class TestProfilesConsoleUI(ConsoleTestHelper): ''' Load profiles from the console UI. ''' def test_load_profile_exists(self): commands_to_run = ['profiles', 'help', 'use OWASP_TOP10', 'exit'] expected = ( 'The plugins configured by the scan profile have been enabled', 'Please set the target URL', ' | Use a profile.') self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.all_expected_substring_in_output(expected) self.assertTrue(assert_result, msg) def test_load_profile_not_exists(self): commands_to_run = ['profiles', 'help', 'use do_not_exist', 'exit'] expected = ('Unknown profile name: "do_not_exist"', ) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg)
class TestProfilesConsoleUI(ConsoleTestHelper): """ Load profiles from the console UI. """ def test_load_profile_exists(self): commands_to_run = ["profiles", "help", "use OWASP_TOP10", "exit"] expected = ( "The plugins configured by the scan profile have been enabled", "Please set the target URL", " | Use a profile.", ) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.all_expected_substring_in_output(expected) self.assertTrue(assert_result, msg) def test_load_profile_not_exists(self): commands_to_run = ["profiles", "help", "use do_not_exist", "exit"] expected = ('Unknown profile name: "do_not_exist"',) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg)
class TestScanRunConsoleUI(ConsoleTestHelper): ''' Run scans from the console UI. ''' def test_SQL_scan(self): target = 'http://moth/w3af/audit/sql_injection/select/sql_injection_string.php' qs = '?name=andres' commands_to_run = ['plugins', 'output console,text_file', 'output config text_file', 'set output_file %s' % self.OUTPUT_FILE, 'set http_output_file %s' % self.OUTPUT_HTTP_FILE, 'set verbose True', 'back', 'output config console', 'set verbose False', 'back', 'audit sqli', 'crawl web_spider', 'crawl config web_spider', 'set only_forward True', 'back', 'grep path_disclosure', 'back', 'target', 'set target %s%s' % (target, qs), 'back', 'start', 'exit'] expected = ('SQL injection in ', 'A SQL error was found in the response supplied by ', 'New URL found by web_spider plugin: "%s"' % target) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) found_errors = self.error_in_output(['No such file or directory', 'Exception']) self.assertFalse(found_errors) @attr('smoke') def test_two_scans(self): target_1 = 'http://moth/w3af/audit/sql_injection/select/sql_injection_string.php' qs_1 = '?name=andres' scan_commands_1 = ['plugins', 'output console,text_file', 'output config text_file', 'set output_file %s' % self.OUTPUT_FILE, 'set http_output_file %s' % self.OUTPUT_HTTP_FILE, 'set verbose True', 'back', 'output config console', 'set verbose False', 'back', 'audit sqli', 'crawl web_spider', 'crawl config web_spider', 'set only_forward True', 'back', 'grep path_disclosure', 'back', 'target', 'set target %s%s' % (target_1, qs_1), 'back', 'start'] expected_1 = ('SQL injection in ', 'A SQL error was found in the response supplied by ', 'New URL found by web_spider plugin: "%s"' % target_1) target_2 = 'http://moth/w3af/audit/xss/simple_xss.php' qs_2 = '?text=1' scan_commands_2 = ['plugins', 'output console,text_file', 'output config text_file', 'set output_file %s' % self.OUTPUT_FILE, 'set http_output_file %s' % self.OUTPUT_HTTP_FILE, 'set verbose True', 'back', 'output config console', 'set verbose False', 'back', 'audit xss', 'crawl web_spider', 'crawl config web_spider', 'set only_forward True', 'back', 'grep path_disclosure', 'back', 'target', 'set target %s%s' % (target_2, qs_2), 'back', 'start', 'exit'] expected_2 = ('A Cross Site Scripting vulnerability was found at', 'New URL found by web_spider plugin: "%s"' % target_2) scan_commands = scan_commands_1 + scan_commands_2 self.console = ConsoleUI(commands=scan_commands, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected_1) self.assertTrue(assert_result, msg) assert_result, msg = self.startswith_expected_in_output(expected_2) self.assertTrue(assert_result, msg) found_errors = self.error_in_output(['No such file or directory', 'Exception']) self.assertFalse(found_errors)
class TestBasicConsoleUI(ConsoleTestHelper): ''' Basic test for the console UI. ''' def test_menu_browse_misc(self): commands_to_run = ['misc-settings', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:misc-settings>>> ') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_browse_http(self): commands_to_run = ['http-settings', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:http-settings>>> ') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_browse_target(self): commands_to_run = ['target', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:target>>> ') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_plugin_desc(self): commands_to_run = [ 'plugins', 'infrastructure desc zone_h', 'back', 'exit' ] expected = ('This plugin searches the zone-h.org', 'result. The information stored in', 'previous defacements to the target website.') self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_set_option_case01(self): commands_to_run = [ 'target', 'set target http://moth/', 'save', 'view', 'back', 'exit' ] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:target>>> ', 'The configuration has been saved.\r\n') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) expected_start_with = ('| http://moth/', ) assert_result, msg = self.all_expected_substring_in_output( expected_start_with) self.assertTrue(assert_result, msg) def test_menu_set_option_manual_save(self): commands_to_run = [ 'target set target http://moth/', 'target view', 'target save', 'exit' ] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected_start_with = ('| target ', 'The configuration has been saved.') assert_result, msg = self.startswith_expected_in_output( expected_start_with) self.assertTrue(assert_result, msg) def test_menu_set_option_auto_save(self): commands_to_run = [ 'target set target http://moth/', 'target view', 'exit' ] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected_start_with = ('| target ', 'The configuration has been saved.') assert_result, msg = self.startswith_expected_in_output( expected_start_with) self.assertTrue(assert_result, msg) def test_menu_set_option_invalid_case01(self): # Invalid port commands_to_run = [ 'target', 'set target http://moth:301801/', 'view', 'back', 'exit' ] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected_start_with = ( 'Invalid URL configured by user,', # Because nothing was really saved and the # config is empty, this will succeed 'The configuration has been saved.') assert_result, msg = self.startswith_expected_in_output( expected_start_with) self.assertTrue(assert_result, msg)
class TestExploitConsoleUI(ConsoleTestHelper): ''' Run scan and exploit vulnerabilities from the console UI. ''' def test_OS_commanding_exploit(self): target = 'http://moth/w3af/audit/os_commanding/simple_osc.php' qs = '?cmd=foobar' commands_to_run = [ 'plugins', 'audit os_commanding', 'back', 'target', 'set target %s%s' % (target, qs), 'back', 'start', 'exploit', 'exploit os_commanding', 'interact 0', 'execute ls', 'execute w', 'read /etc/passwd', # Testing the quote delimiter for strings 'read "/var/www/moth/w3af/crawl/web_spider/follow_links/a b.html"', 'help', 'lsp', 'payload tcp', 'payload list_processes', 'payload list_processes 20', 'exit', # from shell 'exit', # from w3af ] expected = ( # start 'OS Commanding was found at: "%s' % target, # exploit 'Vulnerability successfully exploited. Generated shell object', 'Please use the interact command to interact with the shell objects.', # read /etc/passwd 'root:x:0:0:root:/root:/bin/bash', 'daemon:x:1:1:daemon:/usr/sbin:/bin/sh', # read "...a b.html" 'non-zero.', # help '', #lsp 'apache_config_directory', 'kernel_version', # payload tcp '| Id | Local Address | Remote Address', # payload list_processes 'Usage: list_processes <max_pid>', # payload list_processes 20 '| 1 | init | S (sleeping) | /sbin/init', ) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) found_errors = self.error_in_output( ['No such file or directory', 'Exception']) self.assertFalse(found_errors)
class TestBasicConsoleUI(ConsoleTestHelper): ''' Basic test for the console UI. ''' def test_menu_browse_misc(self): commands_to_run = ['misc-settings', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:misc-settings>>> ') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_browse_http(self): commands_to_run = ['http-settings', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:http-settings>>> ') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_browse_target(self): commands_to_run = ['target', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:target>>> ') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_plugin_desc(self): commands_to_run = ['plugins', 'infrastructure desc zone_h', 'back', 'exit'] expected = ('This plugin searches the zone-h.org', 'result. The information stored in', 'previous defacements to the target website.') self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_menu_set_option_case01(self): commands_to_run = ['target', 'set target http://moth/', 'save', 'view', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/config:target>>> ', 'The configuration has been saved.\r\n') assert_result, msg = self.all_expected_in_output(expected) self.assertTrue(assert_result, msg) expected_start_with = ('| http://moth/',) assert_result, msg = self.all_expected_substring_in_output(expected_start_with) self.assertTrue(assert_result, msg) def test_menu_set_option_manual_save(self): commands_to_run = ['target set target http://moth/', 'target view', 'target save', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected_start_with = ('| target ', 'The configuration has been saved.') assert_result, msg = self.startswith_expected_in_output(expected_start_with) self.assertTrue(assert_result, msg) def test_menu_set_option_auto_save(self): commands_to_run = ['target set target http://moth/', 'target view', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected_start_with = ('| target ', 'The configuration has been saved.') assert_result, msg = self.startswith_expected_in_output(expected_start_with) self.assertTrue(assert_result, msg) def test_menu_set_option_invalid_case01(self): # Invalid port commands_to_run = ['target', 'set target http://moth:301801/', 'view', 'back', 'exit'] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected_start_with = ('Invalid URL configured by user,', # Because nothing was really saved and the # config is empty, this will succeed 'The configuration has been saved.') assert_result, msg = self.startswith_expected_in_output(expected_start_with) self.assertTrue(assert_result, msg)
class TestScanRunConsoleUI(ConsoleTestHelper): ''' Run scans from the console UI. ''' def test_SQL_scan(self): target = 'http://moth/w3af/audit/sql_injection/select/sql_injection_string.php' qs = '?name=andres' commands_to_run = [ 'plugins', 'output console,text_file', 'output config text_file', 'set output_file %s' % self.OUTPUT_FILE, 'set http_output_file %s' % self.OUTPUT_HTTP_FILE, 'set verbose True', 'back', 'output config console', 'set verbose False', 'back', 'audit sqli', 'crawl web_spider', 'crawl config web_spider', 'set only_forward True', 'back', 'grep path_disclosure', 'back', 'target', 'set target %s%s' % (target, qs), 'back', 'start', 'exit' ] expected = ('SQL injection in ', 'A SQL error was found in the response supplied by ', 'New URL found by web_spider plugin: "%s"' % target) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) found_errors = self.error_in_output( ['No such file or directory', 'Exception']) self.assertFalse(found_errors) @attr('smoke') def test_two_scans(self): target_1 = 'http://moth/w3af/audit/sql_injection/select/sql_injection_string.php' qs_1 = '?name=andres' scan_commands_1 = [ 'plugins', 'output console,text_file', 'output config text_file', 'set output_file %s' % self.OUTPUT_FILE, 'set http_output_file %s' % self.OUTPUT_HTTP_FILE, 'set verbose True', 'back', 'output config console', 'set verbose False', 'back', 'audit sqli', 'crawl web_spider', 'crawl config web_spider', 'set only_forward True', 'back', 'grep path_disclosure', 'back', 'target', 'set target %s%s' % (target_1, qs_1), 'back', 'start' ] expected_1 = ('SQL injection in ', 'A SQL error was found in the response supplied by ', 'New URL found by web_spider plugin: "%s"' % target_1) target_2 = 'http://moth/w3af/audit/xss/simple_xss.php' qs_2 = '?text=1' scan_commands_2 = [ 'plugins', 'output console,text_file', 'output config text_file', 'set output_file %s' % self.OUTPUT_FILE, 'set http_output_file %s' % self.OUTPUT_HTTP_FILE, 'set verbose True', 'back', 'output config console', 'set verbose False', 'back', 'audit xss', 'crawl web_spider', 'crawl config web_spider', 'set only_forward True', 'back', 'grep path_disclosure', 'back', 'target', 'set target %s%s' % (target_2, qs_2), 'back', 'start', 'exit' ] expected_2 = ('A Cross Site Scripting vulnerability was found at', 'New URL found by web_spider plugin: "%s"' % target_2) scan_commands = scan_commands_1 + scan_commands_2 self.console = ConsoleUI(commands=scan_commands, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected_1) self.assertTrue(assert_result, msg) assert_result, msg = self.startswith_expected_in_output(expected_2) self.assertTrue(assert_result, msg) found_errors = self.error_in_output( ['No such file or directory', 'Exception']) self.assertFalse(found_errors)
class TestExploitConsoleUI(ConsoleTestHelper): """ Run scan and exploit vulnerabilities from the console UI. """ def test_OS_commanding_exploit(self): target = "http://moth/w3af/audit/os_commanding/simple_osc.php" qs = "?cmd=foobar" commands_to_run = [ "plugins", "audit os_commanding", "back", "target", "set target %s%s" % (target, qs), "back", "start", "exploit", "exploit os_commanding", "interact 0", "execute ls", "execute w", "read /etc/passwd", # Testing the quote delimiter for strings 'read "/var/www/moth/w3af/crawl/web_spider/follow_links/a b.html"', "help", "lsp", "payload tcp", "payload list_processes", "payload list_processes 20", "exit", # from shell "exit", # from w3af ] expected = ( # start 'OS Commanding was found at: "%s' % target, # exploit "Vulnerability successfully exploited. Generated shell object", "Please use the interact command to interact with the shell objects.", # read /etc/passwd "root:x:0:0:root:/root:/bin/bash", "daemon:x:1:1:daemon:/usr/sbin:/bin/sh", # read "...a b.html" "non-zero.", # help "", # lsp "apache_config_directory", "kernel_version", # payload tcp "| Id | Local Address | Remote Address", # payload list_processes "Usage: list_processes <max_pid>", # payload list_processes 20 "| 1 | init | S (sleeping) | /sbin/init", ) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) found_errors = self.error_in_output(["No such file or directory", "Exception"]) self.assertFalse(found_errors)
class TestProfilesConsoleUI(ConsoleTestHelper): ''' Load profiles from the console UI. ''' def setUp(self): super(TestProfilesConsoleUI, self).setUp() self._remove_if_exists('unittest') def tearDown(self): super(TestProfilesConsoleUI, self).tearDown() self._remove_if_exists('unittest') def _remove_if_exists(self, profile_name): try: profile_inst = profile(profile_name) profile_inst.remove() except: pass def _assert_exists(self, profile_name): try: profile(profile_name) except: assert False, 'The %s profile does NOT exist!' % profile_name def test_load_profile_exists(self): commands_to_run = ['profiles', 'help', 'use OWASP_TOP10', 'exit'] expected = ( 'The plugins configured by the scan profile have been enabled', 'Please set the target URL', ' | Use a profile.') self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.all_expected_substring_in_output(expected) self.assertTrue(assert_result, msg) def test_load_profile_not_exists(self): commands_to_run = ['profiles', 'help', 'use do_not_exist', 'exit'] expected = ('Unknown profile name: "do_not_exist"',) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_save_as_profile(self): commands_to_run = ['profiles', 'use OWASP_TOP10', 'save_as unittest', 'exit'] expected = ('Profile saved.',) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) self._assert_exists('unittest') def test_save_load_misc_settings(self): # Save the settings commands_to_run = ['misc-settings set msf_location /etc/', 'profiles save_as unittest', 'exit'] expected = ('Profile saved.',) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) self._assert_exists('unittest') # Clean the mocked stdout self._mock_stdout.clear() # Load the settings commands_to_run = ['profiles', 'use unittest', 'back', 'misc-settings view', 'exit'] expected = ('/etc/',) self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() assert_result, msg = self.all_expected_substring_in_output(expected) self.assertTrue(assert_result, msg)
class TestKBAdd(ConsoleTestHelper): ''' Basic test for the console UI. ''' def test_kb_add(self): commands_to_run = [ 'kb', 'add dav', 'set url http://target.com/', 'back', 'list vulns', 'back', 'exit', ] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ( 'w3af>>> ', 'w3af/kb>>> ', 'w3af/kb/config:dav>>> ', 'Stored "DAV Misconfiguration" in the knowledge base.', '| DAV | This vulnerability was added to the knowledge' ) assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_kb_add_with_errors(self): commands_to_run = [ 'kb', 'add', 'add foobar', 'add foo bar', 'back', 'exit', ] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/kb>>> ', 'Parameter "type" is missing,', 'Type foobar is unknown', 'Only one parameter is accepted,') assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_kb_add_back_without_config(self): commands_to_run = [ 'kb', 'add', 'add os_commanding', 'back', 'exit', ] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ( 'w3af>>> ', 'w3af/kb>>> ', 'This vulnerability requires data to be configured.', ) assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg)
class TestKBAdd(ConsoleTestHelper): ''' Basic test for the console UI. ''' def test_kb_add(self): commands_to_run = ['kb', 'add dav', 'set url http://target.com/', 'back', 'list vulns', 'back', 'exit',] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/kb>>> ', 'w3af/kb/config:dav>>> ', 'Stored "DAV Misconfiguration" in the knowledge base.', '| DAV | This vulnerability was added to the knowledge') assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_kb_add_with_errors(self): commands_to_run = ['kb', 'add', 'add foobar', 'add foo bar', 'back', 'exit',] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/kb>>> ', 'Parameter "type" is missing,', 'Type foobar is unknown', 'Only one parameter is accepted,') assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) def test_kb_add_back_without_config(self): commands_to_run = ['kb', 'add', 'add os_commanding', 'back', 'exit',] self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() expected = ('w3af>>> ', 'w3af/kb>>> ', 'This vulnerability requires data to be configured.', ) assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg)
class TestConsoleBugReport(ConsoleTestHelper): ''' Run a scan from the console UI (which fails with a bug) and report it to a github issue. ''' def setUp(self): ''' This is a rather complex setUp since I need to move the failing_spider.py plugin to the plugin directory in order to be able to run it afterwards. In the tearDown method, I'll remove the file. ''' self.src = os.path.join('plugins', 'tests', 'crawl', 'failing_spider.py') self.dst = os.path.join('plugins', 'crawl', 'failing_spider.py') shutil.copy(self.src, self.dst) super(TestConsoleBugReport, self).setUp() def tearDown(self): if os.path.exists(self.dst): os.remove(self.dst) # pyc file if os.path.exists(self.dst + 'c'): os.remove(self.dst + 'c') super(TestConsoleBugReport, self).tearDown() def test_buggy_scan(self): target = 'http://moth/w3af/crawl/web_spider/follow_links/1.html' commands_to_run = ['plugins', 'output console', 'crawl failing_spider', 'crawl config failing_spider', 'set only_forward true', 'back', 'grep path_disclosure', 'back', 'target', 'set target %s' % (target), 'back', 'start', 'bug-report', 'summary', 'report', 'exit'] expected = ('During the current scan (with id: ', 'An exception was found while running crawl.failing_spider on ', 'New URL found by failing_spider plugin: ', ' [1/1] Bug with id 0 reported at https://github.com/andresriancho/w3af/issues/') self.console = ConsoleUI(commands=commands_to_run, do_upd=False) self.console.sh() caught_exceptions = self.console._w3af.exception_handler.get_all_exceptions() self.assertEqual(len(caught_exceptions), 1) assert_result, msg = self.startswith_expected_in_output(expected) self.assertTrue(assert_result, msg) found_errors = self.error_in_output(['No such file or directory', 'Exception']) self.assertFalse(found_errors) # Clear the exceptions, we don't need them anymore. self.console._w3af.exception_handler.clear() # Close issue from github issue_id_re = re.compile('https://github.com/andresriancho/w3af/issues/(\d*)') for line in self._mock_stdout.messages: mo = issue_id_re.search(line) if mo is not None: issue_id = mo.group(1) gh = Github(OAUTH_TOKEN) repo = gh.get_user('andresriancho').get_repo('w3af') issue = repo.get_issue(int(issue_id)) issue.edit(state='closed') break else: self.assertTrue(False, 'Did NOT close test ticket.')