Exemple #1
0
    def fromDict(self, dict):
        self.id = dict["_id"]
        self.name = dict["name"]
        owned = True if dict["owned"].upper() == "TRUE" else False
        self.setOwned(owned)
        parent_id = dict["parent"]
        self.owner = dict["owner"]
        self._status = dict["status"]
        self._version = dict["version"]

        self.description = dict["description"]

        for u, p in dict["credentials"]:
            self.credentials.append((u, p))

        for note in dict["notes"]:
            n = ModelObjectNote("")
            self.setParent(self)
            n.fromDict(note)
            self.addNote(n)

        for vuln in dict["vulnerabilities"]:
            v = ModelObjectVuln("")
            self.setParent(self)
            v.fromDict(vuln)
            self.addVuln(v)

        return True
Exemple #2
0
    def testEditNoteSyncGetsMapperDispatchedSYNC(self):
        note = ModelObjectNote("coquito")

        params = ('new_name', 'new_desc')
        self.genericEdit(note, params, controller.ModelController.editNoteSYNC)
        self.assertEquals(note.getName(), 'new_name', "Name not updated")
        self.assertEquals(note.text, 'new_desc', "Description not updated")
Exemple #3
0
 def testDelNoteFromInterfaceSYNC(self):
     interface = Interface('coco')
     note = ModelObjectNote("int_mock0")
     interface.addChild(note)
     self.genericDelTest(
         interface, note,
         controller.ModelController.delNoteFromInterfaceSYNC)
Exemple #4
0
    def testDelNoteFromService(self):
        """ Creates a Hosts, adds an Interface, a Service and a Note, then removes the
        note """

        # When
        host = test_utils.create_host(self)
        interface = test_utils.create_interface(self, host)
        service = test_utils.create_service(self, host, interface)

        note = ModelObjectNote(name='NoteTest', text='TestDescription')

        self.model_controller.addNoteToServiceSYNC(host.getID(),
                                                   service.getID(), note)

        added_host = self.model_controller.getHost(host.getName())
        added_interface = added_host.getInterface(interface.getID())
        added_service = added_interface.getService(service.getID())
        notes = added_service.getNotes()
        self.assertIn(note, notes, 'Note not added')

        # Then

        self.model_controller.delNoteFromServiceSYNC(host.getID(),
                                                     service.getID(),
                                                     note.getID())

        added_host = self.model_controller.getHost(host.getName())
        added_interface = added_host.getInterface(interface.getID())
        added_service = added_interface.getService(service.getID())
        notes = added_service.getNotes()
        self.assertNotIn(note, notes, 'Note not removed')
Exemple #5
0
 def testDelNoteFromHostSYNC(self):
     host = Host('coco')
     note = ModelObjectNote("int_mock0")
     host.addChild(note)
     self.genericDelTest(host,
                         note,
                         controller.ModelController.delNoteFromHostASYNC,
                         process_pending=True)
Exemple #6
0
 def testDelNoteFromServiceASYNC(self):
     service = Service('coco')
     note = ModelObjectNote("int_mock0")
     service.addChild(note)
     self.genericDelTest(service,
                         note,
                         controller.ModelController.delNoteFromServiceASYNC,
                         process_pending=True)
Exemple #7
0
    def testServiceWithMultipleChildTypes(self):
        serv = Service('cuca')
        vuln = ModelObjectVuln('vuln')
        note = ModelObjectNote('nota')
        serv.addChild(note)
        serv.addChild(vuln)

        self.assertEquals(len(serv.getVulns()), 1, "Vulns added is not 1")
        self.assertIn(vuln, serv.getVulns(), "Vuln not accessible")
        self.assertEquals(len(serv.getNotes()), 1, "Notes added is not 1")
        self.assertIn(note, serv.getNotes(), "Note not accessible")
Exemple #8
0
    def testAddNoteToHost(self):
        """ This test case creates a host within the Model Controller context
        then adds a Note"""

        # When
        h = test_utils.create_host(self)
        note = ModelObjectNote(name='NoteTest', text='TestDescription')
        self.model_controller.addNoteToHostSYNC(h.getID(), note)

        # Then
        added_host = self.model_controller.getHost(h.getName())
        notes = added_host.getNotes()
        self.assertIn(note, notes, 'Note not added')
Exemple #9
0
    def testAddNoteToInterfaceGetsMapperDispatchSaveSYNC(self):
        interface = Interface("pepito")
        note = ModelObjectNote("a_note")

        mappersManager = self.createMapperMock()
        objectMapper = mock()
        when(mappersManager).getMapper(
            note.class_signature).thenReturn(objectMapper)
        when(objectMapper).save(note).thenReturn(True)

        model_controller = controller.ModelController(mock(), mappersManager)

        model_controller.addNoteToInterfaceSYNC(None, interface.getID(), note)

        verify(mappersManager).getMapper(note.class_signature)
        verify(objectMapper).save(note)
Exemple #10
0
    def testAddNoteToModelObjectSYNC(self):
        host = Host("pepito")
        note = ModelObjectNote("a_note")

        mappersManager = self.createMapperMock()
        objectMapper = mock()
        when(mappersManager).getMapper(
            note.class_signature).thenReturn(objectMapper)
        when(objectMapper).save(note).thenReturn(True)

        model_controller = controller.ModelController(mock(), mappersManager)

        model_controller.addNoteSYNC(host.getID(), note)

        verify(mappersManager).getMapper(note.class_signature)
        verify(objectMapper).save(note)
Exemple #11
0
    def testAddNoteToVulnGetsMapperDispatchSave(self):
        vuln = ModelObjectVuln('a vuln')
        note = ModelObjectNote("a_note")

        mappersManager = self.createMapperMock()
        objectMapper = mock()
        when(mappersManager).getMapper(
            note.class_signature).thenReturn(objectMapper)
        when(objectMapper).save(note).thenReturn(True)

        model_controller = controller.ModelController(mock(), mappersManager)

        model_controller.addNoteToServiceSYNC(None, vuln.getID(), note)

        verify(mappersManager).getMapper(note.class_signature)
        verify(objectMapper).save(note)
Exemple #12
0
    def testAddNoteToNoteGetsMapperDispatchSaveASYNC(self):
        host = Host("pepito")
        note = ModelObjectNote("a_note")

        mappersManager = self.createMapperMock()
        objectMapper = mock()
        when(mappersManager).getMapper(
            note.class_signature).thenReturn(objectMapper)
        when(objectMapper).save(note).thenReturn(True)

        model_controller = controller.ModelController(mock(), mappersManager)

        model_controller.addNoteToNoteASYNC(None, None, note.getID(), note)
        model_controller.processAllPendingActions()

        verify(mappersManager).getMapper(note.class_signature)
        verify(objectMapper).save(note)
Exemple #13
0
    def fromDict(self, dict):
        dict.setdefault("")
        self.id = dict["_id"]
        self.name = dict["name"]
        owned = True if dict.get("owned", "").upper() == "TRUE" else False
        self.setOwned(owned)
        parent_id = dict["parent"]
        self.owner = dict["owner"]
        self.operating_system = dict["os"]
        self._default_gateway = dict["default_gateway"].split(",")

        self.description = dict["description"]

        self._metadata = Metadata("").fromDict(dict["metadata"])

        self.categories = []
        for category in dict["categories"]:
            self.categories.append(category)

        interfaces = dict["interfaces"]
        for id, interface in interfaces.items():
            ints = Interface()
            ints.setParent(self)
            ints.fromDict(interface)
            self.addInterface(ints)

        applications = dict["applications"]
        for id, application in applications.items():
            app = HostApplication("")
            app.setParent(self)
            app.fromDict(application)
            self.addApplication(app)

        for note in dict["notes"]:
            n = ModelObjectNote("")
            self.setParent(self)
            n.fromDict(note)
            self.addNote(n)

        for vuln in dict["vulnerabilities"]:
            v = ModelObjectVuln("")
            self.setParent(self)
            v.fromDict(vuln)
            self.addVuln(v)

        return True
Exemple #14
0
    def fromDict(self, dict):
        self.id = dict["id"]
        self.name = dict["name"]
        owned = True if dict["owned"].upper() == "TRUE" else False
        self.setOwned(owned)
        parent_id = dict["parent"]
        self.owner = dict["owner"]
        self._protocol = dict["protocol"]
        self._status = dict["status"]
        self._version = dict["version"]

        self.description = dict["description"]

        for port in dict["ports"]:
            self.addPort(int(port))

        for interface in dict["interfaces"]:
            inter = Interface()
            inter.id = interface
            self.addInterface(inter)

        for application in dict["applications"]:
            app = HostApplication("")
            app.id = application
            self.addApplication(app)

        for cred in dict["creds"]:
            c = ModelObjectCred("")
            self.setParent(self)
            c.fromDict(cred)
            self.addCred(c)

        for note in dict["notes"]:
            n = ModelObjectNote("")
            self.setParent(self)
            n.fromDict(note)
            self.addNote(n)

        for vuln in dict["vulnerabilities"]:
            v = ModelObjectVuln("")
            self.setParent(self)
            v.fromDict(vuln)
            self.addVuln(v)

        return True
Exemple #15
0
    def testDeleteNoteFromHost(self):
        """ Creates a Host adds a Note then removes """

        host1 = test_utils.create_host(self, "coquito")

        note = ModelObjectNote(name='NoteTest', text='TestDescription')

        self.model_controller.addNoteToHostSYNC(host1.getID(), note)

        hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()]

        self.assertIn(host1.getID(), hosts_ids, "Host not in controller")

        self.model_controller.delNoteFromHostSYNC(host1.getID(), note.getID())

        added_host = self.model_controller.getHost(host1.getName())

        self.assertNotIn(note, added_host.getNotes(), 'Note not removed')
Exemple #16
0
    def testAddNoteToInterface(self):
        """ This test case creates a host within the Model Controller context
        adds an interface to it then adds a Note"""

        # When
        host = test_utils.create_host(self)
        interface = test_utils.create_interface(self, host)

        note = ModelObjectNote(name='NoteTest', text='TestDescription')

        self.model_controller.addNoteToInterfaceSYNC(host.getID(),
                                                     interface.getID(), note)

        added_host = self.model_controller.getHost(host.getName())
        added_interface = added_host.getInterface(interface.getID())
        notes = added_interface.getNotes()
        # Then
        self.assertIn(note, notes, 'Note not added')
Exemple #17
0
    def fromDict(self, dict):
        self.id = dict["_id"]
        self.name = dict["name"]
        owned = True if dict["owned"].upper() == "TRUE" else False
        self.setOwned(owned)
        parent_id = dict["parent"]
        self.owner = dict["owner"]
        self.mac = dict["mac"]
        self.network_segment = dict["network_segment"]

        self.description = dict["description"]

        for hostname in dict["hostnames"]:
            self.addHostname(hostname)

        self.ipv4.update(dict["ipv4"])
        self.ipv6.update(dict["ipv6"])

        self.amount_ports_opened = dict["ports"]["opened"]
        self.amount_ports_closed = dict["ports"]["closed"]
        self.amount_ports_filtered = dict["ports"]["filtered"]

        for srv in dict["services"]:
            service = Service("")
            service.setParent(self)
            service.fromDict(srv)
            self.addService(service)

        for note in dict["notes"]:
            n = ModelObjectNote("")
            self.setParent(self)
            n.fromDict(note)
            self.addNote(n)

        for vuln in dict["vulnerabilities"]:
            v = ModelObjectVuln("")
            self.setParent(self)
            v.fromDict(vuln)
            self.addVuln(v)

        return True
Exemple #18
0
    def test_load_workspace_on_fs(self):
        """ This test case creates a host within the Model Controller context
        adds an interface to it then adds a VulnWeb"""
        """
        We are going to test this structure:
        host -> interface1 -> service1 -> vuln_web
                                       -> vuln
                                       -> note
                           -> service2 -> vuln
                                       -> vuln
             -> vuln
             -> note
             -> note

             -> interface2 -> service3 -> note
                                       -> credential
                                       -> vuln
                           -> vuln
        """

        workspace = self.wm.createWorkspace(new_random_workspace_name(),
                                            workspaceClass=WorkspaceOnFS)
        #self._couchdb_workspaces.append(workspace.name)
        self.wm.setActiveWorkspace(workspace)
        WorkspacePersister.stopThreads()

        host = create_host(self)
        interface = create_interface(self, host, ip="127.0.0.1")
        interface2 = create_interface(self, host, ip="127.0.0.2")
        service = create_service(self, host, interface, ports=1)
        service2 = create_service(self, host, interface, ports=2)
        service3 = create_service(self, host, interface2, ports=3)

        vulnweb = ModelObjectVulnWeb(name='VulnWebTest',
                                     desc='TestDescription',
                                     severity='high')

        self.model_controller.addVulnToServiceSYNC(host.getID(),
                                                   service.getID(), vulnweb)

        vuln = ModelObjectVuln(name='VulnTest',
                               desc='TestDescription',
                               severity='high')
        vuln2 = ModelObjectVuln(name='VulnTest2',
                                desc='TestDescription',
                                severity='high')
        vuln3 = ModelObjectVuln(name='VulnTest3',
                                desc='TestDescription',
                                severity='high')
        vuln4 = ModelObjectVuln(name='VulnTest4',
                                desc='TestDescription',
                                severity='high')
        vuln5 = ModelObjectVuln(name='VulnTest5',
                                desc='TestDescription',
                                severity='high')
        vuln6 = ModelObjectVuln(name='VulnTest6',
                                desc='TestDescription',
                                severity='high')

        self.model_controller.addVulnToServiceSYNC(host.getID(),
                                                   service.getID(), vuln)
        self.model_controller.addVulnToServiceSYNC(host.getID(),
                                                   service2.getID(), vuln2)
        self.model_controller.addVulnToServiceSYNC(host.getID(),
                                                   service2.getID(), vuln3)
        self.model_controller.addVulnToHostSYNC(host.getID(), vuln4)
        self.model_controller.addVulnToServiceSYNC(host.getID(),
                                                   service3.getID(), vuln5)
        self.model_controller.addVulnToInterfaceSYNC(host.getID(),
                                                     interface2.getID(), vuln6)

        note = ModelObjectNote(name='NoteTest', text='TestDescription')
        note2 = ModelObjectNote(name='NoteTest2', text='TestDescription')
        note3 = ModelObjectNote(name='NoteTest3', text='TestDescription')
        note4 = ModelObjectNote(name='NoteTest4', text='TestDescription')

        self.model_controller.addNoteToServiceSYNC(host.getID(),
                                                   service.getID(), note)
        self.model_controller.addNoteToHostSYNC(host.getID(), note2)
        self.model_controller.addNoteToHostSYNC(host.getID(), note3)
        self.model_controller.addNoteToServiceSYNC(host.getID(),
                                                   service3.getID(), note4)

        cred = ModelObjectCred(username='******', password='******')

        self.model_controller.addCredToServiceSYNC(host.getID(),
                                                   service3.getID(), cred)

        # First, we test if the structure was correctly created

        # one host with two interfaces, one vuln and two notes

        self.assertEquals(len(self.model_controller.getAllHosts()), 1,
                          "Host not created")
        added_host = self.model_controller.getHost(host.getID())

        self.assertEquals(len(added_host.getAllInterfaces()), 2,
                          "Interfaces not added to Host")
        self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created")
        self.assertEquals(len(added_host.getNotes()), 2, "Notes not created")

        # one interface with two services, and another one
        # with a service and a vuln

        added_interface1 = added_host.getInterface(interface.getID())
        added_interface2 = added_host.getInterface(interface2.getID())

        self.assertEquals(len(added_interface1.getAllServices()), 2,
                          "Services not created")

        self.assertEquals(len(added_interface2.getAllServices()), 1,
                          "Service not created")

        self.assertEquals(len(added_interface2.getVulns()), 1,
                          "Vulns not created")

        # one service with a note, a vuln and a vuln web
        added_service1 = added_interface1.getService(service.getID())
        self.assertEquals(len(added_service1.getNotes()), 1,
                          "Note not created")
        self.assertEquals(len(added_service1.getVulns()), 2,
                          "Vulns not created")
        added_vuln_web = added_service1.getVuln(vulnweb.getID())
        self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb",
                          "Not a vuln web")

        # one service with two vulns
        added_service2 = added_interface1.getService(service2.getID())
        self.assertEquals(len(added_service2.getVulns()), 2,
                          "Services not created")

        # one service with a note, a vuln and a credential

        added_service3 = added_interface2.getService(service3.getID())
        self.assertEquals(len(added_service3.getVulns()), 1,
                          "Vuln not created")
        self.assertEquals(len(added_service3.getNotes()), 1,
                          "Note not created")
        self.assertEquals(len(added_service3.getCreds()), 1,
                          "Cred not created")

        # So, now we reload the worskpace and check everything again
        print workspace.name

        workspace.load()

        # one host with two interfaces, one vuln and two notes

        self.assertEquals(len(self.model_controller.getAllHosts()), 1,
                          "Host not created")
        added_host = self.model_controller.getHost(host.getID())

        self.assertEquals(len(added_host.getAllInterfaces()), 2,
                          "Interfaces not added to Host")
        self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created")
        self.assertEquals(len(added_host.getNotes()), 2, "Notes not created")

        # one interface with two services, and another one
        # with a service and a vuln

        added_interface1 = added_host.getInterface(interface.getID())
        added_interface2 = added_host.getInterface(interface2.getID())

        self.assertEquals(len(added_interface1.getAllServices()), 2,
                          "Services not created")

        self.assertEquals(len(added_interface2.getAllServices()), 1,
                          "Service not created")

        self.assertEquals(len(added_interface2.getVulns()), 1,
                          "Vulns not created")

        # one service with a note, a vuln and a vuln web
        added_service1 = added_interface1.getService(service.getID())
        self.assertEquals(len(added_service1.getNotes()), 1,
                          "Note not created")
        self.assertEquals(len(added_service1.getVulns()), 2,
                          "Vulns not created")
        added_vuln_web = added_service1.getVuln(vulnweb.getID())
        self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb",
                          "Not a vuln web")

        # one service with two vulns
        added_service2 = added_interface1.getService(service2.getID())
        self.assertEquals(len(added_service2.getVulns()), 2,
                          "Services not created")

        # one service with a note, a vuln and a credential

        added_service3 = added_interface2.getService(service3.getID())
        self.assertEquals(len(added_service3.getVulns()), 1,
                          "Vuln not created")
        self.assertEquals(len(added_service3.getNotes()), 1,
                          "Note not created")
        self.assertEquals(len(added_service3.getCreds()), 1,
                          "Cred not created")
Exemple #19
0
 def testDelNoteFromModelObjectSYNC(self):
     host = Host('coco')
     note = ModelObjectNote("int_mock0")
     host.addChild(note)
     self.genericDelTest(host, note, controller.ModelController.delNoteSYNC)