Ejemplo n.º 1
0
    def test_Plugin_Calls_createAndAddHost(self, monkeypatch):
        self.plugin = NessusPlugin()
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)

        pending_actions = Queue()
        self.plugin.set_actions_queue(pending_actions)
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
        self.plugin.processReport(self.cd + '/nessus_xml')
        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions[2000][0].name == "12.233.108.201"
        assert actions.keys() == [2000, 2017, 2038, 20008]
        assert len(actions[20008]) == 1
        assert len(actions[2038]) == 1

        assert actions[2038][0].name == "Nessus SYN scanner"

        assert actions[20008][0].ports == [443]
        assert actions[20008][0].name == 'https?'
        assert actions[20008][0].protocol == 'tcp'
Ejemplo n.º 2
0
    def test_Plugin_creates_apropiate_objects(self, monkeypatch):
        self.plugin = AcunetixPlugin()
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)

        pending_actions = Queue()
        # getID will wait for faraday-server api response.
        # Since the thread model controller is not running
        # no object will be persisted.
        # The mock is to simulated the api response
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
        self.plugin.set_actions_queue(pending_actions)
        self.plugin.processReport(self.cd + '/acunetix_xml')
        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions.keys() == [2000, 20008, 2038]
        assert len(actions[2000]) == 1
        assert actions[2000][0].name == "5.175.17.140"
        assert len(actions[20008]) == 1
        assert len(actions[2038]) == 52

        assert actions[20008][0].ports == [80]
        assert actions[20008][0].name == 'http'
        assert actions[20008][0].protocol == 'tcp'

        assert "ASP.NET error message" in map(lambda vuln_web: vuln_web.name,
                                              actions[2038])
Ejemplo n.º 3
0
    def test_Plugin_Calls_createAndAddHost(self, monkeypatch):
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)
        pending_actions = Queue()
        self.plugin.set_actions_queue(pending_actions)
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)

        self.plugin.parseOutputString(self.outputTelnetLocalhost)

        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions[2000][0].name == "127.0.0.1"
        assert list(actions.keys()) == [2000, 20008]

        assert len(actions[2000]) == 1
        assert len(actions[20008]) == 1
Ejemplo n.º 4
0
    def test_Plugin_creates_apropiate_objects(self, monkeypatch):
        self.plugin = NexposeFullPlugin()
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)
        pending_actions = Queue()
        self.plugin.set_actions_queue(pending_actions)
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
        self.plugin.processReport(self.cd + '/nexpose_full_xml')

        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions[2000][0].name == "192.168.1.1"
        assert actions.keys() == [2000, 2017, 2019, 2038, 20008]

        assert len(actions[2000]) == 8
        assert len(actions[20008]) == 20
        assert len(actions[2027]) == 0
        assert len(actions[2038]) == 403
        assert len(actions[2039]) == 0
Ejemplo n.º 5
0
    def test_Plugin_creates_adecuate_objects(self, monkeypatch):
        # Disable deprecation warnings
        import deprecation
        monkeypatch.setattr(deprecation.warnings, 'warn',
                            lambda *a, **kw: None)

        self.plugin = BurpPlugin()
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)
        pending_actions = Queue()
        self.plugin.set_actions_queue(pending_actions)
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
        self.plugin.processReport(self.cd + '/burp_xml')
        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions[2000][0].name == "200.20.20.201"
        assert list(actions.keys()) == [2000, 20008, 2038]
        assert len(actions[20008]) == 14
        assert len(actions[2038]) == 14

        assert all(
            'http' == name
            for name in map(lambda service: service.name, actions[20008]))
        assert all([80] == ports for ports in map(
            lambda service: service.getPorts(), actions[20008]))
        assert all('tcp' == protocol for protocol in map(
            lambda service: service.protocol, actions[20008]))
        assert all(
            'open'
            for status in map(lambda service: service.status, actions[20008]))
Ejemplo n.º 6
0
 def register_factorties(self, monkeypatch):
     factory.register(Host)
     factory.register(Service)
     factory.register(Vuln)
     factory.register(VulnWeb)
     factory.register(Note)
     factory.register(Credential)
     self.pending_actions = Queue()
     self.plugin.set_actions_queue(self.pending_actions)
     monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
Ejemplo n.º 7
0
    def test_Plugin_Calls_createAndAddHost(self, monkeypatch):
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)
        pending_actions = Queue()
        self.plugin.set_actions_queue(pending_actions)
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)

        # Disable deprecation warnings
        import deprecation
        monkeypatch.setattr(deprecation.warnings, 'warn',
                            lambda *a, **kw: None)

        self.plugin.parseOutputString(self.outputWhoisInfobyte)

        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions[2000][0].name == "205.251.196.172"
        assert list(actions.keys()) == [2000]

        assert len(actions[2000]) == 8


# I'm Py3