WebSite is now a class instead of a module

spec/lib/wpscan/wp_target_spec.rb

@@ -20,6 +20,7 @@
 require File.expand_path(File.dirname(__FILE__) + '/wpscan_helper')
 
 describe WpTarget do
+  let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_TARGET_DIR }
 
   before :each do
     Browser.reset
@@ -33,7 +34,6 @@ describe WpTarget do
     @wp_target = WpTarget.new('http://example.localhost/', @options)
   end
 
-  it_should_behave_like 'WebSite'
   it_should_behave_like 'WpReadme'
   it_should_behave_like 'WpConfigBackup'
   it_should_behave_like 'WpFullPathDisclosure'
@@ -50,20 +50,6 @@ describe WpTarget do
       expect { WpTarget.new(nil) }.to raise_error
       expect { Wptarget.new('') }.to raise_error
     end
-
-    it 'should add the http protocol if missing' do
-      WpTarget.new('example.localhost/', @options).url.should === 'http://example.localhost/'
-    end
-
-    it 'should add the trailing slash to the url if missing' do
-      WpTarget.new('lamp/wordpress', @options).url.should === 'http://lamp/wordpress/'
-    end
-  end
-
-  describe '#url' do
-    it 'should return the url of the target' do
-      @wp_target.url.should === @wp_target.uri.to_s
-    end
   end
 
   describe '#login_url' do
@@ -85,6 +71,73 @@ describe WpTarget do
     end
   end
 
+  describe '#wordpress?' do
+    # each url (wp-login and xmlrpc) pointed to a 404
+    before :each do
+      stub_request(:get, @wp_target.url).
+        to_return(status: 200, body: '', headers: { 'X-Pingback' => @wp_target.uri.merge('xmlrpc.php')})
+
+      # Preventing redirection check from login_url()
+      @wp_target.stub(redirection: nil)
+
+      [@wp_target.login_url, @wp_target.xml_rpc_url].each do |url|
+        stub_request(:get, url).to_return(status: 404, body: '')
+      end
+    end
+
+    it 'should return false if both files are not found (404)' do
+      @wp_target.should_not be_wordpress
+    end
+
+    it 'should return true if the wp-login is found and is a valid wordpress one' do
+      stub_request(:get, @wp_target.login_url).
+        to_return(status: 200, body: File.new(fixtures_dir + '/wp-login.php'))
+
+      @wp_target.should be_wordpress
+    end
+
+    it 'should return true if the xmlrpc is found' do
+      stub_request(:get, @wp_target.xml_rpc_url).
+        to_return(status: 200, body: File.new(fixtures_dir + '/xmlrpc.php'))
+
+      @wp_target.should be_wordpress
+    end
+  end
+
+  describe '#redirection' do
+    it 'should return nil if no redirection detected' do
+      stub_request(:get, @wp_target.url).to_return(status: 200, body: '')
+
+      @wp_target.redirection.should be_nil
+    end
+
+    [301, 302].each do |status_code|
+      it "should return http://new-location.com if the status code is #{status_code}" do
+        new_location = 'http://new-location.com'
+
+        stub_request(:get, @wp_target.url).
+          to_return(status: status_code, headers: { location: new_location })
+
+        stub_request(:get, new_location).to_return(status: 200)
+
+        @wp_target.redirection.should === 'http://new-location.com'
+      end
+    end
+
+    context 'when multiple redirections' do
+      it 'should return the last redirection' do
+        first_redirection = 'www.redirection.com'
+        last_redirection   = 'redirection.com'
+
+        stub_request(:get, @wp_target.url).to_return(status: 301, headers: { location: first_redirection })
+        stub_request(:get, first_redirection).to_return(status: 302, headers: { location: last_redirection })
+        stub_request(:get, last_redirection).to_return(status: 200)
+
+        @wp_target.redirection.should === last_redirection
+      end
+    end
+  end
+
   describe '#wp_content_dir' do
     let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_TARGET_DIR + '/wp_content_dir' }