def run_default_checks(self): """Tests for some default issues These issues are not specific to any test type, and can be raised as a result of many different types of attacks. Therefore, they're defined separately from the test_case method so that they are not overwritten by test cases that inherit from BaseFuzzTestCase. Any extension to this class should call self.run_default_checks() in order to test for the Issues defined here """ if "HTTP_STATUS_CODE_5XX" in self.test_signals: self.register_issue( defect_type="500_errors", severity=syntribos.LOW, confidence=syntribos.HIGH, description=( "This request returns an error with status code " "{0}, which might indicate some server-side " "fault that may lead to further vulnerabilities").format( self.test_resp.status_code)) self.diff_signals.register(length_diff(self)) if "LENGTH_DIFF_OVER" in self.diff_signals: if self.init_resp.status_code == self.test_resp.status_code: description = ("The difference in length between the response " "to the baseline request and the request " "returned when sending an attack string " "exceeds {0} percent, which could indicate a " "vulnerability to injection attacks").format( CONF.test.length_diff_percent) self.register_issue(defect_type="length_diff", severity=syntribos.LOW, confidence=syntribos.LOW, description=description)
def run_default_checks(self): """Tests for some default issues These issues are not specific to any test type, and can be raised as a result of many different types of attacks. Therefore, they're defined separately from the test_case method so that they are not overwritten by test cases that inherit from BaseFuzzTestCase. Any extension to this class should call self.run_default_checks() in order to test for the Issues defined here """ if "HTTP_STATUS_CODE_5XX" in self.test_signals: self.register_issue( defect_type="500_errors", severity=syntribos.LOW, confidence=syntribos.HIGH, description=("This request returns an error with status code " "{0}, which might indicate some server-side " "fault that may lead to further vulnerabilities" ).format(self.test_resp.status_code)) self.diff_signals.register(length_diff(self)) if "LENGTH_DIFF_OVER" in self.diff_signals: if self.init_resp.status_code == self.test_resp.status_code: description = ("The difference in length between the response " "to the baseline request and the request " "returned when sending an attack string " "exceeds {0} percent, which could indicate a " "vulnerability to injection attacks" ).format(CONF.test.length_diff_percent) self.register_issue( defect_type="length_diff", severity=syntribos.LOW, confidence=syntribos.LOW, description=description)
def test_percentage_difference(self, m): content = u"""'Traceback (most recent call last):\n', File "<doctest...>", line 10, in <module>\n lumberjack()\n', File "<doctest...>", line 4, in lumberjack\n bright_side_of_death()\n', File "<doctest...>", line 7, in bright_side_of_death\n return tuple()[0]\n', 'IndexError: tuple index out of range\n']""" m.register_uri( "GET", "http://example.com", text=textwrap.dedent(content)) resp = requests.get("http://example.com") test = FakeTestObject(resp) self.assertIsNone(length_diff(test))
def test_percentage_difference(self, m): content = u"""'Traceback (most recent call last):\n', File "<doctest...>", line 10, in <module>\n lumberjack()\n', File "<doctest...>", line 4, in lumberjack\n bright_side_of_death()\n', File "<doctest...>", line 7, in bright_side_of_death\n return tuple()[0]\n', 'IndexError: tuple index out of range\n']""" m.register_uri("GET", "http://example.com", text=textwrap.dedent(content)) resp = requests.get("http://example.com") test = FakeTestObject(resp) self.assertIsNone(length_diff(test))