Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
wpscanteam
GitHub Repository: wpscanteam/wpscan
 Path: blob/master/spec/lib/finders/dynamic_finder/wp_version_spec.rb
1466 views
1
# frozen_string_literal: true

2


3
expected_all = df_expected_all['wordpress']

4


5
WPScan::DB::DynamicFinders::Wordpress.create_versions_finders

6


7
describe 'Try to create the finders twice' do

8
  it 'does not raise an error when the class already exists' do

9
    expect { WPScan::DB::DynamicFinders::Wordpress.create_versions_finders }.to_not raise_error

10
  end

11
end

12


13
WPScan::DB::DynamicFinders::Wordpress.versions_finders_configs.each do |finder_class, config|

14
  finder_super_class = config['class'] || finder_class

15


16
  describe df_tested_class_constant('WpVersion', finder_class) do

17
    subject(:finder) { described_class.new(target) }

18
    let(:target)     { WPScan::Target.new('http://wp.lab/') }

19
    let(:fixtures)   { DYNAMIC_FINDERS_FIXTURES.join('wp_version') }

20


21
    let(:expected) do

22
      expected_all[finder_class].is_a?(Hash) ? [expected_all[finder_class]] : expected_all[finder_class]

23
    end

24


25
    let(:stubbed_response) { { body: '' } }

26


27
    describe '#passive' do

28
      before do

29
        stub_request(:get, target.url).to_return(stubbed_response)

30
        stub_request(:get, ERROR_404_URL_PATTERN)

31
      end

32


33
      if config['path']

34
        context 'when PATH' do

35
          it 'returns nil' do

36
            expect(finder.passive).to eql nil

37
          end

38
        end

39
      else

40
        context 'when no PATH' do

41
          let(:stubbed_response) do

42
            df_stubbed_response(

43
              fixtures.join("#{finder_super_class.underscore}_passive_all.html"),

44
              finder_super_class

45
            )

46
          end

47


48
          it 'returns the expected version from the homepage' do

49
            found = Array(finder.passive)

50


51
            expect(found).to_not be_empty

52


53
            found.each_with_index do |version, index|

54
              expected_version = expected.at(index)

55


56
              expect(version).to be_a WPScan::Model::WpVersion

57
              expect(version.number).to eql expected_version['number'].to_s

58
              expect(version.found_by).to eql expected_version['found_by']

59
              expect(version.interesting_entries).to match_array expected_version['interesting_entries']

60


61
              expect(version.confidence).to eql expected_version['confidence'] if expected_version['confidence']

62
            end

63
          end

64
        end

65
      end

66
    end

67


68
    describe '#aggressive' do

69
      let(:fixtures) { super().join(finder_class.underscore) }

70


71
      before do

72
        allow(target).to receive(:sub_dir).and_return(false)

73


74
        stub_request(:get, target.url(config['path'])).to_return(stubbed_response) if config['path']

75
      end

76


77
      if config['path']

78
        context 'when the version is detected' do

79
          let(:stubbed_response) do

80
            df_stubbed_response(fixtures.join(config['path']), finder_super_class)

81
          end

82


83
          it 'returns the expected version' do

84
            found = Array(finder.aggressive)

85


86
            expect(found).to_not be_empty

87


88
            found.each_with_index do |version, index|

89
              expected_version = expected.at(index)

90


91
              expect(version).to be_a WPScan::Model::WpVersion

92
              expect(version.number).to eql expected_version['number'].to_s

93
              expect(version.found_by).to eql expected_version['found_by']

94
              expect(version.interesting_entries).to match_array expected_version['interesting_entries']

95


96
              expect(version.confidence).to eql expected_version['confidence'] if expected_version['confidence']

97
            end

98
          end

99
        end

100


101
        context 'when the version is not detected' do

102
          it 'returns nil or an empty array' do

103
            expect(finder.aggressive).to eql finder_super_class == 'QueryParameter' ? [] : nil

104
          end

105
        end

106
      else

107
        it 'returns nil' do

108
          expect(finder.aggressive).to eql nil

109
        end

110
      end

111
    end

112
  end

113
end

114


115