Python LocalAngularServer Examples

Programming Language: Python

Namespace/Package Name: test.tools.LocalAngularServer

Examples at hotexamples.com: 4

Python LocalAngularServer - 4 examples found. These are the top rated real world Python examples of test.tools.LocalAngularServer.LocalAngularServer extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

LocalAngularServer(4)

start(4)

stop(4)

Example #1

Show file

    def test_payloads(self):
        """Check if every single (stable) AngularJS version throws an alert using ACSTIS."""

        for (version, url) in self.angular_assets.items():
            server = LocalAngularServer()
            server.start(LocalAngularServer.HANDLER_VULNERABLE_TEST,
                         {"asset": url})

            try:
                shell_command = [
                    "python", "acstis.py", "--verify-payload",
                    "--angular-version", version, "--domain",
                    "http://" + server.url + "?vulnerable=payload"
                ]

                print("Testing: " + " ".join(shell_command))

                process = subprocess.Popen(shell_command)

                exitcode = process.wait()
            except Exception as e:
                print("Exception: " + str(e))
                exitcode = 1

            server.stop()

            self.assertEqual(exitcode, 0)

Example #2

Show file

File: test_version_detect.py Project: youdinforsec/angularjs-csti-scanner

    def test_version_detect(self):
        """Check if a single (stable) AngularJS version is detected by ACSTIS."""

        server = LocalAngularServer()
        server.start(LocalAngularServer.HANDLER_VULNERABLE_TEST, {"asset": "https://code.angularjs.org/1.5.8/angular.min.js"})

        domain = "http://" + server.url + "?vulnerable=payload"

        version = BrowserHelper.javascript(
            QueueItem(Request(domain), Response(domain)),
            "return angular.version.full"
        )

        server.stop()

        self.assertEqual("1.5.8", version)

Example #3

Show file

    def test_inside_non_bindable(self):
        """Payloads inside the non bindable attributes shouldn't be detected."""

        server = LocalAngularServer()
        server.start(LocalAngularServer.HANDLER_SCOPE_TEST,
                     {"position": "inside_non_bindable"})

        try:
            shell_command = [
                "python", "acstis.py", "--verify-payload", "--domain",
                "http://" + server.url + "?vulnerable=payload"
            ]

            process = subprocess.Popen(shell_command)

            exitcode = process.wait()
        except Exception as e:
            print("Exception: " + str(e))
            exitcode = 1

        server.stop()

        self.assertNotEqual(exitcode, 0)

Example #4

Show file

    def test_outside_app(self):
        """Payloads outside the AngularJS app shouldn't be detected."""

        server = LocalAngularServer()
        server.start(LocalAngularServer.HANDLER_SCOPE_TEST,
                     {"position": "outside_app"})

        try:
            shell_command = [
                "python", "acstis.py", "--verify-payload", "--domain",
                "http://" + server.url + "?vulnerable=payload"
            ]

            process = subprocess.Popen(shell_command)

            exitcode = process.wait()
        except Exception as e:
            print(e)
            exitcode = 1

        server.stop()

        self.assertNotEqual(exitcode, 0)