garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes crash when API returns HTML data rather than JSON in edge cases

Browse Source
This commit is contained in:
erwanlr
2019-09-13 17:22:26 +01:00
parent bd74689079
commit ad92c95500
2 changed files with 20 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/wpscan/db/vuln_api.rb
View File

@@ -4,7 +4,7 @@ module WPScan
module DB module DB
# WPVulnDB API # WPVulnDB API
class VulnApi class VulnApi
NON_ERROR_CODES = [200, 401, 404].freeze NON_ERROR_CODES = [200, 401].freeze
class << self class << self
attr_accessor :token attr_accessor :token
@@ -24,6 +24,7 @@ module WPScan
res = Browser.get(uri.join(path), params.merge(request_params)) res = Browser.get(uri.join(path), params.merge(request_params))
return {} if res.code == 404 # This is for API inconsistencies when dots in path
return JSON.parse(res.body) if NON_ERROR_CODES.include?(res.code) return JSON.parse(res.body) if NON_ERROR_CODES.include?(res.code)
raise Error::HTTP, res raise Error::HTTP, res

23
spec/lib/db/vuln_api_spec.rb
View File

@@ -35,9 +35,11 @@ describe WPScan::DB::VulnApi do
context 'when a token' do context 'when a token' do
before { api.token = 's3cRet' } before { api.token = 's3cRet' }
let(:path) { 'path' }
context 'when no timeouts' do context 'when no timeouts' do
before do before do
stub_request(:get, api.uri.join('path')) stub_request(:get, api.uri.join(path))
.with(headers: { 'Host' => api.uri.host, 'Expect' => nil, 'Referer' => nil, .with(headers: { 'Host' => api.uri.host, 'Expect' => nil, 'Referer' => nil,
'User-Agent' => WPScan::Browser.instance.default_user_agent, 'User-Agent' => WPScan::Browser.instance.default_user_agent,
'Authorization' => 'Token token=s3cRet' }) 'Authorization' => 'Token token=s3cRet' })
@@ -49,7 +51,7 @@ describe WPScan::DB::VulnApi do
let(:body) { { data: 'something' }.to_json } let(:body) { { data: 'something' }.to_json }
it 'returns the expected hash' do it 'returns the expected hash' do
result = api.get('path') result = api.get(path)
expect(result).to eql('data' => 'something') expect(result).to eql('data' => 'something')
end end
@@ -60,7 +62,7 @@ describe WPScan::DB::VulnApi do
let(:body) { { error: 'HTTP Token: Access denied.' }.to_json } let(:body) { { error: 'HTTP Token: Access denied.' }.to_json }
it 'returns the expected hash' do it 'returns the expected hash' do
result = api.get('path') result = api.get(path)
expect(result).to eql('error' => 'HTTP Token: Access denied.') expect(result).to eql('error' => 'HTTP Token: Access denied.')
end end
@@ -71,9 +73,20 @@ describe WPScan::DB::VulnApi do
let(:body) { { error: 'Not found' }.to_json } let(:body) { { error: 'Not found' }.to_json }
it 'returns an empty hash' do it 'returns an empty hash' do
result = api.get('path') result = api.get(path)
expect(result).to eql('error' => 'Not found') expect(result).to eql({})
end
context 'when 404 with HTTML (API inconsistency due to dots in path)' do
let(:path) { 'path.b.c' }
let(:body) { '<!DOCTYPE html><html>Nop</html>' }
it 'returns an empty hash' do
result = api.get(path)
expect(result).to eql({})
end
end end
end end
end end