From 9677dcd978d132f59f2f9274c659a3bc15e79d23 Mon Sep 17 00:00:00 2001
From: erwanlr <erwan.lr@gmail.com>
Date: Wed, 10 Jul 2019 18:35:46 +0100
Subject: [PATCH] Makes sure the sub_dir is only checked once

---
 .../platform/wordpress/custom_directories.rb    | 17 ++++++++---------
 .../platform/wordpress/custom_directories.rb    | 11 +++++++++++
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/lib/wpscan/target/platform/wordpress/custom_directories.rb b/lib/wpscan/target/platform/wordpress/custom_directories.rb
index 7ea330ed..cd1b6ef4 100644
--- a/lib/wpscan/target/platform/wordpress/custom_directories.rb
+++ b/lib/wpscan/target/platform/wordpress/custom_directories.rb
@@ -99,20 +99,19 @@ module WPScan
 
         # @return [ String, False ] String of the sub_dir found, false otherwise
         # @note: nil can not be returned here, otherwise if there is no sub_dir
-        #        the check would be done each time
+        #        the check would be done each time, which would make enumeration of
+        #        long list of items very slow to generate
         def sub_dir
-          unless @sub_dir
-            # url_pattern is from CMSScanner::Target
-            pattern = %r{#{url_pattern}(.+?)/(?:xmlrpc\.php|wp\-includes/)}i
+          return @sub_dir unless @sub_dir.nil?
 
-            in_scope_uris(homepage_res) do |uri|
-              return @sub_dir = Regexp.last_match[1] if uri.to_s.match(pattern)
-            end
+          # url_pattern is from CMSScanner::Target
+          pattern = %r{#{url_pattern}(.+?)/(?:xmlrpc\.php|wp\-includes/)}i
 
-            @sub_dir = false
+          in_scope_uris(homepage_res) do |uri|
+            return @sub_dir = Regexp.last_match[1] if uri.to_s.match(pattern)
           end
 
-          @sub_dir
+          @sub_dir = false
         end
 
         # Override of the WebSite#url to consider the custom WP directories
diff --git a/spec/shared_examples/target/platform/wordpress/custom_directories.rb b/spec/shared_examples/target/platform/wordpress/custom_directories.rb
index bea5ce3e..b76b35fb 100644
--- a/spec/shared_examples/target/platform/wordpress/custom_directories.rb
+++ b/spec/shared_examples/target/platform/wordpress/custom_directories.rb
@@ -138,6 +138,17 @@ shared_examples 'WordPress::CustomDirectories' do
         expect(target.sub_dir).to eql expected
       end
     end
+
+    context 'when no sub_dir detected' do
+      it 'only checks the in_scope_uris once' do
+        stub_request(:get, target.url).to_return(body: File.read(File.join(fixtures, 'default.html')))
+
+        expect(target.sub_dir).to eql false
+
+        expect(target).to_not receive(:in_scope_uris)
+        expect(target.sub_dir).to eql false
+      end
+    end
   end
 
   describe '#url' do