cms_scanner 0.0.18 → 0.0.19

data/spec/app/finders/interesting_files/search_replace_db_2_spec.rb

@@ -1,53 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Finders::InterestingFiles::SearchReplaceDB2 do
-  subject(:finder) { described_class.new(target) }
-  let(:target)     { CMSScanner::Target.new(url) }
-  let(:url)        { 'http://example.com/' }
-  let(:file)       { url + 'searchreplacedb2.php' }
-  let(:fixtures)   { File.join(FIXTURES_FINDERS, 'interesting_files', 'search_replace_db_2') }
-
-  describe '#url' do
-    its(:url) { should eq file }
-  end
-
-  describe '#aggressive' do
-    after do
-      stub_request(:get, file).to_return(status: status, body: body)
-
-      expect(finder.aggressive).to eql @expected
-    end
-
-    let(:body) { '' }
-
-    context 'when 404' do
-      let(:status) { 404 }
-
-      it 'returns nil' do
-        @expected = nil
-      end
-    end
-
-    context 'when 200' do
-      let(:status) { 200 }
-
-      context 'when the body is empty' do
-        it 'returns nil' do
-          @expected = nil
-        end
-      end
-
-      context 'when the body matches' do
-        let(:body) { File.new(File.join(fixtures, 'searchreplacedb2.php')).read }
-
-        it 'returns the InterestingFile result' do
-          @expected = CMSScanner::InterestingFile.new(
-            file,
-            confidence: 100,
-            found_by: 'Search Replace Db2 (Aggressive Detection)'
-          )
-        end
-      end
-    end
-  end
-end

data/spec/app/finders/interesting_files/xml_rpc_spec.rb

@@ -1,136 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Finders::InterestingFiles::XMLRPC do
-  subject(:finder)  { described_class.new(target) }
-  let(:target)      { CMSScanner::Target.new(url) }
-  let(:url)         { 'http://e.org/' }
-  let(:xml_rpc_url) { url + 'xmlrpc.php' }
-  let(:fixtures)    { File.join(FIXTURES_FINDERS, 'interesting_files', 'xml_rpc') }
-
-  describe '#potential_urls' do
-    its(:potential_urls) { should be_empty }
-  end
-
-  describe '#passive' do
-    before do
-      expect(finder).to receive(:passive_headers).and_return(headers_stub)
-      expect(finder).to receive(:passive_body).and_return(body_stub)
-    end
-
-    context 'when both passives return nil' do
-      let(:headers_stub) { nil }
-      let(:body_stub)    { nil }
-
-      its(:passive) { should be_empty }
-    end
-
-    context 'when one passive is not nil' do
-      let(:headers_stub) { nil }
-      let(:body_stub)    { 'test' }
-
-      its(:passive) { should eq %w(test) }
-    end
-  end
-
-  describe '#passive_headers' do
-    before { stub_request(:get, url).to_return(headers: headers) }
-
-    let(:headers) { {} }
-
-    context 'when no headers' do
-      its(:passive_headers) { should be_nil }
-    end
-
-    context 'when headers' do
-      context 'when URL is out of scope' do
-        let(:headers) { { 'X-Pingback' => 'http://ex.org/yolo' } }
-
-        its(:passive_headers) { should be_nil }
-      end
-
-      context 'when URL is in scope' do
-        let(:headers) { { 'X-Pingback' => xml_rpc_url } }
-
-        it 'adds the url to #potential_urls and returns the XMLRPC' do
-          result = finder.passive_headers
-
-          expect(finder.potential_urls).to eq [xml_rpc_url]
-
-          expect(result).to be_a CMSScanner::XMLRPC
-          expect(result).to eql CMSScanner::XMLRPC.new(
-            xml_rpc_url,
-            confidence: 30,
-            found_by: 'Headers (passive detection)'
-          )
-        end
-      end
-    end
-  end
-
-  describe '#passive_body' do
-    before { stub_request(:get, url).to_return(body: body) }
-
-    context 'when no link rel="pingback" tag' do
-      let(:body) { '' }
-
-      its(:passive_body) { should be_nil }
-    end
-
-    context 'when the tag is present' do
-      context 'when the URL is out of scope' do
-        let(:body) { File.new(File.join(fixtures, 'homepage_out_of_scope_pingback.html')).read }
-
-        its(:passive_body) { should be_nil }
-      end
-
-      context 'when URL is in scope' do
-        let(:body)         { File.new(File.join(fixtures, 'homepage_in_scope_pingback.html')).read }
-        let(:expected_url) { 'http://e.org/wp/xmlrpc.php' }
-
-        it 'adds the URL to the #potential_urls and returns the XMLRPC' do
-          result = finder.passive_body
-
-          expect(finder.potential_urls).to eq [expected_url]
-
-          expect(result).to be_a CMSScanner::XMLRPC
-          expect(result).to eql CMSScanner::XMLRPC.new(
-            expected_url,
-            confidence: 30,
-            found_by: 'Link Tag (passive detection)'
-          )
-        end
-      end
-    end
-  end
-
-  describe '#aggressive' do
-    # Adds an out of scope URL which should be ignored
-    before { finder.potential_urls << 'htpp://ex.org' }
-
-    after do
-      stub_request(:get, xml_rpc_url).to_return(body: body)
-
-      expect(finder.aggressive).to eql @expected
-    end
-
-    context 'when the body does not match' do
-      let(:body) { '' }
-
-      it 'returns nil' do
-        @expected = nil
-      end
-    end
-
-    context 'when the body matches' do
-      let(:body) { File.new(File.join(fixtures, 'xmlrpc.php')).read }
-
-      it 'returns the InterestingFile result' do
-        @expected = CMSScanner::XMLRPC.new(
-          xml_rpc_url,
-          confidence: 100,
-          found_by: described_class::DIRECT_ACCESS
-        )
-      end
-    end
-  end
-end

data/spec/app/finders/interesting_files_spec.rb

@@ -1,12 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Finders::InterestingFiles::Base do
-  it_behaves_like CMSScanner::Finders::IndependentFinder do
-    let(:expected_finders) { %w(Headers RobotsTxt FantasticoFileslist SearchReplaceDB2 XMLRPC) }
-    let(:expected_finders_class) { CMSScanner::Finders::IndependentFinders }
-  end
-
-  subject(:files) { described_class.new(target) }
-  let(:target)    { CMSScanner::Target.new(url) }
-  let(:url)       { 'http://example.com/' }
-end

data/spec/app/formatters/cli_no_colour_spec.rb

@@ -1,14 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Formatter::CliNoColour do
-  subject(:formatter) { described_class.new }
-
-  its(:format)            { should eq 'cli' }
-  its(:user_interaction?) { should be true }
-
-  describe '#colorize' do
-    it 'returns the text w/o any colour' do
-      expect(formatter.red('Text')).to eq 'Text'
-    end
-  end
-end

data/spec/app/formatters/cli_spec.rb

@@ -1,30 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Formatter::Cli do
-  subject(:formatter) { described_class.new }
-
-  its(:format)            { should eq 'cli' }
-  its(:user_interaction?) { should be true }
-
-  describe '#bold, #red, #green, #amber, #blue, #colorize' do
-    it 'returns the correct bold string' do
-      expect(formatter.bold('Text')).to eq "\e[1mText\e[0m"
-    end
-
-    it 'returns the correct red string' do
-      expect(formatter.red('Text')).to eq "\e[31mText\e[0m"
-    end
-
-    it 'returns the correct green string' do
-      expect(formatter.green('Another Text')).to eq "\e[32mAnother Text\e[0m"
-    end
-
-    it 'returns the correct amber string' do
-      expect(formatter.amber('Text')).to eq "\e[33mText\e[0m"
-    end
-
-    it 'returns the correct blue string' do
-      expect(formatter.blue('Text')).to eq "\e[34mText\e[0m"
-    end
-  end
-end

data/spec/app/formatters/json_spec.rb

@@ -1,30 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Formatter::Json do
-  it_behaves_like CMSScanner::Formatter::Buffer
-
-  subject(:formatter) { described_class.new }
-  let(:output_file)   { File.join(FIXTURES, 'output.txt') }
-
-  before { formatter.views_directories << FIXTURES_VIEWS }
-
-  its(:format)            { should eq 'json' }
-  its(:user_interaction?) { should be false }
-
-  describe '#output' do
-    it 'puts the rendered text in the buffer' do
-      2.times { formatter.output('@render_me', test: 'Working') }
-
-      expect(formatter.buffer).to eq "\"test\": \"Working\",\n" * 2
-    end
-  end
-
-  describe '#beautify' do
-    it 'writes the buffer in the file' do
-      2.times { formatter.output('@render_me', test: 'yolo') }
-
-      expect($stdout).to receive(:puts).with(JSON.pretty_generate(JSON.parse('{"test": "yolo"}')))
-      formatter.beautify
-    end
-  end
-end

data/spec/app/models/fantastico_fileslist_spec.rb

@@ -1,31 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::FantasticoFileslist do
-  subject(:file) { described_class.new(url) }
-  let(:url)      { 'http://example.com/robots.txt' }
-  let(:fixtures) { File.join(FIXTURES_FINDERS, 'interesting_files', 'fantastico_fileslist') }
-
-  describe '#interesting_entries' do
-    let(:headers) { { 'Content-Type' => 'text/plain; charset=utf-8' } }
-
-    after do
-      body = File.new(File.join(fixtures, fixture)).read
-
-      stub_request(:get, file.url).to_return(headers: headers, body: body)
-
-      expect(file.interesting_entries).to eq @expected
-    end
-
-    context 'when empty or / entries' do
-      let(:fixture) { 'fantastico_fileslist.txt' }
-
-      it 'ignores them and only returns the others' do
-        @expected = %w(data.sql admin.txt)
-      end
-    end
-  end
-
-  describe '#references' do
-    its(:references) { should_not be_nil }
-  end
-end

data/spec/app/models/headers_spec.rb

@@ -1,51 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Headers do
-  subject(:file) { described_class.new(url) }
-  let(:url)      { 'http://example.com/' }
-  let(:fixtures) { File.join(FIXTURES_FINDERS, 'interesting_files', 'headers') }
-  let(:fixture)  { File.join(fixtures, 'interesting.txt') }
-  let(:headers)  { {} }
-
-  before { stub_request(:get, file.url).to_return(headers: headers) }
-
-  describe '#known_headers' do
-    it 'does not contains dupliactes' do
-      expect(file.known_headers).to eql file.known_headers.uniq
-    end
-  end
-
-  describe '#entries' do
-    after { expect(file.entries).to eq @expected if @expected }
-
-    context 'when no headers' do
-      its(:entries) { should eq({}) }
-    end
-
-    context 'when headers' do
-      let(:headers) { parse_headers_file(fixture) }
-
-      it 'returns the headers' do
-        @expected = headers
-      end
-    end
-  end
-
-  describe '#interesting_entries' do
-    after { expect(file.interesting_entries).to eq @expected if @expected }
-
-    context 'when interesting headers' do
-      let(:headers) { parse_headers_file(fixture) }
-
-      it 'returns an array with the headers' do
-        @expected = ['Server: nginx/1.1.19', 'X-Powered-By: ASP.NET, PHP', 'X-Article-Id: 12']
-      end
-    end
-
-    context 'when no interesting headers' do
-      let(:headers) { parse_headers_file(File.join(fixtures, 'no_interesting.txt')) }
-
-      its(:interesting_entries) { should eq [] }
-    end
-  end
-end

data/spec/app/models/interesting_file_spec.rb

@@ -1,69 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::InterestingFile do
-  it_behaves_like CMSScanner::Finders::Finding
-
-  subject(:file) { described_class.new(url, opts) }
-  let(:opts)     { {} }
-  let(:url)      { 'http://example.com/' }
-  let(:fixtures) { File.join(FIXTURES_FINDERS, 'interesting_files') }
-
-  describe '#entries' do
-    after do
-      stub_request(:get, file.url).to_return(headers: headers, body: @body)
-
-      expect(file.entries).to eq @expected
-    end
-
-    context 'when content-type matches text/plain' do
-      let(:headers) { { 'Content-Type' => 'text/plain; charset=utf-8' } }
-
-      it 'returns the file content as an array w/o empty strings' do
-        @body     = File.new(File.join(fixtures, 'file.txt')).read
-        @expected = ['This is', 'a test file', 'with some content']
-      end
-    end
-
-    context 'when other content-type' do
-      let(:headers) { { 'Content-Type' => 'text.html; charset=utf-8' } }
-
-      it 'returns an empty array' do
-        @expected = []
-      end
-    end
-  end
-
-  describe '#==' do
-    context 'when same URL' do
-      it 'returns true' do
-        expect(file == described_class.new(url)).to be true
-      end
-    end
-
-    context 'when not the same URL' do
-      it 'returns false' do
-        expect(file == described_class.new('http://e.org')).to be false
-      end
-    end
-  end
-
-  describe '#<=>' do
-    context 'when same URL' do
-      it 'returns 0' do
-        expect(file <=> described_class.new(url)).to eql 0
-      end
-    end
-
-    context 'when the other URL <= current one' do
-      it 'returns 1' do
-        expect(file <=> described_class.new('http://e.org')).to eql 1
-      end
-    end
-
-    context 'when the other URL >= current one' do
-      it 'returns -1' do
-        expect(file <=> described_class.new('http://exi.org/')).to eql(-1)
-      end
-    end
-  end
-end

data/spec/app/models/robots_txt_spec.rb

@@ -1,27 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::RobotsTxt do
-  subject(:file) { described_class.new(url) }
-  let(:url)      { 'http://example.com/robots.txt' }
-  let(:fixtures) { File.join(FIXTURES_FINDERS, 'interesting_files', 'robots_txt') }
-
-  describe '#interesting_entries' do
-    let(:headers) { { 'Content-Type' => 'text/plain; charset=utf-8' } }
-
-    after do
-      body = File.new(File.join(fixtures, fixture)).read
-
-      stub_request(:get, file.url).to_return(headers: headers, body: body)
-
-      expect(file.interesting_entries).to eq @expected
-    end
-
-    context 'when empty or / entries' do
-      let(:fixture) { 'robots.txt' }
-
-      it 'ignores them and only returns the others' do
-        @expected = %w(/admin /public/home)
-      end
-    end
-  end
-end