CoCalc -- rss_generator

GitHub Repository: wpscanteam/wpscan
Path: blob/master/spec/app/finders/users/rss_generator_spec.rb
¹⁴⁸³ views
1
# frozen_string_literal: true
2

3
describe WPScan::Finders::Users::RSSGenerator do
4
  subject(:finder)  { described_class.new(target) }
5
  let(:target)      { WPScan::Target.new(url) }
6
  let(:url)         { 'http://ex.lo/' }
7
  let(:fixtures)    { FINDERS_FIXTURES.join('users', 'rss_generator') }
8
  let(:rss_fixture) { File.read(fixtures.join('feed.xml')) }
9

10
  describe '#passive, #aggressive' do
11
    before do
12
      allow(target).to receive(:sub_dir).and_return(false)
13

14
      stub_request(:get, target.url).to_return(body: File.read(homepage_fixture))
15
    end
16

17
    context 'when no RSS link in homepage' do
18
      let(:homepage_fixture) { fixtures.join('homepage_no_links.html') }
19

20
      its(:passive) { should eql [] }
21

22
      it 'returns the expected from #aggressive' do
23
        stub_request(:get, target.url('feed/')).to_return(body: rss_fixture)
24
        stub_request(:get, target.url('comments/feed/'))
25
        stub_request(:get, target.url('feed/rss/'))
26
        stub_request(:get, target.url('feed/rss2/'))
27

28
        expect(finder.aggressive).to eql [
29
          WPScan::Model::User.new(
30
            'admin',
31
            confidence: 50,
32
            found_by: 'Rss Generator (Aggressive Detection)'
33
          ),
34
          WPScan::Model::User.new(
35
            'Aa Dias-Gildes',
36
            confidence: 50,
37
            found_by: 'Rss Generator (Aggressive Detection)'
38
          )
39
        ]
40
      end
41
    end
42

43
    context 'when RSS link in homepage' do
44
      let(:homepage_fixture) { fixtures.join('homepage_links.html') }
45

46
      it 'returns the expected from #passive' do
47
        stub_request(:get, target.url('feed/')).to_return(body: rss_fixture)
48

49
        expect(finder.passive).to eql [
50
          WPScan::Model::User.new(
51
            'admin',
52
            confidence: 50,
53
            found_by: 'Rss Generator (Passive Detection)'
54
          ),
55
          WPScan::Model::User.new(
56
            'Aa Dias-Gildes',
57
            confidence: 50,
58
            found_by: 'Rss Generator (Passive Detection)'
59
          )
60
        ]
61
      end
62

63
      context 'when :mixed mode' do
64
        it 'avoids checking existing URL/s from #passive' do
65
          stub_request(:get, target.url('comments/feed/')).to_return(body: rss_fixture)
66

67
          expect(finder.aggressive(mode: :mixed)).to eql [
68
            WPScan::Model::User.new(
69
              'admin',
70
              confidence: 50,
71
              found_by: 'Rss Generator (Aggressive Detection)'
72
            ),
73
            WPScan::Model::User.new(
74
              'Aa Dias-Gildes',
75
              confidence: 50,
76
              found_by: 'Rss Generator (Aggressive Detection)'
77
            )
78
          ]
79
        end
80
      end
81

82
      context 'when no mode' do
83
        it 'checks the first URL detected from the URLs' do
84
          stub_request(:get, target.url('feed/')).to_return(body: rss_fixture)
85

86
          expect(finder.aggressive).to eql [
87
            WPScan::Model::User.new(
88
              'admin',
89
              confidence: 50,
90
              found_by: 'Rss Generator (Aggressive Detection)'
91
            ),
92
            WPScan::Model::User.new(
93
              'Aa Dias-Gildes',
94
              confidence: 50,
95
              found_by: 'Rss Generator (Aggressive Detection)'
96
            )
97
          ]
98
        end
99
      end
100
    end
101
  end
102
end
103

104
Product

Resources

Company
