def _from_html_get_vulns(self):
vuln_url_re = re.compile('<b>URL:</b> (.*?)<br />')
vulns = []
for line in file(self.OUTPUT_FILE):
mo = vuln_url_re.search(line)
if mo:
url = URL(mo.group(1))
v = MockVuln('TestCase', None, 'High', 1, 'plugin')
v.set_url(url)
vulns.append(v)
return vulns
def start(self, tag, attrib):
"""
<vulnerability id="[87]" method="GET" name="Cross site scripting vulnerability"
plugin="xss" severity="Medium" url="http://moth/w3af/audit/xss/simple_xss_no_script_2.php"
var="text">
"""
if tag == "vulnerability":
name = attrib["name"]
plugin = attrib["plugin"]
v = MockVuln(name, None, "High", 1, plugin)
v.set_url(URL(attrib["url"]))
self.vulns.append(v)
def test_pickleable_vuln(self):
original_vuln = MockVuln()
kb.append('a', 'b', original_vuln)
unpickled_vuln = kb.get('a', 'b')[0]
self.assertEqual(original_vuln, unpickled_vuln)
def test_help_contents(self):
shell = ExecShell(MockVuln(), None, None)
_help = shell.help(None)
self.assertIn('execute', _help)
self.assertIn('upload', _help)
def _from_txt_get_vulns(self):
file_vulns = []
vuln_regex = 'SQL injection in a .*? was found at: "(.*?)"' \
', using HTTP method (.*?). The sent .*?data was: "(.*?)"'
vuln_re = re.compile(vuln_regex)
for line in file(self.OUTPUT_FILE):
mo = vuln_re.search(line)
if mo:
v = MockVuln('TestCase', None, 'High', 1, 'plugin')
v.set_url(URL(mo.group(1)))
v.set_method(mo.group(2))
file_vulns.append(v)
return file_vulns
def test_help_contents_specific(self):
shell = ReadShell(MockVuln(), None, None)
_help = shell.help('read')
self.assertIn('read', _help)
self.assertIn('/etc/passwd', _help)
def test_help_format(self):
shell = ExecShell(MockVuln(), None, None)
_help = shell.help(None)
self.assertFalse(_help.startswith(' '))
self.assertIn(' help', _help)
# Note that I add an extra space
self.assertNotIn(' help', _help)
def start(self, tag, attrib):
'''
<vulnerability id="[87]" method="GET" name="Cross site scripting vulnerability"
plugin="xss" severity="Medium" url="http://moth/w3af/audit/xss/simple_xss_no_script_2.php"
var="text">
'''
if tag == 'vulnerability':
name = attrib['name']
plugin = attrib['plugin']
v = MockVuln(name, None, 'High', 1, plugin)
v.set_url(URL(attrib['url']))
self.vulns.append(v)
# <body content-encoding="text">
elif tag == 'body':
content_encoding = attrib['content-encoding']
assert content_encoding == 'text'
self._inside_body = True
def start(self, tag, attrib):
'''
<vulnerability id="[87]" method="GET" name="Cross site scripting vulnerability"
plugin="xss" severity="Medium" url="http://moth/w3af/audit/xss/simple_xss_no_script_2.php"
var="text">
'''
if tag == 'vulnerability':
name = attrib['name']
plugin = attrib['plugin']
v = MockVuln(name, None, 'High', 1, plugin)
v.set_url(URL(attrib['url']))
self.vulns.append(v)
# <body content-encoding="text">
elif tag == 'body':
content_encoding = attrib['content-encoding']
assert content_encoding == 'text'
self._inside_body = True
def test_pickleable_shells(self):
pool = Pool(1)
xurllib = ExtendedUrllib()
original_shell = Shell(MockVuln(), xurllib, pool)
kb.append('a', 'b', original_shell)
unpickled_shell = kb.get('a', 'b')[0]
self.assertEqual(original_shell, unpickled_shell)
self.assertEqual(unpickled_shell.worker_pool, None)
self.assertEqual(unpickled_shell._uri_opener, None)
pool.terminate()
pool.join()
def test_pickleable_shells_get_all(self):
class FakeCore(object):
worker_pool = Pool(1)
uri_opener = ExtendedUrllib()
core = FakeCore()
original_shell = Shell(MockVuln(), core.uri_opener, core.worker_pool)
kb.append('a', 'b', original_shell)
unpickled_shell = list(kb.get_all_shells(core))[0]
self.assertEqual(original_shell, unpickled_shell)
self.assertEqual(unpickled_shell.worker_pool, core.worker_pool)
self.assertEqual(unpickled_shell._uri_opener, core.uri_opener)
core.worker_pool.terminate()
core.worker_pool.join()
def _from_txt_get_vulns(self):
file_vulns = []
vuln_regex = 'SQL injection in a .*? was found at: "(.*?)"' \
', using HTTP method (.*?). The sent .*?data was: "(.*?)"'
vuln_re = re.compile(vuln_regex)
for line in file(self.OUTPUT_FILE):
mo = vuln_re.search(line)
if mo:
v = MockVuln('TestCase', None, 'High', 1, 'plugin')
v.set_url(URL(mo.group(1)))
v.set_method(mo.group(2))
file_vulns.append(v)
return file_vulns
def __init__(self):
vuln = MockVuln()
super(FakeReadShell, self).__init__(vuln, None, None)
