garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adds some readme files to check for plugin versions - Fixes #737

Browse Source
This commit is contained in:
erwanlr
2014-12-10 16:55:00 +01:00
parent c24ed707ef
commit e09b4cc76d
2 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
lib/common/models/wp_item/infos.rb
View File

@@ -12,7 +12,9 @@ class WpItem
# @return [ String,nil ] The url to the readme file, nil if not found # @return [ String,nil ] The url to the readme file, nil if not found
def readme_url def readme_url
%w{readme.txt README.txt}.each do |readme| # See https://github.com/wpscanteam/wpscan/pull/737#issuecomment-66375445
# for any question about the order
%w{readme.txt README.txt Readme.txt ReadMe.txt README.TXT readme.TXT}.each do |readme|
url = @uri.merge(readme).to_s url = @uri.merge(readme).to_s
return url if url_is_200?(url) return url if url_is_200?(url)
end end

14
spec/shared_examples/wp_item_infos.rb
View File

@@ -8,7 +8,7 @@ shared_examples 'WpItem::Infos' do
# let(:error_log_url) { } # let(:error_log_url) { }
describe '#readme_url' do describe '#readme_url' do
after { expect(subject.readme_url).to be === @expected } after { expect(subject.readme_url).to eql @expected }
it 'returns nil' do it 'returns nil' do
stub_request(:get, /.*/).to_return(status: 404) stub_request(:get, /.*/).to_return(status: 404)
@@ -16,7 +16,7 @@ shared_examples 'WpItem::Infos' do
end end
context 'when the file exists' do context 'when the file exists' do
%w{readme.txt README.txt}.each do |readme| %w{readme.txt README.TXT}.each do |readme|
it 'returns the correct url' do it 'returns the correct url' do
url = uri.merge(readme).to_s url = uri.merge(readme).to_s
@expected = url @expected = url
@@ -31,7 +31,7 @@ shared_examples 'WpItem::Infos' do
describe '#has_readme?' do describe '#has_readme?' do
after do after do
allow(subject).to receive_messages(readme_url: @stub) allow(subject).to receive_messages(readme_url: @stub)
expect(subject.has_readme?).to be === @expected expect(subject.has_readme?).to eql @expected
end end
context 'when readme_url is nil' context 'when readme_url is nil'
@@ -56,7 +56,7 @@ shared_examples 'WpItem::Infos' do
describe '#has_changelog?' do describe '#has_changelog?' do
after :each do after :each do
stub_request(:get, subject.changelog_url).to_return(status: @status) stub_request(:get, subject.changelog_url).to_return(status: @status)
expect(subject.has_changelog?).to be === @expected expect(subject.has_changelog?).to eql @expected
end end
it 'returns true on a 200' do it 'returns true on a 200' do
@@ -73,7 +73,7 @@ shared_examples 'WpItem::Infos' do
describe '#has_directory_listing?' do describe '#has_directory_listing?' do
after do after do
stub_request(:get, subject.uri.to_s).to_return(@stub_return) stub_request(:get, subject.uri.to_s).to_return(@stub_return)
expect(subject.has_directory_listing?).to be === @expected expect(subject.has_directory_listing?).to eql @expected
end end
context 'when the body contains <title>Index of' do context 'when the body contains <title>Index of' do
@@ -103,11 +103,11 @@ shared_examples 'WpItem::Infos' do
describe '#has_error_log?' do describe '#has_error_log?' do
after do after do
stub_request(:get, subject.error_log_url).to_return(@stub_return) stub_request(:get, subject.error_log_url).to_return(@stub_return)
expect(subject.has_error_log?).to be === @expected expect(subject.has_error_log?).to eql @expected
end end
it 'returns true if the pattern is detected' do it 'returns true if the pattern is detected' do
@stub_return = { status: 200, body: File.new( MODELS_FIXTURES + '/wp_item/error_log') } @stub_return = { status: 200, body: File.new(MODELS_FIXTURES + '/wp_item/error_log') }
@expected = true @expected = true
end end