CoCalc -- bad_request

GitHub Repository: wpscanteam/wpscan
Path: blob/master/spec/app/finders/timthumb_version/bad_request_spec.rb
¹⁴⁸³ views

1
# frozen_string_literal: true
2

3
describe WPScan::Finders::TimthumbVersion::BadRequest do
4
  subject(:finder) { described_class.new(target) }
5
  let(:target)     { WPScan::Model::Timthumb.new(url) }
6
  let(:url)        { 'http://ex.lo/timthumb.php' }
7
  let(:fixtures)   { FINDERS_FIXTURES.join('timthumb_version', 'bad_request') }
8

9
  describe '#aggressive' do
10
    before { stub_request(:get, url).to_return(body: File.read(fixtures.join(file))) }
11
    after  { expect(finder.aggressive).to eql @expected }
12

13
    context 'when no version' do
14
      let(:file) { 'no_version.php' }
15

16
      it 'returns nil' do
17
        @expected = nil
18
      end
19
    end
20

21
    context 'when a version' do
22
      let(:file) { '2.8.14.php' }
23

24
      it 'returns the expected version' do
25
        @expected = WPScan::Model::Version.new(
26
          '2.8.14',
27
          confidence: 90,
28
          found_by: 'Bad Request (Aggressive Detection)',
29
          interesting_entries: [
30
            "#{url}, TimThumb version : 2.8.14"
31
          ]
32
        )
33
      end
34
    end
35
  end
36
end
37

38

Product

Resources

Company