garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Errors moved into their own namespace - Ref #1315

Browse Source
This commit is contained in:
erwanlr
2019-03-19 19:09:16 +00:00
parent 357e13be2b
commit f1657164d5
15 changed files with 85 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/core.rb
View File

@@ -25,7 +25,7 @@ module WPScan
# @return [ Boolean ]
def update_db_required?
if local_db.missing_files?
raise MissingDatabaseFile if parsed_options[:update] == false
raise Error::MissingDatabaseFile if parsed_options[:update] == false
return true
end
@@ -62,7 +62,7 @@ module WPScan
# Raises errors if the target is hosted on wordpress.com or is not running WordPress
# Also check if the homepage_url is still the install url
def check_wordpress_state
raise WordPressHostedError if target.wordpress_hosted?
raise Error::WordPressHosted if target.wordpress_hosted?
if Addressable::URI.parse(target.homepage_url).path =~ %r{/wp-admin/install.php$}i
@@ -71,7 +71,7 @@ module WPScan
exit(WPScan::ExitCode::VULNERABLE)
end
raise NotWordPressError unless target.wordpress?(parsed_options[:detection_mode]) || parsed_options[:force]
raise Error::NotWordPress unless target.wordpress?(parsed_options[:detection_mode]) || parsed_options[:force]
end
# Loads the related server module in the target

2
app/controllers/custom_directories.rb
View File

@@ -16,7 +16,7 @@ module WPScan
return if target.content_dir
raise WpContentDirNotDetected
raise Error::WpContentDirNotDetected
end
end
end

4
app/controllers/password_attack.rb
View File

@@ -65,11 +65,11 @@ module WPScan
when :wp_login
WPScan::Finders::Passwords::WpLogin.new(target)
when :xmlrpc
raise XMLRPCNotDetected unless xmlrpc
raise Error::XMLRPCNotDetected unless xmlrpc
WPScan::Finders::Passwords::XMLRPC.new(xmlrpc)
when :xmlrpc_multicall
raise XMLRPCNotDetected unless xmlrpc
raise Error::XMLRPCNotDetected unless xmlrpc
WPScan::Finders::Passwords::XMLRPCMulticall.new(xmlrpc)
end

2
app/models/wp_version.rb
View File

@@ -4,7 +4,7 @@ module WPScan
include Vulnerable
def initialize(number, opts = {})
raise InvalidWordPressVersion unless WpVersion.valid?(number.to_s)
raise Error::InvalidWordPressVersion unless WpVersion.valid?(number.to_s)
super(number, opts)
end

4
lib/wpscan/db/updater.rb
View File

@@ -80,7 +80,7 @@ module WPScan
url = "#{remote_file_url(filename)}.sha512"
res = Browser.get(url, request_params)
raise DownloadError, res if res.timed_out? || res.code != 200
raise Error::Download, res if res.timed_out? || res.code != 200
res.body.chomp
end
@@ -121,7 +121,7 @@ module WPScan
file_url = remote_file_url(filename)
res = Browser.get(file_url, request_params)
raise DownloadError, res if res.timed_out? || res.code != 200
raise Error::Download, res if res.timed_out? || res.code != 200
File.open(file_path, 'wb') { |f| f.write(res.body) }

6
lib/wpscan/errors.rb
View File

@@ -1,5 +1,9 @@
module WPScan
class Error < StandardError
module Error
include CMSScanner::Error
class Standard < StandardError
end
end
end

56
lib/wpscan/errors/http.rb
View File

@@ -1,34 +1,36 @@
module WPScan
# HTTP Error
class HTTPError < Error
attr_reader :response
module Error
# HTTP Error
class HTTP < Standard
attr_reader :response
# @param [ Typhoeus::Response ] res
def initialize(response)
@response = response
# @param [ Typhoeus::Response ] res
def initialize(response)
@response = response
end
def failure_details
msg = response.effective_url
msg += if response.code.zero? || response.timed_out?
" (#{response.return_message})"
else
" (status: #{response.code})"
end
msg
end
def to_s
"HTTP Error: #{failure_details}"
end
end
def failure_details
msg = response.effective_url
msg += if response.code.zero? || response.timed_out?
" (#{response.return_message})"
else
" (status: #{response.code})"
end
msg
end
def to_s
"HTTP Error: #{failure_details}"
end
end
# Used in the Updater
class DownloadError < HTTPError
def to_s
"Unable to get #{failure_details}"
# Used in the Updater
class Download < HTTP
def to_s
"Unable to get #{failure_details}"
end
end
end
end

10
lib/wpscan/errors/update.rb
View File

@@ -1,8 +1,10 @@
module WPScan
# Error raised when there is a missing DB file and --no-update supplied
class MissingDatabaseFile < Error
def to_s
'Update required, you can not run a scan if a database file is missing.'
module Error
# Error raised when there is a missing DB file and --no-update supplied
class MissingDatabaseFile < Standard
def to_s
'Update required, you can not run a scan if a database file is missing.'
end
end
end
end

38
lib/wpscan/errors/wordpress.rb
View File

@@ -1,28 +1,30 @@
module WPScan
# WordPress hosted (*.wordpress.com)
class WordPressHostedError < Error
def to_s
'Scanning *.wordpress.com hosted blogs is not supported.'
module Error
# WordPress hosted (*.wordpress.com)
class WordPressHosted < Standard
def to_s
'Scanning *.wordpress.com hosted blogs is not supported.'
end
end
end
# Not WordPress Error
class NotWordPressError < Error
def to_s
'The remote website is up, but does not seem to be running WordPress.'
# Not WordPress Error
class NotWordPress < Standard
def to_s
'The remote website is up, but does not seem to be running WordPress.'
end
end
end
# Invalid Wp Version (used in the WpVersion#new)
class InvalidWordPressVersion < Error
def to_s
'The WordPress version is invalid'
# Invalid Wp Version (used in the WpVersion#new)
class InvalidWordPressVersion < Standard
def to_s
'The WordPress version is invalid'
end
end
end
class WpContentDirNotDetected < Error
def to_s
'Unable to identify the wp-content dir, please supply it with --wp-content-dir'
class WpContentDirNotDetected < Standard
def to_s
'Unable to identify the wp-content dir, please supply it with --wp-content-dir'
end
end
end
end

10
lib/wpscan/errors/xmlrpc.rb
View File

@@ -1,8 +1,10 @@
module WPScan
# XML-RPC Not Detected
class XMLRPCNotDetected < Error
def to_s
'The XML-RPC Interface was not detected.'
module Error
# XML-RPC Not Detected
class XMLRPCNotDetected < Standard
def to_s
'The XML-RPC Interface was not detected.'
end
end
end
end

2
lib/wpscan/finders/finder/wp_version/smart_url_checker.rb
View File

@@ -13,7 +13,7 @@ module WPScan
confidence: opts[:confidence] || 80,
interesting_entries: opts[:entries]
)
rescue WPScan::InvalidWordPressVersion
rescue WPScan::Error::InvalidWordPressVersion
nil # Invalid Version returned as nil and will be ignored by Finders
end
end

10
spec/app/controllers/core_spec.rb
View File

@@ -70,7 +70,7 @@ describe WPScan::Controller::Core do
let(:cli_args) { "#{super()} --no-update" }
it 'raises an error' do
expect { core.update_db_required? }. to raise_error(WPScan::MissingDatabaseFile)
expect { core.update_db_required? }. to raise_error(WPScan::Error::MissingDatabaseFile)
end
end
@@ -199,7 +199,7 @@ describe WPScan::Controller::Core do
let(:redirection) { 'http://g.com/' }
it 'raises an error' do
expect { core.before_scan }.to raise_error(CMSScanner::HTTPRedirectError)
expect { core.before_scan }.to raise_error(CMSScanner::Error::HTTPRedirect)
end
end
@@ -218,7 +218,7 @@ describe WPScan::Controller::Core do
it 'raises an error' do
expect(core.target).to receive(:wordpress?).with(:mixed).and_return(false)
expect { core.before_scan }.to raise_error(WPScan::NotWordPressError)
expect { core.before_scan }.to raise_error(WPScan::Error::NotWordPress)
end
end
end
@@ -230,7 +230,7 @@ describe WPScan::Controller::Core do
before { expect(core).to receive(:load_server_module) }
it 'raises an error' do
expect { core.before_scan }.to raise_error(WPScan::WordPressHostedError)
expect { core.before_scan }.to raise_error(WPScan::Error::WordPressHosted)
end
end
@@ -253,7 +253,7 @@ describe WPScan::Controller::Core do
context 'when no --force' do
it 'raises an error' do
expect { core.before_scan }.to raise_error(WPScan::NotWordPressError)
expect { core.before_scan }.to raise_error(WPScan::Error::NotWordPress)
end
end

2
spec/app/controllers/custom_directories_spec.rb
View File

@@ -23,7 +23,7 @@ describe WPScan::Controller::CustomDirectories do
before { expect(controller.target).to receive(:content_dir) }
it 'raises an exception' do
expect { controller.before_scan }.to raise_error(WPScan::WpContentDirNotDetected)
expect { controller.before_scan }.to raise_error(WPScan::Error::WpContentDirNotDetected)
end
end

4
spec/app/controllers/password_attack_spec.rb
View File

@@ -75,7 +75,7 @@ describe WPScan::Controller::PasswordAttack do
let(:attack) { 'xmlrpc' }
it 'raises an error' do
expect { controller.attacker }.to raise_error(WPScan::XMLRPCNotDetected)
expect { controller.attacker }.to raise_error(WPScan::Error::XMLRPCNotDetected)
end
end
@@ -83,7 +83,7 @@ describe WPScan::Controller::PasswordAttack do
let(:attack) { 'xmlrpc-multicall' }
it 'raises an error' do
expect { controller.attacker }.to raise_error(WPScan::XMLRPCNotDetected)
expect { controller.attacker }.to raise_error(WPScan::Error::XMLRPCNotDetected)
end
end
end

2
spec/app/models/wp_version_spec.rb
View File

@@ -2,7 +2,7 @@ describe WPScan::WpVersion do
describe '#new' do
context 'when invalid number' do
it 'raises an error' do
expect { described_class.new('aa') }.to raise_error WPScan::InvalidWordPressVersion
expect { described_class.new('aa') }.to raise_error WPScan::Error::InvalidWordPressVersion
end
end