garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixes #1285

Browse Source
This commit is contained in:
erwanlr
2019-02-10 10:45:54 +00:00
parent e341ec7c60
commit dee4da1c0e
3 changed files with 124 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
spec/app/finders/users/wp_json_api_spec.rb
View File

@@ -2,42 +2,79 @@ describe WPScan::Finders::Users::WpJsonApi do
subject(:finder) { described_class.new(target) }
let(:target) { WPScan::Target.new(url) }
let(:url) { 'http://wp.lab/' }
let(:fixtures) { File.join(FINDERS_FIXTURES, 'users', 'wp_json_api') }
let(:fixtures) { FINDERS_FIXTURES.join('users', 'wp_json_api') }
describe '#aggressive' do
before do
allow(target).to receive(:sub_dir).and_return(false)
stub_request(:get, finder.api_url).to_return(body: body)
end
before { allow(target).to receive(:sub_dir).and_return(false) }
context 'when not a JSON response' do
let(:body) { '' }
context 'when only one page of results' do
before do
stub_request(:get, finder.api_url)
.with(query: { page: 1, per_page: 100 })
.to_return(body: body, headers: {})
end
its(:aggressive) { should eql([]) }
end
context 'when a JSON response' do
context 'when unauthorised' do
let(:body) { File.read(File.join(fixtures, '401.json')) }
context 'when not a JSON response' do
let(:body) { '' }
its(:aggressive) { should eql([]) }
end
context 'when limited exposure (WP >= 4.7.1)' do
let(:body) { File.read(File.join(fixtures, '4.7.2.json')) }
context 'when a JSON response' do
context 'when unauthorised' do
let(:body) { File.read(fixtures.join('401.json')) }
it 'returns the expected array of users' do
users = finder.aggressive
expect(users.size).to eql 1
user = users.first
expect(user.id).to eql 1
expect(user.username).to eql 'admin'
expect(user.confidence).to eql 100
expect(user.interesting_entries).to eql ['http://wp.lab/wp-json/wp/v2/users/']
its(:aggressive) { should eql([]) }
end
context 'when limited exposure (WP >= 4.7.1)' do
let(:body) { File.read(fixtures.join('4.7.2.json')) }
it 'returns the expected array of users' do
users = finder.aggressive
expect(users.size).to eql 1
user = users.first
expect(user.id).to eql 1
expect(user.username).to eql 'admin'
expect(user.confidence).to eql 100
expect(user.interesting_entries).to eql ['http://wp.lab/wp-json/wp/v2/users/?page=1&per_page=100']
end
end
end
end
context 'when multiple pages of results' do
before do
stub_request(:get, finder.api_url)
.with(query: { page: 1, per_page: 100 })
.to_return(body: File.read(fixtures.join('4.7.2.json')), headers: { 'X-WP-TotalPages' => 2 })
stub_request(:get, finder.api_url)
.with(query: { page: 2, per_page: 100 })
.to_return(body: File.read(fixtures.join('4.7.2-2.json')), headers: { 'X-WP-TotalPages' => 2 })
end
it 'returns the expected array of users' do
users = finder.aggressive
expect(users.size).to eql 2
user = users.first
expect(user.id).to eql 1
expect(user.username).to eql 'admin'
expect(user.confidence).to eql 100
expect(user.interesting_entries).to eql ['http://wp.lab/wp-json/wp/v2/users/?page=1&per_page=100']
user = users.second
expect(user.id).to eql 20
expect(user.username).to eql 'user'
expect(user.confidence).to eql 100
expect(user.interesting_entries).to eql ['http://wp.lab/wp-json/wp/v2/users/?page=2&per_page=100']
end
end
end

28
spec/fixtures/finders/users/wp_json_api/4.7.2-2.json vendored Normal file
View File

@@ -0,0 +1,28 @@
[
{
"id": 20,
"name": "user",
"url": "",
"description": "",
"link": "http://wp.lab/wordpress-4.7/author/user/",
"slug": "user",
"avatar_urls": {
"24": "http://1.gravatar.com/avatar/473fe256a0c7b9e907b55b2f492f8686?s=24&d=mm&r=g",
"48": "http://1.gravatar.com/avatar/473fe256a0c7b9e907b55b2f492f8686?s=48&d=mm&r=g",
"96": "http://1.gravatar.com/avatar/473fe256a0c7b9e907b55b2f492f8686?s=96&d=mm&r=g"
},
"meta": [],
"_links": {
"self": [
{
"href": "http://wp.lab/wordpress-4.7/wp-json/wp/v2/users/20"
}
],
"collection": [
{
"href": "http://wp.lab/wordpress-4.7/wp-json/wp/v2/users"
}
]
}
}
]