders/interesting_findings/backup_db_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::BackupDB do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'backup_db') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'backup_db') } let(:wp_content) { 'wp-content' } let(:dir_url) { target.url("#{wp_content}/backup-db/") } @@ -51,7 +51,7 @@ describe WPScan::Finders::InterestingFindings::BackupDB do end context 'when directory listing enabled' do - let(:body) { File.read(File.join(fixtures, 'dir_listing.html')) } + let(:body) { File.read(fixtures.join('dir_listing.html')) } it 'returns the expected interesting_findings attribute' do @expected_entries = %w[sqldump.sql test.txt] diff --git a/spec/app/finders/interesting_findings/debug_log_spec.rb b/spec/app/finders/interesting_findings/debug_log_spec.rb index 9955e268..46173051 100644 --- a/spec/app/finders/interesting_findings/debug_log_spec.rb +++ b/spec/app/finders/interesting_findings/debug_log_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::DebugLog do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'debug_log') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'debug_log') } let(:wp_content) { 'wp-content' } let(:log_url) { target.url("#{wp_content}/debug.log") } @@ -18,7 +18,7 @@ describe WPScan::Finders::InterestingFindings::DebugLog do end context 'when a log file' do - let(:body) { File.read(File.join(fixtures, 'debug.log')) } + let(:body) { File.read(fixtures.join('debug.log')) } it 'returns the InterestingFinding' do expect(finder.aggressive).to eql WPScan::DebugLog.new( diff --git a/spec/app/finders/interesting_findings/duplicator_installer_log_spec.rb b/spec/app/finders/interesting_findings/duplicator_installer_log_spec.rb index 3d70ccec..102eeaa4 100644 --- a/spec/app/finders/interesting_findings/duplicator_installer_log_spec.rb +++ b/spec/app/finders/interesting_findings/duplicator_installer_log_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::DuplicatorInstallerLog do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'duplicator_installer_log') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'duplicator_installer_log') } let(:filename) { 'installer-log.txt' } let(:log_url) { target.url(filename) } @@ -19,7 +19,7 @@ describe WPScan::Finders::InterestingFindings::DuplicatorInstallerLog do end context 'when the body matches' do - let(:body) { File.read(File.join(fixtures, filename)) } + let(:body) { File.read(fixtures.join(filename)) } it 'returns the InterestingFinding' do expect(finder.aggressive).to eql WPScan::DuplicatorInstallerLog.new( diff --git a/spec/app/finders/interesting_findings/emergency_pwd_reset_script_spec.rb b/spec/app/finders/interesting_findings/emergency_pwd_reset_script_spec.rb index 97c090b7..027116a2 100644 --- a/spec/app/finders/interesting_findings/emergency_pwd_reset_script_spec.rb +++ b/spec/app/finders/interesting_findings/emergency_pwd_reset_script_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::EmergencyPwdResetScript do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'emergency_pwd_reset_script') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'emergency_pwd_reset_script') } describe '#aggressive' do xit diff --git a/spec/app/finders/interesting_findings/full_path_disclosure_spec.rb b/spec/app/finders/interesting_findings/full_path_disclosure_spec.rb index abca8422..68a7fa5d 100644 --- a/spec/app/finders/interesting_findings/full_path_disclosure_spec.rb +++ b/spec/app/finders/interesting_findings/full_path_disclosure_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::FullPathDisclosure do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'fpd') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'fpd') } let(:file_url) { target.url('wp-includes/rss-functions.php') } describe '#aggressive' do @@ -18,7 +18,7 @@ describe WPScan::Finders::InterestingFindings::FullPathDisclosure do end context 'when a log file' do - let(:body) { File.read(File.join(fixtures, 'rss_functions.php')) } + let(:body) { File.read(fixtures.join('rss_functions.php')) } it 'returns the InterestingFinding' do found = finder.aggressive diff --git a/spec/app/finders/interesting_findings/mu_plugins_spec.rb b/spec/app/finders/interesting_findings/mu_plugins_spec.rb index c6e0f7d8..68d8494a 100644 --- a/spec/app/finders/interesting_findings/mu_plugins_spec.rb +++ b/spec/app/finders/interesting_findings/mu_plugins_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::MuPlugins do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'mu_plugins') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'mu_plugins') } describe '#passive' do xit diff --git a/spec/app/finders/interesting_findings/multisite_spec.rb b/spec/app/finders/interesting_findings/multisite_spec.rb index e72d73e0..e61bb43e 100644 --- a/spec/app/finders/interesting_findings/multisite_spec.rb +++ b/spec/app/finders/interesting_findings/multisite_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::Multisite do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'multisite') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'multisite') } describe '#aggressive' do xit diff --git a/spec/app/finders/interesting_findings/readme_spec.rb b/spec/app/finders/interesting_findings/readme_spec.rb index f49f7689..89d51ee6 100644 --- a/spec/app/finders/interesting_findings/readme_spec.rb +++ b/spec/app/finders/interesting_findings/readme_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::Readme do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'readme') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'readme') } describe '#aggressive' do before do @@ -20,7 +20,7 @@ describe WPScan::Finders::InterestingFindings::Readme do # TODO: case when multiple files are present ? (should return only the first one found) context 'when a file exists' do let(:file) { finder.potential_files.sample } - let(:readme) { File.read(File.join(fixtures, 'readme-3.9.2.html')) } + let(:readme) { File.read(fixtures.join('readme-3.9.2.html')) } before { stub_request(:get, target.url(file)).to_return(body: readme) } diff --git a/spec/app/finders/interesting_findings/registration_spec.rb b/spec/app/finders/interesting_findings/registration_spec.rb index ea359057..c3ba0ba3 100644 --- a/spec/app/finders/interesting_findings/registration_spec.rb +++ b/spec/app/finders/interesting_findings/registration_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::Registration do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'registration') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'registration') } describe '#aggressive' do xit diff --git a/spec/app/finders/interesting_findings/tmm_db_migrate_spec.rb b/spec/app/finders/interesting_findings/tmm_db_migrate_spec.rb index a0a0e68c..f1012648 100644 --- a/spec/app/finders/interesting_findings/tmm_db_migrate_spec.rb +++ b/spec/app/finders/interesting_findings/tmm_db_migrate_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::TmmDbMigrate do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'tmm_db_migrate') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'tmm_db_migrate') } describe '#aggressive' do xit diff --git a/spec/app/finders/interesting_findings/upload_direcrory_listing_spec.rb b/spec/app/finders/interesting_findings/upload_direcrory_listing_spec.rb index d3de9290..94c5673e 100644 --- a/spec/app/finders/interesting_findings/upload_direcrory_listing_spec.rb +++ b/spec/app/finders/interesting_findings/upload_direcrory_listing_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::UploadDirectoryListing do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'upload_directory_listing') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'upload_directory_listing') } let(:wp_content) { 'wp-content' } describe '#aggressive' do diff --git a/spec/app/finders/interesting_findings/upload_sql_dump_spec.rb b/spec/app/finders/interesting_findings/upload_sql_dump_spec.rb index 5c6ec864..c8881604 100644 --- a/spec/app/finders/interesting_findings/upload_sql_dump_spec.rb +++ b/spec/app/finders/interesting_findings/upload_sql_dump_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::InterestingFindings::UploadSQLDump do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'interesting_findings', 'upload_sql_dump') } + let(:fixtures) { FINDERS_FIXTURES.join('interesting_findings', 'upload_sql_dump') } let(:wp_content) { 'wp-content' } describe '#aggressive' do @@ -21,7 +21,7 @@ describe WPScan::Finders::InterestingFindings::UploadSQLDump do context 'when a 200' do before do stub_request(:get, finder.dump_url) - .to_return(status: 200, body: File.read(File.join(fixtures, fixture))) + .to_return(status: 200, body: File.read(fixtures.join(fixture))) end context 'when the body does not match a SQL dump' do diff --git a/spec/app/finders/main_theme/css_style_spec.rb b/spec/app/finders/main_theme/css_style_spec.rb index 6af86144..12601c9f 100644 --- a/spec/app/finders/main_theme/css_style_spec.rb +++ b/spec/app/finders/main_theme/css_style_spec.rb @@ -2,11 +2,11 @@ describe WPScan::Finders::MainTheme::CssStyle do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'main_theme', 'css_style') } + let(:fixtures) { FINDERS_FIXTURES.join('main_theme', 'css_style') } describe '#passive' do after do - stub_request(:get, url).to_return(body: File.read(File.join(fixtures, fixture))) + stub_request(:get, url).to_return(body: File.read(fixtures.join(fixture))) expect(finder.passive).to eql @expected end diff --git a/spec/app/finders/main_theme/urls_in_homepage_spec.rb b/spec/app/finders/main_theme/urls_in_homepage_spec.rb index 531abb97..0ec833b3 100644 --- a/spec/app/finders/main_theme/urls_in_homepage_spec.rb +++ b/spec/app/finders/main_theme/urls_in_homepage_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::MainTheme::UrlsInHomepage do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'main_theme', 'urls_in_homepage') } + let(:fixtures) { FINDERS_FIXTURES.join('main_theme', 'urls_in_homepage') } it_behaves_like 'App::Finders::WpItems::URLsInHomepage' do let(:type) { 'themes' } @@ -15,7 +15,7 @@ describe WPScan::Finders::MainTheme::UrlsInHomepage do describe '#passive' do before do stub_request(:get, /.*.css/) - stub_request(:get, target.url).to_return(body: File.read(File.join(fixtures, 'found.html'))) + stub_request(:get, target.url).to_return(body: File.read(fixtures.join('found.html'))) end it 'returns the expected Themes' do diff --git a/spec/app/finders/main_theme/woo_framework_meta_generator_spec.rb b/spec/app/finders/main_theme/woo_framework_meta_generator_spec.rb index 86926d0c..0b9bceeb 100644 --- a/spec/app/finders/main_theme/woo_framework_meta_generator_spec.rb +++ b/spec/app/finders/main_theme/woo_framework_meta_generator_spec.rb @@ -2,11 +2,11 @@ describe WPScan::Finders::MainTheme::WooFrameworkMetaGenerator do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'main_theme', 'woo_framework_meta_generator') } + let(:fixtures) { FINDERS_FIXTURES.join('main_theme', 'woo_framework_meta_generator') } describe '#passive' do after do - stub_request(:get, url).to_return(body: File.read(File.join(fixtures, @file))) + stub_request(:get, url).to_return(body: File.read(fixtures.join(@file))) expect(finder.passive).to eql @expected end diff --git a/spec/app/finders/medias/attachment_brute_forcing_spec.rb b/spec/app/finders/medias/attachment_brute_forcing_spec.rb index 66536478..78914c4f 100644 --- a/spec/app/finders/medias/attachment_brute_forcing_spec.rb +++ b/spec/app/finders/medias/attachment_brute_forcing_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Medias::AttachmentBruteForcing do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'medias', 'attachment_brute_forcing') } + let(:fixtures) { FINDERS_FIXTURES.join('medias', 'attachment_brute_forcing') } describe '#aggressive' do xit diff --git a/spec/app/finders/plugin_version/readme_spec.rb b/spec/app/finders/plugin_version/readme_spec.rb index a9867367..02f81ece 100644 --- a/spec/app/finders/plugin_version/readme_spec.rb +++ b/spec/app/finders/plugin_version/readme_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::PluginVersion::Readme do subject(:finder) { described_class.new(plugin) } let(:plugin) { WPScan::Plugin.new('spec', target) } let(:target) { WPScan::Target.new('http://wp.lab/') } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'plugin_version', 'readme') } + let(:fixtures) { FINDERS_FIXTURES.join('plugin_version', 'readme') } def version(number, found_by, confidence) WPScan::Version.new( @@ -26,7 +26,7 @@ describe WPScan::Finders::PluginVersion::Readme do after do stub_request(:get, /.*/).to_return(status: 404) - stub_request(:get, readme_url).to_return(body: File.read(File.join(fixtures, @file))) + stub_request(:get, readme_url).to_return(body: File.read(fixtures.join(@file))) expect(finder.aggressive).to eql @expected end diff --git a/spec/app/finders/plugins/body_pattern_spec.rb b/spec/app/finders/plugins/body_pattern_spec.rb index 95e4e29f..d0c14928 100644 --- a/spec/app/finders/plugins/body_pattern_spec.rb +++ b/spec/app/finders/plugins/body_pattern_spec.rb @@ -3,7 +3,7 @@ describe WPScan::Finders::Plugins::BodyPattern do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } let(:expected_all) { df_expected_all['plugins'] } let(:item_class) { WPScan::Plugin } diff --git a/spec/app/finders/plugins/comment_spec.rb b/spec/app/finders/plugins/comment_spec.rb index 3a917e44..0fdc2465 100644 --- a/spec/app/finders/plugins/comment_spec.rb +++ b/spec/app/finders/plugins/comment_spec.rb @@ -3,7 +3,7 @@ describe WPScan::Finders::Plugins::Comment do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } let(:expected_all) { df_expected_all['plugins'] } let(:item_class) { WPScan::Plugin } diff --git a/spec/app/finders/plugins/config_parser_spec.rb b/spec/app/finders/plugins/config_parser_spec.rb index 965bd2a9..09a19281 100644 --- a/spec/app/finders/plugins/config_parser_spec.rb +++ b/spec/app/finders/plugins/config_parser_spec.rb @@ -5,7 +5,7 @@ describe WPScan::Finders::Plugins::ConfigParser do # subject(:finder) { described_class.new(target) } # let(:target) { WPScan::Target.new(url) } # let(:url) { 'http://wp.lab/' } - # let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + # let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } # # let(:expected_all) { df_expected_all['plugins'] } # let(:item_class) { WPScan::Plugin } diff --git a/spec/app/finders/plugins/header_pattern_spec.rb b/spec/app/finders/plugins/header_pattern_spec.rb index c1e893bd..cfadb343 100644 --- a/spec/app/finders/plugins/header_pattern_spec.rb +++ b/spec/app/finders/plugins/header_pattern_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Plugins::HeaderPattern do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } def plugin(slug) WPScan::Plugin.new(slug, target) @@ -29,7 +29,7 @@ describe WPScan::Finders::Plugins::HeaderPattern do context 'when headers' do before { expect(target).to receive(:content_dir).and_return('wp-content') } - let(:headers) { JSON.parse(File.read(File.join(fixtures, 'header_pattern_passive_all.html'))) } + let(:headers) { JSON.parse(File.read(fixtures.join('header_pattern_passive_all.html'))) } it 'returns the expected plugins' do @expected = [] diff --git a/spec/app/finders/plugins/javascript_var_spec.rb b/spec/app/finders/plugins/javascript_var_spec.rb index 8e3b46e3..db7f1681 100644 --- a/spec/app/finders/plugins/javascript_var_spec.rb +++ b/spec/app/finders/plugins/javascript_var_spec.rb @@ -3,7 +3,7 @@ describe WPScan::Finders::Plugins::JavascriptVar do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } let(:expected_all) { df_expected_all['plugins'] } let(:item_class) { WPScan::Plugin } diff --git a/spec/app/finders/plugins/known_locations_spec.rb b/spec/app/finders/plugins/known_locations_spec.rb index 04b39c7b..33e3816b 100644 --- a/spec/app/finders/plugins/known_locations_spec.rb +++ b/spec/app/finders/plugins/known_locations_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Plugins::KnownLocations do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'plugins', 'known_locations') } + let(:fixtures) { FINDERS_FIXTURES.join('plugins', 'known_locations') } describe '#aggressive' do xit diff --git a/spec/app/finders/plugins/query_parameter_spec.rb b/spec/app/finders/plugins/query_parameter_spec.rb index 20676bf7..410cf5fc 100644 --- a/spec/app/finders/plugins/query_parameter_spec.rb +++ b/spec/app/finders/plugins/query_parameter_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Plugins::QueryParameter do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } describe '#passive' do its(:passive) { should be nil } diff --git a/spec/app/finders/plugins/urls_in_homepage_spec.rb b/spec/app/finders/plugins/urls_in_homepage_spec.rb index 047bf5a9..26a52f86 100644 --- a/spec/app/finders/plugins/urls_in_homepage_spec.rb +++ b/spec/app/finders/plugins/urls_in_homepage_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Plugins::UrlsInHomepage do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'plugins', 'urls_in_homepage') } + let(:fixtures) { FINDERS_FIXTURES.join('plugins', 'urls_in_homepage') } it_behaves_like 'App::Finders::WpItems::URLsInHomepage' do let(:type) { 'plugins' } @@ -15,7 +15,7 @@ describe WPScan::Finders::Plugins::UrlsInHomepage do describe '#passive' do before do stub_request(:get, finder.target.url) - .to_return(body: File.read(File.join(fixtures, 'found.html'))) + .to_return(body: File.read(fixtures.join('found.html'))) expect(finder.target).to receive(:content_dir).at_least(1).and_return('wp-content') end diff --git a/spec/app/finders/plugins/xpath_spec.rb b/spec/app/finders/plugins/xpath_spec.rb index 38d87bc3..9e1e0325 100644 --- a/spec/app/finders/plugins/xpath_spec.rb +++ b/spec/app/finders/plugins/xpath_spec.rb @@ -3,7 +3,7 @@ describe WPScan::Finders::Plugins::Xpath do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } let(:expected_all) { df_expected_all['plugins'] } let(:item_class) { WPScan::Plugin } diff --git a/spec/app/finders/theme_version/style_spec.rb b/spec/app/finders/theme_version/style_spec.rb index c997a602..d1248a50 100644 --- a/spec/app/finders/theme_version/style_spec.rb +++ b/spec/app/finders/theme_version/style_spec.rb @@ -2,10 +2,10 @@ describe WPScan::Finders::ThemeVersion::Style do subject(:finder) { described_class.new(theme) } let(:theme) { WPScan::Theme.new('spec', target) } let(:target) { WPScan::Target.new('http://wp.lab/') } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'theme_version', 'style') } + let(:fixtures) { FINDERS_FIXTURES.join('theme_version', 'style') } before :all do - Typhoeus::Config.cache = WPScan::Cache::Typhoeus.new(File.join(SPECS, 'cache')) + Typhoeus::Config.cache = WPScan::Cache::Typhoeus.new(SPECS.join('cache')) end before do @@ -77,7 +77,7 @@ describe WPScan::Finders::ThemeVersion::Style do 'no_version' => nil }.each do |file, expected_version| context "when #{file}" do - let(:style_body) { File.new(File.join(fixtures, "#{file}.css")) } + let(:style_body) { File.new(fixtures.join("#{file}.css")) } it 'returns the expected version' do expected = if expected_version diff --git a/spec/app/finders/theme_version/woo_framework_meta_generator_spec.rb b/spec/app/finders/theme_version/woo_framework_meta_generator_spec.rb index 9dbb025a..914ade33 100644 --- a/spec/app/finders/theme_version/woo_framework_meta_generator_spec.rb +++ b/spec/app/finders/theme_version/woo_framework_meta_generator_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::ThemeVersion::WooFrameworkMetaGenerator do subject(:finder) { described_class.new(theme) } let(:theme) { WPScan::Theme.new(slug, target) } let(:target) { WPScan::Target.new('http://wp.lab/') } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'theme_version', 'woo_framework_meta_generator') } + let(:fixtures) { FINDERS_FIXTURES.join('theme_version', 'woo_framework_meta_generator') } before do expect(target).to receive(:content_dir).and_return('wp-content') @@ -11,7 +11,7 @@ describe WPScan::Finders::ThemeVersion::WooFrameworkMetaGenerator do describe '#passive' do after do - stub_request(:get, target.url).to_return(body: File.read(File.join(fixtures, 'editorial-1.3.5.html'))) + stub_request(:get, target.url).to_return(body: File.read(fixtures.join('editorial-1.3.5.html'))) expect(finder.passive).to eql @expected end diff --git a/spec/app/finders/themes/known_locations_spec.rb b/spec/app/finders/themes/known_locations_spec.rb index 6700f7fd..58bba7b7 100644 --- a/spec/app/finders/themes/known_locations_spec.rb +++ b/spec/app/finders/themes/known_locations_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Themes::KnownLocations do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'themes', 'known_locations') } + let(:fixtures) { FINDERS_FIXTURES.join('themes', 'known_locations') } describe '#aggressive' do xit diff --git a/spec/app/finders/themes/urls_in_homepage_spec.rb b/spec/app/finders/themes/urls_in_homepage_spec.rb index 2816eeec..85c5d6f7 100644 --- a/spec/app/finders/themes/urls_in_homepage_spec.rb +++ b/spec/app/finders/themes/urls_in_homepage_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Themes::UrlsInHomepage do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'themes', 'urls_in_homepage') } + let(:fixtures) { FINDERS_FIXTURES.join('themes', 'urls_in_homepage') } it_behaves_like 'App::Finders::WpItems::URLsInHomepage' do let(:type) { 'themes' } diff --git a/spec/app/finders/timthumb_version/bad_request_spec.rb b/spec/app/finders/timthumb_version/bad_request_spec.rb index 41ce0a7e..7920a7fa 100644 --- a/spec/app/finders/timthumb_version/bad_request_spec.rb +++ b/spec/app/finders/timthumb_version/bad_request_spec.rb @@ -2,10 +2,10 @@ describe WPScan::Finders::TimthumbVersion::BadRequest do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Timthumb.new(url) } let(:url) { 'http://ex.lo/timthumb.php' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'timthumb_version', 'bad_request') } + let(:fixtures) { FINDERS_FIXTURES.join('timthumb_version', 'bad_request') } describe '#aggressive' do - before { stub_request(:get, url).to_return(body: File.read(File.join(fixtures, file))) } + before { stub_request(:get, url).to_return(body: File.read(fixtures.join(file))) } after { expect(finder.aggressive).to eql @expected } context 'when no version' do diff --git a/spec/app/finders/timthumbs/known_locations_spec.rb b/spec/app/finders/timthumbs/known_locations_spec.rb index 45c45aec..3eb08e8e 100644 --- a/spec/app/finders/timthumbs/known_locations_spec.rb +++ b/spec/app/finders/timthumbs/known_locations_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Timthumbs::KnownLocations do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'timthumbs', 'known_locations') } + let(:fixtures) { FINDERS_FIXTURES.join('timthumbs', 'known_locations') } describe '#aggressive' do xit diff --git a/spec/app/finders/users/author_id_brute_forcing_spec.rb b/spec/app/finders/users/author_id_brute_forcing_spec.rb index fd7efabf..e6325b63 100644 --- a/spec/app/finders/users/author_id_brute_forcing_spec.rb +++ b/spec/app/finders/users/author_id_brute_forcing_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Users::AuthorIdBruteForcing do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'author_id_brute_forcing') } + let(:fixtures) { FINDERS_FIXTURES.join('users', 'author_id_brute_forcing') } describe '#aggressive' do xit @@ -24,7 +24,7 @@ describe WPScan::Finders::Users::AuthorIdBruteForcing do '2.9.2', '2.9.2-permalink' ].each do |file| it "returns 'admin' from #{file}.html" do - body = File.read(File.join(fixtures, "#{file}.html")) + body = File.read(fixtures.join("#{file}.html")) res = Typhoeus::Response.new(body: body) expect(finder.username_from_response(res)).to eql 'admin' @@ -40,7 +40,7 @@ describe WPScan::Finders::Users::AuthorIdBruteForcing do '2.9.2', '2.9.2-permalink' ].each do |file| it "returns 'admin display_name' from #{file}.html" do - body = File.read(File.join(fixtures, "#{file}.html")) + body = File.read(fixtures.join("#{file}.html")) expect(finder.display_name_from_body(body)).to eql 'admin display_name' end @@ -50,7 +50,7 @@ describe WPScan::Finders::Users::AuthorIdBruteForcing do context 'when no display_name' do ['4.1.1', '3.0', '2.9.2'].each do |file| it "returns nil for #{file}-empty.html" do - body = File.read(File.join(fixtures, "#{file}-empty.html")) + body = File.read(fixtures.join("#{file}-empty.html")) expect(finder.display_name_from_body(body)).to eql nil end diff --git a/spec/app/finders/users/author_posts_spec.rb b/spec/app/finders/users/author_posts_spec.rb index 8fcb2f30..6327cbfb 100644 --- a/spec/app/finders/users/author_posts_spec.rb +++ b/spec/app/finders/users/author_posts_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Users::AuthorPosts do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'author_posts') } + let(:fixtures) { FINDERS_FIXTURES.join('users', 'author_posts') } describe '#passive' do xit @@ -10,7 +10,7 @@ describe WPScan::Finders::Users::AuthorPosts do describe '#potential_usernames' do it 'returns the expected usernames' do - res = Typhoeus::Response.new(body: File.read(File.join(fixtures, 'potential_usernames.html'))) + res = Typhoeus::Response.new(body: File.read(fixtures.join('potential_usernames.html'))) results = finder.potential_usernames(res) diff --git a/spec/app/finders/users/login_error_messages_spec.rb b/spec/app/finders/users/login_error_messages_spec.rb index a5949b76..badb5cae 100644 --- a/spec/app/finders/users/login_error_messages_spec.rb +++ b/spec/app/finders/users/login_error_messages_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Users::LoginErrorMessages do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'login_error_messages') } + let(:fixtures) { FINDERS_FIXTURES.join('users', 'login_error_messages') } describe '#aggressive' do xit diff --git a/spec/app/finders/users/oembed_api_spec.rb b/spec/app/finders/users/oembed_api_spec.rb index ae48fa3d..d9a5a208 100644 --- a/spec/app/finders/users/oembed_api_spec.rb +++ b/spec/app/finders/users/oembed_api_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Users::OembedApi do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://wp.lab/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'oembed_api') } + let(:fixtures) { FINDERS_FIXTURES.join('users', 'oembed_api') } describe '#aggressive' do before do @@ -18,14 +18,14 @@ describe WPScan::Finders::Users::OembedApi do context 'when a JSON response' do context 'when 404' do - let(:body) { File.read(File.join(fixtures, '404.json')) } + let(:body) { File.read(fixtures.join('404.json')) } its(:aggressive) { should eql([]) } end context 'when 200' do context 'when author_url present' do - let(:body) { File.read(File.join(fixtures, '200_author_url.json')) } + let(:body) { File.read(fixtures.join('200_author_url.json')) } it 'returns the expected array of users' do users = finder.aggressive @@ -42,7 +42,7 @@ describe WPScan::Finders::Users::OembedApi do end context 'when author_url not present but author_name' do - let(:body) { File.read(File.join(fixtures, '200_author_name.json')) } + let(:body) { File.read(fixtures.join('200_author_name.json')) } it 'returns the expected array of users' do users = finder.aggressive diff --git a/spec/app/finders/users/rss_generator_spec.rb b/spec/app/finders/users/rss_generator_spec.rb index 63ef7d7c..60664f02 100644 --- a/spec/app/finders/users/rss_generator_spec.rb +++ b/spec/app/finders/users/rss_generator_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::Users::RSSGenerator do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { Pathname.new(FINDERS_FIXTURES).join('users', 'rss_generator') } + let(:fixtures) { FINDERS_FIXTURES.join('users', 'rss_generator') } let(:rss_fixture) { File.read(fixtures.join('feed.xml')) } describe '#passive, #aggressive' do @@ -39,7 +39,7 @@ describe WPScan::Finders::Users::RSSGenerator do end context 'when RSS link in homepage' do - let(:homepage_fixture) { File.join(fixtures, 'homepage_links.html') } + let(:homepage_fixture) { fixtures.join('homepage_links.html') } it 'returns the expected from #passive' do stub_request(:get, target.url('feed/')).to_return(body: rss_fixture) diff --git a/spec/app/finders/wp_version/atom_generator_spec.rb b/spec/app/finders/wp_version/atom_generator_spec.rb index 4cce0f22..09c161b5 100644 --- a/spec/app/finders/wp_version/atom_generator_spec.rb +++ b/spec/app/finders/wp_version/atom_generator_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::WpVersion::AtomGenerator do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { Pathname.new(FINDERS_FIXTURES).join('wp_version', 'atom_generator') } + let(:fixtures) { FINDERS_FIXTURES.join('wp_version', 'atom_generator') } let(:atom_fixture) { File.read(fixtures.join('feed', 'atom')) } describe '#passive, #aggressive' do @@ -36,7 +36,7 @@ describe WPScan::Finders::WpVersion::AtomGenerator do end context 'when atom links in homepage' do - let(:homepage_fixture) { File.join(fixtures, 'links.html') } + let(:homepage_fixture) { fixtures.join('links.html') } it 'returns the expected from #passive' do stub_request(:get, target.url('?feed=atom')).to_return(body: atom_fixture) diff --git a/spec/app/finders/wp_version/rdf_generator_spec.rb b/spec/app/finders/wp_version/rdf_generator_spec.rb index 54668eb8..ac4190ae 100644 --- a/spec/app/finders/wp_version/rdf_generator_spec.rb +++ b/spec/app/finders/wp_version/rdf_generator_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::WpVersion::RDFGenerator do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'wp_version', 'rdf_generator') } + let(:fixtures) { FINDERS_FIXTURES.join('wp_version', 'rdf_generator') } xit end diff --git a/spec/app/finders/wp_version/readme_spec.rb b/spec/app/finders/wp_version/readme_spec.rb index a6b4e53d..89b006ed 100644 --- a/spec/app/finders/wp_version/readme_spec.rb +++ b/spec/app/finders/wp_version/readme_spec.rb @@ -2,11 +2,11 @@ describe WPScan::Finders::WpVersion::Readme do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'wp_version', 'readme') } + let(:fixtures) { FINDERS_FIXTURES.join('wp_version', 'readme') } let(:readme_url) { url + 'readme.html' } describe '#aggressive' do - before { stub_request(:get, readme_url).to_return(body: File.read(File.join(fixtures, file))) } + before { stub_request(:get, readme_url).to_return(body: File.read(fixtures.join(file))) } after do expect(target).to receive(:sub_dir).and_return(false) diff --git a/spec/app/finders/wp_version/rss_generator_spec.rb b/spec/app/finders/wp_version/rss_generator_spec.rb index 9bd35fed..19c4327e 100644 --- a/spec/app/finders/wp_version/rss_generator_spec.rb +++ b/spec/app/finders/wp_version/rss_generator_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::WpVersion::RSSGenerator do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'wp_version', 'rss_generator') } + let(:fixtures) { FINDERS_FIXTURES.join('wp_version', 'rss_generator') } xit end diff --git a/spec/app/finders/wp_version/unique_fingerprinting_spec.rb b/spec/app/finders/wp_version/unique_fingerprinting_spec.rb index e9fe6889..7a3066b4 100644 --- a/spec/app/finders/wp_version/unique_fingerprinting_spec.rb +++ b/spec/app/finders/wp_version/unique_fingerprinting_spec.rb @@ -2,7 +2,7 @@ describe WPScan::Finders::WpVersion::UniqueFingerprinting do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new(url).extend(CMSScanner::Target::Server::Apache) } let(:url) { 'http://ex.lo/' } - let(:fixtures) { File.join(FINDERS_FIXTURES, 'wp_version', 'unique_fingerprinting') } + let(:fixtures) { FINDERS_FIXTURES.join('wp_version', 'unique_fingerprinting') } xit end diff --git a/spec/app/models/theme_spec.rb b/spec/app/models/theme_spec.rb index 790c8b50..bd67cfc8 100644 --- a/spec/app/models/theme_spec.rb +++ b/spec/app/models/theme_spec.rb @@ -3,14 +3,14 @@ describe WPScan::Theme do let(:slug) { 'spec' } let(:blog) { WPScan::Target.new('http://wp.lab/') } let(:opts) { {} } - let(:fixtures) { File.join(FIXTURES, 'models', 'theme') } + let(:fixtures) { FIXTURES.join('models', 'theme') } before { expect(blog).to receive(:content_dir).at_least(1).and_return('wp-content') } describe '#new' do before do stub_request(:get, /.*\.css\z/) - .to_return(body: File.read(File.join(fixtures, 'style.css'))) + .to_return(body: File.read(fixtures.join('style.css'))) end its(:url) { should eql 'http://wp.lab/wp-content/themes/spec/' } @@ -37,7 +37,7 @@ describe WPScan::Theme do describe '#version' do after do stub_request(:get, /.*\.css\z/) - .to_return(body: File.read(File.join(fixtures, 'style.css'))) + .to_return(body: File.read(fixtures.join('style.css'))) expect(WPScan::Finders::ThemeVersion::Base).to receive(:find).with(theme, @expected_opts) theme.version(version_opts) @@ -91,7 +91,7 @@ describe WPScan::Theme do describe '#parent_theme' do before do stub_request(:get, blog.url('wp-content/themes/spec/style.css')) - .to_return(body: File.read(File.join(fixtures, main_theme))) + .to_return(body: File.read(fixtures.join(main_theme))) end context 'when no template' do @@ -108,7 +108,7 @@ describe WPScan::Theme do before do stub_request(:get, parent_url) - .to_return(body: File.read(File.join(fixtures, 'style.css'))) + .to_return(body: File.read(fixtures.join('style.css'))) end %w[child_style windows_line_endings].each do |fixture| diff --git a/spec/app/models/timthumb_spec.rb b/spec/app/models/timthumb_spec.rb index 2ecc35ce..abed5483 100644 --- a/spec/app/models/timthumb_spec.rb +++ b/spec/app/models/timthumb_spec.rb @@ -1,7 +1,7 @@ describe WPScan::Timthumb do subject(:timthumb) { described_class.new(url, opts) } let(:url) { 'http://wp.lab/wp-content/timthumb.php' } - let(:fixtures) { File.join(FIXTURES, 'models', 'timthumb') } + let(:fixtures) { FIXTURES.join('models', 'timthumb') } let(:opts) { {} } describe '#new' do @@ -59,7 +59,7 @@ describe WPScan::Timthumb do describe '#webshot_enabled?' do before do stub_request(:get, /#{timthumb.url}\?src=.*&webshot=1/i) - .to_return(body: File.read(File.join(fixtures, fixture))) + .to_return(body: File.read(fixtures.join(fixture))) end context 'when enabled' do diff --git a/spec/app/views_spec.rb b/spec/app/views_spec.rb index 76ea6809..16908773 100644 --- a/spec/app/views_spec.rb +++ b/spec/app/views_spec.rb @@ -1,7 +1,7 @@ describe 'App::Views' do let(:target_url) { 'http://ex.lo/' } let(:target) { WPScan::Target.new(target_url) } - let(:fixtures) { File.join(SPECS, 'output') } + let(:fixtures) { SPECS.join('output') } # CliNoColour is used to test the CLI output to avoid the painful colours # in the expected output. @@ -23,7 +23,7 @@ describe 'App::Views' do view_filename = defined?(expected_view) ? expected_view : view view_filename = "#{view_filename}.#{formatter.to_s.underscore.downcase}" controller_dir = controller.class.to_s.demodulize.underscore.downcase - expected_output = File.read(File.join(fixtures, controller_dir, view_filename)) + expected_output = File.read(fixtures.join(controller_dir, view_filename)) expect($stdout).to receive(:puts).with(expected_output) diff --git a/spec/lib/browser_spec.rb b/spec/lib/browser_spec.rb index db3a4556..931c9ca0 100644 --- a/spec/lib/browser_spec.rb +++ b/spec/lib/browser_spec.rb @@ -5,7 +5,7 @@ describe WPScan::Browser do describe '#user_agents_list' do context 'when not set' do - its(:user_agents_list) { should eql File.join(WPScan::DB_DIR, 'user-agents.txt') } + its(:user_agents_list) { should eql WPScan::DB_DIR.join('user-agents.txt').to_s } end context 'when set' do diff --git a/spec/lib/finders/dynamic_finder/plugin_version_spec.rb b/spec/lib/finders/dynamic_finder/plugin_version_spec.rb index d5c07780..4311d2d0 100644 --- a/spec/lib/finders/dynamic_finder/plugin_version_spec.rb +++ b/spec/lib/finders/dynamic_finder/plugin_version_spec.rb @@ -32,7 +32,7 @@ WPScan::DB::DynamicFinders::Plugin.versions_finders_configs.each do |slug, confi subject(:finder) { described_class.new(plugin) } let(:plugin) { WPScan::Plugin.new(slug, target) } let(:target) { WPScan::Target.new('http://wp.lab/') } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'plugin_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('plugin_version') } let(:expected) do if expected_all[slug][finder_class].is_a?(Hash) @@ -62,7 +62,7 @@ WPScan::DB::DynamicFinders::Plugin.versions_finders_configs.each do |slug, confi context 'when the version is detected' do let(:stubbed_response) do df_stubbed_response( - File.join(fixtures, "#{finder_super_class.underscore}_passive_all.html"), + fixtures.join("#{finder_super_class.underscore}_passive_all.html"), finder_super_class ) end @@ -95,7 +95,7 @@ WPScan::DB::DynamicFinders::Plugin.versions_finders_configs.each do |slug, confi end describe '#aggressive' do - let(:fixtures) { File.join(super(), slug, finder_class.underscore) } + let(:fixtures) { super().join(slug, finder_class.underscore) } before do expect(target).to receive(:content_dir).at_least(1).and_return('wp-content') @@ -106,7 +106,7 @@ WPScan::DB::DynamicFinders::Plugin.versions_finders_configs.each do |slug, confi if config['path'] context 'when the version is detected' do let(:stubbed_response) do - df_stubbed_response(File.join(fixtures, config['path']), finder_super_class) + df_stubbed_response(fixtures.join(config['path']), finder_super_class) end it 'returns the expected version' do diff --git a/spec/lib/finders/dynamic_finder/wp_version_spec.rb b/spec/lib/finders/dynamic_finder/wp_version_spec.rb index 87115db6..55ea1e38 100644 --- a/spec/lib/finders/dynamic_finder/wp_version_spec.rb +++ b/spec/lib/finders/dynamic_finder/wp_version_spec.rb @@ -14,7 +14,7 @@ WPScan::DB::DynamicFinders::Wordpress.versions_finders_configs.each do |finder_c describe df_tested_class_constant('WpVersion', finder_class) do subject(:finder) { described_class.new(target) } let(:target) { WPScan::Target.new('http://wp.lab/') } - let(:fixtures) { File.join(DYNAMIC_FINDERS_FIXTURES, 'wp_version') } + let(:fixtures) { DYNAMIC_FINDERS_FIXTURES.join('wp_version') } let(:expected) do expected_all[finder_class].is_a?(Hash) ? [expected_all[finder_class]] : expected_all[finder_class] @@ -35,7 +35,7 @@ WPScan::DB::DynamicFinders::Wordpress.versions_finders_configs.each do |finder_c context 'when no PATH' do let(:stubbed_response) do df_stubbed_response( - File.join(fixtures, "#{finder_super_class.underscore}_passive_all.html"), + fixtures.join("#{finder_super_class.underscore}_passive_all.html"), finder_super_class ) end @@ -61,7 +61,7 @@ WPScan::DB::DynamicFinders::Wordpress.versions_finders_configs.each do |finder_c end describe '#aggressive' do - let(:fixtures) { File.join(super(), finder_class.underscore) } + let(:fixtures) { super().join(finder_class.underscore) } before do allow(target).to receive(:sub_dir).and_return(nil) @@ -72,7 +72,7 @@ WPScan::DB::DynamicFinders::Wordpress.versions_finders_configs.each do |finder_c if config['path'] context 'when the version is detected' do let(:stubbed_response) do - df_stubbed_response(File.join(fixtures, config['path']), finder_super_class) + df_stubbed_response(fixtures.join(config['path']), finder_super_class) end it 'returns the expected version' do diff --git a/spec/shared_examples/dynamic_finders/wp_items.rb b/spec/shared_examples/dynamic_finders/wp_items.rb index a7cf3ee9..143469c9 100644 --- a/spec/shared_examples/dynamic_finders/wp_items.rb +++ b/spec/shared_examples/dynamic_finders/wp_items.rb @@ -1,6 +1,6 @@ shared_examples WPScan::Finders::DynamicFinder::WpItems::Finder do let(:passive_fixture) do - File.join(fixtures, "#{described_class.to_s.demodulize.underscore}_passive_all.html") + fixtures.join("#{described_class.to_s.demodulize.underscore}_passive_all.html") end describe '#passive_configs' do @@ -69,7 +69,7 @@ shared_examples WPScan::Finders::DynamicFinder::WpItems::Finder do configs.each do |finder_class, config| finder_super_class = config['class'] || finder_class - fixture = File.join(fixtures, slug, finder_class.underscore, config['path']) + fixture = fixtures.join(slug, finder_class.underscore, config['path']) stubbed_response = df_stubbed_response(fixture, finder_super_class) path = finder.aggressive_path(slug, config) diff --git a/spec/shared_examples/finders/wp_items/urls_in_homepage.rb b/spec/shared_examples/finders/wp_items/urls_in_homepage.rb index a7a50f70..66b7abd5 100644 --- a/spec/shared_examples/finders/wp_items/urls_in_homepage.rb +++ b/spec/shared_examples/finders/wp_items/urls_in_homepage.rb @@ -1,6 +1,6 @@ shared_examples 'App::Finders::WpItems::URLsInHomepage' do before do - stub_request(:get, finder.target.url).to_return(body: File.read(File.join(fixtures, file))) + stub_request(:get, finder.target.url).to_return(body: File.read(fixtures.join(file))) end describe '#items_from_links' do diff --git a/spec/shared_examples/target/platform/wordpress/custom_directories.rb b/spec/shared_examples/target/platform/wordpress/custom_directories.rb index e42190a8..90418ed4 100644 --- a/spec/shared_examples/target/platform/wordpress/custom_directories.rb +++ b/spec/shared_examples/target/platform/wordpress/custom_directories.rb @@ -1,5 +1,5 @@ shared_examples 'WordPress::CustomDirectories' do - let(:fixtures) { File.join(super(), 'custom_directories') } + let(:fixtures) { super().join('custom_directories') } describe '#content_dir' do { @@ -7,9 +7,7 @@ shared_examples 'WordPress::CustomDirectories' do relative_one: 'wp-content', relative_two: 'wp-content', cache: 'wp-content' }.each do |file, expected| it "returns #{expected} for #{file}.html" do - fixture = File.join(fixtures, "#{file}.html") - - stub_request(:get, target.url).to_return(body: File.read(fixture)) + stub_request(:get, target.url).to_return(body: File.read(fixtures.join("#{file}.html"))) expect(target.content_dir).to eql expected end diff --git a/spec/shared_examples/views/main_theme.rb b/spec/shared_examples/views/main_theme.rb index 218edde5..798af81c 100644 --- a/spec/shared_examples/views/main_theme.rb +++ b/spec/shared_examples/views/main_theme.rb @@ -21,7 +21,7 @@ shared_examples 'App::Views::MainTheme' do expect(target).to receive(:content_dir).at_least(1).and_return('wp-content') stub_request(:get, /.*/) stub_request(:get, /.*\.css\z/) - .to_return(body: File.read(File.join(FIXTURES, 'models', 'theme', 'style.css'))) + .to_return(body: File.read(FIXTURES.join('models', 'theme', 'style.css'))) end context 'when no verbose' do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 2ca7e6f8..2b740563 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -23,7 +23,7 @@ end # Dynamic Finders Helpers def df_expected_all - YAML.safe_load(File.read(File.join(DYNAMIC_FINDERS_FIXTURES, 'expected.yml'))) + YAML.safe_load(File.read(DYNAMIC_FINDERS_FIXTURES.join('expected.yml'))) end def df_tested_class_constant(type, finder_class, slug = nil)