def test_protocol_fuzzer_coap_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() if "CoAP_TEST_SERVERS" not in config or not config["CoAP_TEST_SERVERS"]: print( "[!] No remote CoAP servers - remote tests not performed for CoAP!" ) return test_server_ip = config["COMMON"]["DEFAULT_IP"] coap_servers = ["aiocoap"] for coap_server in coap_servers: port = config["CoAP_TEST_SERVERS"][coap_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "-P", "CoAP", "-HD", "-C", "cotopaxi/fuzzing_corpus/coap_minimal", ], ) self.assertIn(" Payload ", output) self.assertIn("Finished protocol fuzzing", output) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output)
def test_protocol_fuzzer_dtls_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] if "DTLS_TEST_SERVERS" not in config or not config["DTLS_TEST_SERVERS"]: print( "No remote DTLS servers - remote tests not performed for DTLS!" ) return dtls_servers = ["gnutls"] for dtls_server in dtls_servers: port = config["DTLS_TEST_SERVERS"][dtls_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "-P", "DTLS", "-HD", "-C", "cotopaxi/fuzzing_corpus/dtls_minimal", ], ) self.assertIn(" Payload ", output) self.assertIn("Finished protocol fuzzing", output) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output)
def test_server_fingerprinter_dtls_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] if "DTLS_TEST_SERVERS" not in config or not config["DTLS_TEST_SERVERS"]: print("No remote DTLS servers - remote tests not performed for DTLS!") return dtls_servers = [ "gnutls", "goldy", "libressl", "matrix", "mbed", "openssl", "tinydtls", ] exceptions = {"goldy": "mbed tls (~2.4)"} for dtls_server in dtls_servers: port = config["DTLS_TEST_SERVERS"][dtls_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output(main, [test_server_ip, port, "-P", "DTLS"]) if dtls_server.lower() in exceptions.keys(): dtls_server = exceptions[dtls_server.lower()] self.assertIn(" is using ", output) self.assertIn(dtls_server, output.lower()) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output)
def test_service_ping_pos(self): local_ip = get_local_ip() print ("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] print ("test_server_ip: {}".format(test_server_ip)) test_params = TestParams() test_params.dst_endpoint.ip_addr = test_server_ip test_servers_proto = defaultdict(list) list_test_servers = load_test_servers_list() for server in list_test_servers: test_servers_proto[server["protocol"]].append(server) for proto in test_servers_proto: # print("{} : {}".format(proto, test_servers_proto[proto])) test_params.protocol = Protocol[proto] for server in test_servers_proto[proto]: if server["ping"]: test_params.dst_endpoint.port = int(server["port"]) result = service_ping(test_params) if "version" in server: server_name = "{} {}".format(server["name"], server["version"]) message = "Server: {} port: {} result: {}".format( server_name, test_params.dst_endpoint.port, result ) print (message) self.assertTrue(result, message + " (not responding to ping)")
class CotopaxiToolTester(object): config = load_test_servers() test_servers = load_test_servers_list() print("Loaded test servers") local_ip = get_local_ip() def __init__(self, *args, **kwargs): self.main = None @classmethod def setUpClass(cls): try: scrap_output(check_caps(), []) except SystemExit: exit( "This test suite requires admin permissions on network interfaces.\n" "On Linux and Unix run it with sudo, use root account (UID=0) " "or add CAP_NET_ADMIN, CAP_NET_RAW manually!\n" "On Windows run as Administrator.") @timeout_decorator.timeout(5) def test_main_help(self): output = scrap_output(self.main, ["-h"]) self.assertIn("optional arguments", output) self.assertIn("show this help message and exit", output)
def test_get_local_ip_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) print("len(ip): {}".format(len(local_ip))) print("ip.count('.'): {}".format(local_ip.count("."))) self.assertIsNotNone(local_ip) self.assertGreater(len(local_ip), 7) self.assertEqual(local_ip.count("."), 3)
def test_resource_listing_coap_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() if "CoAP_TEST_SERVERS" not in config or not config["CoAP_TEST_SERVERS"]: print("No remote CoAP servers - remote tests not performed!") return test_server_ip = config["COMMON"]["DEFAULT_IP"] port = config["CoAP_TEST_SERVERS"]["coapthon_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "cotopaxi/lists/urls/short_url_list.txt", "-P", "CoAP", ], ) self.assertIn("Url |big| received code |2_05| on server", output) self.assertIn("Url |test| is not available on server", output) output = scrap_output( main, [ test_server_ip, port, "cotopaxi/lists/urls/short_url_list.txt", "-M", "ALL", "-P", "CoAP", ], ) self.assertIn("for method GET", output) self.assertIn("for method POST", output) self.assertIn("for method PUT", output) self.assertIn("for method DELETE", output) output = scrap_output( main, [ test_server_ip, port, "cotopaxi/lists/urls/short_url_list.txt", "-M", "PUT", "DELETE", "-P", "CoAP", ], ) self.assertNotIn("for method GET", output) self.assertNotIn("for method POST", output) self.assertIn("for method PUT", output) self.assertIn("for method DELETE", output)
class CotopaxiToolTester(object): config = load_test_servers() test_servers = load_test_servers_list() print("Loaded test servers") local_ip = get_local_ip() def __init__(self, *args, **kwargs): self.main = None @timeout_decorator.timeout(5) def test_main_help_pos(self): output = scrap_output(self.main, ["-h"]) self.assertIn("optional arguments", output) self.assertIn("show this help message and exit", output)
def test_vuln_tester_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] mqtt_servers = ["FLUENTBIT"] for mqtt_server in mqtt_servers: port = config["MQTT_TEST_SERVERS"][mqtt_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output(main, [test_server_ip, port, "-P", "MQTT", "-HD"]) self.assertIn("Total number of vulnerable endpoints: 1", output) self.assertIn("vuln: FLUENTBIT_000'", output)
def test_active_scanner(self): local_ip = get_local_ip() print ("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] dtls_servers = ["goldy"] for dtls_server in dtls_servers: port = config["DTLS_TEST_SERVERS"][dtls_server + "_port"] print ("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output(main, [test_server_ip, port, "-P", "DTLS"]) self.assertIn("Finished active security scanning", output) self.assertIn("Starting scan: supported_protocol_versions", output) self.assertIn("Supported protocol versions", output)
def test_protocol_fuzzer_mqtt_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() if "MQTT_TEST_SERVERS" not in config or not config["MQTT_TEST_SERVERS"]: print( "[!] No remote MQTT servers - remote tests not performed for MQTT!" ) return test_server_ip = config["COMMON"]["DEFAULT_IP"] mqtt_servers = ["mosquitto"] for mqtt_server in mqtt_servers: port = config["MQTT_TEST_SERVERS"][mqtt_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "-P", "MQTT", "-HD", "-C", "cotopaxi/fuzzing_corpus/mqtt_minimal", ], ) self.assertIn(" Payload ", output) self.assertIn("Finished protocol fuzzing", output) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output) output = scrap_output( main, [ "127.0.0.1", "5353", "-P", "mDNS", "-C", "cotopaxi/fuzzing_corpus/mdns_minimal", ], ) # print "\n" + 30 * "-" + "\n" + output + "\n" + 30 * "-" + "\n" self.assertIn("Fuzzing stopped", output)
def test_vuln_tester_neg(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] coap_servers = ["aiocoap"] for coap_server in coap_servers: port = config["CoAP_TEST_SERVERS"][coap_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "-P", "CoAP", "-HD", "--vuln", "COAPTHON3_000" ], ) self.assertIn(" is NOT vulnerable to ", output)
def test_server_fingerprinter_coap_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] if "CoAP_TEST_SERVERS" not in config or not config["CoAP_TEST_SERVERS"]: print("No remote CoAP servers - remote tests not performed!") return coap_servers = ["aiocoap", "coapthon", "freecoap", "wakaama"] for coap_server in coap_servers: port = config["CoAP_TEST_SERVERS"][coap_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output(main, [test_server_ip, port, "-P", "CoAP"]) self.assertIn(" is using ", output) self.assertIn(coap_server, output.lower()) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output)
def test_active_scanner_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] if "DTLS_TEST_SERVERS" not in config: print("No remote DTLS servers - remote tests not performed!") return dtls_servers = ["matrix"] for dtls_server in dtls_servers: port = config["DTLS_TEST_SERVERS"][dtls_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output(main, [test_server_ip, port, "-P", "DTLS"]) self.assertIn("PSK_WITH_AES_256_CBC_SHA384", output) self.assertIn("DTLS_1_1 (0xfefd)", output) self.assertIn("NULL (0x0000)", output) self.assertIn("Finished active security scanning", output) self.assertIn("Starting scan: supported_protocol_versions", output) self.assertIn("Supported protocol versions", output)
def test_server_fingerprinter_pos(self): local_ip = get_local_ip() print("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] coap_servers = ["aiocoap", "coapthon", "freecoap", "wakaama"] for coap_server in coap_servers: port = config["CoAP_TEST_SERVERS"][coap_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output(main, [test_server_ip, port, "-P", "CoAP"]) self.assertIn(" is using ", output) self.assertIn(coap_server, output.lower()) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output) dtls_servers = [ "gnutls", "goldy", "libressl", "matrix", "mbed", "openssl", "tinydtls", ] exceptions = {"goldy": "mbed tls (~2.4)"} for dtls_server in dtls_servers: port = config["DTLS_TEST_SERVERS"][dtls_server + "_port"] print("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output(main, [test_server_ip, port, "-P", "DTLS"]) if dtls_server.lower() in exceptions.keys(): dtls_server = exceptions[dtls_server.lower()] self.assertIn(" is using ", output) self.assertIn(dtls_server, output.lower()) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output)
def test_protocol_fuzzer(self): local_ip = get_local_ip() print ("ip: {}".format(local_ip)) config = load_test_servers() test_server_ip = config["COMMON"]["DEFAULT_IP"] coap_servers = ["aiocoap"] for coap_server in coap_servers: port = config["CoAP_TEST_SERVERS"][coap_server + "_port"] print ("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "-P", "CoAP", "-HD", "-C", "cotopaxi/fuzzing_corpus/coap_minimal", ], ) self.assertIn(" Payload ", output) self.assertIn("Finished protocol fuzzing", output) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output) dtls_servers = ["gnutls"] for dtls_server in dtls_servers: port = config["DTLS_TEST_SERVERS"][dtls_server + "_port"] print ("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "-P", "DTLS", "-HD", "-C", "cotopaxi/fuzzing_corpus/dtls_minimal", ], ) self.assertIn(" Payload ", output) self.assertIn("Finished protocol fuzzing", output) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output) mqtt_servers = ["mosquitto"] for mqtt_server in mqtt_servers: port = config["MQTT_TEST_SERVERS"][mqtt_server + "_port"] print ("test_server_ip: {} port: {}".format(test_server_ip, port)) output = scrap_output( main, [ test_server_ip, port, "-P", "MQTT", "-HD", "-C", "cotopaxi/fuzzing_corpus/mqtt_minimal", ], ) self.assertIn(" Payload ", output) self.assertIn("Finished protocol fuzzing", output) self.assertNotIn("Messages sent: 0", output) self.assertNotIn("0 / 0 / 0 ms", output) output = scrap_output( main, [ "127.0.0.1", "5353", "-P", "mDNS", "-C", "cotopaxi/fuzzing_corpus/mdns_minimal", ], ) # print "\n" + 30 * "-" + "\n" + output + "\n" + 30 * "-" + "\n" self.assertIn("Fuzzing stopped", output)