def test_parse_param(self, mock_subproc, mock_nvti, mock_db):
mock_subproc.check_output.return_value = (
'non_simult_ports = 22\nplugins_folder = /foo/bar'.encode())
w = DummyDaemon(mock_nvti, mock_db)
w.parse_param()
self.assertEqual(mock_subproc.check_output.call_count, 1)
self.assertEqual(OSPD_PARAMS, OSPD_PARAMS_OUT)
self.assertEqual(w.scan_only_params.get('plugins_folder'), '/foo/bar')
def test_get_insight_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = '<insight>some insight</insight>'
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
insight = vt.get('insight')
res = w.get_insight_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
insight)
self.assertEqual(res, out)
def test_get_severities_xml_failed(self):
w = DummyDaemon()
logging.Logger.warning = Mock()
sever = {'severity_base_vector': u"\u0006"}
w.get_severities_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
severities=sever)
assert_called_once(logging.Logger.warning)
def test_get_dependencies_xml_failed(self):
w = DummyDaemon()
logging.Logger.error = Mock()
dep = [u"\u0006"]
w.get_dependencies_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
vt_dependencies=dep)
assert_called_once(logging.Logger.error)
def test_get_severities_xml_failed(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
sever = {'severity_base_vector': u"\u0006"}
logging.Logger.warning = Mock()
w.get_severities_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
severities=sever)
if hasattr(Mock, 'assert_called_once'):
logging.Logger.warning.assert_called_once()
def test_get_mtime_xml_failed(self):
w = DummyDaemon()
logging.Logger.warning = Mock()
mtime = u'\u0006'
w.get_modification_time_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
mtime)
assert_called_once(logging.Logger.warning)
def test_get_summary_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = '<summary>some summary</summary>'
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
summary = vt.get('summary')
res = w.get_summary_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
summary)
self.assertEqual(res, out)
def test_get_affected_xml_failed(self):
w = DummyDaemon()
logging.Logger.warning = Mock()
affected = u"\u0006" + "affected"
w.get_affected_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
affected=affected)
assert_called_once(logging.Logger.warning)
def test_get_mtime_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = '<modification_time>1533906565</modification_time>'
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
mtime = vt.get('modification_time')
res = w.get_modification_time_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', mtime)
self.assertEqual(res, out)
def test_get_mtime_xml_failed(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
mtime = u'\u0006'
logging.Logger.warning = Mock()
w.get_modification_time_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
mtime)
if hasattr(Mock, 'assert_called_once'):
logging.Logger.warning.assert_called_once()
def test_get_ctime_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = '<creation_time>1237458156</creation_time>'
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
ctime = vt.get('creation_time')
res = w.get_creation_time_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
ctime)
self.assertEqual(res, out)
def test_get_dependencies_xml_failed(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
dep = [u"\u0006"]
logging.Logger.error = Mock()
w.get_dependencies_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
vt_dependencies=dep)
if hasattr(Mock, 'assert_called_once'):
logging.Logger.error.assert_called_once()
def test_get_dependencies_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = ('<dependencies><dependency vt_id="1.2.3.4"/><dependency vt'
'_id="4.3.2.1"/></dependencies>')
dep = ['1.2.3.4', '4.3.2.1']
res = w.get_dependencies_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
dep)
self.assertEqual(res, out)
def test_get_impact_xml(self):
w = DummyDaemon()
out = '<impact>some impact</impact>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
impact = vt.get('impact')
res = w.get_impact_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061', impact)
self.assertEqual(res, out)
def test_get_custom_xml_failed(self):
w = DummyDaemon()
logging.Logger.warning = Mock()
custom = {'a': u"\u0006"}
w.get_custom_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
custom=custom)
assert_called_once(logging.Logger.warning)
def test_get_detection_xml_failed(self):
w = DummyDaemon()
logging.Logger.warning = Mock()
detection = u'\u0006'
w.get_detection_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
detection)
assert_called_once(logging.Logger.warning)
def test_feed_is_healthy_true(self):
w = DummyDaemon()
w.nvti.get_nvt_count.return_value = 2
w.nvti.get_nvt_files_count.return_value = 2
w.vts = ["a", "b"]
ret = w.feed_is_healthy()
self.assertTrue(ret)
def test_get_refs_xml(self):
w = DummyDaemon()
out = '<refs><ref type="url" id="http://www.mantisbt.org/"/></refs>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
refs = vt.get('vt_refs')
res = w.get_refs_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061', refs)
self.assertEqual(res, out)
def test_get_detection_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = '<detection qod_type="remote_banner"/>'
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
detection_type = vt.get('qod_type')
res = w.get_detection_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
qod_type=detection_type)
self.assertEqual(res, out)
def test_build_alive_test_opt_fail_1(self):
w = DummyDaemon()
logging.Logger.debug = Mock()
target_options_dict = {'alive_test': 'a'}
target_options = w.build_alive_test_opt_as_prefs(target_options_dict)
assert_called_once(logging.Logger.debug)
self.assertEqual(len(target_options), 0)
def test_get_affected_xml(self):
w = DummyDaemon()
out = '<affected>some affection</affected>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
affected = vt.get('affected')
res = w.get_affected_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
affected=affected)
self.assertEqual(res, out)
def test_get_severities_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = ('<severities><severity type="cvss_base_v2">'
'AV:N/AC:L/Au:N/C:N/I:N/A:N</severity></severities>')
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
severities = vt.get('severities')
res = w.get_severities_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
severities)
self.assertEqual(res, out)
def test_build_credentials(self):
w = DummyDaemon()
cred_out = [
'1.3.6.1.4.1.25623.1.0.105058:1:entry:ESXi login name:|||username',
'1.3.6.1.4.1.25623.1.0.105058:2:password:ESXi login password:|||pass',
'auth_port_ssh|||22',
'1.3.6.1.4.1.25623.1.0.103591:1:entry:SSH login name:|||username',
'1.3.6.1.4.1.25623.1.0.103591:2:password:SSH key passphrase:|||pass',
'1.3.6.1.4.1.25623.1.0.103591:4:file:SSH private key:|||',
'1.3.6.1.4.1.25623.1.0.90023:1:entry:SMB login:|||username',
'1.3.6.1.4.1.25623.1.0.90023:2:password]:SMB password :|||pass',
'1.3.6.1.4.1.25623.1.0.105076:1:password:SNMP Community:some comunity',
'1.3.6.1.4.1.25623.1.0.105076:2:entry:SNMPv3 Username:username',
'1.3.6.1.4.1.25623.1.0.105076:3:password:SNMPv3 Password:pass',
'1.3.6.1.4.1.25623.1.0.105076:4:radio:SNMPv3 Authentication Algorithm:some auth algo',
'1.3.6.1.4.1.25623.1.0.105076:5:password:SNMPv3 Privacy Password:privacy pass',
'1.3.6.1.4.1.25623.1.0.105076:6:radio:SNMPv3 Privacy Algorithm:privacy algo',
]
cred_dict = {
'ssh': {
'type': 'ssh',
'port': '22',
'username': '******',
'password': '******',
},
'smb': {
'type': 'smb',
'username': '******',
'password': '******'
},
'esxi': {
'type': 'esxi',
'username': '******',
'password': '******',
},
'snmp': {
'type': 'snmp',
'username': '******',
'password': '******',
'community': 'some comunity',
'auth_algorithm': 'some auth algo',
'privacy_password': '******',
'privacy_algorithm': 'privacy algo',
},
}
ret = w.build_credentials_as_prefs(cred_dict)
self.assertEqual(len(ret), len(cred_out))
self.assertIn('auth_port_ssh|||22', cred_out)
self.assertIn(
'1.3.6.1.4.1.25623.1.0.90023:1:entry:SMB login:|||username',
cred_out,
)
def test_process_vts_bad_param_id(self, mock_nvti, mock_db):
vts = {
'1.3.6.1.4.1.25623.1.0.100061': {
'3': 'new value'
},
'vt_groups': ['family=debian', 'family=general'],
}
w = DummyDaemon(mock_nvti, mock_db)
w.load_vts()
ret = w.process_vts(vts)
self.assertFalse(ret[1])
def test_get_solution_xml(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
out = '<solution type="WillNotFix">some solution</solution>'
vt = w.VT['1.3.6.1.4.1.25623.1.0.100061']
solution = vt.get('solution')
solution_type = vt.get('solution_type')
res = w.get_solution_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
solution, solution_type)
self.assertEqual(res, out)
def test_get_dependencies_xml_missing_dep(self):
w = DummyDaemon()
out = ('<dependencies>'
'<dependency vt_id="1.3.6.1.4.1.25623.1.2.3.4"/>'
'</dependencies>')
dep = ['1.3.6.1.4.1.25623.1.2.3.4', 'file_name.nasl']
res = w.get_dependencies_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
dep)
self.assertEqual(res, out)
def test_get_severity_score_v2(self):
w = DummyDaemon()
vtaux = {
'severities': {
'severity_type': 'cvss_base_v2',
'severity_base_vector': 'AV:N/AC:L/Au:N/C:P/I:N/A:N',
}
}
a = w.get_severity_score(vtaux)
self.assertEqual(w.get_severity_score(vtaux), 5.0)
def test_set_params_from_openvas_settings(self, mock_openvas: Openvas):
mock_openvas.get_settings.return_value = {
'non_simult_ports': '22',
'plugins_folder': '/foo/bar',
}
w = DummyDaemon()
w.set_params_from_openvas_settings()
self.assertEqual(mock_openvas.get_settings.call_count, 1)
self.assertEqual(OSPD_PARAMS, OSPD_PARAMS_OUT)
self.assertEqual(w.scan_only_params.get('plugins_folder'), '/foo/bar')
def test_feed_is_outdated_true(self, mock_nvti, mock_db):
w = DummyDaemon(mock_nvti, mock_db)
# Mock parse_param, because feed_is_oudated() will call it.
with patch.object(w, 'parse_param', return_value=None):
with patch.object(Path, 'exists', return_value=True):
read_data = 'PLUGIN_SET = "1235";'
with patch("builtins.open",
return_value=io.StringIO(read_data)):
# Return True
w.scan_only_params['plugins_folder'] = '/foo/bar'
ret = w.feed_is_outdated('1234')
self.assertTrue(ret)
def test_get_severity_score_v3(self):
w = DummyDaemon()
vtaux = {
'severities': {
'severity_type':
'cvss_base_v3',
'severity_base_vector':
'CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L',
}
}
self.assertEqual(w.get_severity_score(vtaux), 2.9)
