def mock_vulnerability_scan(request, mock_agent):
    """
    It allows to mock the vulnerability scan inserting custom packages, feeds and changing the host system
    """
    # Mock system
    vd.modify_system(agent_id=mock_agent,
                     os_name=request.param['os_name'],
                     os_major=request.param['os_major'],
                     os_minor=request.param['os_minor'],
                     name=vd.MOCKED_AGENT_NAME,
                     os_platform=request.param['os_platform'],
                     version=request.param['version'])

    # Insert data in sys_osinfo and sys_programs tables
    vd.insert_osinfo(agent=mock_agent,
                     os_name=request.param['os_name'],
                     os_major=request.param['os_major'],
                     os_minor=request.param['os_minor'],
                     os_patch=request.param['os_patch'],
                     release=request.param['release'])

    for vulnerability in request.param['vulnerabilities']:
        vd.insert_package(**vulnerability['package'],
                          agent=mock_agent,
                          source=vulnerability['package']['name'])
Example #2
0
def mock_vulnerability_scan(request, mock_agent):
    """
    It allows to mock the vulnerability scan inserting custom packages, feeds and changing the host system
    """
    # Mock system
    vd.modify_system(agent_id=mock_agent,
                     os_name=request.param['os_name'],
                     os_major=request.param['os_major'],
                     os_minor=request.param['os_minor'],
                     name=vd.MOCKED_AGENT_NAME,
                     os_platform=request.param['os_platform'],
                     version=request.param['version'])

    # Insert a vulnerability in table VULNERABILITIES
    vd.insert_vulnerability(cveid='CWE-000',
                            operation='less than',
                            operation_value='1.0.0',
                            package='test',
                            target=request.param['target'])

    # Add custom vulnerabilities and feeds
    for vulnerability in nvd_vulnerabilities['vulnerabilities_nvd']:
        vd.insert_package(**vulnerability['package'],
                          source=vulnerability['package']['name'],
                          format=request.param['format'],
                          agent=mock_agent)
def mock_vulnerability_scan(request, mock_agent):
    """
    It allows to mock the vulnerability scan inserting custom packages, feeds and changing the host system
    """
    # Mock system
    vd.modify_system(agent_id=mock_agent, os_name=request.param['os_name'], os_major=request.param['os_major'],
                     os_minor=request.param['os_minor'], name=vd.MOCKED_AGENT_NAME)

    # Add custom vulnerabilities and feeds
    for vulnerability in request.param['vulnerabilities']:
        vd.insert_package(**vulnerability['package'], agent=mock_agent, source=vulnerability['package']['name'])
        vd.insert_vulnerability(**vulnerability['cve'], package=vulnerability['package']['name'],
                                target=request.param['target'])
def mock_vulnerability_scan(request, mock_agent):
    """
    It allows to mock the vulnerability scan inserting custom packages, feeds and changing the host system
    """
    # Mock system
    vd.modify_system(agent_id=mock_agent, os_name=request.param['os_name'], os_major=request.param['os_major'],
                     os_minor=request.param['os_minor'], name=vd.MOCKED_AGENT_NAME)

    # Insert half vulnerabilities for provider feed
    for vulnerability in vulnerabilities_provider:
        vd.insert_vulnerability(**vulnerability['cve'], package=vulnerability['package']['name'],
                                target=request.param['target'])

    # Insert vulnerable packages
    for vulnerability in vulnerabilities_nvd:
        vd.insert_package(**vulnerability['package'], source=vulnerability['package']['name'],
                          format=request.param['format'], agent=mock_agent)
Example #5
0
def mock_vulnerability_scan(request, mock_agent):
    """Mocks the vulnerability scan inserting custom hotfixes, feeds and changing the host system

    Args:
        request (dict): dictionary containing the data to mock the system and the agent
        mock_agent (callable): fixture used to mock the agent
    """
    # Modify the necessary databases. The arch follows a special format rather than the usual x64.
    vd.modify_system(agent_id=mock_agent,
                     os_name=request.param['os_name'],
                     os_major=request.param['os_major'],
                     os_minor=request.param['os_minor'],
                     name=vd.MOCKED_AGENT_NAME,
                     os_arch=request.param['arch'])

    vd.insert_osinfo(agent=mock_agent,
                     os_name=request.param['os_name'],
                     os_release=request.param['os_release'],
                     architecture=request.param['arch'])

    for patch in request.param["hotfixes"]:
        vd.insert_hotfix(agent=mock_agent, hotfix=patch)
Example #6
0
def mock_system(request):
    control_service('stop', daemon='wazuh-modulesd')
    control_service('stop', daemon='wazuh-db')

    vd.clean_vd_tables(agent='000')

    # Modify the necessary databases
    vd.modify_system(os_name=request.param['os_name'],
                     os_major=request.param['os_major'],
                     os_minor=request.param['os_minor'],
                     name=request.param['name'],
                     os_arch=request.param['architecture'])
    vd.insert_osinfo(os_name=request.param['os_name'],
                     os_release=request.param['os_release'],
                     architecture=request.param['architecture'])
    vd.insert_hotfix()
    vd.insert_vulnerability(cveid='CWE-000',
                            operation='less than',
                            operation_value='1.0.0',
                            package='test',
                            target=request.param['target'])
    vd.insert_package()

    truncate_file(LOG_FILE_PATH)

    control_service('start', daemon='wazuh-modulesd')
    control_service('start', daemon='wazuh-db')

    yield request.param

    control_service('stop', daemon='wazuh-db')

    # Clean tables
    vd.clean_vd_tables(agent='000')

    control_service('start', daemon='wazuh-db')