def helper_auditdb_stress(n, dbname=":auto:"): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = dbname with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert type(disk) is AuditSQLiteDB print " Testing %d elements..." % (n * 3) t1 = time.time() print " -> Writing..." for x in xrange(n): d1 = URL("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) t2 = time.time() print " -- Reading..." keys = disk.get_data_keys() assert len(keys) == (n * 3) for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None keys = disk.get_data_keys(Data.TYPE_INFORMATION) assert len(keys) == n for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None assert data.data_type == Data.TYPE_INFORMATION assert isinstance(data, Text) keys = disk.get_data_keys(Data.TYPE_RESOURCE) assert len(keys) == n for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None assert data.data_type == Data.TYPE_RESOURCE assert isinstance(data, URL) keys = disk.get_data_keys(Data.TYPE_VULNERABILITY) assert len(keys) == n for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None assert data.data_type == Data.TYPE_VULNERABILITY assert isinstance(data, UrlDisclosure) t3 = time.time() print " <- Deleting..." for key in keys: disk.remove_data(key) t4 = time.time() print " Write time: %d seconds (%f seconds per element)" % ( t2 - t1, (t2 - t1) / (n * 3.0)) print " Read time: %d seconds (%f seconds per element)" % ( t3 - t2, (t3 - t2) / (n * 3.0)) print " Delete time: %d seconds (%f seconds per element)" % ( t4 - t3, (t4 - t3) / (n * 3.0)) print " Total time: %d seconds (%f seconds per element)" % ( t4 - t1, (t4 - t1) / (n * 3.0))
def run(self, info): # Query PunkSPIDER. host_id = info.hostname host_id = parse_url(host_id).hostname host_id = ".".join(reversed(host_id.split("."))) d = self.query_punkspider(host_id) # Stop if we have no results. if not d: Logger.log("No results found for host: %s" % info.hostname) return # This is where we'll collect the data we'll return. results = [] # For each vulnerability... for v in d["data"]: try: # Future-proof checks. if v["protocol"] not in ("http", "https"): Logger.log_more_verbose( "Skipped non-web vulnerability: %s" % to_utf8(v["id"])) continue if v["bugType"] not in ("xss", "sqli", "bsqli"): Logger.log_more_verbose( "Skipped unknown vulnerability type: %s" % to_utf8(v["bugType"])) continue # Get the vulnerable URL, parameter and payload. url = to_utf8(v["vulnerabilityUrl"]) param = to_utf8(v["parameter"]) parsed = parse_url(url) payload = parsed.query_params[param] # Get the level. level = to_utf8(v["level"]) # Create the URL object. url_o = URL(url) results.append(url_o) # Get the vulnerability class. if v["bugType"] == "xss": clazz = XSS else: clazz = SQLInjection # Create the Vulnerability object. vuln = clazz( url_o, vulnerable_params={param: payload}, injection_point=clazz.INJECTION_POINT_URL, injection_type=to_utf8(v["bugType"]), # FIXME level=level, tool_id=to_utf8(v["id"]), ) results.append(vuln) # Log errors. except Exception, e: tb = traceback.format_exc() Logger.log_error_verbose(str(e)) Logger.log_error_more_verbose(tb)
def helper_test_auditdb_data_consistency(db, key, data): assert isinstance(db, BaseAuditDB) # Test the database start and end times. db.set_audit_times(None, None) assert db.get_audit_times() == (None, None) db.set_audit_start_time(1) assert db.get_audit_times() == (1, None) db.set_audit_stop_time(2) assert db.get_audit_times() == (1, 2) db.set_audit_start_time(None) assert db.get_audit_times() == (None, 2) db.set_audit_stop_time(None) assert db.get_audit_times() == (None, None) # Create some fake data and add it to the database. d1 = URL("http://www.example.com/" + key) d2 = Text(data) d3 = UrlDisclosure(d1) d1.add_information(d2) assert d1.links == {d2.identity, d3.identity} assert d2.links == {d1.identity} assert d3.links == {d1.identity} db.add_data(d1) db.add_data(d2) db.add_data(d3) # Test has_data_key(). assert db.has_data_key(d1.identity) assert db.has_data_key(d2.identity) assert db.has_data_key(d3.identity) # Test get_data(). d1p = db.get_data(d1.identity) d2p = db.get_data(d2.identity) d3p = db.get_data(d3.identity) assert d1p is not None assert d2p is not None assert d3p is not None assert d1p.identity == d1.identity assert d2p.identity == d2.identity assert d3p.identity == d3.identity assert d1p.links == d1.links, (d1p.links, d1.links) assert d2p.links == d2.links assert d3p.links == d3.links # Test get_data_types(). assert db.get_data_types((d1.identity, d2.identity, d3.identity)) == { (d1.data_type, d1.resource_type), (d2.data_type, d2.information_type), (d3.data_type, d3.vulnerability_type) }, (db.get_data_types((d1.identity, d2.identity, d3.identity)), {(d1.data_type, d1.resource_type), (d2.data_type, d2.information_type), (d3.data_type, d3.vulnerability_type)}) # Test get_data_count(). assert db.get_data_count() == 3 assert db.get_data_count(d1.data_type) == 1 assert db.get_data_count(d2.data_type) == 1 assert db.get_data_count(d3.data_type) == 1 assert db.get_data_count(data_subtype=d1.resource_type) == 1 assert db.get_data_count(data_subtype=d2.information_type) == 1 assert db.get_data_count(data_subtype=d3.vulnerability_type) == 1 # Test get_many_data(). assert { x.identity for x in db.get_many_data((d1.identity, d2.identity, d3.identity)) } == {d1.identity, d2.identity, d3.identity} # Test stage and plugin completion logic. # XXX TODO # Test remove_data(). db.remove_data(d1.identity) db.remove_data(d2.identity) db.remove_data(d3.identity) assert not db.has_data_key(d1.identity) assert not db.has_data_key(d2.identity) assert not db.has_data_key(d3.identity) assert db.get_data_count() == 0 assert db.get_data_count(d1.data_type) == 0 assert db.get_data_count(d2.data_type) == 0 assert db.get_data_count(d3.data_type) == 0 assert db.get_data_count(d1.data_type, d1.resource_type) == 0 assert db.get_data_count(d2.data_type, d2.information_type) == 0 assert db.get_data_count(d3.data_type, d3.vulnerability_type) == 0 assert db.get_data_count(data_subtype=d1.resource_type) == 0 assert db.get_data_count(data_subtype=d2.information_type) == 0 assert db.get_data_count(data_subtype=d3.vulnerability_type) == 0 assert db.get_data_types((d1.identity, d2.identity, d3.identity)) == set() assert db.get_data(d1.identity) is None assert db.get_data(d2.identity) is None assert db.get_data(d3.identity) is None