WpVersion::Vulnerable specs
This commit is contained in:
erwanlr
@@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
class WpVersion < WpItem
|
class WpVersion < WpItem
|
||||||
module Vulnerable
|
module Vulnerable
|
||||||
|
|
||||||
def vulns_file
|
def vulns_file
|
||||||
unless @vulns_file
|
unless @vulns_file
|
||||||
@vulns_file = WP_VULNS_FILE
|
@vulns_file = WP_VULNS_FILE
|
||||||
@@ -12,5 +13,6 @@ class WpVersion < WpItem
|
|||||||
def vulns_xpath
|
def vulns_xpath
|
||||||
"//wordpress[@version='#{@number}']/vulnerability"
|
"//wordpress[@version='#{@number}']/vulnerability"
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -3,9 +3,16 @@
|
|||||||
require 'spec_helper'
|
require 'spec_helper'
|
||||||
|
|
||||||
describe WpVersion do
|
describe WpVersion do
|
||||||
|
it_behaves_like 'WpVersion::Vulnerable'
|
||||||
|
it_behaves_like 'WpItem::Vulnerable' do
|
||||||
|
let(:options) { { number: '3.2' } }
|
||||||
|
let(:vulns_file) { MODELS_FIXTURES + '/wp_version/vulnerable/versions_vulns.xml' }
|
||||||
|
let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('Here I Am', 'SQLI', ['http://ref1.com']) }
|
||||||
|
end
|
||||||
|
|
||||||
subject(:wp_version) { WpVersion.new(uri, options) }
|
subject(:wp_version) { WpVersion.new(uri, options) }
|
||||||
let(:uri) { URI.parse('http://example.com') }
|
let(:uri) { URI.parse('http://example.com/') }
|
||||||
let(:options) { {} }
|
let(:options) { { number: '1.2' } }
|
||||||
|
|
||||||
describe '#allowed_options' do
|
describe '#allowed_options' do
|
||||||
[:number, :found_from].each do |sym|
|
[:number, :found_from].each do |sym|
|
||||||
|
|||||||
@@ -0,0 +1,19 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
|
||||||
|
<vulnerabilities>
|
||||||
|
<wordpress version="3.5">
|
||||||
|
<vulnerability>
|
||||||
|
<title>I should not appear in the results</title>
|
||||||
|
<reference>http://ref2.com</reference>
|
||||||
|
<type>XSS</type>
|
||||||
|
</vulnerability>
|
||||||
|
</wordpress>
|
||||||
|
|
||||||
|
<wordpress version="3.2">
|
||||||
|
<vulnerability>
|
||||||
|
<title>Here I Am</title>
|
||||||
|
<reference>http://ref1.com</reference>
|
||||||
|
<type>SQLI</type>
|
||||||
|
</vulnerability>
|
||||||
|
</wordpress>
|
||||||
|
</vulnerabilities>
|
||||||
26
spec/shared_examples/wp_version_vulnerable.rb
Normal file
26
spec/shared_examples/wp_version_vulnerable.rb
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
# encoding: UTF-8
|
||||||
|
|
||||||
|
shared_examples 'WpVersion::Vulnerable' do
|
||||||
|
|
||||||
|
describe '#vulns_file' do
|
||||||
|
after { subject.vulns_file.should == @expected }
|
||||||
|
|
||||||
|
context 'when :vulns_file is no set' do
|
||||||
|
it 'returns the default one' do
|
||||||
|
@expected = WP_VULNS_FILE
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the :vulns_file is already set' do
|
||||||
|
it 'returns it' do
|
||||||
|
@expected = 'test.xml'
|
||||||
|
subject.vulns_file = @expected
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe '#vulns_xpath' do
|
||||||
|
its(:vulns_xpath) { should == "//wordpress[@version='1.2']/vulnerability" }
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
Reference in New Issue
Block a user