Added w3-total-cache exploit and rspec tests for errors on loading the main script (issue #110)

data/plugin_vulns.xml

@@ -2996,5 +2996,15 @@ File Upload Vulnerability</title>
     </vulnerability>
   </plugin>
 
+  <plugin name="w3-total-cache">
+    <vulnerability>
+      <title>W3-Total-Cache 0.9.2.4 (or before) Username and Hash Extract</title>
+      <reference>http://seclists.org/fulldisclosure/2012/Dec/242</reference>
+      <reference>https://github.com/FireFart/W3TotalCacheExploit</reference>
+      <metasploit>auxiliary/gather/wp_w3_total_cache_hash_extract</metasploit>
+      <type>UNKNOWN</type>
+    </vulnerability>
+  </plugin>
+
 </vulnerabilities>
 

data/plugins.txt

@@ -1732,7 +1732,7 @@ visual-form-builder/readme.txt
 vkontakte-api/close-wp.php
 vm-backups/readme.txt
 vslider/readme.txt
-w3-total-cache/index.html
+w3-total-cache/readme.txt
 wangguard/index.php
 wapple-architect/architect.php
 wassup/badhosts-intl.txt

spec/wpscan_spec.rb

@@ -0,0 +1,28 @@
+#--
+# WPScan - WordPress Security Scanner
+# Copyright (C) 2012-2013
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#++
+
+require 'spec_helper'
+
+describe "wpscan main checks" do
+
+  it "check for errors on running the mainscript" do
+    a = %x[ruby #{ROOT_DIR}/wpscan.rb]
+    a.should =~ /\[ERROR\] No argument supplied/
+  end
+
+end