cms_scanner 0.0.18 → 0.0.19

data/spec/shared_examples/target/platform/php.rb

@@ -1,56 +0,0 @@
-
-shared_examples CMSScanner::Target::Platform::PHP do
-  before { stub_request(:get, target.url(path)).to_return(body: body) }
-
-  describe '#debug_log?' do
-    let(:path) { 'd.log' }
-
-    context 'when the body matches' do
-      %w(debug.log).each do |file|
-        context "when #{file} body" do
-          let(:body) { File.read(File.join(fixtures, 'debug_log', file)) }
-
-          it 'returns true' do
-            expect(target.debug_log?(path)).to be true
-          end
-        end
-      end
-    end
-
-    context 'when the body does not match' do
-      let(:body) { '' }
-
-      it 'returns false' do
-        expect(target.debug_log?(path)).to be false
-      end
-    end
-  end
-
-  describe '#full_path_disclosure?, #full_path_disclosure_entries' do
-    let(:path) { 'p.php' }
-
-    context 'when the body matches a FPD' do
-      {
-        'wp_rss_functions.php' => %w(/short-path/rss-f.php)
-      }.each do |file, expected|
-        context "when #{file} body" do
-          let(:body) { File.read(File.join(fixtures, 'fpd', file)) }
-
-          it 'returns the expected array' do
-            expect(target.full_path_disclosure_entries(path)).to eql expected
-            expect(target.full_path_disclosure?(path)).to be true
-          end
-        end
-      end
-    end
-
-    context 'when no FPD' do
-      let(:body) { '' }
-
-      it 'returns an empty array' do
-        expect(target.full_path_disclosure_entries(path)).to eq []
-        expect(target.full_path_disclosure?(path)).to be false
-      end
-    end
-  end
-end

data/spec/shared_examples/target/server/apache.rb

@@ -1,32 +0,0 @@
-require 'spec_helper'
-
-shared_examples CMSScanner::Target::Server::Apache do
-  describe '#server' do
-    its(:server) { should eq :Apache }
-  end
-
-  describe '#directory_listing?, #directory_listing_entries' do
-    before     { stub_request(:get, target.url(path)).to_return(body: body, status: status) }
-    let(:path) { 'somedir' }
-
-    context 'when not a 200' do
-      let(:status) { 404 }
-      let(:body)   { '' }
-
-      it 'returns false and an empty array' do
-        expect(target.directory_listing?(path)).to be false
-        expect(target.directory_listing_entries(path)).to eql []
-      end
-    end
-
-    context 'when 200' do
-      let(:status) { 200 }
-      let(:body)   { File.read(File.join(fixtures, 'directory_listing', '2.2.16.html')) }
-
-      it 'returns true and the expected array' do
-        expect(target.directory_listing?(path)).to be true
-        expect(target.directory_listing_entries(path)).to eq %w(backup.php database-empty.php)
-      end
-    end
-  end
-end

data/spec/shared_examples/target/server/generic.rb

@@ -1,33 +0,0 @@
-require 'spec_helper'
-
-shared_examples CMSScanner::Target::Server::Generic do
-  describe '#server' do
-    before { stub_request(:head, target.url).to_return(headers: parse_headers_file(fixture)) }
-
-    context 'when apache headers' do
-      %w(basic.txt).each do |file|
-        context "when #{file} headers" do
-          let(:fixture) { File.join(fixtures, 'server', 'apache', file) }
-
-          its(:server) { should eq :Apache }
-        end
-      end
-    end
-
-    context 'when iis headers' do
-      %w(basic.txt).each do |file|
-        context "when #{file} headers" do
-          let(:fixture) { File.join(fixtures, 'server', 'iis', file) }
-
-          its(:server) { should eq :IIS }
-        end
-      end
-    end
-
-    context 'not detected' do
-      let(:fixture) { File.join(fixtures, 'server', 'not_detected.txt') }
-
-      its(:server) { should be nil }
-    end
-  end
-end

data/spec/shared_examples/target/server/iis.rb

@@ -1,37 +0,0 @@
-require 'spec_helper'
-
-shared_examples CMSScanner::Target::Server::IIS do
-  describe '#server' do
-    its(:server) { should eq :IIS }
-  end
-
-  describe '#directory_listing?, #directory_listing_entries' do
-    before     { stub_request(:get, target.url(path)).to_return(body: body, status: status) }
-    let(:path) { 'dir' }
-
-    context 'when not a 200' do
-      let(:status) { 404 }
-      let(:body)   { '' }
-
-      it 'returns false and an empty array' do
-        expect(target.directory_listing?(path)).to be false
-        expect(target.directory_listing_entries(path)).to eql []
-      end
-    end
-
-    context 'when 200' do
-      let(:status) { 200 }
-
-      %w(with_parent.html no_parent.html).each do |file|
-        context "when #{file} body" do
-          let(:body)   { File.read(File.join(fixtures, 'directory_listing', file)) }
-
-          it 'returns true and the expected array' do
-            expect(target.directory_listing?(path)).to be true
-            expect(target.directory_listing_entries(path)).to eq %w(sub-dir web.config)
-          end
-        end
-      end
-    end
-  end
-end

data/spec/shared_examples/views/core.rb

@@ -1,26 +0,0 @@
-
-shared_examples 'App::Views::Core' do
-  let(:controller) { CMSScanner::Controller::Core.new }
-  let(:start)      { Time.at(1_414_670_521).in_time_zone('Europe/London') }
-  let(:tpl_vars)   { { url: target_url, start_time: start } }
-
-  describe 'started' do
-    let(:view) { 'started' }
-
-    it 'outputs the expected string' do
-      @tpl_vars = tpl_vars.merge(start_memory: 10)
-    end
-  end
-
-  describe 'finished' do
-    let(:view) { 'finished' }
-
-    it 'outputs the expected string' do
-      @tpl_vars = tpl_vars.merge(
-        stop_time: Time.at(1_414_670_523).in_time_zone('Europe/London'),
-        used_memory: 100,
-        elapsed: 2
-      )
-    end
-  end
-end

data/spec/shared_examples/views/interesting_files.rb

@@ -1,36 +0,0 @@
-
-shared_examples 'App::Views::InterestingFiles' do
-  let(:controller)       { CMSScanner::Controller::InterestingFiles.new }
-  let(:tpl_vars)         { { url: target_url } }
-  let(:interesting_file) { CMSScanner::InterestingFile }
-
-  describe 'findings' do
-    let(:view) { 'findings' }
-    let(:opts) { { confidence: 10, found_by: 'Spec' } }
-
-    context 'when empty results' do
-      let(:expected_view) { 'empty' }
-
-      it 'outputs the expected string' do
-        @tpl_vars = tpl_vars.merge(findings: [])
-      end
-    end
-
-    it 'outputs the expected string' do
-      findings = CMSScanner::Finders::Findings.new
-
-      findings <<
-        interesting_file.new('F1', opts) <<
-        interesting_file.new('F2', opts.merge(references: %w(R1), interesting_entries: %w(IE1))) <<
-        interesting_file.new('F2', opts.merge(found_by: 'Spec2')) <<
-        interesting_file.new('F3',
-                             opts.merge(references: %w(R1 R2), interesting_entries: %w(IE1 IE2))) <<
-        interesting_file.new('F3', opts.merge(found_by: 'Spec2', confidence: 100)) <<
-        interesting_file.new('F3', opts.merge(found_by: 'Spec3')) <<
-        interesting_file.new('F4', opts.merge(confidence: 0)) <<
-        interesting_file.new('F4', opts.merge(confidence: 0, found_by: 'Spec2'))
-
-      @tpl_vars = tpl_vars.merge(findings: findings)
-    end
-  end
-end

data/spec/spec_helper.rb

@@ -1,43 +0,0 @@
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
-
-require 'simplecov'
-require 'rspec/its'
-require 'webmock/rspec'
-require 'active_support/time'
-
-if ENV['TRAVIS']
-  require 'coveralls'
-  SimpleCov.formatter = Coveralls::SimpleCov::Formatter
-end
-
-SimpleCov.start do
-  add_filter '/spec/'
-  add_filter 'helper'
-end
-
-# See http://betterspecs.org/
-RSpec.configure do |config|
-  config.expect_with :rspec do |c|
-    c.syntax = :expect
-  end
-end
-
-def count_files_in_dir(absolute_dir_path, files_pattern = '*')
-  Dir.glob(File.join(absolute_dir_path, files_pattern)).count
-end
-
-# Parse a file containing raw headers and return the associated Hash
-# @return [ Hash ]
-def parse_headers_file(filepath)
-  Typhoeus::Response::Header.new(File.read(filepath))
-end
-
-require 'cms_scanner'
-require 'shared_examples'
-
-SPECS            = Pathname.new(__FILE__).dirname.to_s
-CACHE            = File.join(SPECS, 'cache')
-FIXTURES         = File.join(SPECS, 'fixtures')
-FIXTURES_VIEWS   = File.join(FIXTURES, 'views')
-FIXTURES_FINDERS = File.join(FIXTURES, 'finders')
-APP_VIEWS        = File.join(CMSScanner::APP_DIR, 'views')