def test_wrong_data_login_passw_ssh():
with pytest.raises(TransportConnetionError, message="Expecting TransportConnetionError"):
with get_transport("SSH", "localhost", 22022, "roo", "pwd"):
pass
with pytest.raises(TransportConnetionError, message="Expecting TransportConnetionError"):
with get_transport("SSH", "localhost", 22022, "root", "pwd1"):
pass
def test_wrong_data_login_passw():
with pytest.raises(TransportConnetionError,
message="Expecting TransportConnetionError"):
with get_transport("MySQL", "localhost", 43306, "root123", "pwd123",
"sadb"):
pass
with pytest.raises(TransportConnetionError,
message="Expecting TransportConnetionError"):
with get_transport("MySQL", "localhost", 43306, "root", "pwd123456",
"sadb"):
pass
def GET(self):
environ = web.ctx.environ # must cache it, becouse it's global!
i = web.input(eid='0', a='default')
eid = int(i.eid)
uid = str(i.a).replace('.','').replace('/','')
t = transports.get_transport('longpoll')
for k, v in t.get_headers():
web.header(k, v)
def iterator():
fname = '/tmp/fifo-%s' % (uid,)
try:
os.mkfifo(fname)
except OSError:
pass
if eid == 0:
yield t.write('connected!')
elif eid == 1:
yield t.write(uid)
else:
try:
fd = os.open(fname, os.O_RDONLY | os.O_NONBLOCK)
yield environ['x-wsgiorg.fdevent.readable'](fd)
yield t.write(os.read(fd, 4096))
os.close(fd)
except GeneratorExit:
pass
os.unlink(fname)
return iterator()
def GET(self):
lweb = web
environ = web.ctx.environ # must cache it, because it's global!
i = web.input(transport='iframe', callback='c')
if i.transport == 'longpoll':
return cometread_longpoll().GET()
t = transports.get_transport(i.transport, i.callback)
for k, v in t.get_headers():
web.header(k, v)
def iterator():
uid = str(uuid.uuid4())
fname = '/tmp/fifo-%s' % (uid,)
try:
os.mkfifo(fname)
except OSError:
pass
try:
yield t.start()
yield t.write('connected!')
fd = os.open(fname, os.O_RDONLY | os.O_NONBLOCK)
os.read(fd, 4096)
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
os.close(fd)
yield t.write(uid)
while True:
fd = os.open(fname, os.O_RDONLY | os.O_NONBLOCK)
os.read(fd, 4096)
yield environ['x-wsgiorg.fdevent.readable'](fd)
yield t.write(os.read(fd, 4096))
os.close(fd)
except GeneratorExit:
pass
os.unlink(fname)
return iterator()
def test_first_script_while_ssh_conected():
scriptpack = importlib.import_module("scripts.001_test_file_exists")
with get_transport("SSH") as transport:
result = scriptpack.main()
if result == 2:
transport.exec("touch testfile")
result = scriptpack.main()
transport.exec("rm testfile")
assert result == 1
elif result == 1:
result = scriptpack.main()
transport.exec("rm testfile")
assert result == 1
assert scriptpack.main() == 2
else:
raise NameError("Uknown result")
assert scriptpack.main() == 2
transport.exec("touch testfile")
result = scriptpack.main()
transport.exec("rm testfile")
assert result == 1
def test_double_cmnd():
with get_transport("SSH") as transport:
text = "Some interesting data"
result = transport.exec("echo \"%s\" > somefile; cat somefile" % text)
transport.exec("rm somefile")
assert "%s\n" % text == result
def test_exec():
sql_data = '*****@*****.**'
right_dict = {'password': '******', 'id': 1}
result = get_transport('SQL').sql_exec(
"SELECT `id`, `password`\
FROM `users` WHERE `email`=%s", sql_data)[0]
assert isinstance(result, dict)
assert (right_dict == result)
def simplest_application(environ, start_response):
t = transports.get_transport('xhrstream')
start_response('200 OK', t.get_headers())
def iterator():
yield t.start()
yield t.write('fist message!')
yield t.write('second message!')
yield t.write('third message!')
return iterator()
def main():
try:
reg = get_transport(TRANSPORT)
result = reg.get_value(
'Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System',
'EnableSecureUIAPaths')
except TransportConnectionError:
return Status.STATUS_NOT_APPLICABLE
except TransportUnknown:
return Status.STATUS_ERROR
if result == 1:
return Status.STATUS_COMPLIANT
else:
return Status.STATUS_NOT_COMPLIANT
def GET(self):
environ = web.ctx.environ # must cache it, becouse it's global!
i = web.input(transport='iframe', callback='c')
if i.transport == 'longpoll':
return comet_longpoll().GET()
t = transports.get_transport(i.transport.encode('utf-8'), i.callback.encode('utf-8'))
for k, v in t.get_headers():
web.header(k, v)
def iterator():
fname = '/tmp/fifo'
try:
os.mkfifo(fname)
except OSError:
pass
fd = os.open(fname, os.O_RDONLY | os.O_NONBLOCK)
try:
yield t.start()
yield t.write("connected!")
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
u = ''.join([ chr(i) for i in range(128)])
yield t.write(u )
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
yield t.write('padding1')
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
u = u'На берегу пустынных волн ich sih in grâwen tägelîch als er wil tagen, He wes Leovenaðes sone -- liðe him be Drihten. ἀπὸ τὸ Ἄξιον ἐστί ვეპხის ტყაოსანი შოთა რუსთაველი Μπορώ να φάω σπασμένα γυαλιά χωρίς να πάθω τίποτα. ⠊⠀⠉⠁⠝⠀⠑⠁⠞⠀⠛⠇⠁⠎⠎⠀⠁⠝⠙⠀⠊⠞⠀⠙⠕⠑⠎⠝⠞⠀⠓⠥⠗⠞⠀⠍⠑ 私はガラスを食べられます。それは私を傷つけません。'
yield t.write(u.encode( "utf-8" ) )
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
size = random.randint(128*1024, 140*1024)
yield t.write('%i %s' %(size, '<'*size) )
yield environ['x-wsgiorg.fdevent.readable'](fd, 3.0)
yield t.write('padding2')
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
yield t.write(" \t\r\n\r\n\t \n\r ")
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
yield t.write('padding3')
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
yield t.write("event1")
yield t.write("event2")
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
yield t.write('padding4')
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
yield t.write('padding4')
yield environ['x-wsgiorg.fdevent.readable'](fd, 1.0)
yield t.write('padding5')
except GeneratorExit:
pass
os.close(fd)
return iterator()
def SSH_audit():
try:
connection = get_transport('SSH')
except TransportError:
print('Warning: SSH service is unavailable')
return None
SSH_audit_info = {
'sys_info': connection.exec('uname -a'),
'cpu_info': connection.exec('lscpu'),
'kernel_version': connection.exec('cat /proc/version'),
'sys_users': connection.exec('cat /etc/passwd'),
'ip_macs': connection.exec('ip l'),
'packages': connection.exec('apt list --installed')
}
return SSH_audit_info
def main():
try:
transport_instance = get_transport(TRANSPORT)
func_status = transport_instance.get_file(FILE_NAME)
except TransportConnectionError:
print('Warning: Can not connect to SSH')
return Status.STATUS_NOT_APPLICABLE
except TransportUnknown:
return Status.STATUS_ERROR
except TransportIOError:
return Status.STATUS_NOT_COMPLIANT
if func_status:
return Status.STATUS_COMPLIANT
else:
return Status.STATUS_NOT_COMPLIANT
def main():
cmnd = 'if [ -f "%s" ]; then echo "Exist"; fi'
filename = "testfile"
try:
with get_transport("SSH") as transport:
result = transport.exec(cmnd % filename)
except TransportConnetionError:
return STATUS_NOT_APPLICABLE
if "Exist" in result:
return STATUS_COMPLIANT
elif result == "":
return STATUS_NOT_COMPLIANT
else:
return STATUS_ERROR
def main():
try:
with get_transport("MySQL") as transport:
tables = transport.sqlexec(SQL_TABLES)
if not tables or "testtable" not in map(lambda x: x.get('Tables_in_sadb'), tables):
return STATUS_NOT_COMPLIANT
count_data = transport.sqlexec(SQL_SELECT)[0].get("COUNT(*)")
if count_data > 0:
return STATUS_COMPLIANT
elif count_data == 0:
return STATUS_NOT_COMPLIANT
else:
return STATUS_ERROR
except TransportConnetionError:
return STATUS_NOT_APPLICABLE
def add_audit(self):
try:
wmi_connection = get_transport('WMI')
except TransportConnectionError as e:
print('Warning: WMI service is unavailable')
return 0
query_result_sys = wmi_connection.wmi_query("Select Caption, \
OSArchitecture, Version from Win32_OperatingSystem")[0]
query_result_group = wmi_connection.wmi_query("Select Name, \
DNSHostName, Domain, Workgroup, PartOfDomain \
from Win32_ComputerSystem")[0]
Domain = query_result_group.Domain
Workgroup = query_result_group.Workgroup
if query_result_group.PartOfDomain == False:
Domain = None
else:
Workgroup = None
audit_info = {
'OSName': query_result_sys.Caption,
'OSArchitecture': query_result_sys.OSArchitecture,
'OSVersion': query_result_sys.Version,
'NetBiosName': query_result_group.Name,
'Hostname': query_result_group.DNSHostName,
'Domain': Domain,
'Workgroup': Workgroup,
'PartOfDomain': bool(query_result_group.PartOfDomain)
}
try:
with self.connection:
current_scan = self.connection.execute(
'SELECT max(id) FROM scansystem').fetchone()[0]
for key in audit_info:
self.connection.execute(
'INSERT OR REPLACE INTO audit'
'(attribute, value, scansystem_id) VALUES (?, ?, ?)',
(key, audit_info[key], current_scan))
except sqlite3.Error as e:
raise DatabaseError(e.args[0])
def main(db, control_id, scan_date):
try:
print('Test started')
result, options, transport_name = get_transport('SSH')
command = result.exec('ls -la')
if 'testfile.txt' in command:
status_info = Status.STATUS_COMPLIANT.name
else:
status_info = Status.STATUS_NOT_COMPLIANT.name
transport_id = db.db_transport_select(transport_name)
db.add_control(control_id,
scan_date,
status_info,
transport_id,
str(options)) # Добавляем результат сканирования в базу
print('End of test')
except:
pass
def SNMP_audit():
connection = get_transport('SNMP')
try:
sysDescr = connection.get_snmpdata('.1.3.6.1.2.1.1.1.0')
interfacesQuantity = connection.get_snmpdata('.1.3.6.1.2.1.2.1.0')[0]
listOfInterfaces = []
for interface in range(1, interfacesQuantity):
listOfInterfaces.append([
((connection.get_snmpdata('.1.3.6.1.2.1.2.2.1.2.' +
str(interface))[0]).prettyPrint()),
(connection.get_snmpdata('.1.3.6.1.2.1.2.2.1.7.' +
str(interface))[0].prettyPrint())
])
except Exception:
return None
listOfInterfaces.sort()
SNMP_audit_info = {
'sysDescr': sysDescr[0],
'listOfInterfaces': listOfInterfaces
}
return SNMP_audit_info
def test_select_data():
with get_transport("MySQL") as transport:
data = transport.sqlexec(SQL_SELECT, ('*****@*****.**', ))
assert data == [{'password': '******', 'id': 1}]
def test_except_unknown_transport_ssh():
with pytest.raises(UnknownTransport, message="Expecting UnknownTransport"):
with get_transport("SFTP", "localhost", 22022, "root", "pwd"):
pass
def test_empty_exec():
with pytest.raises(TransportError):
get_transport('SQL').sql_exec("", "")
def test_connect_with_data():
with get_transport("SSH", "localhost", 22022, "root", "pwd"):
pass
def WMIregistry():
return get_transport('WMIreg')
def WMIconnect():
return get_transport('WMI')
def test_except_transport_error_1():
with get_transport("MySQL", "localhost", 43306, "root", "pwd123",
"sadb") as transport:
with pytest.raises(TransportError, message="Expecting TransportError"):
transport.sqlexec()
def test_invalid_sql4():
with pytest.raises(TransportCommandError,
message="Expecting TransportCommandError"):
with get_transport("MySQL", "localhost", 43306, "root", "pwd123",
"sadb") as transport:
transport.sqlexec("SELECT %s")
def test_wrong_data_host():
with pytest.raises(TransportConnetionError,
message="Expecting TransportConnetionError"):
with get_transport("MySQL", "8.8.8.8", 43306, "root", "pwd123",
"sadb"):
pass
def test_create_table():
with get_transport("MySQL") as transport:
transport.sqlexec(SQL_CREATE)
def test_insert_data():
with get_transport("MySQL") as transport:
data = ('*****@*****.**', 'very-secret')
transport.sqlexec(SQL_INSERT, data)
def test_connect_with_data():
with get_transport("MySQL", "localhost", 43306, "root", "pwd123", "sadb"):
pass
def test_except_transport_ssh_error_1():
with get_transport("SSH", "localhost", 22022, "root", "pwd") as transport:
with pytest.raises(TransportError, message="Expecting TransportError"):
transport.exec()
def test_wrong_data_host_ssh():
with pytest.raises(TransportConnetionError, message="Expecting TransportConnetionError"):
with get_transport("SSH", "8.8.8.8", 22022, "root", "pwd"):
pass
def test_delete_data():
with get_transport("MySQL") as transport:
transport.sqlexec(SQL_DELETE)
def test_connect_without_data():
with get_transport("MySQL"):
pass
def test_drop_table():
with get_transport("MySQL") as transport:
transport.sqlexec(SQL_DROP)