bugfixing and rspec tests

2012-09-24 18:07:22 +02:00
parent 7056d4ecd7
commit fe1191a51e
6 changed files with 66 additions and 4 deletions
--- a/lib/wpscan/wp_target.rb
+++ b/lib/wpscan/wp_target.rb
@@ -132,7 +132,7 @@ class WpTarget

  def search_replace_db_2_exists?
    resp = Browser.instance.get(search_replace_db_2_url)
-    resp.status == 200 && resp.body[%r{by interconnect}i]
+    resp.code == 200 && resp.body[%r{by interconnect}i]
  end

  # Should check wp-login.php if registration is enabled or not
--- a/lib/wpscan/wp_version.rb
+++ b/lib/wpscan/wp_version.rb
@@ -124,12 +124,12 @@ class WpVersion < Vulnerable
  # http://code.google.com/p/wpscan/issues/detail?id=109
  def self.find_from_sitemap_generator(options)
    target_uri = options[:base_url]
-    Browser.instance.get(target_uri.merge("sitemap.xml").to_s).body[%r{generator="wordpress/#{WpVersion.version_pattern}"}, 1]
+    Browser.instance.get(target_uri.merge("sitemap.xml").to_s).body[%r{generator="wordpress/#{WpVersion.version_pattern}"}i, 1]
  end

  def self.find_from_links_opml(options)
    target_uri = options[:base_url]
-    Browser.instance.get(target_uri.merge("wp-links-opml.php").to_s).body[%r{generator="wordpress/#{WpVersion.version_pattern}"}, 1]
+    Browser.instance.get(target_uri.merge("wp-links-opml.php").to_s).body[%r{generator="wordpress/#{WpVersion.version_pattern}"}i, 1]
  end

  # Used to check if the version is correct : must contain at least one .
--- a/spec/fixtures/wpscan/wp_version/opml/wp-links-opml-nogenerator.xml
+++ b/spec/fixtures/wpscan/wp_version/opml/wp-links-opml-nogenerator.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0"?>
+<opml version="1.0">
+  <head>
+    <title>Title</title>
+    <dateCreated>Mon, 24 Sep 2012 15:58:41 GMT</dateCreated>
+  </head>
+  <body>
+  </body>
+</opml>
--- a/spec/fixtures/wpscan/wp_version/opml/wp-links-opml.xml
+++ b/spec/fixtures/wpscan/wp_version/opml/wp-links-opml.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0"?>
+<opml version="1.0">
+  <head>
+    <title>Title</title>
+    <dateCreated>Mon, 24 Sep 2012 15:58:41 GMT</dateCreated>
+    <!-- generator="WordPress/3.4.2" -->
+  </head>
+  <body>
+  </body>
+</opml>
--- a/spec/lib/wpscan/wp_target_spec.rb
+++ b/spec/lib/wpscan/wp_target_spec.rb
@@ -221,4 +221,27 @@ describe WpTarget do
      @expected = true
    end
  end
+
+  describe "#search_replace_db_2_url" do
+    it "should return the correct url" do
+      @wp_target.search_replace_db_2_url.should == "http://example.localhost/searchreplacedb2.php"
+    end
+  end
+
+  describe "#search_replace_db_2_exists?" do
+    it "should return true" do
+      stub_request(:any, @wp_target.search_replace_db_2_url).to_return(:status => 200, :body => "asdf by interconnect asdf")
+      @wp_target.search_replace_db_2_exists?.should be_true
+    end
+
+    it "should return false" do
+      stub_request(:any, @wp_target.search_replace_db_2_url).to_return(:status => 500)
+      @wp_target.search_replace_db_2_exists?.should be_false
+    end
+
+    it "should return false" do
+      stub_request(:any, @wp_target.search_replace_db_2_url).to_return(:status => 500, :body => "asdf by interconnect asdf")
+      @wp_target.search_replace_db_2_exists?.should be_false
+    end
+  end
 end
--- a/spec/lib/wpscan/wp_version_spec.rb
+++ b/spec/lib/wpscan/wp_version_spec.rb
@@ -139,7 +139,7 @@ describe WpVersion do
  end

  describe "#find_from_advanced_fingerprinting" do
-    let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + '/advanced' }
+    let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/advanced" }

    it "should return 3.2.1" do
      stub_request_to_fixture(:url => @target_uri.merge("wp-admin/js/wp-fullscreen.js").to_s,
@@ -152,6 +152,26 @@ describe WpVersion do
    end
  end

+  describe "#find_from_links_opml" do
+    let(:fixtures_dir) { SPEC_FIXTURES_WPSCAN_WP_VERSION_DIR + "/opml" }
+
+    it "should return 3.4.2" do
+      stub_request_to_fixture(:url => @target_uri.merge("wp-links-opml.php").to_s,
+                              :status => 200,
+                              :fixture => "#{fixtures_dir}/wp-links-opml.xml")
+      version = WpVersion.find_from_links_opml(:base_url => @target_uri)
+      version.should == "3.4.2"
+    end
+
+    it "should return nil" do
+      stub_request_to_fixture(:url => @target_uri.merge("wp-links-opml.php").to_s,
+                              :status => 200,
+                              :fixture => "#{fixtures_dir}/wp-links-opml-nogenerator.xml")
+      version = WpVersion.find_from_links_opml(:base_url => @target_uri)
+      version.should be_nil
+    end
+  end
+
  describe "#initialize" do
    it "should initialize a WpVersion object" do
      v = WpVersion.new(1, {:discovery_method => "method", :vulns_file => "asdf.xml"})