garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

-) custom plugins directory (outside of wp-content)

Browse Source 
-) feedback from ewanlr
-) Regex fix for version detection from readme.txt due to false positives (tag-cloud-widget plugin)
This commit is contained in:
Christian Mehlmauer
2012-09-23 21:50:41 +02:00
parent 9b6a2805d7
commit a15028793e
46 changed files with 560 additions and 415 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
spec/lib/wpscan/modules/wp_login_protection_spec.rb
View File

@@ -100,7 +100,7 @@ shared_examples_for "WpLoginProtection" do
it "should return a login-lockdown WpPlugin object" do
@fixture = @fixtures_dir + "/wp-login-login_lockdown.php"
@plugin_expected = WpPlugin.new(:url => @module.url,
@plugin_expected = WpPlugin.new(:base_url => @module.url,
:path => "/plugins/login-lockdown/",
:name => "login-lockdown"
)
@@ -109,7 +109,7 @@ shared_examples_for "WpLoginProtection" do
it "should return a login-lock WpPlugin object" do
@fixture = @fixtures_dir + "/wp-login-login_lock.php"
@plugin_expected = WpPlugin.new(:url => @module.url,
@plugin_expected = WpPlugin.new(:base_url => @module.url,
:path => "/plugins/login-lock/",
:name => "login-lock"
)

28
spec/lib/wpscan/modules/wp_plugins_spec.rb
View File

@@ -31,7 +31,7 @@ shared_examples_for "WpPlugins" do
@module.error_404_hash = Digest::MD5.hexdigest("Error 404!")
@module.extend(WpPlugins)
@options = {:url => @wp_url,
@options = {:base_url => @wp_url,
:only_vulnerable_ones => false,
:show_progress_bar => false,
:error_404_hash => Digest::MD5.hexdigest("Error 404!"),
@@ -43,27 +43,27 @@ shared_examples_for "WpPlugins" do
}
File.exist?(@plugin_vulns_file).should == true
File.exist?(@plugins_file).should == true
@targets = [WpPlugin.new({:url => "http://example.localhost/",
@targets = [WpPlugin.new({:base_url => "http://example.localhost/",
:path => "exclude-pages/exclude_pages.php",
:wp_content_dir => "wp-content",
:name => "exclude-pages"}),
WpPlugin.new({:url => "http://example.localhost/",
WpPlugin.new({:base_url => "http://example.localhost/",
:path => "display-widgets/display-widgets.php",
:wp_content_dir => "wp-content",
:name => "display-widgets"}),
WpPlugin.new({:url => "http://example.localhost/",
WpPlugin.new({:base_url => "http://example.localhost/",
:path => "media-library",
:wp_content_dir => "wp-content",
:name => "media-library"}),
WpPlugin.new({:url => "http://example.localhost/",
WpPlugin.new({:base_url => "http://example.localhost/",
:path => "deans",
:wp_content_dir => "wp-content",
:name => "deans"}),
WpPlugin.new({:url => "http://example.localhost/",
WpPlugin.new({:base_url => "http://example.localhost/",
:path => "formidable/formidable.php",
:wp_content_dir => "wp-content",
:name => "formidable"}),
WpPlugin.new({:url => "http://example.localhost/",
WpPlugin.new({:base_url => "http://example.localhost/",
:path => "regenerate-thumbnails/readme.txt",
:wp_content_dir => "wp-content",
:name => "regenerate-thumbnails"})]
@@ -74,7 +74,7 @@ shared_examples_for "WpPlugins" do
it "should return an empty array" do
stub_request_to_fixture(:url => @module.url, :fixture => File.new(passive_detection_fixtures + '/no_plugins.htm'))
plugins = @module.plugins_from_passive_detection(:url => @module.url, :wp_content_dir => "wp-content")
plugins = @module.plugins_from_passive_detection(:base_url => @module.url, :wp_content_dir => "wp-content")
plugins.should be_empty
end
@@ -92,12 +92,12 @@ shared_examples_for "WpPlugins" do
}
expected_plugins = []
expected_plugin_names.each do |plugin_name|
expected_plugins << WpPlugin.new(:url => @module.url,
expected_plugins << WpPlugin.new(:base_url => @module.url,
:path => "/plugins/#{plugin_name}/",
:name => plugin_name)
end
plugins = @module.plugins_from_passive_detection(:url => @module.url, :wp_content_dir => "wp-content")
plugins = @module.plugins_from_passive_detection(:base_url => @module.url, :wp_content_dir => "wp-content")
plugins.should_not be_empty
plugins.length.should == expected_plugins.length
plugins.sort.should == expected_plugins.sort
@@ -110,7 +110,7 @@ shared_examples_for "WpPlugins" do
stub_request(:get, @module.uri.to_s).to_return(:status => 200)
# Point all targets to a 404
@targets.each do |target|
stub_request(:get, target.get_url.to_s).to_return(:status => 404)
stub_request(:get, target.get_full_url.to_s).to_return(:status => 404)
# to_s calls readme_url
stub_request(:get, target.readme_url.to_s).to_return(:status => 404)
end
@@ -132,9 +132,9 @@ shared_examples_for "WpPlugins" do
@passive_detection_fixture = @fixtures_dir + "/passive_detection/one_plugin.htm"
@expected_plugins = @targets.sample(2)
@expected_plugins.each do |p|
stub_request(:get, p.get_url.to_s).to_return(:status => 200)
stub_request(:get, p.get_full_url.to_s).to_return(:status => 200)
end
new_plugin = WpPlugin.new(:url => "http://example.localhost/",
new_plugin = WpPlugin.new(:base_url => "http://example.localhost/",
:path => "/plugins/comment-info-tip/",
:name => "comment-info-tip")
stub_request(:get, new_plugin.readme_url.to_s).to_return(:status => 200)
@@ -149,7 +149,7 @@ shared_examples_for "WpPlugins" do
plugin_url.should_not be_nil
plugin_url.length.should == 1
@expected_plugins = plugin_url
stub_request(:get, plugin_url[0].get_url.to_s).to_return(:status => valid_response_code)
stub_request(:get, plugin_url[0].get_full_url.to_s).to_return(:status => valid_response_code)
end
end
end

42
spec/lib/wpscan/modules/wp_themes_spec.rb
View File

@@ -31,7 +31,7 @@ shared_examples_for "WpThemes" do
@module.error_404_hash = Digest::MD5.hexdigest("Error 404!")
@module.extend(WpThemes)
@options = {:url => @wp_url,
@options = {:base_url => @wp_url,
:only_vulnerable_ones => false,
:show_progress_bar => false,
:error_404_hash => Digest::MD5.hexdigest("Error 404!"),
@@ -43,55 +43,55 @@ shared_examples_for "WpThemes" do
}
File.exist?(@theme_vulns_file).should == true
File.exist?(@themes_file).should == true
@targets = [WpTheme.new({:url => "http://example.localhost/",
@targets = [WpTheme.new({:base_url => "http://example.localhost/",
:path => "zenpro/404.php",
:wp_content_dir => "wp-content",
:name => "zenpro"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zeta-zip/404.php",
:wp_content_dir => "wp-content",
:name => "zeta-zip"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zfirst/404.php",
:wp_content_dir => "wp-content",
:name => "zfirst"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zgrey/404.php",
:wp_content_dir => "wp-content",
:name => "zgrey"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zindi-ii/404.php",
:wp_content_dir => "wp-content",
:name => "zindi-ii"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zindi/404.php",
:wp_content_dir => "wp-content",
:name => "zindi"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zombie-apocalypse/404.php",
:wp_content_dir => "wp-content",
:name => "zombie-apocalypse"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zsofa/404.php",
:wp_content_dir => "wp-content",
:name => "zsofa"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "zwei-seiten/404.php",
:wp_content_dir => "wp-content",
:name => "zwei-seiten"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "twentyten/404.php",
:wp_content_dir => "wp-content",
:name => "twentyten"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "shopperpress",
:wp_content_dir => "wp-content",
:name => "shopperpress"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "wise",
:wp_content_dir => "wp-content",
:name => "wise"}),
WpTheme.new({:url => "http://example.localhost/",
WpTheme.new({:base_url => "http://example.localhost/",
:path => "webfolio",
:wp_content_dir => "wp-content",
:name => "webfolio"})]
@@ -102,7 +102,7 @@ shared_examples_for "WpThemes" do
it "should return an empty array" do
stub_request_to_fixture(:url => @module.url, :fixture => File.new(passive_detection_fixtures + '/no_theme.htm'))
themes = @module.themes_from_passive_detection(:url => @module.url, :wp_content_dir => "wp-content")
themes = @module.themes_from_passive_detection(:base_url => @module.url, :wp_content_dir => "wp-content")
themes.should be_empty
end
@@ -112,12 +112,12 @@ shared_examples_for "WpThemes" do
expected_theme_names = %w{ theme1 theme2 theme3 }
expected_themes = []
expected_theme_names.each do |theme_name|
expected_themes << WpTheme.new(:url => @module.url,
expected_themes << WpTheme.new(:base_url => @module.url,
:path => "/themes/#{theme_name}/",
:name => theme_name)
end
themes = @module.themes_from_passive_detection(:url => @module.url, :wp_content_dir => "wp-content")
themes = @module.themes_from_passive_detection(:base_url => @module.url, :wp_content_dir => "wp-content")
themes.should_not be_empty
themes.length.should == expected_themes.length
themes.sort.should == expected_themes.sort
@@ -130,7 +130,7 @@ shared_examples_for "WpThemes" do
stub_request(:get, @module.uri.to_s).to_return(:status => 200)
# Point all targets to a 404
@targets.each do |target|
stub_request(:get, target.get_url.to_s).to_return(:status => 404)
stub_request(:get, target.get_full_url.to_s).to_return(:status => 404)
# to_s calls readme_url
stub_request(:get, target.readme_url.to_s).to_return(:status => 404)
end
@@ -152,9 +152,9 @@ shared_examples_for "WpThemes" do
@passive_detection_fixture = @fixtures_dir + "/passive_detection/one_theme.htm"
@expected_themes = @targets.sample(2)
@expected_themes.each do |p|
stub_request(:get, p.get_url.to_s).to_return(:status => 200)
stub_request(:get, p.get_full_url.to_s).to_return(:status => 200)
end
new_theme = WpTheme.new(:url => "http://example.localhost/",
new_theme = WpTheme.new(:base_url => "http://example.localhost/",
:path => "/themes/custom-twentyten/",
:name => "custom-twentyten")
stub_request(:get, new_theme.readme_url.to_s).to_return(:status => 200)
@@ -169,7 +169,7 @@ shared_examples_for "WpThemes" do
theme_url.should_not be_nil
theme_url.length.should == 1
@expected_themes = theme_url
stub_request(:get, theme_url[0].get_url.to_s).to_return(:status => valid_response_code)
stub_request(:get, theme_url[0].get_full_url.to_s).to_return(:status => valid_response_code)
end
end
end

8
spec/lib/wpscan/modules/wp_timthumbs_spec.rb
View File

@@ -22,7 +22,7 @@ shared_examples_for "WpTimthumbs" do
@options = {}
@url = "http://example.localhost/"
@theme_name = "bueno"
@options[:url] = @url
@options[:base_url] = @url
@options[:wp_content_dir] = "wp-content"
@options[:name] = @theme_name
@options[:error_404_hash] = "xx"
@@ -60,7 +60,7 @@ shared_examples_for "WpTimthumbs" do
targets.length.should > 0
temp = []
targets.each do |t|
temp << t.get_url.to_s
temp << t.get_full_url.to_s
end
temp.sort.should === @targets_from_theme.sort
end
@@ -91,7 +91,7 @@ shared_examples_for "WpTimthumbs" do
urls = []
urls_hash = WpEnumerator.generate_items(@options)
urls_hash.each do |u|
url = u.get_url.to_s
url = u.get_full_url.to_s
urls << url
stub_request(:get, url).to_return(:status => 404)
end
@@ -106,7 +106,7 @@ shared_examples_for "WpTimthumbs" do
temp = []
timthumbs.each do |t|
temp << t.get_url.to_s
temp << t.get_full_url.to_s
end
temp.sort.should === expected.sort
@module.has_timthumbs?(nil).should be_true

372
spec/lib/wpscan/wp_item_spec.rb
View File

@@ -19,82 +19,141 @@
require File.expand_path(File.dirname(__FILE__) + '/wpscan_helper')
describe WpPlugin do
before :each do
@instance = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
end
describe "#initialize" do
it "should create a correct instance" do
@instance.wp_content_dir.should == "wp-content"
@instance.url.should == "http://sub.example.com/path/to/wordpress/"
@instance.path.should == "test/asdf.php"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.wp_content_dir.should == "wp-content"
instance.base_url.should == "http://sub.example.com/path/to/wordpress/"
instance.path.should == "test/asdf.php"
end
end
describe "#get_url" do
describe "#get_full_url" do
it "should return the correct url" do
@instance.get_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/asdf.php"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.get_full_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/asdf.php"
end
it "should return the correct url (custom wp_content_dir)" do
@instance.wp_content_dir = "custom"
@instance.type = "plugins"
@instance.get_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/asdf.php"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "custom"
)
instance.get_full_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/asdf.php"
end
it "should trim / and add missing / before concatenating url" do
@instance.wp_content_dir = "/custom/"
@instance.url = "http://sub.example.com/path/to/wordpress"
@instance.path = "test/asdf.php"
@instance.type = "plugins"
@instance.get_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/asdf.php"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "/custom/"
)
instance.get_full_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/asdf.php"
end
end
describe "#get_url_without_filename" do
it "should return the correct url" do
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/"
end
it "should return the correct url (custom wp_content_dir)" do
@instance.wp_content_dir = "custom"
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "custom"
)
instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/"
end
it "should trim / and add missing / before concatenating url" do
@instance.wp_content_dir = "/custom/"
@instance.url = "http://sub.example.com/path/to/wordpress"
@instance.path = "test/asdf.php"
@instance.type = "plugins"
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "/custom/"
)
instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/"
end
it "should not remove the last foldername" do
@instance.path = "test/"
@instance.type = "plugins"
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/"
end
it "should return the correct url (https)" do
@instance.url = "https://sub.example.com/path/to/wordpress/"
@instance.get_url_without_filename.to_s.should == "https://sub.example.com/path/to/wordpress/wp-content/plugins/test/"
instance = WpItem.new(:base_url => "https://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.get_url_without_filename.to_s.should == "https://sub.example.com/path/to/wordpress/wp-content/plugins/test/"
end
it "should add the last slash if it's not present" do
@instance.path = "test-one"
@instance.type = "plugins"
@instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test-one/"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test-one",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.get_url_without_filename.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test-one/"
end
end
describe "#version" do
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_PLUGIN_DIR + '/version' }
before :each do
@instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
end
it "should return a version number" do
stub_request(:get, @instance.readme_url.to_s).to_return(:status => 200, :body => "Stable tag: 1.2.4.3.2.1")
@instance.version.should == "1.2.4.3.2.1"
@@ -120,6 +179,16 @@ describe WpPlugin do
end
describe "#directory_listing?" do
before :each do
@instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
end
it "should return true" do
stub_request(:get, @instance.get_url_without_filename.to_s).to_return(:status => 200,
:body => "<html><head><title>Index of asdf</title></head></html>")
@@ -140,36 +209,74 @@ describe WpPlugin do
describe "#extract_name_from_url" do
it "should extract the correct name" do
@instance.extract_name_from_url.should == "test"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.extract_name_from_url.should == "test"
end
it "should extract the correct name (custom wp_content_dir)" do
@instance.wp_content_dir = "custom"
@instance.extract_name_from_url.should == "test"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "custom"
)
instance.extract_name_from_url.should == "test"
end
it "should extract the correct name" do
@instance.wp_content_dir = "/custom/"
@instance.url = "http://sub.example.com/path/to/wordpress"
@instance.path = "test2/asdf.php"
@instance.type = "plugins"
@instance.extract_name_from_url.should == "test2"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test2/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "/custom/"
)
instance.extract_name_from_url.should == "test2"
end
it "should extract the correct plugin name" do
@instance.path = "testplugin/"
@instance.type = "plugins"
@instance.extract_name_from_url.should == "testplugin"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "testplugin/",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.extract_name_from_url.should == "testplugin"
end
it "should extract the correct theme name" do
@instance.path = "testtheme/"
@instance.type = "plugins"
@instance.extract_name_from_url.should == "testtheme"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "testtheme/",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "themes"
)
instance.extract_name_from_url.should == "testtheme"
end
end
describe "#to_s" do
before :each do
@instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
end
it "should return the name including a version number" do
stub_request(:get, @instance.readme_url.to_s).to_return(:status => 200, :body => "Stable tag: 1.2.4.3.2.1")
@instance.to_s.should == "test v1.2.4.3.2.1"
@@ -182,8 +289,18 @@ describe WpPlugin do
end
describe "#==" do
before :each do
@instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
end
it "should return false" do
instance2 = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
instance2 = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "newname/asdf.php",
:type => "plugins",
:vulns_file => "XXX.xml",
@@ -193,7 +310,7 @@ describe WpPlugin do
end
it "should return true" do
instance2 = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
instance2 = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:type => "plugins",
:vulns_file => "XXX.xml",
@@ -204,38 +321,25 @@ describe WpPlugin do
end
describe "#get_sub_folder" do
it "should return plugins" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
it "should return themes" do
item = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:wp_plugins_dir => "wp-content/plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
:type => "themes"
)
item.get_sub_folder.should == "plugins"
end
it "should return custom-plugins" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "custom-plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
item.get_sub_folder.should == "custom-plugins"
item.get_sub_folder.should == "themes"
end
it "should return themes" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
item = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:wp_plugins_dir => "wp-content/plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "themes"
@@ -244,11 +348,11 @@ describe WpPlugin do
end
it "should return nil" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
item = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:wp_plugins_dir => "wp-content/plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "timthumbs"
@@ -257,11 +361,11 @@ describe WpPlugin do
end
it "should raise an exception" do
item = WpItem.new(:url => "http://sub.example.com/path/to/wordpress/",
item = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins",
:wp_plugins_dir => "wp-content/plugins",
:name => "test",
:vulns_xpath => "XX",
:type => "type"
@@ -272,55 +376,111 @@ describe WpPlugin do
describe "#readme_url" do
it "should return the corrent plugin readme url" do
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/readme.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/readme.txt"
end
it "should return the corrent plugin readme url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.type = "plugins"
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/readme.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "custom"
)
instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/readme.txt"
end
it "should return the corrent theme readme url" do
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/themes/test/readme.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "themes"
)
instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/themes/test/readme.txt"
end
it "should return the corrent theme readme url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/themes/test/readme.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "themes",
:wp_content_dir => "custom"
)
instance.readme_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/themes/test/readme.txt"
end
end
describe "#changelog_url" do
it "should return the corrent plugin changelog url" do
@instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/changelog.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/plugins/test/changelog.txt"
end
it "should return the corrent plugin changelog url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.type = "plugins"
@instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/changelog.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins",
:wp_content_dir => "custom"
)
instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/plugins/test/changelog.txt"
end
it "should return the corrent theme changelog url" do
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/themes/test/changelog.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "themes"
)
instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/wp-content/themes/test/changelog.txt"
end
it "should return the corrent theme changelog url (custom wp_content)" do
@instance.wp_content_dir = "custom"
@instance.path = "test/asdf.php"
@instance.type = "themes"
@instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/themes/test/changelog.txt"
instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "themes",
:wp_content_dir => "custom"
)
instance.changelog_url.to_s.should == "http://sub.example.com/path/to/wordpress/custom/themes/test/changelog.txt"
end
end
describe "#has_readme?" do
before :each do
@instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
end
it "should return true" do
stub_request(:get, @instance.readme_url.to_s).to_return(:status => 200)
@instance.has_readme?.should == true
@@ -333,6 +493,16 @@ describe WpPlugin do
end
describe "#has_changelog?" do
before :each do
@instance = WpItem.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "test/asdf.php",
:vulns_file => "XXX.xml",
:name => "test",
:vulns_xpath => "XX",
:type => "plugins"
)
end
it "should return true" do
stub_request(:get, @instance.changelog_url.to_s).to_return(:status => 200)
@instance.has_changelog?.should == true

14
spec/lib/wpscan/wp_options_spec.rb
View File

@@ -22,7 +22,7 @@ describe WpOptions do
describe "#check_options" do
before :each do
@options = {}
@options[:url] = "url"
@options[:base_url] = "url"
@options[:only_vulnerable_ones] = false
@options[:file] = "file"
@options[:vulns_file] = "vulns_file"
@@ -40,14 +40,14 @@ describe WpOptions do
expect { WpOptions.check_options(@options) }.to raise_error(RuntimeError, @message)
end
it "should raise an exception (url empty)" do
@options[:url] = ""
@message = "url must be set"
it "should raise an exception (base_url empty)" do
@options[:base_url] = ""
@message = "base_url must be set"
end
it "should raise an exception (url nil)" do
@options[:url] = nil
@message = "url must be set"
it "should raise an exception (base_url nil)" do
@options[:base_url] = nil
@message = "base_url must be set"
end
it "should raise an exception (only_vulnerable_ones nil)" do

14
spec/lib/wpscan/wp_plugin_spec.rb
View File

@@ -21,29 +21,29 @@ require File.expand_path(File.dirname(__FILE__) + '/wpscan_helper')
describe WpPlugin do
describe "#initialize" do
it "should not raise an exception" do
expect { WpPlugin.new(:url => "url", :path => "path", :wp_content_dir => "dir", :name => "name") }.to_not raise_error
expect { WpPlugin.new(:base_url => "url", :path => "path", :wp_content_dir => "dir", :name => "name") }.to_not raise_error
end
it "should not raise an exception (wp_content_dir not set)" do
expect { WpPlugin.new(:url => "url", :path => "path", :name => "name") }.to_not raise_error
expect { WpPlugin.new(:base_url => "url", :path => "path", :name => "name") }.to_not raise_error
end
it "should raise an exception (url not set)" do
it "should raise an exception (base_url not set)" do
expect { WpPlugin.new(:path => "path", :wp_content_dir => "dir", :name => "name") }.to raise_error
end
it "should raise an exception (path not set)" do
expect { WpPlugin.new(:url => "url", :wp_content_dir => "dir", :name => "name") }.to raise_error
expect { WpPlugin.new(:base_url => "url", :wp_content_dir => "dir", :name => "name") }.to raise_error
end
it "should raise an exception (name not set)" do
expect { WpPlugin.new(:url => "url", :path => "path", :wp_content_dir => "dir") }.to raise_error
expect { WpPlugin.new(:base_url => "url", :path => "path", :wp_content_dir => "dir") }.to raise_error
end
end
describe "#error_log_url" do
it "should return a correct url" do
temp = WpPlugin.new(:url => "http://wordpress.com",
temp = WpPlugin.new(:base_url => "http://wordpress.com",
:path => "test/asdf.php")
temp.error_log_url.to_s.should == "http://wordpress.com/wp-content/plugins/test/error_log"
end
@@ -51,7 +51,7 @@ describe WpPlugin do
describe "#error_log?" do
before :each do
@temp = WpPlugin.new(:url => "http://wordpress.com",
@temp = WpPlugin.new(:base_url => "http://wordpress.com",
:path => "test/asdf.php")
end

13
spec/lib/wpscan/wp_target_spec.rb
View File

@@ -27,7 +27,7 @@ describe WpTarget do
:config_file => SPEC_FIXTURES_CONF_DIR + '/browser/browser.conf.json',
:cache_timeout => 0,
:wp_content_dir => "wp-content",
:wp_plugins_dir => "plugins"
:wp_plugins_dir => "wp-content/plugins"
}
@wp_target = WpTarget.new("http://example.localhost/", @options)
end
@@ -153,20 +153,25 @@ describe WpTarget do
describe "#wp_plugins_dir" do
after :each do
@wp_target.stub(:wp_content_dir => @stub_value) if @stub_value
@wp_target.stub(:wp_plugins_dir => @stub_value) if @stub_value
@wp_target.wp_plugins_dir.should === @expected
end
it "should return the string set in the initialize method" do
@wp_target = WpTarget.new("http://example.localhost/", :wp_plugins_dir => "custom-plugins")
@wp_target = WpTarget.new("http://example.localhost/", :wp_content_dir => "asdf", :wp_plugins_dir => "custom-plugins")
@expected = "custom-plugins"
end
it "should return 'plugins'" do
@stub_value = "wp-content"
@stub_value = "plugins"
@expected = "plugins"
end
it "should return 'wp-content/plugins'" do
@stub_value = nil
@expected = "wp-content/plugins"
end
end
describe "#debug_log_url" do

34
spec/lib/wpscan/wp_theme_spec.rb
View File

@@ -30,23 +30,23 @@ describe WpTheme do
describe "#initialize" do
it "should not raise an exception" do
expect { WpTheme.new(:url => "url", :path => "path", :wp_content_dir => "dir", :name => "name") }.to_not raise_error
expect { WpTheme.new(:base_url => "url", :path => "path", :wp_content_dir => "dir", :name => "name") }.to_not raise_error
end
it "should not raise an exception (wp_content_dir not set)" do
expect { WpTheme.new(:url => "url", :path => "path", :name => "name") }.to_not raise_error
expect { WpTheme.new(:base_url => "url", :path => "path", :name => "name") }.to_not raise_error
end
it "should raise an exception (url not set)" do
it "should raise an exception (base_url not set)" do
expect { WpTheme.new(:path => "path", :wp_content_dir => "dir", :name => "name") }.to raise_error
end
it "should raise an exception (path not set)" do
expect { WpTheme.new(:url => "url", :wp_content_dir => "dir", :name => "name") }.to raise_error
expect { WpTheme.new(:base_url => "url", :wp_content_dir => "dir", :name => "name") }.to raise_error
end
it "should raise an exception (name not set)" do
expect { WpTheme.new(:url => "url", :path => "path", :wp_content_dir => "dir") }.to raise_error
expect { WpTheme.new(:base_url => "url", :path => "path", :wp_content_dir => "dir") }.to raise_error
end
end
@@ -102,12 +102,12 @@ describe WpTheme do
it "should return a WpTheme object with .name 'Editorial' and .version '1.3.5'" do
@fixture = fixtures_dir + "/editorial-1.3.5.html"
@expected_theme = WpTheme.new(:name => "Editorial", :version => "1.3.5", :url => "", :path => "", :wp_content_dir => "")
@expected_theme = WpTheme.new(:name => "Editorial", :version => "1.3.5", :base_url => "", :path => "", :wp_content_dir => "")
end
it "should return a WpTheme object with .name 'Merchant'" do
@fixture = fixtures_dir + "/merchant-no-version.html"
@expected_theme = WpTheme.new(:name => "Merchant", :url => "", :path => "", :wp_content_dir => "")
@expected_theme = WpTheme.new(:name => "Merchant", :base_url => "", :path => "", :wp_content_dir => "")
end
end
@@ -151,7 +151,7 @@ describe WpTheme do
if @fixture
stub_request_to_fixture(:url => theme_style_url, :fixture => @fixture)
wp_theme = WpTheme.new(:name => 'spec-theme', :style_url => theme_style_url, :url => "", :path => "", :wp_content_dir => "")
wp_theme = WpTheme.new(:name => "spec-theme", :style_url => theme_style_url, :base_url => "", :path => "", :wp_content_dir => "")
wp_theme.version.should === @expected
end
@@ -163,7 +163,7 @@ describe WpTheme do
end
it "should return nil if the style_url is nil" do
WpTheme.new(:name => "hello-world", :url => "", :path => "", :wp_content_dir => "").version.should be_nil
WpTheme.new(:name => "hello-world", :base_url => "", :path => "", :wp_content_dir => "").version.should be_nil
end
it "should return 1.3" do
@@ -179,12 +179,12 @@ describe WpTheme do
describe "#===" do
it "should return false (name not equal)" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance2 = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/newname/asdf.php",
:vulns_file => "XXX.xml",
:version => "1.0"
@@ -193,12 +193,12 @@ describe WpTheme do
end
it "should return false (version not equal)" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance2 = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_file => "XXX.xml",
:version => "2.0"
@@ -207,12 +207,12 @@ describe WpTheme do
end
it "should return false (version and name not equal)" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/name/asdf.php",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance2 = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/newname/asdf.php",
:vulns_file => "XXX.xml",
:version => "2.0"
@@ -221,12 +221,12 @@ describe WpTheme do
end
it "should return true" do
instance = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/test/asdf.php",
:vulns_file => "XXX.xml",
:version => "1.0"
)
instance2 = WpTheme.new(:url => "http://sub.example.com/path/to/wordpress/",
instance2 = WpTheme.new(:base_url => "http://sub.example.com/path/to/wordpress/",
:path => "themes/test/asdf.php",
:vulns_file => "XXX.xml",
:version => "1.0"

10
spec/lib/wpscan/wp_version_spec.rb
View File

@@ -31,7 +31,7 @@ describe WpVersion do
after :each do
stub_request_to_fixture(:url => @target_uri.to_s, :fixture => @fixture)
WpVersion.find_from_meta_generator(:url => @target_uri.to_s).should === @expected
WpVersion.find_from_meta_generator(:base_url => @target_uri.to_s).should === @expected
end
it "should return nil if the meta-generator is not found" do
@@ -57,7 +57,7 @@ describe WpVersion do
@status_code ||= 200
stub_request_to_fixture(:url => @target_uri.merge("feed/").to_s, :status => @status_code, :fixture => @fixture)
WpVersion.find_from_rss_generator(:url => @target_uri).should === @expected
WpVersion.find_from_rss_generator(:base_url => @target_uri).should === @expected
end
it "should return nil on a 404" do
@@ -92,7 +92,7 @@ describe WpVersion do
stub_request(:get, @target_uri.merge("sitemap.xml").to_s).
to_return(:status => 200, :body => @body)
WpVersion.find_from_sitemap_generator(:url => @target_uri).should === @expected
WpVersion.find_from_sitemap_generator(:base_url => @target_uri).should === @expected
end
it "should return nil if the generator is not found" do
@@ -118,7 +118,7 @@ describe WpVersion do
@status_code ||= 200
stub_request_to_fixture(:url => @target_uri.merge("readme.html").to_s, :status => @status_code, :fixture => @fixture)
WpVersion.find_from_readme(:url => @target_uri).should === @expected
WpVersion.find_from_readme(:base_url => @target_uri).should === @expected
end
it "should return nil on a 404" do
@@ -145,7 +145,7 @@ describe WpVersion do
stub_request_to_fixture(:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
:status => 200,
:fixture => "#{fixtures_dir}/3.2.1.js")
version = WpVersion.find_from_advanced_fingerprinting(:url => @target_uri,
version = WpVersion.find_from_advanced_fingerprinting(:base_url => @target_uri,
:wp_content_dir => "wp-content",
:version_xml => "#{fixtures_dir}/wp_versions.xml")
version.should == "3.2.1"

4
spec/lib/wpscan/wp_vulnerability_spec.rb
View File

@@ -4,7 +4,7 @@ describe "#vulnerabilities" do
let(:location_url) { "http://example.localhost/" }
let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_PLUGIN_DIR + "/vulnerabilities" }
let(:vulns_file) { fixtures_dir + "/plugin_vulns.xml" }
let(:wp_plugin) { WpPlugin.new(:url => location_url,
let(:wp_plugin) { WpPlugin.new(:base_url => location_url,
:name => "spec-plugin",
:path => "plugins/spec-plugin/",
:vulns_file => vulns_file)
@@ -12,7 +12,7 @@ describe "#vulnerabilities" do
it "should return an empty array when no vulnerabilities are found" do
WpPlugin.new(:url => "http://example.localhost/",
WpPlugin.new(:base_url => "http://example.localhost/",
:name => "no-vulns",
:path => "plugins/no-vulns/",
:vulns_file => vulns_file).vulnerabilities.should be_empty