From d946ef55a8cac9df2bb3436a84a6999c004ea98d Mon Sep 17 00:00:00 2001 From: erwanlr Date: Mon, 25 Mar 2013 20:30:26 +0100 Subject: [PATCH] WpItem::Vulnerable specs --- lib/common/models/vulnerability.rb | 9 +++++ lib/common/models/wp_item/vulnerable.rb | 15 +++----- lib/common/models/wp_plugin.rb | 2 ++ lib/common/models/wp_plugin/vulnerable.rb | 24 ++++++------- lib/common/models/wp_theme.rb | 1 + lib/common/models/wp_theme/vulnerable.rb | 22 +++++------- lib/common/models/wp_version/findable.rb | 1 - lib/common/models/wp_version/vulnerable.rb | 21 +++++------ spec/lib/common/models/wp_item_spec.rb | 5 +++ .../models/wp_item/vulnerable/empty.xml | 5 +++ .../models/wp_item/vulnerable/vulns_items.xml | 21 +++++++++++ spec/shared_examples/wp_item_vulnerable.rb | 35 +++++++++++++++++++ 12 files changed, 112 insertions(+), 49 deletions(-) create mode 100644 spec/samples/common/models/wp_item/vulnerable/empty.xml create mode 100644 spec/samples/common/models/wp_item/vulnerable/vulns_items.xml create mode 100644 spec/shared_examples/wp_item_vulnerable.rb diff --git a/lib/common/models/vulnerability.rb b/lib/common/models/vulnerability.rb index f8389102..e4b89ae2 100755 --- a/lib/common/models/vulnerability.rb +++ b/lib/common/models/vulnerability.rb @@ -21,6 +21,15 @@ class Vulnerability @metasploit_modules = metasploit_modules end + # @param [ Vulnerability ] other + # + # @return [ Boolean ] + # :nocov: + def ==(other) + title == other.title && type == other.type && references == other.references + end + # :nocov: + # Create the Vulnerability from the xml_node # # @param [ Nokogiri::XML::Node ] xml_node diff --git a/lib/common/models/wp_item/vulnerable.rb b/lib/common/models/wp_item/vulnerable.rb index 2726da7e..d814c9ba 100755 --- a/lib/common/models/wp_item/vulnerable.rb +++ b/lib/common/models/wp_item/vulnerable.rb @@ -1,17 +1,11 @@ # encoding: UTF-8 class WpItem - - # moved this into the module ? - def vulns_file=(file) - if File.exists?(file) - @vulns_file = file - else - raise "The file #{file} does not exist" - end - end - module Vulnerable + attr_accessor :vulns_file, :vulns_xpath + + # Get the vulnerabilities associated to the WpItem + # # @return [ Vulnerabilities ] def vulnerabilities xml = xml(vulns_file) @@ -23,4 +17,5 @@ class WpItem vulnerabilities end end + end diff --git a/lib/common/models/wp_plugin.rb b/lib/common/models/wp_plugin.rb index 0b1d8c10..bfc29200 100755 --- a/lib/common/models/wp_plugin.rb +++ b/lib/common/models/wp_plugin.rb @@ -1,5 +1,7 @@ # encoding: UTF-8 +require 'wp_plugin/vulnerable' + class WpPlugin < WpItem include WpPlugin::Vulnerable diff --git a/lib/common/models/wp_plugin/vulnerable.rb b/lib/common/models/wp_plugin/vulnerable.rb index 813c59c0..72c16376 100644 --- a/lib/common/models/wp_plugin/vulnerable.rb +++ b/lib/common/models/wp_plugin/vulnerable.rb @@ -1,20 +1,18 @@ # encoding: UTF-8 class WpPlugin < WpItem - - def vulns_file - unless @vulns_file - @vulns_file = PLUGINS_VULNS_FILE - end - @vulns_file - end - - def vulns_xpath - "//plugin[@name='#{@name}']/vulnerability" - end - module Vulnerable - end + def vulns_file + unless @vulns_file + @vulns_file = PLUGINS_VULNS_FILE + end + @vulns_file + end + def vulns_xpath + "//plugin[@name='#{@name}']/vulnerability" + end + + end end diff --git a/lib/common/models/wp_theme.rb b/lib/common/models/wp_theme.rb index f0fd759d..b6abbbfb 100755 --- a/lib/common/models/wp_theme.rb +++ b/lib/common/models/wp_theme.rb @@ -2,6 +2,7 @@ require 'wp_theme/findable' require 'wp_theme/versionable' +require 'wp_theme/vulnerable' class WpTheme < WpItem extend WpTheme::Findable diff --git a/lib/common/models/wp_theme/vulnerable.rb b/lib/common/models/wp_theme/vulnerable.rb index 6aeee7bd..9156b98b 100644 --- a/lib/common/models/wp_theme/vulnerable.rb +++ b/lib/common/models/wp_theme/vulnerable.rb @@ -1,20 +1,16 @@ # encoding: UTF-8 class WpTheme < WpItem - - def vulns_file - unless @vulns_file - @vulns_file = THEMES_VULNS_FILE - end - @vulns_file - end - - def vulns_xpath - "//theme[@name='#{@name}']/vulnerability" - end - module Vulnerable + def vulns_file + unless @vulns_file + @vulns_file = THEMES_VULNS_FILE + end + @vulns_file + end + def vulns_xpath + "//theme[@name='#{@name}']/vulnerability" + end end - end diff --git a/lib/common/models/wp_version/findable.rb b/lib/common/models/wp_version/findable.rb index 7853d37f..d11e8be6 100755 --- a/lib/common/models/wp_version/findable.rb +++ b/lib/common/models/wp_version/findable.rb @@ -30,7 +30,6 @@ class WpVersion < WpItem # Returns the first match of in the body of the url def scan_url(target_uri, pattern, path = nil) - return nil url = path ? target_uri.merge(path).to_s : target_uri.to_s response = Browser.instance.get_and_follow_location(url) diff --git a/lib/common/models/wp_version/vulnerable.rb b/lib/common/models/wp_version/vulnerable.rb index 4daae0a1..f50894b9 100644 --- a/lib/common/models/wp_version/vulnerable.rb +++ b/lib/common/models/wp_version/vulnerable.rb @@ -1,19 +1,16 @@ # encoding: UTF-8 class WpVersion < WpItem - - def vulns_file - unless @vulns_file - @vulns_file = WP_VULNS_FILE - end - @vulns_file - end - - def vulns_xpath - "//wordpress[@version='#{@number}']/vulnerability" - end - module Vulnerable + def vulns_file + unless @vulns_file + @vulns_file = WP_VULNS_FILE + end + @vulns_file + end + def vulns_xpath + "//wordpress[@version='#{@number}']/vulnerability" + end end end diff --git a/spec/lib/common/models/wp_item_spec.rb b/spec/lib/common/models/wp_item_spec.rb index 6bdf95f4..f4779e54 100644 --- a/spec/lib/common/models/wp_item_spec.rb +++ b/spec/lib/common/models/wp_item_spec.rb @@ -11,6 +11,11 @@ describe WpItem do let(:error_log_url) { uri.merge('error_log').to_s } end it_behaves_like 'WpItem::Versionable' + it_behaves_like 'WpItem::Vulnerable' do + let(:vulns_file) { MODELS_FIXTURES + '/wp_item/vulnerable/vulns_items.xml' } + let(:vulns_xpath) { "//item[@name='neo']/vulnerability" } + let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new("I'm the one", 'XSS', ["http://ref1.com"]) } + end subject(:wp_item) { WpItem.new(uri, options) } let(:uri) { URI.parse('http://example.com') } diff --git a/spec/samples/common/models/wp_item/vulnerable/empty.xml b/spec/samples/common/models/wp_item/vulnerable/empty.xml new file mode 100644 index 00000000..52d2d974 --- /dev/null +++ b/spec/samples/common/models/wp_item/vulnerable/empty.xml @@ -0,0 +1,5 @@ + + + + + diff --git a/spec/samples/common/models/wp_item/vulnerable/vulns_items.xml b/spec/samples/common/models/wp_item/vulnerable/vulns_items.xml new file mode 100644 index 00000000..514a4a3a --- /dev/null +++ b/spec/samples/common/models/wp_item/vulnerable/vulns_items.xml @@ -0,0 +1,21 @@ + + + + + + + I should not appear in the results + http://ref1.com + RFI + + + + + + I'm the one + http://ref1.com + XSS + + + + diff --git a/spec/shared_examples/wp_item_vulnerable.rb b/spec/shared_examples/wp_item_vulnerable.rb new file mode 100644 index 00000000..29fba77d --- /dev/null +++ b/spec/shared_examples/wp_item_vulnerable.rb @@ -0,0 +1,35 @@ +# encoding: UTF-8 + +shared_examples 'WpItem::Vulnerable' do + + # 3 variables have to be set in the described class or subject: + # let(:vulns_file) { } + # let(:vulns_xpath) { } + # let(:expected_vulns) { } The expected Vulnerabilities when using vulns_file and vulns_xpath + + describe '#vulnerabilities' do + let(:empty_file) { MODELS_FIXTURES + '/wp_item/vulnerable/empty.xml' } + + after do + subject.vulns_file = @vulns_file + subject.vulns_xpath = vulns_xpath + + result = subject.vulnerabilities + result.should be_a Vulnerabilities + result.should == @expected + end + + context 'when the vulns_file is empty' do + it 'returns an empty Vulnerabilities' do + @vulns_file = empty_file + @expected = Vulnerabilities.new + end + end + + it 'returns the expected vulnerabilities' do + @vulns_file = vulns_file + @expected = expected_vulns + end + end + +end