Ejemplo n.º 1
0
class TestExtendedUrllibProxy(unittest.TestCase):

    MOTH_MESSAGE = 'Welcome to the moth homepage!'

    def setUp(self):
        self.uri_opener = ExtendedUrllib()
        
        # Start the proxy daemon
        self._proxy = Proxy('127.0.0.1', 0, ExtendedUrllib(), w3afProxyHandler)
        self._proxy.start()
        self._proxy.wait_for_start()
        
        port = self._proxy.get_port()
        
        # Configure the proxy
        settings = OpenerSettings()
        options = settings.get_options()
        proxy_address_opt = options['proxy_address']
        proxy_port_opt = options['proxy_port']
        
        proxy_address_opt.set_value('127.0.0.1') 
        proxy_port_opt.set_value(port)
        
        settings.set_options(options)
        self.uri_opener.settings = settings
    
    def tearDown(self):
        self.uri_opener.end()
        
    def test_http_default_port_via_proxy(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertIn(self.MOTH_MESSAGE, http_response.body)

    def test_http_port_specification_via_proxy(self):
        url = URL('http://moth:80/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertIn(self.MOTH_MESSAGE, http_response.body)

    def test_https_via_proxy(self):
        TODO = 'Skip this test because of a strange bug with the extended'\
               ' url library and w3af\'s local proxy daemon. More info here:'\
               ' https://github.com/andresriancho/w3af/issues/183'
        raise SkipTest(TODO)
    
        url = URL('https://moth/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertIn(self.MOTH_MESSAGE, http_response.body)

    def test_offline_port_via_proxy(self):
        url = URL('http://127.0.0.1:8181/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertEqual(http_response.get_code(), 400)
    
    def test_POST_via_proxy(self):
        url = URL('http://moth/w3af/core/echo/post.php')
        http_response = self.uri_opener.POST(url, data='abc=123', cache=False)
        self.assertIn('[abc] => 123', http_response.body)
Ejemplo n.º 2
0
class TestExtendedUrllibProxy(unittest.TestCase):

    MOTH_MESSAGE = 'Welcome to the moth homepage!'

    def setUp(self):
        self.uri_opener = ExtendedUrllib()

        # Start the proxy daemon
        self._proxy = Proxy('127.0.0.1', 0, ExtendedUrllib(), w3afProxyHandler)
        self._proxy.start()
        self._proxy.wait_for_start()

        port = self._proxy.get_port()

        # Configure the proxy
        settings = OpenerSettings()
        options = settings.get_options()
        proxy_address_opt = options['proxy_address']
        proxy_port_opt = options['proxy_port']

        proxy_address_opt.set_value('127.0.0.1')
        proxy_port_opt.set_value(port)

        settings.set_options(options)
        self.uri_opener.settings = settings

    def tearDown(self):
        self.uri_opener.end()

    def test_http_default_port_via_proxy(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertIn(self.MOTH_MESSAGE, http_response.body)

    def test_http_port_specification_via_proxy(self):
        url = URL('http://moth:80/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertIn(self.MOTH_MESSAGE, http_response.body)

    def test_https_via_proxy(self):
        TODO = 'Skip this test because of a strange bug with the extended'\
               ' url library and w3af\'s local proxy daemon. More info here:'\
               ' https://github.com/andresriancho/w3af/issues/183'
        raise SkipTest(TODO)

        url = URL('https://moth/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertIn(self.MOTH_MESSAGE, http_response.body)

    def test_offline_port_via_proxy(self):
        url = URL('http://127.0.0.1:8181/')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertEqual(http_response.get_code(), 400)

    def test_POST_via_proxy(self):
        url = URL('http://moth/w3af/core/echo/post.php')
        http_response = self.uri_opener.POST(url, data='abc=123', cache=False)
        self.assertIn('[abc] => 123', http_response.body)
Ejemplo n.º 3
0
class TestXUrllib(unittest.TestCase):

    MOTH_MESSAGE = 'Welcome to the moth homepage!'

    def setUp(self):
        self.uri_opener = ExtendedUrllib()
    
    def tearDown(self):
        self.uri_opener.end()
        
    def test_basic(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url, cache=False)
        
        self.assertIn(self.MOTH_MESSAGE, http_response.body)
        
        self.assertGreaterEqual(http_response.id, 1)
        self.assertNotEqual(http_response.id, None)

    def test_cache(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url)
        self.assertTrue(self.MOTH_MESSAGE in http_response.body)

        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url)
        self.assertTrue(self.MOTH_MESSAGE in http_response.body)

    def test_qs_params(self):
        url = URL('http://moth/w3af/audit/local_file_read/local_file_read.php?file=section.txt')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertTrue('Showing the section content.' in http_response.body,
                        http_response.body)

        url = URL('http://moth/w3af/audit/local_file_read/local_file_read.php?file=/etc/passwd')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertTrue(
            'root:x:0:0:' in http_response.body, http_response.body)

    def test_POST(self):
        url = URL('http://moth/w3af/audit/xss/data_receptor2.php')
        data = DataContainer([('empresa', 'abc'), ('firstname', 'def')])
        http_response = self.uri_opener.POST(url, data, cache=False)
        self.assertTrue('def' in http_response.body, http_response.body)

    def test_POST_special_chars(self):
        url = URL('http://moth/w3af/audit/xss/data_receptor2.php')
        test_data = u'abc<def>"-á-'
        data = DataContainer([('empresa', test_data), ('firstname', 'def')])
        http_response = self.uri_opener.POST(url, data, cache=False)
        self.assertIn(test_data, http_response.body)

    def test_unknown_url(self):
        url = URL('http://longsitethatdoesnotexistfoo.com/')
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

    def test_url_port_closed(self):
        # TODO: Change 2312 by an always closed/non-http port
        url = URL('http://127.0.0.1:2312/')
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

    def test_url_port_not_http(self):
        upper_daemon = UpperDaemon(EmptyTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()

        url = URL('http://127.0.0.1:%s/' % port)
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

    def test_url_port_not_http_many(self):
        upper_daemon = UpperDaemon(EmptyTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()

        url = URL('http://127.0.0.1:%s/' % port)
        for _ in xrange(MAX_ERROR_COUNT):
            try:
                self.uri_opener.GET(url)
            except w3afMustStopByUnknownReasonExc:
                self.assertTrue(False, 'Not expecting this exception type.')
            except w3afMustStopOnUrlError:
                self.assertTrue(True)
            except w3afMustStopException:
                self.assertTrue(True)
                break
        else:
            self.assertTrue(False)

    def test_timeout(self):
        upper_daemon = UpperDaemon(TimeoutTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()
        
        url = URL('http://127.0.0.1:%s/' % port)
        
        self.uri_opener.settings.set_timeout(1)
        
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)
        
        self.uri_opener.settings.set_default_values()

    def test_timeout_many(self):
        upper_daemon = UpperDaemon(TimeoutTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()

        self.uri_opener.settings.set_timeout(1)

        url = URL('http://127.0.0.1:%s/' % port)
        
        for _ in xrange(MAX_ERROR_COUNT):
            try:
                self.uri_opener.GET(url)
            except w3afMustStopByUnknownReasonExc:
                self.assertTrue(False, 'Not expecting this exception type.')
            except w3afMustStopOnUrlError:
                self.assertTrue(True)
            except w3afMustStopException, e:
                self.assertTrue(True)
                break
        else:
Ejemplo n.º 4
0
class TestXUrllib(unittest.TestCase):

    MOTH_MESSAGE = 'Welcome to the moth homepage!'

    def setUp(self):
        self.uri_opener = ExtendedUrllib()
    
    def tearDown(self):
        self.uri_opener.end()
        
    def test_basic(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url, cache=False)
        
        self.assertIn(self.MOTH_MESSAGE, http_response.body)
        
        self.assertGreaterEqual(http_response.id, 1)
        self.assertNotEqual(http_response.id, None)

    def test_cache(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url)
        self.assertTrue(self.MOTH_MESSAGE in http_response.body)

        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url)
        self.assertTrue(self.MOTH_MESSAGE in http_response.body)

    def test_qs_params(self):
        url = URL('http://moth/w3af/audit/local_file_read/local_file_read.php?file=section.txt')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertTrue('Showing the section content.' in http_response.body,
                        http_response.body)

        url = URL('http://moth/w3af/audit/local_file_read/local_file_read.php?file=/etc/passwd')
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertTrue(
            'root:x:0:0:' in http_response.body, http_response.body)

    def test_POST(self):
        url = URL('http://moth/w3af/audit/xss/data_receptor2.php')
        data = DataContainer([('empresa', 'abc'), ('firstname', 'def')])
        http_response = self.uri_opener.POST(url, data, cache=False)
        self.assertTrue('def' in http_response.body, http_response.body)

    def test_POST_special_chars(self):
        url = URL('http://moth/w3af/audit/xss/data_receptor2.php')
        test_data = u'abc<def>"-á-'
        data = DataContainer([('empresa', test_data), ('firstname', 'def')])
        http_response = self.uri_opener.POST(url, data, cache=False)
        self.assertIn(test_data, http_response.body)

    def test_unknown_url(self):
        url = URL('http://longsitethatdoesnotexistfoo.com/')
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

    def test_stop(self):
        self.uri_opener.stop()
        url = URL('http://moth/')
        self.assertRaises(w3afMustStopByUserRequest, self.uri_opener.GET, url)

    def test_pause_stop(self):
        self.uri_opener.pause(True)
        self.uri_opener.stop()
        url = URL('http://moth/')
        self.assertRaises(w3afMustStopByUserRequest, self.uri_opener.GET, url)

    def test_pause(self):
        output = Queue.Queue()
        self.uri_opener.pause(True)

        def send(uri_opener, output):
            url = URL('http://moth/')
            http_response = uri_opener.GET(url)
            output.put(http_response)

        th = Process(target=send, args=(self.uri_opener, output))
        th.daemon = True
        th.start()

        self.assertRaises(Queue.Empty, output.get, True, 2)

    def test_pause_unpause(self):
        output = Queue.Queue()
        self.uri_opener.pause(True)

        def send(uri_opener, output):
            url = URL('http://moth/')
            http_response = uri_opener.GET(url)
            output.put(http_response)

        th = Process(target=send, args=(self.uri_opener, output))
        th.daemon = True
        th.start()

        self.assertRaises(Queue.Empty, output.get, True, 2)

        self.uri_opener.pause(False)

        http_response = output.get()
        th.join()
        
        self.assertEqual(http_response.get_code(), 200)
        self.assertIn(self.MOTH_MESSAGE, http_response.body)
    
    def test_removes_cache(self):
        url = URL('http://moth/')
        self.uri_opener.GET(url, cache=False)
        
        # Please note that this line, together with the tearDown() act as
        # a test for a "double call to end()".
        self.uri_opener.end()
        
        db_fmt = 'db_unittest-%s'
        trace_fmt = 'db_unittest-%s_traces/'
        temp_dir = get_temp_dir()
        
        for i in xrange(100):
            test_db_path = os.path.join(temp_dir, db_fmt % i)
            test_trace_path = os.path.join(temp_dir, trace_fmt % i)
            self.assertFalse(os.path.exists(test_db_path), test_db_path)
            self.assertFalse(os.path.exists(test_trace_path), test_trace_path)
    
    def test_special_char_header(self):
        url = URL('http://moth/w3af/core/header_fuzzing/cookie_echo.php')
        header_content = u'á'
        headers = Headers([('foo', header_content)])
        http_response = self.uri_opener.GET(url, cache=False, headers=headers)
        self.assertEqual(header_content, http_response.body)
Ejemplo n.º 5
0
class TestSQLMapWrapper(unittest.TestCase):
    
    SQLI_GET = 'http://moth/w3af/audit/sql_injection/select/'\
               'sql_injection_string.php?name=andres'

    SSL_SQLI_GET = 'http://moth/w3af/audit/sql_injection/select/'\
                   'sql_injection_string.php?name=andres'

    SQLI_POST = 'http://moth/w3af/audit/sql_injection/select/'\
                'sql_injection_string.php'
    
    DATA_POST = 'name=andres'
    
    def setUp(self):
        uri = URL(self.SQLI_GET)
        target = Target(uri)
        
        self.uri_opener = ExtendedUrllib()
        
        self.sqlmap = SQLMapWrapper(target, self.uri_opener)
    
    def tearDown(self):
        self.uri_opener.end()
        self.sqlmap.cleanup()
    
    @classmethod
    def setUpClass(cls):
        output_dir = os.path.join(SQLMapWrapper.SQLMAP_LOCATION, 'output')
        if os.path.exists(output_dir):
            shutil.rmtree(output_dir)

    @classmethod
    def tearDownClass(cls):
        # Doing this in both setupclass and teardownclass in order to be sure
        # that a ctrl+c doesn't break it
        output_dir = os.path.join(SQLMapWrapper.SQLMAP_LOCATION, 'output')
        if os.path.exists(output_dir):
            shutil.rmtree(output_dir)
        
    def test_verify_vulnerability(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)
    
    def test_verify_vulnerability_ssl(self):
        uri = URL(self.SSL_SQLI_GET)
        target = Target(uri)
        
        self.uri_opener = ExtendedUrllib()
        
        self.sqlmap = SQLMapWrapper(target, self.uri_opener)
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

    def test_verify_vulnerability_false(self):
        not_vuln = 'http://moth/w3af/audit/sql_injection/select/'\
                   'sql_injection_string.php?fake=invalid'
        uri = URL(not_vuln)
        target = Target(uri)
        
        self.sqlmap = SQLMapWrapper(target, self.uri_opener)
        
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertFalse(vulnerable)
        
    def test_verify_vulnerability_POST(self):
        target = Target(URL(self.SQLI_POST), self.DATA_POST)
        
        self.sqlmap = SQLMapWrapper(target, self.uri_opener)
        
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)
        
    def test_wrapper_invalid_url(self):
        self.assertRaises(TypeError, SQLMapWrapper, self.SQLI_GET, self.uri_opener)
    
    def test_stds(self):
        uri = URL(self.SQLI_GET)
        target = Target(uri)
        
        self.sqlmap = SQLMapWrapper(target, self.uri_opener)
        
        prms = ['--batch',]
        cmd, process = self.sqlmap.run_sqlmap_with_pipes(prms)
        
        self.assertIsInstance(process.stdout, file)
        self.assertIsInstance(process.stderr, file)
        self.assertIsInstance(process.stdin, file)
        self.assertIsInstance(cmd, basestring)
        
        self.assertIn('sqlmap.py', cmd)
        
    def test_target_basic(self):
        target = Target(URL(self.SQLI_GET))
        params = target.to_params()
        
        self.assertEqual(params, ["--url=%s" % self.SQLI_GET])
    
    def test_target_post_data(self):
        target = Target(URL(self.SQLI_GET), self.DATA_POST)
        params = target.to_params()
        
        self.assertEqual(params, ["--url=%s" % self.SQLI_GET,
                                  "--data=%s" % self.DATA_POST])
    
    def test_no_coloring(self):
        params = self.sqlmap.get_wrapper_params()
        self.assertIn('--disable-coloring', params)

    def test_always_batch(self):
        params = self.sqlmap.get_wrapper_params()
        self.assertIn('--batch', params)
        
    def test_use_proxy(self):
        params = self.sqlmap.get_wrapper_params()
        
        self.assertTrue(any(i.startswith('--proxy=http://127.0.0.1:') for i in params))

    def test_enable_coloring(self):
        uri = URL(self.SQLI_GET)
        target = Target(uri)
        
        sqlmap = SQLMapWrapper(target, self.uri_opener, coloring=True)
        params = sqlmap.get_wrapper_params()
        self.assertNotIn('--disable-coloring', params)
        
    def test_dbs(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)
        
        cmd, process = self.sqlmap.dbs()
        output = process.stdout.read()
        
        self.assertIn('fetching database names', output)
        self.assertIn('available databases', output)
        self.assertIn('information_schema', output)

    def test_tables(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)
        
        cmd, process = self.sqlmap.tables()
        output = process.stdout.read()
        
        self.assertIn('fetching tables for databases:', output)
        self.assertIn('Database: information_schema', output)
        self.assertIn('COLUMN_PRIVILEGES', output)

    def test_users(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)
        
        cmd, process = self.sqlmap.users()
        output = process.stdout.read()
        
        self.assertIn('debian-sys-maint', output)
        self.assertIn('localhost', output)
        self.assertIn('root', output)

    def test_dump(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)
        
        cmd, process = self.sqlmap.dump()
        output = process.stdout.read()
        
        self.assertIn('email', output)
        self.assertIn('phone', output)
        self.assertIn('address', output)
        self.assertIn('47789900', output)
        
    def test_sqlmap(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)
        
        cmd, process = self.sqlmap.direct('--dump -D w3af_test -T users')
        output = process.stdout.read()
        
        self.assertIn('email', output)
        self.assertIn('phone', output)
        self.assertIn('address', output)
        self.assertIn('47789900', output)
        
        self.assertNotIn('information_schema', output)
        self.assertNotIn('COLUMN_PRIVILEGES', output)
Ejemplo n.º 6
0
class TestXUrllib(unittest.TestCase):

    MOTH_MESSAGE = 'Welcome to the moth homepage!'

    def setUp(self):
        self.uri_opener = ExtendedUrllib()

    def tearDown(self):
        self.uri_opener.end()

    def test_basic(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url, cache=False)

        self.assertIn(self.MOTH_MESSAGE, http_response.body)

        self.assertGreaterEqual(http_response.id, 1)
        self.assertNotEqual(http_response.id, None)

    def test_cache(self):
        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url)
        self.assertTrue(self.MOTH_MESSAGE in http_response.body)

        url = URL('http://moth/')
        http_response = self.uri_opener.GET(url)
        self.assertTrue(self.MOTH_MESSAGE in http_response.body)

    def test_qs_params(self):
        url = URL(
            'http://moth/w3af/audit/local_file_read/local_file_read.php?file=section.txt'
        )
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertTrue('Showing the section content.' in http_response.body,
                        http_response.body)

        url = URL(
            'http://moth/w3af/audit/local_file_read/local_file_read.php?file=/etc/passwd'
        )
        http_response = self.uri_opener.GET(url, cache=False)
        self.assertTrue('root:x:0:0:' in http_response.body,
                        http_response.body)

    def test_POST(self):
        url = URL('http://moth/w3af/audit/xss/data_receptor2.php')
        data = DataContainer([('empresa', 'abc'), ('firstname', 'def')])
        http_response = self.uri_opener.POST(url, data, cache=False)
        self.assertTrue('def' in http_response.body, http_response.body)

    def test_POST_special_chars(self):
        url = URL('http://moth/w3af/audit/xss/data_receptor2.php')
        test_data = u'abc<def>"-á-'
        data = DataContainer([('empresa', test_data), ('firstname', 'def')])
        http_response = self.uri_opener.POST(url, data, cache=False)
        self.assertIn(test_data, http_response.body)

    def test_unknown_url(self):
        url = URL('http://longsitethatdoesnotexistfoo.com/')
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

    def test_url_port_closed(self):
        # TODO: Change 2312 by an always closed/non-http port
        url = URL('http://127.0.0.1:2312/')
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

    def test_url_port_not_http(self):
        upper_daemon = UpperDaemon(EmptyTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()

        url = URL('http://127.0.0.1:%s/' % port)
        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

    def test_url_port_not_http_many(self):
        upper_daemon = UpperDaemon(EmptyTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()

        url = URL('http://127.0.0.1:%s/' % port)
        for _ in xrange(MAX_ERROR_COUNT):
            try:
                self.uri_opener.GET(url)
            except w3afMustStopByUnknownReasonExc:
                self.assertTrue(False, 'Not expecting this exception type.')
            except w3afMustStopOnUrlError:
                self.assertTrue(True)
            except w3afMustStopException:
                self.assertTrue(True)
                break
        else:
            self.assertTrue(False)

    def test_timeout(self):
        upper_daemon = UpperDaemon(TimeoutTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()

        url = URL('http://127.0.0.1:%s/' % port)

        self.uri_opener.settings.set_timeout(1)

        self.assertRaises(w3afMustStopOnUrlError, self.uri_opener.GET, url)

        self.uri_opener.settings.set_default_values()

    def test_timeout_many(self):
        upper_daemon = UpperDaemon(TimeoutTCPHandler)
        upper_daemon.start()
        upper_daemon.wait_for_start()

        port = upper_daemon.get_port()

        self.uri_opener.settings.set_timeout(1)

        url = URL('http://127.0.0.1:%s/' % port)

        for _ in xrange(MAX_ERROR_COUNT):
            try:
                self.uri_opener.GET(url)
            except w3afMustStopByUnknownReasonExc:
                self.assertTrue(False, 'Not expecting this exception type.')
            except w3afMustStopOnUrlError:
                self.assertTrue(True)
            except w3afMustStopException, e:
                self.assertTrue(True)
                break
        else:
Ejemplo n.º 7
0
class TestSQLMapWrapper(unittest.TestCase):

    SQLI_GET = 'http://moth/w3af/audit/sql_injection/select/'\
               'sql_injection_string.php?name=andres'

    SSL_SQLI_GET = 'http://moth/w3af/audit/sql_injection/select/'\
                   'sql_injection_string.php?name=andres'

    SQLI_POST = 'http://moth/w3af/audit/sql_injection/select/'\
                'sql_injection_string.php'

    DATA_POST = 'name=andres'

    def setUp(self):
        uri = URL(self.SQLI_GET)
        target = Target(uri)

        self.uri_opener = ExtendedUrllib()

        self.sqlmap = SQLMapWrapper(target, self.uri_opener)

    def tearDown(self):
        self.uri_opener.end()
        self.sqlmap.cleanup()

    @classmethod
    def setUpClass(cls):
        output_dir = os.path.join(SQLMapWrapper.SQLMAP_LOCATION, 'output')
        if os.path.exists(output_dir):
            shutil.rmtree(output_dir)

    @classmethod
    def tearDownClass(cls):
        # Doing this in both setupclass and teardownclass in order to be sure
        # that a ctrl+c doesn't break it
        output_dir = os.path.join(SQLMapWrapper.SQLMAP_LOCATION, 'output')
        if os.path.exists(output_dir):
            shutil.rmtree(output_dir)

    def test_verify_vulnerability(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

    def test_verify_vulnerability_ssl(self):
        uri = URL(self.SSL_SQLI_GET)
        target = Target(uri)

        self.uri_opener = ExtendedUrllib()

        self.sqlmap = SQLMapWrapper(target, self.uri_opener)
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

    def test_verify_vulnerability_false(self):
        not_vuln = 'http://moth/w3af/audit/sql_injection/select/'\
                   'sql_injection_string.php?fake=invalid'
        uri = URL(not_vuln)
        target = Target(uri)

        self.sqlmap = SQLMapWrapper(target, self.uri_opener)

        vulnerable = self.sqlmap.is_vulnerable()
        self.assertFalse(vulnerable)

    def test_verify_vulnerability_POST(self):
        target = Target(URL(self.SQLI_POST), self.DATA_POST)

        self.sqlmap = SQLMapWrapper(target, self.uri_opener)

        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

    def test_wrapper_invalid_url(self):
        self.assertRaises(TypeError, SQLMapWrapper, self.SQLI_GET,
                          self.uri_opener)

    def test_stds(self):
        uri = URL(self.SQLI_GET)
        target = Target(uri)

        self.sqlmap = SQLMapWrapper(target, self.uri_opener)

        prms = [
            '--batch',
        ]
        cmd, process = self.sqlmap.run_sqlmap_with_pipes(prms)

        self.assertIsInstance(process.stdout, file)
        self.assertIsInstance(process.stderr, file)
        self.assertIsInstance(process.stdin, file)
        self.assertIsInstance(cmd, basestring)

        self.assertIn('sqlmap.py', cmd)

    def test_target_basic(self):
        target = Target(URL(self.SQLI_GET))
        params = target.to_params()

        self.assertEqual(params, ["--url=%s" % self.SQLI_GET])

    def test_target_post_data(self):
        target = Target(URL(self.SQLI_GET), self.DATA_POST)
        params = target.to_params()

        self.assertEqual(
            params, ["--url=%s" % self.SQLI_GET,
                     "--data=%s" % self.DATA_POST])

    def test_no_coloring(self):
        params = self.sqlmap.get_wrapper_params()
        self.assertIn('--disable-coloring', params)

    def test_always_batch(self):
        params = self.sqlmap.get_wrapper_params()
        self.assertIn('--batch', params)

    def test_use_proxy(self):
        params = self.sqlmap.get_wrapper_params()

        self.assertTrue(
            any(i.startswith('--proxy=http://127.0.0.1:') for i in params))

    def test_enable_coloring(self):
        uri = URL(self.SQLI_GET)
        target = Target(uri)

        sqlmap = SQLMapWrapper(target, self.uri_opener, coloring=True)
        params = sqlmap.get_wrapper_params()
        self.assertNotIn('--disable-coloring', params)

    def test_dbs(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

        cmd, process = self.sqlmap.dbs()
        output = process.stdout.read()

        self.assertIn('fetching database names', output)
        self.assertIn('available databases', output)
        self.assertIn('information_schema', output)

    def test_tables(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

        cmd, process = self.sqlmap.tables()
        output = process.stdout.read()

        self.assertIn('fetching tables for databases:', output)
        self.assertIn('Database: information_schema', output)
        self.assertIn('COLUMN_PRIVILEGES', output)

    def test_users(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

        cmd, process = self.sqlmap.users()
        output = process.stdout.read()

        self.assertIn('debian-sys-maint', output)
        self.assertIn('localhost', output)
        self.assertIn('root', output)

    def test_dump(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

        cmd, process = self.sqlmap.dump()
        output = process.stdout.read()

        self.assertIn('email', output)
        self.assertIn('phone', output)
        self.assertIn('address', output)
        self.assertIn('47789900', output)

    def test_sqlmap(self):
        vulnerable = self.sqlmap.is_vulnerable()
        self.assertTrue(vulnerable)

        cmd, process = self.sqlmap.direct('--dump -D w3af_test -T users')
        output = process.stdout.read()

        self.assertIn('email', output)
        self.assertIn('phone', output)
        self.assertIn('address', output)
        self.assertIn('47789900', output)

        self.assertNotIn('information_schema', output)
        self.assertNotIn('COLUMN_PRIVILEGES', output)