From f72f3b75949a1088c773c382a52f9c09a71efae4 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <firefart@gmail.com>
Date: Tue, 5 Feb 2013 19:42:22 +0100
Subject: [PATCH] get theme version number from readme if not present in
 style.css

---
 lib/wpscan/wp_theme.rb           | 23 +++++++++++-----
 spec/lib/wpscan/wp_theme_spec.rb | 45 +++++++++++++++++++++++++++++---
 2 files changed, 58 insertions(+), 10 deletions(-)

diff --git a/lib/wpscan/wp_theme.rb b/lib/wpscan/wp_theme.rb
index 1122a20d..e2bdf160 100644
--- a/lib/wpscan/wp_theme.rb
+++ b/lib/wpscan/wp_theme.rb
@@ -39,12 +39,24 @@ class WpTheme < WpItem
   def version
     unless @version
       if @style_url
-        @version = Browser.instance.get(@style_url).body[%r{Version:\s([^\s]+)}i, 1]
+        url = @style_url
+      else
+        url = default_style_url
+      end
+      @version = Browser.instance.get(url).body[%r{Version:\s([^\s]+)}i, 1]
+
+      # Get Version from readme.txt
+      if @version.nil?
+        @version = super
       end
     end
     @version
   end
 
+  def default_style_url
+    get_url_without_filename.merge('style.css')
+  end
+
   def self.find(target_uri)
     self.methods.grep(/find_from_/).each do |method_to_call|
       theme = self.send(method_to_call, target_uri)
@@ -93,11 +105,10 @@ class WpTheme < WpItem
       woo_framework_version = matches[3] # Not used at this time
 
       return new(
-        name:            woo_theme_name,
-        version:         woo_theme_version,
-        base_url:        matches[0],
-        path:            '',
-        wp_content_dir:  ''
+        name:     woo_theme_name,
+        version:  woo_theme_version,
+        base_url: target_uri.to_s,
+        path:     woo_theme_name
       )
     end
   end
diff --git a/spec/lib/wpscan/wp_theme_spec.rb b/spec/lib/wpscan/wp_theme_spec.rb
index 6f4fc2c3..2d04bcc7 100644
--- a/spec/lib/wpscan/wp_theme_spec.rb
+++ b/spec/lib/wpscan/wp_theme_spec.rb
@@ -102,18 +102,21 @@ describe WpTheme do
 
       wp_theme = WpTheme.find_from_wooframework(@target_uri)
 
+      stub_request(:get, wp_theme.default_style_url.to_s).to_return(status: 200)
+      stub_request(:get, wp_theme.readme_url.to_s).to_return(status: 200)
+
       wp_theme.should be_a WpTheme unless wp_theme.nil?
       wp_theme.should === @expected_theme
     end
 
     it "should return a WpTheme object with .name 'Editorial' and .version '1.3.5'" do
       @fixture = fixtures_dir + '/editorial-1.3.5.html'
-      @expected_theme = WpTheme.new(name: 'Editorial', version: '1.3.5', base_url: '', path: '', wp_content_dir: '')
+      @expected_theme = WpTheme.new(name: 'Editorial', version: '1.3.5', base_url: 'http://example.localhost/', path: 'Editorial')
     end
 
     it "should return a WpTheme object with .name 'Merchant'" do
       @fixture = fixtures_dir + '/merchant-no-version.html'
-      @expected_theme = WpTheme.new(name: 'Merchant', base_url: '', path: '', wp_content_dir: '')
+      @expected_theme = WpTheme.new(name: 'Merchant', base_url: 'http://example.localhost/', path: 'Merchant')
     end
   end
 
@@ -157,7 +160,9 @@ describe WpTheme do
       if @fixture
         stub_request_to_fixture(url: theme_style_url, fixture: @fixture)
 
-        wp_theme = WpTheme.new(name: 'spec-theme', style_url: theme_style_url, base_url: '', path: '', wp_content_dir: '')
+        wp_theme = WpTheme.new(name: 'spec-theme', style_url: theme_style_url, base_url: 'http://example.localhost/', path: 'spec-theme')
+
+        stub_request(:get, wp_theme.readme_url.to_s).to_return(status: 200)
 
         wp_theme.version.should === @expected
       end
@@ -169,7 +174,10 @@ describe WpTheme do
     end
 
     it 'should return nil if the style_url is nil' do
-      WpTheme.new(name: 'hello-world', base_url: '', path: '', wp_content_dir: '').version.should be_nil
+      wp_theme = WpTheme.new(name: 'hello-world', base_url: 'http://example.localhost/', path: 'hello-world')
+      stub_request(:get, wp_theme.default_style_url.to_s).to_return(status: 200)
+      stub_request(:get, wp_theme.readme_url.to_s).to_return(status: 200)
+      wp_theme.version.should be_nil
     end
 
     it 'should return 1.3' do
@@ -181,6 +189,35 @@ describe WpTheme do
       @fixture = fixtures_dir + '/bueno-1.5.1.css'
       @expected = '1.5.1'
     end
+
+    it 'should get the version from default style.css url' do
+      wp_theme = WpTheme.new(name: 'hello-world', base_url: 'http://example.localhost/', path: 'hello-world')
+      stub_request(:get, wp_theme.default_style_url.to_s).to_return(status: 200, body: 'Version: 1.3.4.5')
+      stub_request(:get, wp_theme.readme_url.to_s).to_return(status: 404)
+      wp_theme.version.should === '1.3.4.5'
+    end
+
+    it 'should get the version from custom style.css url' do
+      style_url = 'http://example.localhost/custom_style.css'
+      wp_theme = WpTheme.new(name: 'hello-world', base_url: 'http://example.localhost/', path: 'hello-world', style_url: style_url)
+      stub_request(:get, style_url).to_return(status: 200, body: 'Version: 1.3.4.5')
+      stub_request(:get, wp_theme.readme_url.to_s).to_return(status: 404)
+      wp_theme.version.should === '1.3.4.5'
+    end
+
+    it 'should get the version from readme.txt' do
+      wp_theme = WpTheme.new(name: 'hello-world', base_url: 'http://example.localhost/', path: 'hello-world')
+      stub_request(:get, wp_theme.default_style_url.to_s).to_return(status: 404)
+      stub_request(:get, wp_theme.readme_url.to_s).to_return(status: 200, body: 'Stable Tag: 1.2.3.4')
+      wp_theme.version.should === '1.2.3.4'
+    end
+
+    it 'should get the version from readme.txt' do
+      wp_theme = WpTheme.new(name: 'hello-world', base_url: 'http://example.localhost/', path: 'hello-world')
+      stub_request(:get, wp_theme.default_style_url.to_s).to_return(status: 200)
+      stub_request(:get, wp_theme.readme_url.to_s).to_return(status: 200, body: 'Stable Tag: 1.2.3.4')
+      wp_theme.version.should === '1.2.3.4'
+    end
   end
 
   describe '#===' do