def helper_auditdb_stress(n, dbname=":auto:"):
main_config = OrchestratorConfig()
main_config.ui_mode = "disabled"
audit_config = AuditConfig()
audit_config.targets = ["www.example.com"]
audit_config.audit_db = dbname
with PluginTester(main_config, audit_config) as t:
disk = t.audit.database
assert type(disk) is AuditSQLiteDB
print " Testing %d elements..." % (n * 3)
t1 = time.time()
print " -> Writing..."
for x in xrange(n):
d1 = URL("http://www.example.com/" + generate_random_string())
d2 = Text(generate_random_string())
d3 = UrlDisclosure(d1)
d1.add_information(d2)
disk.add_data(d1)
disk.add_data(d2)
disk.add_data(d3)
t2 = time.time()
print " -- Reading..."
keys = disk.get_data_keys()
assert len(keys) == (n * 3)
for key in keys:
assert disk.has_data_key(key)
data = disk.get_data(key)
assert data is not None
keys = disk.get_data_keys(Data.TYPE_INFORMATION)
assert len(keys) == n
for key in keys:
assert disk.has_data_key(key)
data = disk.get_data(key)
assert data is not None
assert data.data_type == Data.TYPE_INFORMATION
assert isinstance(data, Text)
keys = disk.get_data_keys(Data.TYPE_RESOURCE)
assert len(keys) == n
for key in keys:
assert disk.has_data_key(key)
data = disk.get_data(key)
assert data is not None
assert data.data_type == Data.TYPE_RESOURCE
assert isinstance(data, URL)
keys = disk.get_data_keys(Data.TYPE_VULNERABILITY)
assert len(keys) == n
for key in keys:
assert disk.has_data_key(key)
data = disk.get_data(key)
assert data is not None
assert data.data_type == Data.TYPE_VULNERABILITY
assert isinstance(data, UrlDisclosure)
t3 = time.time()
print " <- Deleting..."
for key in keys:
disk.remove_data(key)
t4 = time.time()
print " Write time: %d seconds (%f seconds per element)" % (
t2 - t1, (t2 - t1) / (n * 3.0))
print " Read time: %d seconds (%f seconds per element)" % (
t3 - t2, (t3 - t2) / (n * 3.0))
print " Delete time: %d seconds (%f seconds per element)" % (
t4 - t3, (t4 - t3) / (n * 3.0))
print " Total time: %d seconds (%f seconds per element)" % (
t4 - t1, (t4 - t1) / (n * 3.0))
def run(self, info):
# Query PunkSPIDER.
host_id = info.hostname
host_id = parse_url(host_id).hostname
host_id = ".".join(reversed(host_id.split(".")))
d = self.query_punkspider(host_id)
# Stop if we have no results.
if not d:
Logger.log("No results found for host: %s" % info.hostname)
return
# This is where we'll collect the data we'll return.
results = []
# For each vulnerability...
for v in d["data"]:
try:
# Future-proof checks.
if v["protocol"] not in ("http", "https"):
Logger.log_more_verbose(
"Skipped non-web vulnerability: %s" % to_utf8(v["id"]))
continue
if v["bugType"] not in ("xss", "sqli", "bsqli"):
Logger.log_more_verbose(
"Skipped unknown vulnerability type: %s" %
to_utf8(v["bugType"]))
continue
# Get the vulnerable URL, parameter and payload.
url = to_utf8(v["vulnerabilityUrl"])
param = to_utf8(v["parameter"])
parsed = parse_url(url)
payload = parsed.query_params[param]
# Get the level.
level = to_utf8(v["level"])
# Create the URL object.
url_o = URL(url)
results.append(url_o)
# Get the vulnerability class.
if v["bugType"] == "xss":
clazz = XSS
else:
clazz = SQLInjection
# Create the Vulnerability object.
vuln = clazz(
url_o,
vulnerable_params={param: payload},
injection_point=clazz.INJECTION_POINT_URL,
injection_type=to_utf8(v["bugType"]), # FIXME
level=level,
tool_id=to_utf8(v["id"]),
)
results.append(vuln)
# Log errors.
except Exception, e:
tb = traceback.format_exc()
Logger.log_error_verbose(str(e))
Logger.log_error_more_verbose(tb)
def helper_test_auditdb_data_consistency(db, key, data):
assert isinstance(db, BaseAuditDB)
# Test the database start and end times.
db.set_audit_times(None, None)
assert db.get_audit_times() == (None, None)
db.set_audit_start_time(1)
assert db.get_audit_times() == (1, None)
db.set_audit_stop_time(2)
assert db.get_audit_times() == (1, 2)
db.set_audit_start_time(None)
assert db.get_audit_times() == (None, 2)
db.set_audit_stop_time(None)
assert db.get_audit_times() == (None, None)
# Create some fake data and add it to the database.
d1 = URL("http://www.example.com/" + key)
d2 = Text(data)
d3 = UrlDisclosure(d1)
d1.add_information(d2)
assert d1.links == {d2.identity, d3.identity}
assert d2.links == {d1.identity}
assert d3.links == {d1.identity}
db.add_data(d1)
db.add_data(d2)
db.add_data(d3)
# Test has_data_key().
assert db.has_data_key(d1.identity)
assert db.has_data_key(d2.identity)
assert db.has_data_key(d3.identity)
# Test get_data().
d1p = db.get_data(d1.identity)
d2p = db.get_data(d2.identity)
d3p = db.get_data(d3.identity)
assert d1p is not None
assert d2p is not None
assert d3p is not None
assert d1p.identity == d1.identity
assert d2p.identity == d2.identity
assert d3p.identity == d3.identity
assert d1p.links == d1.links, (d1p.links, d1.links)
assert d2p.links == d2.links
assert d3p.links == d3.links
# Test get_data_types().
assert db.get_data_types((d1.identity, d2.identity, d3.identity)) == {
(d1.data_type, d1.resource_type), (d2.data_type, d2.information_type),
(d3.data_type, d3.vulnerability_type)
}, (db.get_data_types((d1.identity, d2.identity, d3.identity)),
{(d1.data_type, d1.resource_type), (d2.data_type, d2.information_type),
(d3.data_type, d3.vulnerability_type)})
# Test get_data_count().
assert db.get_data_count() == 3
assert db.get_data_count(d1.data_type) == 1
assert db.get_data_count(d2.data_type) == 1
assert db.get_data_count(d3.data_type) == 1
assert db.get_data_count(data_subtype=d1.resource_type) == 1
assert db.get_data_count(data_subtype=d2.information_type) == 1
assert db.get_data_count(data_subtype=d3.vulnerability_type) == 1
# Test get_many_data().
assert {
x.identity
for x in db.get_many_data((d1.identity, d2.identity, d3.identity))
} == {d1.identity, d2.identity, d3.identity}
# Test stage and plugin completion logic.
# XXX TODO
# Test remove_data().
db.remove_data(d1.identity)
db.remove_data(d2.identity)
db.remove_data(d3.identity)
assert not db.has_data_key(d1.identity)
assert not db.has_data_key(d2.identity)
assert not db.has_data_key(d3.identity)
assert db.get_data_count() == 0
assert db.get_data_count(d1.data_type) == 0
assert db.get_data_count(d2.data_type) == 0
assert db.get_data_count(d3.data_type) == 0
assert db.get_data_count(d1.data_type, d1.resource_type) == 0
assert db.get_data_count(d2.data_type, d2.information_type) == 0
assert db.get_data_count(d3.data_type, d3.vulnerability_type) == 0
assert db.get_data_count(data_subtype=d1.resource_type) == 0
assert db.get_data_count(data_subtype=d2.information_type) == 0
assert db.get_data_count(data_subtype=d3.vulnerability_type) == 0
assert db.get_data_types((d1.identity, d2.identity, d3.identity)) == set()
assert db.get_data(d1.identity) is None
assert db.get_data(d2.identity) is None
assert db.get_data(d3.identity) is None
