WpItem::Vulnerable specs

lib/common/models/vulnerability.rb

@@ -21,6 +21,15 @@ class Vulnerability
     @metasploit_modules = metasploit_modules
   end
 
+  # @param [ Vulnerability ] other
+  #
+  # @return [ Boolean ]
+  # :nocov:
+  def ==(other)
+    title == other.title && type == other.type && references == other.references
+  end
+  # :nocov:
+
   # Create the Vulnerability from the xml_node
   #
   # @param [ Nokogiri::XML::Node ] xml_node

lib/common/models/wp_item/vulnerable.rb

@@ -1,17 +1,11 @@
 # encoding: UTF-8
 
 class WpItem
-
-  # moved this into the module ?
-  def vulns_file=(file)
-    if File.exists?(file)
-      @vulns_file = file
-    else
-      raise "The file #{file} does not exist"
-    end
-  end
-
   module Vulnerable
+    attr_accessor :vulns_file, :vulns_xpath
+
+    # Get the vulnerabilities associated to the WpItem
+    #
     # @return [ Vulnerabilities ]
     def vulnerabilities
       xml             = xml(vulns_file)
@@ -23,4 +17,5 @@ class WpItem
       vulnerabilities
     end
   end
+
 end

lib/common/models/wp_plugin.rb

@@ -1,5 +1,7 @@
 # encoding: UTF-8
 
+require 'wp_plugin/vulnerable'
+
 class WpPlugin < WpItem
   include WpPlugin::Vulnerable
 

lib/common/models/wp_plugin/vulnerable.rb

@@ -1,20 +1,18 @@
 # encoding: UTF-8
 
 class WpPlugin < WpItem
-
-  def vulns_file
-    unless @vulns_file
-      @vulns_file = PLUGINS_VULNS_FILE
-    end
-    @vulns_file
-  end
-
-  def vulns_xpath
-    "//plugin[@name='#{@name}']/vulnerability"
-  end
-
   module Vulnerable
 
-  end
+    def vulns_file
+      unless @vulns_file
+        @vulns_file = PLUGINS_VULNS_FILE
+      end
+      @vulns_file
+    end
 
+    def vulns_xpath
+      "//plugin[@name='#{@name}']/vulnerability"
+    end
+
+  end
 end

lib/common/models/wp_theme.rb

@@ -2,6 +2,7 @@
 
 require 'wp_theme/findable'
 require 'wp_theme/versionable'
+require 'wp_theme/vulnerable'
 
 class WpTheme < WpItem
   extend WpTheme::Findable

lib/common/models/wp_theme/vulnerable.rb

@@ -1,20 +1,16 @@
 # encoding: UTF-8
 
 class WpTheme < WpItem
-
-  def vulns_file
-    unless @vulns_file
-      @vulns_file = THEMES_VULNS_FILE
-    end
-    @vulns_file
-  end
-
-  def vulns_xpath
-    "//theme[@name='#{@name}']/vulnerability"
-  end
-
   module Vulnerable
+    def vulns_file
+      unless @vulns_file
+        @vulns_file = THEMES_VULNS_FILE
+      end
+      @vulns_file
+    end
 
+    def vulns_xpath
+      "//theme[@name='#{@name}']/vulnerability"
+    end
   end
-
 end

lib/common/models/wp_version/findable.rb

@@ -30,7 +30,6 @@ class WpVersion < WpItem
 
     # Returns the first match of <pattern> in the body of the url
     def scan_url(target_uri, pattern, path = nil)
-      return nil
       url = path ? target_uri.merge(path).to_s : target_uri.to_s
       response = Browser.instance.get_and_follow_location(url)
 

lib/common/models/wp_version/vulnerable.rb

@@ -1,19 +1,16 @@
 # encoding: UTF-8
 
 class WpVersion < WpItem
-
-  def vulns_file
-    unless @vulns_file
-      @vulns_file = WP_VULNS_FILE
-    end
-    @vulns_file
-  end
-
-  def vulns_xpath
-    "//wordpress[@version='#{@number}']/vulnerability"
-  end
-
   module Vulnerable
+    def vulns_file
+      unless @vulns_file
+        @vulns_file = WP_VULNS_FILE
+      end
+      @vulns_file
+    end
 
+    def vulns_xpath
+      "//wordpress[@version='#{@number}']/vulnerability"
+    end
   end
 end

spec/lib/common/models/wp_item_spec.rb

@@ -11,6 +11,11 @@ describe WpItem do
     let(:error_log_url) { uri.merge('error_log').to_s }
   end
   it_behaves_like 'WpItem::Versionable'
+  it_behaves_like 'WpItem::Vulnerable' do
+    let(:vulns_file)     { MODELS_FIXTURES + '/wp_item/vulnerable/vulns_items.xml' }
+    let(:vulns_xpath)    { "//item[@name='neo']/vulnerability" }
+    let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new("I'm the one", 'XSS', ["http://ref1.com"]) }
+  end
 
   subject(:wp_item) { WpItem.new(uri, options) }
   let(:uri)         { URI.parse('http://example.com') }

spec/samples/common/models/wp_item/vulnerable/empty.xml

@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<vulnerabilities>
+
+</vulnerabilities>

spec/samples/common/models/wp_item/vulnerable/vulns_items.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<vulnerabilities>
+
+  <item name="not-this-one">
+    <vulnerability>
+      <title>I should not appear in the results</title>
+      <reference>http://ref1.com</reference>
+      <type>RFI</type>
+    </vulnerability>
+  </item>
+
+  <item name="neo">
+    <vulnerability>
+      <title>I'm the one</title>
+      <reference>http://ref1.com</reference>
+      <type>XSS</type>
+    </vulnerability>
+  </item>
+
+</vulnerabilities>

spec/shared_examples/wp_item_vulnerable.rb

@@ -0,0 +1,35 @@
+# encoding: UTF-8
+
+shared_examples 'WpItem::Vulnerable' do
+
+  # 3 variables have to be set in the described class or subject:
+  #  let(:vulns_file)     { }
+  #  let(:vulns_xpath)    { }
+  #  let(:expected_vulns) { } The expected Vulnerabilities when using vulns_file and vulns_xpath
+
+  describe '#vulnerabilities' do
+    let(:empty_file) { MODELS_FIXTURES + '/wp_item/vulnerable/empty.xml' }
+
+    after do
+      subject.vulns_file  = @vulns_file
+      subject.vulns_xpath = vulns_xpath
+
+      result = subject.vulnerabilities
+      result.should be_a Vulnerabilities
+      result.should == @expected
+    end
+
+    context 'when the vulns_file is empty' do
+      it 'returns an empty Vulnerabilities' do
+        @vulns_file = empty_file
+        @expected   = Vulnerabilities.new
+      end
+    end
+
+    it 'returns the expected vulnerabilities' do
+      @vulns_file = vulns_file
+      @expected   = expected_vulns
+    end
+  end
+
+end