Ejemplo n.º 1
0
 def test_pickleable_vuln(self):
     original_vuln = MockVuln()
     
     kb.append('a', 'b', original_vuln)
     unpickled_vuln = kb.get('a', 'b')[0]
     
     self.assertEqual(original_vuln, unpickled_vuln)
Ejemplo n.º 2
0
    def test_get_all_uniq_ids_iter(self):
        i1 = MockInfo()
        kb.append('a', 'b', i1)

        uniq_ids = [u for u in kb.get_all_uniq_ids_iter()]

        self.assertEqual(uniq_ids, [i1.get_uniq_id()])
Ejemplo n.º 3
0
    def test_kb_list_shells_rfi_port_scan_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()

        vuln = MockVuln()
        url = URL('http://moth/?a=1')
        freq = FuzzableRequest(url)
        exploit_mutant = QSMutant.create_mutants(freq, [''], [], False, {})[0]

        shell = PortScanShell(vuln, w3af_core.uri_opener, w3af_core.worker_pool,
                              exploit_mutant)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell._exploit_mutant, exploit_mutant)

        w3af_core.quit()
Ejemplo n.º 4
0
    def test_get_all_uniq_ids_iter_include_ids_false(self):
        i1 = MockInfo()
        kb.append('a', 'b', i1)

        uniq_ids = [u for u in kb.get_all_uniq_ids_iter(include_ids=[str(uuid.uuid4())])]

        self.assertEqual(uniq_ids, [])
Ejemplo n.º 5
0
    def test_get_all_uniq_ids_iter_include_ids(self):
        i1 = MockInfo()
        kb.append('a', 'b', i1)

        uniq_ids = [u for u in kb.get_all_uniq_ids_iter(include_ids=[i1.get_uniq_id()])]

        self.assertEqual(uniq_ids, [i1.get_uniq_id()])
Ejemplo n.º 6
0
    def test_get_all_uniq_ids_iter_include_ids_false(self):
        i1 = MockInfo()
        kb.append('a', 'b', i1)

        uniq_ids = [u for u in kb.get_all_uniq_ids_iter(include_ids=[str(uuid.uuid4())])]

        self.assertEqual(uniq_ids, [])
Ejemplo n.º 7
0
    def test_kb_list_shells_xpath_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        vuln = MockVuln()

        str_delim = '&'
        true_cond = ''
        use_difflib = False
        is_error_response = IsErrorResponse(vuln, w3af_core.uri_opener,
                                            use_difflib)

        shell = XPathReader(vuln, w3af_core.uri_opener,
                            w3af_core.worker_pool, str_delim, true_cond,
                            is_error_response)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell.STR_DELIM, shell.STR_DELIM)
        self.assertEqual(unpickled_shell.TRUE_COND, shell.TRUE_COND)
        self.assertEqual(unpickled_shell.is_error_resp.use_difflib, use_difflib)
        self.assertEqual(unpickled_shell.is_error_resp.url_opener,
                         w3af_core.uri_opener)

        w3af_core.quit()
Ejemplo n.º 8
0
    def test_kb_list_shells_rfi_port_scan_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()

        vuln = MockVuln()
        url = URL('http://moth/?a=1')
        freq = FuzzableRequest(url)
        exploit_mutant = QSMutant.create_mutants(freq, [''], [], False, {})[0]

        shell = PortScanShell(vuln, w3af_core.uri_opener, w3af_core.worker_pool,
                              exploit_mutant)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell._exploit_mutant, exploit_mutant)

        w3af_core.quit()
Ejemplo n.º 9
0
    def test_kb_list_shells_xpath_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        vuln = MockVuln()

        str_delim = '&'
        true_cond = ''
        use_difflib = False
        is_error_response = IsErrorResponse(vuln, w3af_core.uri_opener,
                                            use_difflib)

        shell = XPathReader(vuln, w3af_core.uri_opener,
                            w3af_core.worker_pool, str_delim, true_cond,
                            is_error_response)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell.STR_DELIM, shell.STR_DELIM)
        self.assertEqual(unpickled_shell.TRUE_COND, shell.TRUE_COND)
        self.assertEqual(unpickled_shell.is_error_resp.use_difflib, use_difflib)
        self.assertEqual(unpickled_shell.is_error_resp.url_opener,
                         w3af_core.uri_opener)

        w3af_core.quit()
Ejemplo n.º 10
0
 def test_append_save(self):
     i1 = MockInfo()
     
     kb.append('a', 'b', i1)
     kb.raw_write('a', 'b', 3)
     
     self.assertEqual(kb.raw_read('a', 'b'), 3)
Ejemplo n.º 11
0
 def test_pickleable_info(self):
     original_info = MockInfo()
     
     kb.append('a', 'b', original_info)
     unpickled_info = kb.get('a', 'b')[0]
     
     self.assertEqual(original_info, unpickled_info)
Ejemplo n.º 12
0
    def test_get_one(self):
        vuln = MockVuln()
        kb.append('a', 'b', vuln)
        kb_vuln = kb.get_one('a', 'b')

        #pylint: disable=E1103
        self.assertEqual(kb_vuln.get_uniq_id(), vuln.get_uniq_id())
        self.assertEqual(kb_vuln, vuln)
Ejemplo n.º 13
0
    def test_get_one(self):
        vuln = MockVuln()
        kb.append('a', 'b', vuln)
        kb_vuln = kb.get_one('a', 'b')

        #pylint: disable=E1103
        self.assertEqual(kb_vuln.get_uniq_id(), vuln.get_uniq_id())
        self.assertEqual(kb_vuln, vuln)
Ejemplo n.º 14
0
    def test_observer_append(self):
        observer1 = Mock()
        info = MockInfo()

        kb.add_observer(observer1)
        kb.append('a', 'b', info)

        observer1.append.assert_called_once_with('a', 'b', info,
                                                 ignore_type=False)
Ejemplo n.º 15
0
    def test_observer_append(self):
        observer1 = Mock()
        info = MockInfo()

        kb.add_observer(observer1)
        kb.append('a', 'b', info)

        observer1.append.assert_called_once_with('a', 'b', info,
                                                 ignore_type=False)
Ejemplo n.º 16
0
    def test_update_vuln(self):
        vuln = MockVuln()
        kb.append('a', 'b', vuln)
        update_vuln = copy.deepcopy(vuln)
        update_vuln.set_name('a')
        update_uniq_id = update_vuln.get_uniq_id()
        kb.update(vuln, update_vuln)

        self.assertNotEqual(update_vuln, vuln)
        self.assertEqual(update_vuln, kb.get_by_uniq_id(update_uniq_id))
Ejemplo n.º 17
0
    def test_update_info(self):
        info = MockInfo()
        kb.append('a', 'b', info)
        update_info = copy.deepcopy(info)
        update_info.set_name('a')
        update_uniq_id = update_info.get_uniq_id()
        kb.update(info, update_info)

        self.assertNotEqual(update_info, info)
        self.assertEqual(update_info, kb.get_by_uniq_id(update_uniq_id))
Ejemplo n.º 18
0
    def test_update_info(self):
        info = MockInfo()
        kb.append('a', 'b', info)
        update_info = copy.deepcopy(info)
        update_info.set_name('a')
        update_uniq_id = update_info.get_uniq_id()
        kb.update(info, update_info)

        self.assertNotEqual(update_info, info)
        self.assertEqual(update_info, kb.get_by_uniq_id(update_uniq_id))
Ejemplo n.º 19
0
    def test_update_vuln(self):
        vuln = MockVuln()
        kb.append('a', 'b', vuln)
        update_vuln = copy.deepcopy(vuln)
        update_vuln.set_name('a')
        update_uniq_id = update_vuln.get_uniq_id()
        kb.update(vuln, update_vuln)

        self.assertNotEqual(update_vuln, vuln)
        self.assertEqual(update_vuln, kb.get_by_uniq_id(update_uniq_id))
Ejemplo n.º 20
0
    def test_observer_update(self):
        observer1 = Mock()
        info = MockInfo()

        kb.add_observer(observer1)
        kb.append('a', 'b', info)
        old_info = copy.deepcopy(info)
        info.set_name('new name')
        kb.update(old_info, info)

        observer1.update.assert_called_once_with(old_info, info)
Ejemplo n.º 21
0
    def test_observer_update(self):
        observer1 = Mock()
        info = MockInfo()

        kb.add_observer(observer1)
        kb.append('a', 'b', info)
        old_info = copy.deepcopy(info)
        info.set_name('new name')
        kb.update(old_info, info)

        observer1.update.assert_called_once_with(old_info, info)
Ejemplo n.º 22
0
    def test_update_exception(self):
        vuln = MockVuln()
        kb.append('a', 'b', vuln)
        original_id = vuln.get_uniq_id()

        # Cause error by changing vuln uniq_id
        update_vuln = vuln
        update_vuln.set_name('a')
        modified_id = vuln.get_uniq_id()

        self.assertNotEqual(original_id, modified_id)
        self.assertRaises(DBException, kb.update, vuln, update_vuln)
Ejemplo n.º 23
0
 def test_append(self):
     i1 = MockInfo()
     i2 = MockInfo()
     i3 = MockInfo()
     
     kb.append('a', 'b', i1)
     kb.append('a', 'b', i1)
     kb.append('a', 'b', i1)
     kb.append('a', 'b', i2)
     kb.append('a', 'b', i3)
     
     self.assertEqual(kb.get('a', 'b'), [i1, i1, i1, i2, i3])
Ejemplo n.º 24
0
    def test_update_exception(self):
        vuln = MockVuln()
        kb.append('a', 'b', vuln)
        original_id = vuln.get_uniq_id()

        # Cause error by changing vuln uniq_id
        update_vuln = vuln
        update_vuln._uniq_id = str(uuid.uuid4())
        modified_id = vuln.get_uniq_id()

        self.assertNotEqual(original_id, modified_id)
        self.assertRaises(DBException, kb.update, vuln, update_vuln)
Ejemplo n.º 25
0
 def test_observer_all(self):
     observer = Mock()
     
     kb.add_observer(None, None, observer)
     kb.raw_write('a', 'b', 1)
     
     observer.assert_called_once_with('a', 'b', 1)
     observer.reset_mock()
     
     i = MockInfo()
     kb.append('a', 'c', i)
     observer.assert_called_with('a', 'c', i)
Ejemplo n.º 26
0
 def test_save_append(self):
     """
     Although calling raw_write and then append is highly discouraged,
     someone would want to use it.
     """
     i0 = MockInfo()
     self.assertRaises(TypeError, kb.raw_write, 'a', 'b', i0)
     
     i1 = MockInfo()
     i2 = MockInfo()
     kb.append('a', 'b', i1)
     kb.append('a', 'b', i2)
     
     self.assertEqual(kb.get('a', 'b'), [i1, i2])
Ejemplo n.º 27
0
 def test_get_by_uniq_id_duplicated_ignores_second(self):
     """
     TODO: Analyze this case, i1 and i2 have both the same ID because they
           have all the same information (this is very very uncommon in a
           real w3af run).
           
           Note that in the get_by_uniq_id call i2 is not returned.
     """
     i1 = MockInfo()
     i2 = MockInfo()
     kb.append('a', 'b', i1)
     kb.append('a', 'b', i2)
     
     i1_copy = kb.get_by_uniq_id(i1.get_uniq_id())
     self.assertEqual(i1_copy, i1)
Ejemplo n.º 28
0
 def test_pickleable_shells(self):
     pool = Pool(1)
     xurllib = ExtendedUrllib()
     
     original_shell = Shell(MockVuln(), xurllib, pool)
     
     kb.append('a', 'b', original_shell)
     unpickled_shell = kb.get('a', 'b')[0]
     
     self.assertEqual(original_shell, unpickled_shell)
     self.assertEqual(unpickled_shell.worker_pool, None)
     self.assertEqual(unpickled_shell._uri_opener, None)
     
     pool.terminate()
     pool.join()
     xurllib.end()
Ejemplo n.º 29
0
 def test_observer_location_b(self):
     observer = Mock()
     
     kb.add_observer('a', 'b', observer)
     kb.raw_write('a', 'b', 1)
     
     observer.assert_called_once_with('a', 'b', 1)
     observer.reset_mock()
     
     # Shouldn't call the observer
     kb.raw_write('a', 'xyz', 1)
     self.assertFalse(observer.called)
     
     i = MockInfo()
     kb.append('a', 'b', i)
     observer.assert_called_with('a', 'b', i)
Ejemplo n.º 30
0
    def test_types_observer(self):
        observer = Mock()
        info_inst = MockInfo()
        
        kb.add_types_observer(Info, observer)
        kb.append('a', 'b', info_inst)
        observer.assert_called_once_with('a', 'b', info_inst)
        observer.reset_mock()
        
        info_inst = MockInfo()
        kb.append('a', 'c', info_inst)
        observer.assert_called_with('a', 'c', info_inst)
        observer.reset_mock()

        # Should NOT call it because it is NOT an Info instance        
        some_int = 3
        kb.raw_write('a', 'd', some_int)
        self.assertEqual(observer.call_count, 0)
Ejemplo n.º 31
0
 def test_pickleable_shells_get_all(self):
     class FakeCore(object):
         worker_pool = Pool(1)
         uri_opener = ExtendedUrllib()
     
     core = FakeCore()
     original_shell = Shell(MockVuln(), core.uri_opener, core.worker_pool)
     
     kb.append('a', 'b', original_shell)
     unpickled_shell = list(kb.get_all_shells(core))[0]
     
     self.assertEqual(original_shell, unpickled_shell)
     self.assertEqual(unpickled_shell.worker_pool, core.worker_pool)
     self.assertEqual(unpickled_shell._uri_opener, core.uri_opener)
     
     core.worker_pool.terminate()
     core.worker_pool.join()
     core.uri_opener.end()
Ejemplo n.º 32
0
    def test_kb_list_shells_file_upload_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        exploit_url = URL('http://w3af.org/')

        shell = FileUploadShell(MockVuln(), w3af_core.uri_opener,
                                w3af_core.worker_pool, exploit_url)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell._exploit_url, shell._exploit_url)

        w3af_core.quit()
Ejemplo n.º 33
0
    def test_kb_list_shells_file_upload_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        exploit_url = URL('http://w3af.org/')

        shell = FileUploadShell(MockVuln(), w3af_core.uri_opener,
                                w3af_core.worker_pool, exploit_url)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell._exploit_url, shell._exploit_url)

        w3af_core.quit()
Ejemplo n.º 34
0
    def test_kb_list_shells_eval_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()

        shellcodes = get_shell_code('php', 'ls')
        shellcode_generator = shellcodes[0][2]

        shell = EvalShell(MockVuln(), w3af_core.uri_opener,
                          w3af_core.worker_pool, shellcode_generator)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell.shellcode_generator.args,
                         shell.shellcode_generator.args)

        w3af_core.quit()
Ejemplo n.º 35
0
    def test_kb_list_shells_eval_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()

        shellcodes = get_shell_code('php', 'ls')
        shellcode_generator = shellcodes[0][2]

        shell = EvalShell(MockVuln(), w3af_core.uri_opener,
                          w3af_core.worker_pool, shellcode_generator)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell.shellcode_generator.args,
                         shell.shellcode_generator.args)

        w3af_core.quit()
Ejemplo n.º 36
0
    def test_kb_list_shells_os_commanding_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()

        vuln = MockVuln()
        vuln['separator'] = '&'
        vuln['os'] = 'linux'
        strategy = BasicExploitStrategy(vuln)
        shell = OSCommandingShell(strategy, w3af_core.uri_opener,
                                  w3af_core.worker_pool)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell.strategy.vuln, vuln)

        w3af_core.quit()
Ejemplo n.º 37
0
    def test_kb_list_shells_os_commanding_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()

        vuln = MockVuln()
        vuln['separator'] = '&'
        vuln['os'] = 'linux'
        strategy = BasicExploitStrategy(vuln)
        shell = OSCommandingShell(strategy, w3af_core.uri_opener,
                                  w3af_core.worker_pool)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell.strategy.vuln, vuln)

        w3af_core.quit()
Ejemplo n.º 38
0
    def test_kb_list_shells_file_read_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        header_len, footer_len = 1, 1

        vuln = MockVuln()

        shell = FileReaderShell(vuln, w3af_core.uri_opener,
                                w3af_core.worker_pool, header_len, footer_len)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell._header_length, shell._header_length)
        self.assertEqual(unpickled_shell._footer_length, shell._footer_length)

        w3af_core.quit()
Ejemplo n.º 39
0
    def test_kb_list_shells_sqlmap_2181(self):
        """
        Also very related with test_pickleable_shells
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        target = Target(URL('http://w3af.org/'))
        sqlmap_wrapper = SQLMapWrapper(target, w3af_core.uri_opener)

        sqlmap_shell = SQLMapShell(MockVuln(), w3af_core.uri_opener,
                                   w3af_core.worker_pool, sqlmap_wrapper)
        kb.append('a', 'b', sqlmap_shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(sqlmap_shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertIs(unpickled_shell.sqlmap.proxy._uri_opener,
                      w3af_core.uri_opener)

        w3af_core.quit()
Ejemplo n.º 40
0
    def test_kb_list_shells_file_read_2181(self):
        """
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        header_len, footer_len = 1, 1

        vuln = MockVuln()

        shell = FileReaderShell(vuln, w3af_core.uri_opener,
                                w3af_core.worker_pool, header_len, footer_len)
        kb.append('a', 'b', shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertEqual(unpickled_shell._header_length, shell._header_length)
        self.assertEqual(unpickled_shell._footer_length, shell._footer_length)

        w3af_core.quit()
Ejemplo n.º 41
0
    def test_kb_list_shells_sqlmap_2181(self):
        """
        Also very related with test_pickleable_shells
        :see: https://github.com/andresriancho/w3af/issues/2181
        """
        w3af_core = w3afCore()
        target = Target(URL('http://w3af.org/'))
        sqlmap_wrapper = SQLMapWrapper(target, w3af_core.uri_opener)

        sqlmap_shell = SQLMapShell(MockVuln(), w3af_core.uri_opener,
                                   w3af_core.worker_pool, sqlmap_wrapper)
        kb.append('a', 'b', sqlmap_shell)

        shells = kb.get_all_shells(w3af_core=w3af_core)
        self.assertEqual(len(shells), 1)
        unpickled_shell = shells[0]

        self.assertEqual(sqlmap_shell, unpickled_shell)
        self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
        self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
        self.assertIs(unpickled_shell.sqlmap.proxy._uri_opener,
                      w3af_core.uri_opener)

        w3af_core.quit()
Ejemplo n.º 42
0
 def test_return_all_for_plugin(self):
     i1 = MockInfo()
     i2 = MockInfo()
     i3 = MockInfo()
     
     kb.append('a', 'b', i1)
     kb.append('a', 'b', i2)
     kb.append('a', 'b', i3)
     
     self.assertEqual(kb.get('a', 'b'), [i1, i2, i3])
Ejemplo n.º 43
0
    def test_all_of_info_vuln(self):
        i1 = MockInfo()
        i2 = MockInfo()

        v1 = MockVuln()
        v2 = MockVuln()

        iset = InfoSet([i2])
        vset = InfoSet([v2])

        kb.append('a', 'b', i1)
        kb.append('w', 'z', iset)
        kb.append('x', 'y', v1)
        kb.append('4', '2', vset)

        self.assertEqual(kb.get_all_vulns(), [v1, vset])
        self.assertEqual(kb.get_all_infos(), [i1, iset])
        self.assertEqual(kb.get_all_findings(), [i1, iset, v1, vset])
Ejemplo n.º 44
0
    def test_all_of_info_vuln(self):
        i1 = MockInfo()
        i2 = MockInfo()

        v1 = MockVuln()
        v2 = MockVuln()

        iset = InfoSet([i2])
        vset = InfoSet([v2])

        kb.append('a', 'b', i1)
        kb.append('w', 'z', iset)
        kb.append('x', 'y', v1)
        kb.append('4', '2', vset)

        self.assertEqual(kb.get_all_vulns(), [v1, vset])
        self.assertEqual(kb.get_all_infos(), [i1, iset])
        self.assertEqual(kb.get_all_findings(), [i1, iset, v1, vset])
Ejemplo n.º 45
0
    def test_all_of_info_exclude_ids(self):
        i1 = MockInfo()
        i2 = MockInfo()

        v1 = MockVuln()
        v2 = MockVuln()

        iset = InfoSet([i2])
        vset = InfoSet([v2])

        kb.append('a', 'b', i1)
        kb.append('w', 'z', iset)
        kb.append('x', 'y', v1)
        kb.append('4', '2', vset)

        all_findings = kb.get_all_findings()
        all_findings_except_v1 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(),))
        all_findings_except_v1_v2 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(), vset.get_uniq_id()))

        self.assertEqual(all_findings, [i1, iset, v1, vset])
        self.assertEqual(all_findings_except_v1, [i1, iset, vset])
        self.assertEqual(all_findings_except_v1_v2, [i1, iset])
Ejemplo n.º 46
0
    def test_all_of_info_exclude_ids(self):
        i1 = MockInfo()
        i2 = MockInfo()

        v1 = MockVuln()
        v2 = MockVuln()

        iset = InfoSet([i2])
        vset = InfoSet([v2])

        kb.append('a', 'b', i1)
        kb.append('w', 'z', iset)
        kb.append('x', 'y', v1)
        kb.append('4', '2', vset)

        all_findings = kb.get_all_findings()
        all_findings_except_v1 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(),))
        all_findings_except_v1_v2 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(), vset.get_uniq_id()))

        self.assertEqual(all_findings, [i1, iset, v1, vset])
        self.assertEqual(all_findings_except_v1, [i1, iset, vset])
        self.assertEqual(all_findings_except_v1_v2, [i1, iset])
Ejemplo n.º 47
0
 def test_raw_read_error(self):
     kb.append('a', 'b', MockInfo())
     kb.append('a', 'b', MockInfo())
     self.assertRaises(RuntimeError, kb.raw_read,'a', 'b')