Log in
Log in
Log in
Book a Demo
Get Started
632.5K 457.6K 7.8K
Back to Repositories

Testing Full Path Disclosure Detection in WPScan Security Scanner

This test suite validates the Full Path Disclosure (FPD) detection functionality in WPScan’s interesting findings module. It ensures accurate identification and handling of path disclosure vulnerabilities through aggressive scanning methods.

Test Coverage Overview

The test suite comprehensively covers the FullPathDisclosure finder class functionality, focusing on aggressive scanning methods. Key test scenarios include:

  • Empty file response handling
  • Path disclosure detection in PHP files
  • URL construction and validation
  • Confidence level assignment

Implementation Analysis

The testing approach utilizes RSpec’s behavior-driven development patterns with mock objects and stubbed HTTP requests. It implements context-specific scenarios to validate the finder’s response to different file contents and server responses.

The implementation leverages RSpec’s subject/let syntax for clean test organization and uses web request stubbing for controlled testing environments.

Technical Details

Testing tools and configuration include:

  • RSpec testing framework
  • Web request stubbing via stub_request
  • Fixture-based test data
  • Subject/let patterns for test setup
  • Before hooks for request mocking

Best Practices Demonstrated

The test suite exemplifies several testing best practices including isolation of test cases, proper use of fixtures, and clear context separation. Notable practices include:

  • Structured context organization
  • Explicit expectation setting
  • Clean separation of concerns
  • Comprehensive edge case coverage

wpscanteam/wpscan

spec/app/finders/interesting_findings/full_path_disclosure_spec.rb

            
# frozen_string_literal: true

describe WPScan::Finders::InterestingFindings::FullPathDisclosure do
  subject(:finder) { described_class.new(target) }
  let(:target)     { WPScan::Target.new(url) }
  let(:url)        { 'http://ex.lo/' }
  let(:fixtures)   { FINDERS_FIXTURES.join('interesting_findings', 'fpd') }
  let(:file_url)   { target.url('wp-includes/rss-functions.php') }

  describe '#aggressive' do
    before do
      expect(target).to receive(:sub_dir).at_least(1).and_return(false)
      stub_request(:get, file_url).to_return(body: body)
    end

    context 'when empty file' do
      let(:body) { '' }

      its(:aggressive) { should be_nil }
    end

    context 'when a log file' do
      let(:body) { File.read(fixtures.join('rss_functions.php')) }

      it 'returns the InterestingFinding' do
        found = finder.aggressive

        expect(found).to eql WPScan::Model::FullPathDisclosure.new(
          file_url,
          confidence: 100,
          found_by: described_class::DIRECT_ACCESS
        )
        expect(found.interesting_entries).to eql %w[/blog/wp-includes/rss-functions.php]
      end
    end
  end
end