def test_pickleable_vuln(self):
original_vuln = MockVuln()
kb.append('a', 'b', original_vuln)
unpickled_vuln = kb.get('a', 'b')[0]
self.assertEqual(original_vuln, unpickled_vuln)
def test_pickleable_info(self):
original_info = MockInfo()
kb.append('a', 'b', original_info)
unpickled_info = kb.get('a', 'b')[0]
self.assertEqual(original_info, unpickled_info)
def test_pickleable_info(self):
original_info = MockInfo()
kb.append('a', 'b', original_info)
unpickled_info = kb.get('a', 'b')[0]
self.assertEqual(original_info, unpickled_info)
def test_pickleable_vuln(self):
original_vuln = MockVuln()
kb.append('a', 'b', original_vuln)
unpickled_vuln = kb.get('a', 'b')[0]
self.assertEqual(original_vuln, unpickled_vuln)
def test_return_all_for_plugin(self):
i1 = MockInfo()
i2 = MockInfo()
i3 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
kb.append('a', 'b', i3)
self.assertEqual(kb.get('a', 'b'), [i1, i2, i3])
def test_return_all_for_plugin(self):
i1 = MockInfo()
i2 = MockInfo()
i3 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
kb.append('a', 'b', i3)
self.assertEqual(kb.get('a', 'b'), [i1, i2, i3])
def test_append_uniq_var_bug_10Dec2012(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html'))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html'))
i2.set_var('id')
kb.append_uniq('a', 'b', i1)
kb.append_uniq('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [i1, ])
def test_append(self):
i1 = MockInfo()
i2 = MockInfo()
i3 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i1)
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
kb.append('a', 'b', i3)
self.assertEqual(kb.get('a', 'b'), [i1, i1, i1, i2, i3])
def test_append(self):
i1 = MockInfo()
i2 = MockInfo()
i3 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i1)
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
kb.append('a', 'b', i3)
self.assertEqual(kb.get('a', 'b'), [i1, i1, i1, i2, i3])
def test_append_uniq_var_bug_10Dec2012(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html'))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html'))
i2.set_var('id')
kb.append_uniq('a', 'b', i1)
kb.append_uniq('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [
i1,
])
def test_append_uniq_url_different(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1'))
i1.set_dc(QueryString([('id', '1')]))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/def.html?id=3'))
i2.set_dc(QueryString([('id', '3')]))
i2.set_var('id')
kb.append_uniq('a', 'b', i1, filter_by='URL')
kb.append_uniq('a', 'b', i2, filter_by='URL')
self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_save_append(self):
'''
Although calling raw_write and then append is highly discouraged,
someone would want to use it.
'''
i0 = MockInfo()
self.assertRaises(TypeError, kb.raw_write, 'a', 'b', i0)
i1 = MockInfo()
i2 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_append_uniq_url_different(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1'))
i1.set_dc(QueryString([('id', '1')]))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/def.html?id=3'))
i2.set_dc(QueryString([('id', '3')]))
i2.set_var('id')
kb.append_uniq('a', 'b', i1, filter_by='URL')
kb.append_uniq('a', 'b', i2, filter_by='URL')
self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_append_uniq_var_default(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1'))
i1.set_dc(QueryString([('id', '1')]))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html?id=3'))
i2.set_dc(QueryString([('id', '3')]))
i2.set_var('id')
kb.append_uniq('a', 'b', i1)
kb.append_uniq('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [i1, ])
def test_save_append(self):
'''
Although calling raw_write and then append is highly discouraged,
someone would want to use it.
'''
i0 = MockInfo()
self.assertRaises(TypeError, kb.raw_write, 'a', 'b', i0)
i1 = MockInfo()
i2 = MockInfo()
kb.append('a', 'b', i1)
kb.append('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_pickleable_shells(self):
pool = Pool(1)
xurllib = ExtendedUrllib()
original_shell = Shell(MockVuln(), xurllib, pool)
kb.append('a', 'b', original_shell)
unpickled_shell = kb.get('a', 'b')[0]
self.assertEqual(original_shell, unpickled_shell)
self.assertEqual(unpickled_shell.worker_pool, None)
self.assertEqual(unpickled_shell._uri_opener, None)
pool.terminate()
pool.join()
def test_pickleable_shells(self):
pool = Pool(1)
xurllib = ExtendedUrllib()
original_shell = Shell(MockVuln(), xurllib, pool)
kb.append('a', 'b', original_shell)
unpickled_shell = kb.get('a', 'b')[0]
self.assertEqual(original_shell, unpickled_shell)
self.assertEqual(unpickled_shell.worker_pool, None)
self.assertEqual(unpickled_shell._uri_opener, None)
pool.terminate()
pool.join()
def test_store_in_kb(self):
dt = DAVTemplate()
dt.store_in_kb()
stored_data = kb.get(*dt.get_kb_location())
self.assertEqual(len(stored_data), 1)
stored_vuln = stored_data[0]
created_vuln = dt.create_vuln()
stored_vuln.set_id(created_vuln.get_id())
self.assertEqual(stored_vuln, created_vuln)
def test_append_uniq_var_default(self):
i1 = MockInfo()
i1.set_uri(URL('http://moth/abc.html?id=1'))
i1.set_dc(QueryString([('id', '1')]))
i1.set_var('id')
i2 = MockInfo()
i2.set_uri(URL('http://moth/abc.html?id=3'))
i2.set_dc(QueryString([('id', '3')]))
i2.set_var('id')
kb.append_uniq('a', 'b', i1)
kb.append_uniq('a', 'b', i2)
self.assertEqual(kb.get('a', 'b'), [
i1,
])
def test_strategy_run(self):
core = w3afCore()
target = core.target.get_options()
target['target'].set_value(self.TARGET_URL)
core.target.set_options(target)
core.plugins.set_plugins(['sqli',], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
def verify_threads_running(functor):
thread_names = [t.name for t in threading.enumerate()]
self.assertIn('WorkerThread', thread_names)
self.called_teardown_audit = True
return functor
self.called_teardown_audit = False
strategy = w3af_core_strategy(core)
strategy._teardown_audit = verify_threads_running(strategy._teardown_audit)
strategy.start()
# Now test that those threads are being terminated
self.assertTrue(self.called_teardown_audit)
vulns = kb.get('sqli', 'sqli')
self.assertEqual(len(vulns), 1)
core.exploit_phase_prerequisites = lambda: 42
core.scan_end_hook()
thread_names = [t.name for t in threading.enumerate()]
self.assertEqual(len(thread_names), 3, thread_names)
thread_names = set(thread_names)
expected_names = set(['MainThread', 'SQLiteExecutor', 'OutputManager'])
self.assertEqual(thread_names, expected_names)
def test_default_get(self):
self.assertEqual(kb.get('a', 'b'), [])
def test_default_first_saved(self):
kb.raw_write('a', 'b', 'c')
self.assertEqual(kb.get('a', 'not-exist'), [])
self.assertEqual(kb.raw_read('a', 'not-exist'), [])
def test_default_first_saved(self):
kb.raw_write('a', 'b', 'c')
self.assertEqual(kb.get('a', 'not-exist'), [])
self.assertEqual(kb.raw_read('a', 'not-exist'), [])
def test_default_get(self):
self.assertEqual(kb.get('a', 'b'), [])