cms_scanner 0.0.18 → 0.0.19

data/spec/lib/vulnerability_spec.rb

@@ -1,27 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::Vulnerability do
-  subject(:vuln)   { described_class.new(title) }
-  let(:title)      { 'Test Vuln' }
-
-  describe '#new' do
-    its(:title)      { should eql title }
-    its(:references) { should eql({}) }
-    its(:type)       { should eql nil }
-    its(:fixed_in)   { should eql nil }
-  end
-
-  describe '#==' do
-    context 'when te same vuln' do
-      it 'returns true' do
-        expect(vuln).to eq vuln.dup
-      end
-    end
-
-    context 'when not equal' do
-      it 'returns false' do
-        expect(vuln).to_not eq described_class.new('not eq')
-      end
-    end
-  end
-end

data/spec/lib/web_site_spec.rb

@@ -1,121 +0,0 @@
-require 'spec_helper'
-
-describe CMSScanner::WebSite do
-  subject(:web_site) { described_class.new(url, opts) }
-  let(:url)          { 'http://e.org' }
-  let(:opts)         { {} }
-
-  describe '#url=' do
-    context 'when the url is incorrect' do
-      after do
-        expect { web_site.url = @url }.to raise_error Addressable::URI::InvalidURIError
-      end
-
-      it 'raises an error if empty' do
-        @url = ''
-      end
-
-      it 'raises an error if wrong format' do
-        @url = 'jj'
-      end
-    end
-
-    context 'when valid' do
-      it 'creates an Addressable object and adds a traling slash' do
-        web_site.url = 'http://site.com'
-
-        expect(web_site.url).to eq('http://site.com/')
-        expect(web_site.uri).to be_a Addressable::URI
-      end
-    end
-  end
-
-  describe '#url' do
-    context 'when no path argument' do
-      its(:url) { should eql 'http://e.org/' }
-    end
-
-    context 'when a path argument' do
-      it 'appends the path' do
-        expect(web_site.url('file.txt')).to eql "#{url}/file.txt"
-      end
-
-      it 'encodes the path' do
-        expect(web_site.url('f ile.txt')).to eql "#{url}/f%20ile.txt"
-        expect(web_site.url('s/a%.txt')).to eql "#{url}/s/a%25.txt"
-        expect(web_site.url('#file.txt#')).to eql "#{url}/%23file.txt%23"
-      end
-
-      context 'when relative path' do
-        let(:url) { 'http://e.org/dir/' }
-
-        it 'appends it from the host/domain' do
-          expect(web_site.url('/sub/file.txt')).to eql 'http://e.org/sub/file.txt'
-        end
-      end
-    end
-  end
-
-  describe '#opts' do
-    its(:opts) { should eql({}) }
-
-    context 'when opts' do
-      let(:opts) { { test: 'mm' } }
-
-      its(:opts) { should eql opts }
-    end
-  end
-
-  describe '#online?, #http_auth?, #access_forbidden?, #proxy_auth?' do
-    before { stub_request(:get, web_site.url(path)).to_return(status: status) }
-
-    [nil, 'file-path.txt'].each do |p|
-      context "when path = #{p}" do
-        let(:path) { p }
-
-        context 'when response status is a 200' do
-          let(:status) { 200 }
-
-          it 'is considered fine' do
-            expect(web_site.online?(path)).to be true
-            expect(web_site.http_auth?(path)).to be false
-            expect(web_site.access_forbidden?(path)).to be false
-            expect(web_site.proxy_auth?(path)).to be false
-          end
-        end
-
-        context 'when offline' do
-          let(:status) { 0 }
-
-          it 'returns false' do
-            expect(web_site.online?(path)).to be false
-          end
-        end
-
-        context 'when http auth required' do
-          let(:status) { 401 }
-
-          it 'returns true' do
-            expect(web_site.http_auth?(path)).to be true
-          end
-        end
-
-        context 'when access is forbidden' do
-          let(:status) { 403 }
-
-          it 'return true' do
-            expect(web_site.access_forbidden?(path)).to be true
-          end
-        end
-
-        context 'when proxy auth required' do
-          let(:status) { 407 }
-
-          it 'returns true' do
-            expect(web_site.proxy_auth?(path)).to be true
-          end
-        end
-      end
-    end
-  end
-end

data/spec/output/core/finished.cli_no_colour

@@ -1,3 +0,0 @@
-[+] Finished: Thu Oct 30 12:02:03 2014
-[+] Memory used: 100 B
-[+] Elapsed time: 00:00:02

data/spec/output/core/finished.json

@@ -1,5 +0,0 @@
-{
-  "stop_time": 1414670523,
-  "elapsed": 2,
-  "used_memory": 100
-}

data/spec/output/core/started.cli_no_colour

@@ -1,3 +0,0 @@
-[+] URL: http://e.org/
-[+] Started: Thu Oct 30 12:02:01 2014
-

data/spec/output/core/started.json

@@ -1,5 +0,0 @@
-{
-  "start_time": 1414670521,
-  "start_memory": 10,
-  "target_url": "http://e.org/"
-}

data/spec/output/interesting_files/empty.cli_no_colour

@@ -1,2 +0,0 @@
-Interesting Findings: 0
-

data/spec/output/interesting_files/empty.json

@@ -1,5 +0,0 @@
-{
-  "interesting_files": [
-
-  ]
-}

data/spec/output/interesting_files/findings.cli_no_colour

@@ -1,30 +0,0 @@
-Interesting Findings: 4
-
-[+] F1
- | Confidence: 10%
- | Found By: Spec
-
-[+] F2
- | Confidence: 13%
- | Found By: Spec
- | Confirmed By: Spec2, 10% confidence
- | Reference: R1
- | Interesting Entry: IE1
-
-[+] F3
- | Confidence: 100%
- | Found By: Spec
- | Confirmed By:
- |  - Spec2, 100% confidence
- |  - Spec3, 10% confidence
- | References:
- |  - R1
- |  - R2
- | Interesting Entries:
- |  - IE1
- |  - IE2
-
-[+] F4
- | Found By: Spec
- | Confirmed By: Spec2
-

data/spec/output/interesting_files/findings.json

@@ -1,75 +0,0 @@
-{
-  "interesting_files": [
-    {
-      "F1": {
-        "found_by": "Spec",
-        "confidence": 10,
-        "confirmed_by": [
-
-        ],
-        "references": [
-
-        ],
-        "interesting_entries": [
-
-        ]
-      },
-      "F2": {
-        "found_by": "Spec",
-        "confidence": 13,
-        "confirmed_by": [
-          {
-            "Spec2": {
-              "confidence": 10
-            }
-          }
-        ],
-        "references": [
-          "R1"
-        ],
-        "interesting_entries": [
-          "IE1"
-        ]
-      },
-      "F3": {
-        "found_by": "Spec",
-        "confidence": 100,
-        "confirmed_by": [
-          {
-            "Spec2": {
-              "confidence": 100
-            },
-            "Spec3": {
-              "confidence": 10
-            }
-          }
-        ],
-        "references": [
-          "R1",
-          "R2"
-        ],
-        "interesting_entries": [
-          "IE1",
-          "IE2"
-        ]
-      },
-      "F4": {
-        "found_by": "Spec",
-        "confidence": 0,
-        "confirmed_by": [
-          {
-            "Spec2": {
-              "confidence": 0
-            }
-          }
-        ],
-        "references": [
-
-        ],
-        "interesting_entries": [
-
-        ]
-      }
-    }
-  ]
-}

data/spec/shared_examples.rb

@@ -1,11 +0,0 @@
-require 'shared_examples/browser_actions'
-require 'shared_examples/formatter_buffer'
-require 'shared_examples/formatter_class_methods'
-require 'shared_examples/finding'
-require 'shared_examples/independent_finder'
-require 'shared_examples/target/platform/php'
-require 'shared_examples/target/server/generic'
-require 'shared_examples/target/server/apache'
-require 'shared_examples/target/server/iis'
-require 'shared_examples/views/core'
-require 'shared_examples/views/interesting_files'

data/spec/shared_examples/browser_actions.rb

@@ -1,30 +0,0 @@
-
-shared_examples CMSScanner::Browser::Actions do
-  let(:url)     { 'http://example.com/file.txt' }
-  let(:browser) { CMSScanner::Browser }
-
-  describe '#get, #post, #head' do
-    [:get, :post, :head].each do |method|
-      it 'calls the method and returns a Typhoeus::Response' do
-        stub_request(method, url)
-
-        expect(browser.send(method, url)).to be_a Typhoeus::Response
-      end
-    end
-  end
-
-  describe '#get_and_follow_location' do
-    let(:redirection) { 'http://redirect.me' }
-
-    it 'follows the location' do
-      stub_request(:get, url).to_return(status: 301, headers: { location: redirection })
-      stub_request(:get, redirection).to_return(status: 200, body: 'Got me')
-
-      response = browser.get_and_follow_location(url)
-      expect(response).to be_a Typhoeus::Response
-      # Line below is not working due to an issue in Typhoeus/Webmock
-      # See https://github.com/typhoeus/typhoeus/issues/279
-      # expect(response.body).to eq 'Got me'
-    end
-  end
-end

data/spec/shared_examples/finding.rb

@@ -1,54 +0,0 @@
-
-shared_examples CMSScanner::Finders::Finding do
-  [:references, :confirmed_by, :interesting_entries].each do |opt|
-    describe "##{opt}" do
-      its(opt) { should eq [] }
-
-      context 'when supplied in the #new' do
-        let(:opts) { { opt => 'test' } }
-
-        its(opt) { should eq 'test' }
-      end
-    end
-  end
-
-  describe '#confidence, #confidence=' do
-    its(:confidence) { should eql 0 }
-
-    context 'when already set' do
-      before { subject.confidence = 10 }
-
-      its(:confidence) { should eql 10 }
-    end
-  end
-
-  describe '#parse_finding_options' do
-    xit
-  end
-
-  describe '#eql?' do
-    before do
-      subject.confidence = 10
-      subject.found_by = 'test'
-    end
-
-    context 'when eql' do
-      it 'returns true' do
-        expect(subject).to eql subject
-      end
-    end
-
-    context 'when not eql' do
-      it 'returns false' do
-        other = subject.dup
-        other.confidence = 20
-
-        expect(subject).to_not eql other
-      end
-    end
-  end
-
-  describe '#<=>' do
-    # Handled in spc/app/models/interesting_files_spec
-  end
-end

data/spec/shared_examples/formatter_buffer.rb

@@ -1,6 +0,0 @@
-
-shared_examples CMSScanner::Formatter::Buffer do
-  describe '#buffer' do
-    its(:buffer) { should be_empty }
-  end
-end

data/spec/shared_examples/formatter_class_methods.rb

@@ -1,26 +0,0 @@
-
-shared_examples CMSScanner::Formatter::ClassMethods do
-  describe '#load' do
-    context 'w/o parameter' do
-      it 'loads the default formatter' do
-        expect(subject.load).to be_a subject::Cli
-      end
-    end
-
-    it 'loads the correct formatter' do
-      expect(subject.load('cli_no_colour')).to be_a subject::CliNoColour
-    end
-
-    it 'adds the custom_views' do
-      formatter = subject.load(nil, %w(/path/views1 /path2/views))
-
-      expect(formatter.views_directories).to include('/path/views1', '/path2/views')
-    end
-  end
-
-  describe '#availables' do
-    it 'returns the right list' do
-      expect(subject.availables).to match_array(%w(json cli-no-colour cli))
-    end
-  end
-end

data/spec/shared_examples/independent_finder.rb

@@ -1,31 +0,0 @@
-
-shared_examples CMSScanner::Finders::IndependentFinder do
-  describe '::find' do
-    it 'creates a new object and call finders#find' do
-      created = described_class.new(target)
-
-      expect(described_class).to receive(:new).and_return(created)
-      expect(created).to receive(:find)
-
-      described_class.find(target)
-    end
-  end
-
-  describe '#find' do
-    it 'calls finders#run' do
-      expect(subject.finders).to receive(:run).with({})
-      subject.find
-    end
-  end
-
-  describe '#finders' do
-    its(:finders) { should be_a expected_finders_class }
-
-    it 'returns the correct finders' do
-      finders = subject.finders
-
-      expect(finders.size).to eq expected_finders.size
-      expect(finders.map { |f| f.class.to_s.demodulize }).to eq expected_finders
-    end
-  end
-end