garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

HELLO v3!!!

Browse Source
This commit is contained in:
Ryan Dewhurst
2018-09-26 21:12:01 +02:00
parent 28b9c15256
commit d268a86795
1871 changed files with 988118 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
spec/app/finders/users/author_id_brute_forcing_spec.rb Normal file
View File

@@ -0,0 +1,62 @@
require 'spec_helper'
describe WPScan::Finders::Users::AuthorIdBruteForcing do
subject(:finder) { described_class.new(target) }
let(:target) { WPScan::Target.new(url) }
let(:url) { 'http://wp.lab/' }
let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'author_id_brute_forcing') }
describe '#aggressive' do
xit
end
describe '#target_urls' do
it 'returns the correct URLs' do
expect(finder.target_urls(range: (1..2))).to eql(
url + '?author=1' => 1,
url + '?author=2' => 2
)
end
end
describe '#potential_username' do
[
'4.1.1', '4.1.1-permalink',
'3.0', '3.0-permalink',
'2.9.2', '2.9.2-permalink'
].each do |file|
it "returns 'admin' from #{file}.html" do
body = File.read(File.join(fixtures, "#{file}.html"))
res = Typhoeus::Response.new(body: body)
expect(finder.username_from_response(res)).to eql 'admin'
end
end
end
describe '#display_name_from_body' do
context 'when display name' do
[
'4.1.1', '4.1.1-permalink',
'3.0', '3.0-permalink',
'2.9.2', '2.9.2-permalink'
].each do |file|
it "returns 'admin display_name' from #{file}.html" do
body = File.read(File.join(fixtures, "#{file}.html"))
expect(finder.display_name_from_body(body)).to eql 'admin display_name'
end
end
end
context 'when no display_name' do
['4.1.1', '3.0', '2.9.2'].each do |file|
it "returns nil for #{file}-empty.html" do
body = File.read(File.join(fixtures, "#{file}-empty.html"))
expect(finder.display_name_from_body(body)).to eql nil
end
end
end
end
end

27
spec/app/finders/users/author_posts_spec.rb Normal file
View File

@@ -0,0 +1,27 @@
require 'spec_helper'
describe WPScan::Finders::Users::AuthorPosts do
subject(:finder) { described_class.new(target) }
let(:target) { WPScan::Target.new(url) }
let(:url) { 'http://wp.lab/' }
let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'author_posts') }
describe '#passive' do
xit
end
describe '#potential_usernames' do
it 'returns the expected usernames' do
res = Typhoeus::Response.new(body: File.read(File.join(fixtures, 'potential_usernames.html')))
results = finder.potential_usernames(res)
expect(results).to eql([
['admin', 'Author Pattern', 100],
['admin display_name', 'Display Name', 30],
['editor', 'Author Pattern', 100],
['editor', 'Display Name', 30]
])
end
end
end

32
spec/app/finders/users/login_error_messages_spec.rb Normal file
View File

@@ -0,0 +1,32 @@
require 'spec_helper'
describe WPScan::Finders::Users::LoginErrorMessages do
subject(:finder) { described_class.new(target) }
let(:target) { WPScan::Target.new(url) }
let(:url) { 'http://wp.lab/' }
let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'login_error_messages') }
describe '#aggressive' do
xit
end
describe '#usernames' do
let(:opts) { { found: [] } }
after { expect(subject.usernames(opts)).to eql @expected }
context 'when no :list provided' do
it 'returns an empty list' do
@expected = []
end
end
context 'when :list provided' do
let(:opts) { super().merge(list: %w[u1 u2]) }
it 'returns the expected array' do
@expected = opts[:list]
end
end
end
end

12
spec/app/finders/users/oembed_api_spec.rb Normal file
View File

@@ -0,0 +1,12 @@
require 'spec_helper'
describe WPScan::Finders::Users::OembedApi do
subject(:finder) { described_class.new(target) }
let(:target) { WPScan::Target.new(url) }
let(:url) { 'http://wp.lab/' }
let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'oembed_api') }
describe '#aggressive' do
xit
end
end

102
spec/app/finders/users/rss_generator_spec.rb Normal file
View File

@@ -0,0 +1,102 @@
require 'spec_helper'
describe WPScan::Finders::Users::RSSGenerator do
subject(:finder) { described_class.new(target) }
let(:target) { WPScan::Target.new(url) }
let(:url) { 'http://ex.lo/' }
let(:fixtures) { Pathname.new(FINDERS_FIXTURES).join('users', 'rss_generator') }
let(:rss_fixture) { File.read(fixtures.join('feed.xml')) }
describe '#passive, #aggressive' do
before do
allow(target).to receive(:sub_dir).and_return(false)
stub_request(:get, target.url).to_return(body: File.read(homepage_fixture))
end
context 'when no RSS link in homepage' do
let(:homepage_fixture) { fixtures.join('homepage_no_links.html') }
its(:passive) { should eql [] }
it 'returns the expected from #aggressive' do
stub_request(:get, target.url('feed/')).to_return(body: rss_fixture)
stub_request(:get, target.url('comments/feed/'))
stub_request(:get, target.url('feed/rss/'))
stub_request(:get, target.url('feed/rss2/'))
expect(finder.aggressive).to eql [
CMSScanner::User.new(
'admin',
confidence: 50,
found_by: 'Rss Generator (Aggressive Detection)'
),
CMSScanner::User.new(
'Aa Días-Gildés',
confidence: 50,
found_by: 'Rss Generator (Aggressive Detection)'
)
]
end
end
context 'when RSS link in homepage' do
let(:homepage_fixture) { File.join(fixtures, 'homepage_links.html') }
it 'returns the expected from #passive' do
stub_request(:get, target.url('feed/')).to_return(body: rss_fixture)
expect(finder.passive).to eql [
CMSScanner::User.new(
'admin',
confidence: 50,
found_by: 'Rss Generator (Passive Detection)'
),
CMSScanner::User.new(
'Aa Días-Gildés',
confidence: 50,
found_by: 'Rss Generator (Passive Detection)'
)
]
end
context 'when :mixed mode' do
it 'avoids checking existing URL/s from #passive' do
stub_request(:get, target.url('comments/feed/')).to_return(body: rss_fixture)
expect(finder.aggressive(mode: :mixed)).to eql [
CMSScanner::User.new(
'admin',
confidence: 50,
found_by: 'Rss Generator (Aggressive Detection)'
),
CMSScanner::User.new(
'Aa Días-Gildés',
confidence: 50,
found_by: 'Rss Generator (Aggressive Detection)'
)
]
end
end
context 'when no mode' do
it 'checks the first URL detected from the URLs' do
stub_request(:get, target.url('feed/')).to_return(body: rss_fixture)
expect(finder.aggressive).to eql [
CMSScanner::User.new(
'admin',
confidence: 50,
found_by: 'Rss Generator (Aggressive Detection)'
),
CMSScanner::User.new(
'Aa Días-Gildés',
confidence: 50,
found_by: 'Rss Generator (Aggressive Detection)'
)
]
end
end
end
end
end

47
spec/app/finders/users/wp_json_api_spec.rb Normal file
View File

@@ -0,0 +1,47 @@
require 'spec_helper'
describe WPScan::Finders::Users::WpJsonApi do
subject(:finder) { described_class.new(target) }
let(:target) { WPScan::Target.new(url) }
let(:url) { 'http://wp.lab/' }
let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'wp_json_api') }
describe '#aggressive' do
before do
# allow(target).to receive(:content_dir).and_return('wp-content')
allow(target).to receive(:sub_dir).and_return(false)
stub_request(:get, finder.api_url).to_return(body: body)
end
context 'when not a JSON response' do
let(:body) { '' }
its(:aggressive) { should eql([]) }
end
context 'when a JSON response' do
context 'when unauthorised' do
let(:body) { File.read(File.join(fixtures, '401.json')) }
its(:aggressive) { should eql([]) }
end
context 'when limited exposure (WP >= 4.7.1)' do
let(:body) { File.read(File.join(fixtures, '4.7.2.json')) }
it 'returns the expected array of users' do
users = finder.aggressive
expect(users.size).to eql 1
user = users.first
expect(user.id).to eql 1
expect(user.username).to eql 'admin'
expect(user.confidence).to eql 100
expect(user.interesting_entries).to eql ['http://wp.lab/wp-json/wp/v2/users/']
end
end
end
end
end