garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

WpVersion::Vulnerable specs

Browse Source
This commit is contained in:
erwanlr
2013-03-28 15:33:35 +01:00
parent ec9eadda8e
commit a7bd5044c4
4 changed files with 56 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
spec/lib/common/models/wp_version_spec.rb
View File

@@ -3,9 +3,16 @@
require 'spec_helper'
describe WpVersion do
it_behaves_like 'WpVersion::Vulnerable'
it_behaves_like 'WpItem::Vulnerable' do
let(:options) { { number: '3.2' } }
let(:vulns_file) { MODELS_FIXTURES + '/wp_version/vulnerable/versions_vulns.xml' }
let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Here I Am', 'SQLI', ['http://ref1.com']) }
end
subject(:wp_version) { WpVersion.new(uri, options) }
let(:uri) { URI.parse('http://example.com') }
let(:options) { {} }
let(:uri) { URI.parse('http://example.com/') }
let(:options) { { number: '1.2' } }
describe '#allowed_options' do
[:number, :found_from].each do |sym|

19
spec/samples/common/models/wp_version/vulnerable/versions_vulns.xml Normal file
View File

@@ -0,0 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
<vulnerabilities>
<wordpress version="3.5">
<vulnerability>
<title>I should not appear in the results</title>
<reference>http://ref2.com</reference>
<type>XSS</type>
</vulnerability>
</wordpress>
<wordpress version="3.2">
<vulnerability>
<title>Here I Am</title>
<reference>http://ref1.com</reference>
<type>SQLI</type>
</vulnerability>
</wordpress>
</vulnerabilities>

26
spec/shared_examples/wp_version_vulnerable.rb Normal file
View File

@@ -0,0 +1,26 @@
# encoding: UTF-8
shared_examples 'WpVersion::Vulnerable' do
describe '#vulns_file' do
after { subject.vulns_file.should == @expected }
context 'when :vulns_file is no set' do
it 'returns the default one' do
@expected = WP_VULNS_FILE
end
end
context 'when the :vulns_file is already set' do
it 'returns it' do
@expected = 'test.xml'
subject.vulns_file = @expected
end
end
end
describe '#vulns_xpath' do
its(:vulns_xpath) { should == "//wordpress[@version='1.2']/vulnerability" }
end
end