rspecs

lib/common/models/wp_user/brute_forcable.rb

@@ -17,9 +17,10 @@ class WpUser < WpItem
     # @param [ Hash ] options
     # @option options [ Boolean ] :verbose
     # @option options [ Boolean ] :show_progression
+    # @param [ String ] redirect_url Override for redirect_url
     #
     # @return [ void ]
-    def brute_force(wordlist, options = {})
+    def brute_force(wordlist, options = {}, redirect_url = nil)
       browser      = Browser.instance
       hydra        = browser.hydra
       passwords    = BruteForcable.passwords_from_wordlist(wordlist)
@@ -30,8 +31,10 @@ class WpUser < WpItem
       passwords.each do |password|
         # A successfull login will redirect us to the redirect_to parameter
         # Generate a radom one on each request
-        random = (0...8).map { 65.+(rand(26)).chr }.join
-        redirect_url = "#{@uri}#{random}/"
+        unless redirect_url
+          random = (0...8).map { 65.+(rand(26)).chr }.join
+          redirect_url = "#{@uri}#{random}/"
+        end
 
         request = login_request(password, redirect_url)
 
@@ -98,7 +101,7 @@ class WpUser < WpItem
     #
     # @return [ Boolean ]
     def valid_password?(response, password, redirect_url, options = {})
-      if response.code == 302 && response.headers_hash['Location'] == redirect_url
+      if response.code == 302 && response.headers_hash && response.headers_hash['Location'] == redirect_url
         progression = "#{green('[SUCCESS]')} Login : #{login} Password : #{password}\n\n"
         valid       = true
       elsif response.body =~ /login_error/i

spec/shared_examples/wp_user/brute_forcable.rb

@@ -58,19 +58,28 @@ shared_examples 'WpUser::BruteForcable' do
   describe '#valid_password?' do
     let(:response)     { Typhoeus::Response.new(resp_options) }
     let(:resp_options) { {} }
+    let(:return_to)    { 'http://www.example.com/asdf/' }
 
     after do
-      wp_user.valid_password?(response, 'password').should == @expected
+      wp_user.valid_password?(response, 'password', return_to).should == @expected
     end
 
-    context 'when 302' do
-      let(:resp_options) { { code: 302 } }
+    context 'when 302 and valid return_to parameter' do
+      let(:resp_options) { { code: 302, headers: { 'Location' => return_to } } }
 
       it 'returns true' do
         @expected = true
       end
     end
 
+    context 'when 302 and invalid return_to parameter' do
+      let(:resp_options) { { code: 302, headers: { 'Location' => nil } } }
+
+      it 'returns false' do
+        @expected = false
+      end
+    end
+
     context 'when login_error' do
       let(:resp_options) { { body: '<div id="login_error">' } }
 
@@ -118,12 +127,13 @@ shared_examples 'WpUser::BruteForcable' do
   end
 
   describe '#brute_force' do
-    let(:passwords) { %w{pass1 pass2 yolo kansei£Ô} }
-    let(:login)     { 'someuser' }
+    let(:passwords)     { %w{pass1 pass2 yolo kansei£Ô} }
+    let(:login)         { 'someuser' }
+    let(:redirect_url)  { 'http://www.example.com/asdf/' }
 
     after do
       wp_user.login = login
-      wp_user.brute_force(passwords)
+      wp_user.brute_force(passwords, {}, redirect_url)
       wp_user.password.should == @expected
     end
 
@@ -143,7 +153,7 @@ shared_examples 'WpUser::BruteForcable' do
       # Due to the error with .with(body: { log: login }) above
       # We can't use it to stub the request for a specific password
       # So, the first one will be valid
-      before { stub_request(:post, wp_user.login_url).to_return(status: 302) }
+      before { stub_request(:post, wp_user.login_url).to_return(status: 302, headers: { 'Location' => redirect_url } ) }
 
       it 'sets the @password' do
         @expected = passwords[0]