def test_nikto():
plugin_name = "testing/scan/nikto"
csv_file = "test_nikto.csv"
print "Testing plugin: %s" % plugin_name
audit_config = AuditConfig()
audit_config.targets = ["www.example.com", "localhost"]
audit_config.include_subdomains = False
with PluginTester(audit_config=audit_config) as t:
print "Testing Nikto plugin parser..."
plugin, plugin_info = t.get_plugin(plugin_name)
Config._context._PluginContext__plugin_info = plugin_info
try:
r, c = plugin.parse_nikto_results(
BaseUrl("http://www.example.com/"), path.join(here, csv_file))
#for d in r:
#print "-" * 10
#print repr(d)
assert c == 3
assert len(r) == 5
c = defaultdict(int)
for d in r:
c[d.__class__.__name__] += 1
#print c
assert c.pop("IP") == 1
assert c.pop("Url") == 1
assert c.pop("UrlVulnerability") == 3
assert len(c) == 0
finally:
Config._context._PluginContext__plugin_info = None
print "Testing Nikto plugin against localhost..."
r = t.run_plugin(plugin_name, BaseUrl("http://localhost/"))
for d in r:
print "\t%r" % d
def test_auditdb_dump():
main_config = OrchestratorConfig()
main_config.ui_mode = "disabled"
audit_config = AuditConfig()
audit_config.targets = ["www.example.com"]
audit_config.audit_db = "sqlite://test_auditdb.db"
with PluginTester(main_config, audit_config) as t:
disk = t.audit.database
assert t.audit.name == "test_auditdb"
assert type(disk) is AuditSQLiteDB
assert disk.filename == "test_auditdb.db"
assert disk.connection_url == "sqlite://test_auditdb.db"
print "Testing the audit database dump..."
print " -> Writing..."
for x in xrange(30):
d1 = Url("http://www.example.com/" + generate_random_string())
d2 = Text(generate_random_string())
d3 = UrlDisclosure(d1)
d1.add_information(d2)
disk.add_data(d1)
disk.add_data(d2)
disk.add_data(d3)
disk.mark_plugin_finished(d1.identity, "some_plugin")
disk.mark_plugin_finished(d2.identity, "some_plugin")
disk.mark_plugin_finished(d3.identity, "some_plugin")
disk.mark_stage_finished(d1.identity, 1)
disk.mark_stage_finished(d2.identity, 2)
disk.mark_stage_finished(d3.identity, 3)
disk.add_shared_values("fake_set_id", (
"string",
u"unicode",
100,
200L,
5.0,
True,
False,
complex(1, 1),
None,
frozenset({"string", 100, 1.0}),
(None, True, False),
))
disk.put_mapped_values("fake_map_id", (
("a_string", "string"),
("a_unicode_string", u"unicode"),
("an_integer", 100),
("a_long", 200L),
("a_float", 5.0),
("a_bool", True),
("another_bool", False),
("a_complex", complex(1, 1)),
("none", None),
("a_frozenset", frozenset({"string", 100, 1.0})),
("a_tuple", (None, True, False)),
))
print " -> Dumping..."
disk.dump("test_auditdb.sql")
def do_scan_create(self, audit_config):
"""
Implementation of: /scan/create
:param audit_config: Audit configuration.
:type audit_config: dict(str -> \\*)
"""
# Load the audit configuration from the dictionary.
o_audit_config = AuditConfig()
o_audit_config.from_dictionary(audit_config)
# Create the new audit.
start_audit(o_audit_config)
def validate(audit):
audit = AuditConfig()
audit.from_dictionary({
"audit_name": audit,
"audit_db": "sqlite://%s.db" % audit,
})
disk = AuditDB(audit)
try:
# Make sure all objects completed all stages.
for stage in sorted(PluginManager.STAGES.values()):
assert disk.get_pending_data(stage) == set()
finally:
disk.close()
def helper_test_auditdb_consistency_setup(audit_name, audit_db):
main_config = OrchestratorConfig()
main_config.ui_mode = "disabled"
audit_config = AuditConfig()
audit_config.targets = ["www.example.com"]
audit_config.audit_name = audit_name
audit_config.audit_db = audit_db
with PluginTester(main_config, audit_config) as t:
print "--> Testing general consistency..."
helper_test_auditdb_general_consistency(t.audit.database)
print "--> Testing data consistency..."
for x in xrange(100):
key = generate_random_string(10)
data = generate_random_string(100)
helper_test_auditdb_data_consistency(t.audit.database, key, data)
def test_import():
print "Testing OpenVAS importer..."
orchestrator_config = OrchestratorConfig()
orchestrator_config.ui_mode = "disabled"
audit_config = AuditConfig()
audit_config.targets = ["192.168.56.101"]
audit_config.audit_db = ":memory:"
with PluginTester(orchestrator_config, audit_config) as t:
t.run_plugin("import/xml_openvas", path.join(here, "test_openvas.xml"))
results = Database.get_many( Database.keys(Data.TYPE_VULNERABILITY) )
assert len(results) == 1, len(results)
v = results[0]
assert v.level == "informational", v.level
assert v.plugin_id == "import/xml_openvas", v.plugin_id
assert "Remote web server does not reply with 404 error code." in v.description, v.description
def test():
config = OrchestratorConfig()
config.from_dictionary({
"plugins_folder":
path.abspath(path.join(here, "plugin_tests")),
"ui_mode":
"test",
})
audit = AuditConfig()
audit.from_dictionary({
"targets": [
"http://www.example.com/folder/subfolder/index.html",
],
"reports": [
"-",
],
"audit_db":
"sqlite://",
})
##audit.plugin_load_overrides = [(True, "recon/test")] # XXX DEBUG shorter run
try:
print "Launching GoLismero..."
print
t1 = time.time()
code = run(config, audit)
t2 = time.time()
print
print "GoLismero ran for %f seconds" % (t2 - t1)
print
assert code == 0
print "Validating the audit database..."
print
validate(audit.audit_name)
finally:
print "Cleaning up..."
print
try:
os.unlink("%s.db" % audit.audit_name)
except Exception:
pass
print "Done!"
def test_scope_example():
print "Testing scope with: www.example.com"
main_config = OrchestratorConfig()
main_config.ui_mode = "disabled"
main_config.use_colors = False
audit_config = AuditConfig()
audit_config.targets = ["http://www.example.com"]
audit_config.include_subdomains = True
with PluginTester(main_config, audit_config) as t:
print Config.audit_scope
for token, flag in (
(None, False),
("", False),
("www.example.com", True),
("example.com", True),
("com", False),
("subdomain.example.com", True),
("subdomain.www.example.com", True),
("www.example.org", False),
("wwwexample.com", False),
("www.wrong.com", False),
("127.0.0.1", False),
("::1", False),
("[::1]", False),
("http://www.example.com", True),
("https://example.com", True),
("ftp://ftp.example.com", True),
("mailto://[email protected]", True),
##("*****@*****.**", True),
):
assert ((token in Config.audit_scope) == flag), repr(token)
assert gethostbyname("www.example.com") in Config.audit_scope
for address in gethostbyname_ex("www.example.com")[2]:
assert address in Config.audit_scope
for register in DNS.get_a("www.example.com"):
assert register.address in Config.audit_scope
for register in DNS.get_aaaa("www.example.com"):
assert register.address in Config.audit_scope
assert "[%s]" % register.address in Config.audit_scope
for register in DNS.get_a("www.google.com"):
assert register.address not in Config.audit_scope
for register in DNS.get_aaaa("www.google.com"):
assert register.address not in Config.audit_scope
assert "[%s]" % register.address not in Config.audit_scope
def test_nikto():
DEBUG = False
##DEBUG = True
plugin_id = "testing/scan/nikto"
csv_file = "test_nikto.csv"
print "Testing plugin: %s" % plugin_id
orchestrator_config = OrchestratorConfig()
orchestrator_config.ui_mode = "console"
audit_config = AuditConfig()
audit_config.targets = ["http://www.example.com", "http://localhost"]
audit_config.include_subdomains = False
audit_config.enable_plugins = ["nikto"]
audit_config.disable_plugins = ["all"]
with PluginTester(orchestrator_config = orchestrator_config,
audit_config = audit_config) as t:
print "Testing Nikto plugin parser..."
plugin, plugin_info = t.get_plugin(plugin_id)
Config._context._PluginContext__plugin_info = plugin_info
try:
r, c = plugin.parse_nikto_results(
BaseURL("http://www.example.com/"), path.join(here, csv_file))
if DEBUG:
for d in r:
print "-" * 10
print repr(d)
assert c == 6, c
assert len(r) == 10, len(r)
c = defaultdict(int)
for d in r:
c[d.__class__.__name__] += 1
#print c
assert c.pop("IP") == 1
assert c.pop("URL") == 3
assert c.pop("UncategorizedVulnerability") == 6
assert len(c) == 0
finally:
Config._context._PluginContext__plugin_info = None
print "Testing Nikto plugin against localhost..."
r = t.run_plugin(plugin_id, BaseURL("http://localhost/"))
for d in r:
print "\t%r" % d
def test_scope_example():
print "Testing scope with: www.example.com"
main_config = OrchestratorConfig()
main_config.ui_mode = "disabled"
main_config.use_colors = False
audit_config = AuditConfig()
audit_config.targets = ["www.example.com"]
audit_config.include_subdomains = True
with PluginTester(main_config, audit_config) as t:
assert None not in Config.audit_scope
assert "" not in Config.audit_scope
assert "www.example.com" in Config.audit_scope
assert "example.com" in Config.audit_scope
assert "com" not in Config.audit_scope
assert "subdomain.example.com" in Config.audit_scope
assert "subdomain.www.example.com" in Config.audit_scope
assert "www.example.org" not in Config.audit_scope
assert "wwwexample.com" not in Config.audit_scope
assert "www.wrong.com" not in Config.audit_scope
assert "127.0.0.1" not in Config.audit_scope
assert "::1" not in Config.audit_scope
assert "[::1]" not in Config.audit_scope
assert "http://www.example.com" in Config.audit_scope
assert "https://example.com" in Config.audit_scope
assert "ftp://ftp.example.com" in Config.audit_scope
assert "mailto://[email protected]" in Config.audit_scope
## assert "*****@*****.**" in Config.audit_scope
assert gethostbyname("www.example.com") in Config.audit_scope
for address in gethostbyname_ex("www.example.com")[2]:
assert address in Config.audit_scope
for register in DNS.get_a("www.example.com"):
assert register.address in Config.audit_scope
for register in DNS.get_aaaa("www.example.com"):
assert register.address in Config.audit_scope
assert "[%s]" % register.address in Config.audit_scope
for register in DNS.get_a("www.google.com"):
assert register.address not in Config.audit_scope
for register in DNS.get_aaaa("www.google.com"):
assert register.address not in Config.audit_scope
assert "[%s]" % register.address not in Config.audit_scope
def build_config_from_cmdline():
# Get the command line parser.
parser = cmdline_parser()
# Parse the command line options.
try:
args = sys.argv[1:]
envcfg = getenv("GOLISMERO_SETTINGS")
if envcfg:
args = parser.convert_arg_line_to_args(envcfg) + args
P, V = parser.parse_known_args(args)
if P.targets:
P.targets += V
else:
P.targets = V
P.plugin_args = {}
command = P.command.upper()
if command in COMMANDS:
P.command = command
if command == "RESCAN":
P.command = "SCAN"
P.redo = True
else:
P.redo = False
else:
P.targets.insert(0, P.command)
P.command = "SCAN"
# Load the Orchestrator options.
cmdParams = OrchestratorConfig()
cmdParams.command = P.command
if P.config:
cmdParams.config_file = path.abspath(P.config)
if not path.isfile(cmdParams.config_file):
raise ValueError("File not found: %s" % cmdParams.config_file)
if cmdParams.config_file:
cmdParams.from_config_file(cmdParams.config_file,
allow_profile=True)
if P.user_config:
cmdParams.user_config_file = path.abspath(P.user_config)
if not path.isfile(cmdParams.user_config_file):
raise ValueError("File not found: %s" %
cmdParams.user_config_file)
if cmdParams.user_config_file:
cmdParams.from_config_file(cmdParams.user_config_file,
allow_profile=True)
if P.profile:
cmdParams.profile = P.profile
cmdParams.profile_file = get_profile(cmdParams.profile)
if cmdParams.profile_file:
cmdParams.from_config_file(cmdParams.profile_file)
cmdParams.from_object(P)
cmdParams.plugin_load_overrides = P.plugin_load_overrides
# Enable console colors if requested.
Console.use_colors = cmdParams.color
# Show the program banner.
parser.must_show_banner = False
if cmdParams.verbose:
show_banner()
# Load the target audit options.
auditParams = AuditConfig()
auditParams.profile = cmdParams.profile
auditParams.profile_file = cmdParams.profile_file
auditParams.config_file = cmdParams.config_file
auditParams.user_config_file = cmdParams.user_config_file
if auditParams.config_file:
auditParams.from_config_file(auditParams.config_file)
if auditParams.user_config_file:
auditParams.from_config_file(auditParams.user_config_file)
if auditParams.profile_file:
auditParams.from_config_file(auditParams.profile_file)
auditParams.from_object(P)
auditParams.plugin_load_overrides = P.plugin_load_overrides
# If importing is turned off, remove the list of imports.
# FIXME this should be done by argparse in argument order!
if P.disable_importing:
auditParams.imports = []
# If reports are turned off, remove the list of reports.
# Otherwise, if no reports are specified, default to screen report.
# FIXME this should be done by argparse in argument order!
if P.disable_reporting:
auditParams.reports = []
elif (not auditParams.reports
and (P.command != "REPORT" or not auditParams.targets)):
auditParams.reports = ["-"]
if auditParams.only_vulns is None:
auditParams.only_vulns = True
# Show exceptions as command line parsing errors.
except Exception, e:
##raise # XXX DEBUG
parser.error("arguments error: %s" % str(e))
def helper_auditdb_stress(n):
main_config = OrchestratorConfig()
main_config.ui_mode = "disabled"
audit_config = AuditConfig()
audit_config.targets = ["www.example.com"]
audit_config.audit_db = "sqlite://"
with PluginTester(main_config, audit_config) as t:
disk = t.audit.database
assert type(disk) is AuditSQLiteDB
print " Testing %d elements..." % (n * 3)
t1 = time.time()
print " -> Writing..."
for x in xrange(n):
d1 = Url("http://www.example.com/" + generate_random_string())
d2 = Text(generate_random_string())
d3 = UrlDisclosure(d1)
d1.add_information(d2)
disk.add_data(d1)
disk.add_data(d2)
disk.add_data(d3)
t2 = time.time()
print " -- Reading..."
keys = disk.get_data_keys()
assert len(keys) == (n * 3)
for key in keys:
assert disk.has_data_key(key)
data = disk.get_data(key)
assert data is not None
keys = disk.get_data_keys(Data.TYPE_INFORMATION)
assert len(keys) == n
for key in keys:
assert disk.has_data_key(key, Data.TYPE_INFORMATION)
data = disk.get_data(key, Data.TYPE_INFORMATION)
assert data is not None
assert data.data_type == Data.TYPE_INFORMATION
assert isinstance(data, Text)
keys = disk.get_data_keys(Data.TYPE_RESOURCE)
assert len(keys) == n
for key in keys:
assert disk.has_data_key(key, Data.TYPE_RESOURCE)
data = disk.get_data(key, Data.TYPE_RESOURCE)
assert data is not None
assert data.data_type == Data.TYPE_RESOURCE
assert isinstance(data, Url)
keys = disk.get_data_keys(Data.TYPE_VULNERABILITY)
assert len(keys) == n
for key in keys:
assert disk.has_data_key(key, Data.TYPE_VULNERABILITY)
data = disk.get_data(key, Data.TYPE_VULNERABILITY)
assert data is not None
assert data.data_type == Data.TYPE_VULNERABILITY
assert isinstance(data, UrlDisclosure)
t3 = time.time()
print " <- Deleting..."
for key in keys:
disk.remove_data(key)
t4 = time.time()
print " Write time: %d seconds (%f seconds per element)" % (
t2 - t1, (t2 - t1) / (n * 3.0))
print " Read time: %d seconds (%f seconds per element)" % (
t3 - t2, (t3 - t2) / (n * 3.0))
print " Delete time: %d seconds (%f seconds per element)" % (
t4 - t3, (t4 - t3) / (n * 3.0))
print " Total time: %d seconds (%f seconds per element)" % (
t4 - t1, (t4 - t1) / (n * 3.0))
def main():
# Show the program banner.
show_banner()
# Get the command line parser.
parser = cmdline_parser()
# Parse the command line options.
try:
args = sys.argv[1:]
envcfg = getenv("GOLISMERO_SETTINGS")
if envcfg:
args = parser.convert_arg_line_to_args(envcfg) + args
P = parser.parse_args(args)
# Load the Orchestrator options.
cmdParams = OrchestratorConfig()
if P.config:
cmdParams.config_file = path.abspath(P.config)
if not path.isfile(cmdParams.config_file):
raise ValueError("File not found: %r" % cmdParams.config_file)
if cmdParams.config_file:
cmdParams.from_config_file(cmdParams.config_file, allow_profile = True)
if P.profile:
cmdParams.profile = P.profile
cmdParams.profile_file = get_profile(cmdParams.profile)
if cmdParams.profile_file:
cmdParams.from_config_file(cmdParams.profile_file)
cmdParams.from_object(P)
cmdParams.plugin_load_overrides = P.plugin_load_overrides
# Load the target audit options.
auditParams = AuditConfig()
auditParams.profile = cmdParams.profile
auditParams.profile_file = cmdParams.profile_file
auditParams.config_file = cmdParams.config_file
if auditParams.config_file:
auditParams.from_config_file(auditParams.config_file)
if auditParams.profile_file:
auditParams.from_config_file(auditParams.profile_file)
auditParams.from_object(P)
auditParams.plugin_load_overrides = P.plugin_load_overrides
# If importing is turned off, remove the list of imports.
if P.disable_importing:
auditParams.imports = []
# If reports are turned off, remove the list of reports.
# Otherwise, if no reports are specified, default to screen report.
if P.disable_reporting:
auditParams.reports = []
elif not auditParams.reports:
auditParams.reports = ["-"]
# If there are no targets but there's a database,
# get the targets (scope) from the database.
if not auditParams.targets and auditParams.audit_db:
try:
cfg = AuditDB.get_config_from_closed_database(
auditParams.audit_db, auditParams.audit_name)
if cfg:
auditParams.targets = cfg.targets
auditParams.include_subdomains = cfg.include_subdomains
if cmdParams.verbose > 1:
if auditParams.targets:
print "Found the following targets in the database:"
for t in auditParams.targets:
print "--> " + t
print
except Exception:
pass
##raise # XXX DEBUG
# Show exceptions as command line parsing errors.
except Exception, e:
##raise # XXX DEBUG
parser.error(str(e))