garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix registration detection

Browse Source 
rspec tests
This commit is contained in:
Christian Mehlmauer
2012-09-24 22:36:22 +02:00
parent 2e4a622cec
commit 8df37a425d
2 changed files with 68 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
lib/wpscan/wp_target.rb
View File

@@ -138,32 +138,42 @@ class WpTarget
# Should check wp-login.php if registration is enabled or not # Should check wp-login.php if registration is enabled or not
def registration_enabled? def registration_enabled?
resp = Browser.instance.get(registration_url) resp = Browser.instance.get(registration_url)
if resp.code == 302 and resp.headers_hash["location"] =~ /wp-login\.php\?registration=disabled/ # redirect only on non multi sites
if resp.code == 302 and resp.headers_hash["location"] =~ /wp-login\.php\?registration=disabled/i
enabled = false enabled = false
else # multi site registration form
elsif resp.code == 200 and resp.body =~ /<form id="setupform" method="post" action="[^"]*wp-signup\.php[^"]*">/i
enabled = true enabled = true
# normal registration form
elsif resp.code == 200 and resp.body =~ /<form name="registerform" id="registerform" action="[^"]*wp-login\.php[^"]*"/i
enabled = true
# registration disabled
else
enabled = false
end end
enabled enabled
end end
def registration_url def registration_url
@uri.merge("wp-login.php?action=register") is_multisite? ? @uri.merge("wp-signup.php") : @uri.merge("wp-login.php?action=register")
end end
def is_multisite? def is_multisite?
unless @multisite
# when multi site, there is no redirection or a redirect to the site itself # when multi site, there is no redirection or a redirect to the site itself
# otherwise redirect to wp-login.php # otherwise redirect to wp-login.php
url = @uri.merge("wp-signup.php") url = @uri.merge("wp-signup.php")
resp = Browser.instance.get(url) resp = Browser.instance.get(url)
if resp.code == 302 and resp.headers_hash["location"] =~ /wp-login\.php\?action=register/ if resp.code == 302 and resp.headers_hash["location"] =~ /wp-login\.php\?action=register/
multisite = false @multisite = false
elsif resp.code == 302 and resp.headers_hash["location"] =~ /wp-signup\.php/ elsif resp.code == 302 and resp.headers_hash["location"] =~ /wp-signup\.php/
multisite = true @multisite = true
elsif resp.code == 200 elsif resp.code == 200
multisite = true @multisite = true
else else
multisite = false @multisite = false
end end
multisite end
@multisite
end end
end end

46
spec/lib/wpscan/wp_target_spec.rb
View File

@@ -246,21 +246,54 @@ describe WpTarget do
end end
describe "#registration_url" do describe "#registration_url" do
it "should return the correct url" do it "should return the correct url (multisite)" do
# set to multi site
stub_request(:any, "http://example.localhost/wp-signup.php").to_return(:status => 200)
@wp_target.registration_url.to_s.should == "http://example.localhost/wp-signup.php"
end
it "should return the correct url (not multisite)" do
# set to single site
stub_request(:any, "http://example.localhost/wp-signup.php").to_return(:status => 302, :headers => { "Location" => "wp-login.php?action=register" })
@wp_target.registration_url.to_s.should == "http://example.localhost/wp-login.php?action=register" @wp_target.registration_url.to_s.should == "http://example.localhost/wp-login.php?action=register"
end end
end end
describe "#registration_enabled?" do describe "#registration_enabled?" do
it "should return false" do it "should return false (multisite)" do
# set to multi site
stub_request(:any, "http://example.localhost/wp-signup.php").to_return(:status => 200)
stub_request(:any, @wp_target.registration_url.to_s).to_return(:status => 302, :headers => { "Location" => "wp-login.php?registration=disabled" }) stub_request(:any, @wp_target.registration_url.to_s).to_return(:status => 302, :headers => { "Location" => "wp-login.php?registration=disabled" })
@wp_target.registration_enabled?.should be_false @wp_target.registration_enabled?.should be_false
end end
it "should return true" do it "should return true (multisite)" do
stub_request(:any, @wp_target.registration_url.to_s).to_return(:status => 200) # set to multi site
stub_request(:any, "http://example.localhost/wp-signup.php").to_return(:status => 200)
stub_request(:any, @wp_target.registration_url.to_s).to_return(:status => 200, :body => %{<form id="setupform" method="post" action="wp-signup.php">})
@wp_target.registration_enabled?.should be_true @wp_target.registration_enabled?.should be_true
end end
it "should return false (not multisite)" do
# set to single site
stub_request(:any, "http://example.localhost/wp-signup.php").to_return(:status => 302, :headers => { "Location" => "wp-login.php?action=register" })
stub_request(:any, @wp_target.registration_url.to_s).to_return(:status => 302, :headers => { "Location" => "wp-login.php?registration=disabled" })
@wp_target.registration_enabled?.should be_false
end
it "should return true (not multisite)" do
# set to single site
stub_request(:any, "http://example.localhost/wp-signup.php").to_return(:status => 302, :headers => { "Location" => "wp-login.php?action=register" })
stub_request(:any, @wp_target.registration_url.to_s).to_return(:status => 200, :body => %{<form name="registerform" id="registerform" action="wp-login.php"})
@wp_target.registration_enabled?.should be_true
end
it "should return false" do
# set to single site
stub_request(:any, "http://example.localhost/wp-signup.php").to_return(:status => 302, :headers => { "Location" => "wp-login.php?action=register" })
stub_request(:any, @wp_target.registration_url.to_s).to_return(:status => 500)
@wp_target.registration_enabled?.should be_false
end
end end
describe "#is_multisite?" do describe "#is_multisite?" do
@@ -282,5 +315,10 @@ describe WpTarget do
stub_request(:any, @url).to_return(:status => 200) stub_request(:any, @url).to_return(:status => 200)
@wp_target.is_multisite?.should be_true @wp_target.is_multisite?.should be_true
end end
it "should return false" do
stub_request(:any, @url).to_return(:status => 500)
@wp_target.is_multisite?.should be_false
end
end end
end end