garfield/wpscan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
f0997bfe0d4e57904965fd996d118578e7c55839
wpscan/spec/app/controllers/password_attack_spec.rb
erwanlr aee9ffdb9c Fixes #1365
2019-07-04 15:45:01 +01:00

225 lines
7.0 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
describe WPScan::Controller::PasswordAttack do
subject(:controller) { described_class.new }
let(:target_url) { 'http://ex.lo/' }
let(:cli_args) { "--url #{target_url}" }
before do
WPScan::ParsedCli.options = rspec_parsed_options(cli_args)
end
describe '#cli_options' do
its(:cli_options) { should_not be_empty }
its(:cli_options) { should be_a Array }
it 'contains to correct options' do
expect(controller.cli_options.map(&:to_sym))
.to eq(%i[passwords usernames multicall_max_passwords password_attack])
end
end
describe '#users' do
context 'when no --usernames' do
it 'calles target.users' do
expect(controller.target).to receive(:users)
controller.users
end
end
context 'when --usernames' do
let(:cli_args) { "#{super()} --usernames admin,editor" }
it 'returns an array with the users' do
expected = %w[admin editor].reduce([]) do |a, e|
a << WPScan::Model::User.new(e)
end
expect(controller.users).to eql expected
end
end
end
describe '#passwords' do
xit
end
describe '#run' do
context 'when no --passwords is supplied' do
it 'does not run the attacker' do
expect(controller.run).to eql nil
end
end
end
describe '#xmlrpc_get_users_blogs_enabled?' do
before { expect(controller.target).to receive(:xmlrpc).and_return(xmlrpc) }
context 'when xmlrpc not found' do
let(:xmlrpc) { nil }
its(:xmlrpc_get_users_blogs_enabled?) { should be false }
end
context 'when xmlrpc not enabled' do
let(:xmlrpc) { WPScan::Model::XMLRPC.new("#{target_url}xmlrpc.php") }
it 'returns false' do
expect(xmlrpc).to receive(:enabled?).and_return(false)
expect(controller.xmlrpc_get_users_blogs_enabled?).to be false
end
end
context 'when xmlrpc enabled' do
let(:xmlrpc) { WPScan::Model::XMLRPC.new("#{target_url}xmlrpc.php") }
before { expect(xmlrpc).to receive(:enabled?).and_return(true) }
context 'when wp.getUsersBlogs methods not listed' do
it 'returns false' do
expect(xmlrpc).to receive(:available_methods).and_return(%w[m1 m2])
expect(controller.xmlrpc_get_users_blogs_enabled?).to be false
end
end
context 'when wp.getUsersBlogs method listed' do
before { expect(xmlrpc).to receive(:available_methods).and_return(%w[wp.getUsersBlogs m2]) }
context 'when wp.getUsersBlogs method disabled' do
it 'returns false' do
stub_request(:post, xmlrpc.url).to_return(body: 'XML-RPC services are disabled on this site.')
expect(controller.xmlrpc_get_users_blogs_enabled?).to be false
end
end
context 'when wp.getUsersBlogs method enabled' do
it 'returns true' do
stub_request(:post, xmlrpc.url).to_return(body: 'Incorrect username or password.')
expect(controller.xmlrpc_get_users_blogs_enabled?).to be true
end
end
end
end
end
describe '#attacker' do
context 'when --password-attack provided' do
let(:cli_args) { "#{super()} --password-attack #{attack}" }
context 'when wp-login' do
let(:attack) { 'wp-login' }
it 'returns the correct object' do
expect(controller.attacker).to be_a WPScan::Finders::Passwords::WpLogin
expect(controller.attacker.target).to be_a WPScan::Target
end
end
context 'when xmlrpc' do
context 'when xmlrpc not detected on target' do
before do
expect(controller.target).to receive(:xmlrpc).and_return(nil)
end
context 'when single xmlrpc' do
let(:attack) { 'xmlrpc' }
it 'raises an error' do
expect { controller.attacker }.to raise_error(WPScan::Error::XMLRPCNotDetected)
end
end
context 'when xmlrpc-multicall' do
let(:attack) { 'xmlrpc-multicall' }
it 'raises an error' do
expect { controller.attacker }.to raise_error(WPScan::Error::XMLRPCNotDetected)
end
end
end
context 'when xmlrpc detected on target' do
before do
expect(controller.target)
.to receive(:xmlrpc)
.and_return(WPScan::Model::XMLRPC.new("#{target_url}xmlrpc.php"))
end
context 'when single xmlrpc' do
let(:attack) { 'xmlrpc' }
it 'returns the correct object' do
expect(controller.attacker).to be_a WPScan::Finders::Passwords::XMLRPC
expect(controller.attacker.target).to be_a WPScan::Model::XMLRPC
end
end
context 'when xmlrpc-multicall' do
let(:attack) { 'xmlrpc-multicall' }
it 'returns the correct object' do
expect(controller.attacker).to be_a WPScan::Finders::Passwords::XMLRPCMulticall
expect(controller.attacker.target).to be_a WPScan::Model::XMLRPC
end
end
end
end
end
context 'when automatic detection' do
context 'when xmlrpc_get_users_blogs_enabled? is false' do
it 'returns the WpLogin' do
expect(controller).to receive(:xmlrpc_get_users_blogs_enabled?).and_return(false)
expect(controller.attacker).to be_a WPScan::Finders::Passwords::WpLogin
expect(controller.attacker.target).to be_a WPScan::Target
end
end
context 'when xmlrpc_get_users_blogs_enabled? is true' do
before do
expect(controller).to receive(:xmlrpc_get_users_blogs_enabled?).and_return(true)
expect(controller.target)
.to receive(:xmlrpc).and_return(WPScan::Model::XMLRPC.new("#{target_url}xmlrpc.php"))
end
context 'when WP version not found' do
it 'returns the XMLRPC' do
expect(controller.target).to receive(:wp_version).and_return(false)
expect(controller.attacker).to be_a WPScan::Finders::Passwords::XMLRPC
expect(controller.attacker.target).to be_a WPScan::Model::XMLRPC
end
end
context 'when WP version found' do
before { expect(controller.target).to receive(:wp_version).and_return(wp_version) }
context 'when WP < 4.4' do
let(:wp_version) { WPScan::Model::WpVersion.new('3.8.1') }
it 'returns the XMLRPCMulticall' do
expect(controller.attacker).to be_a WPScan::Finders::Passwords::XMLRPCMulticall
expect(controller.attacker.target).to be_a WPScan::Model::XMLRPC
end
end
context 'when WP >= 4.4' do
let(:wp_version) { WPScan::Model::WpVersion.new('4.4') }
it 'returns the XMLRPC' do
expect(controller.attacker).to be_a WPScan::Finders::Passwords::XMLRPC
expect(controller.attacker.target).to be_a WPScan::Model::XMLRPC
end
end
end
end
end
end
end
Reference in New Issue View Git Blame Copy Permalink