def test_strategy_exception(self):
core = w3afCore()
target = core.target.get_options()
target['target'].set_value(self.TARGET_URL)
core.target.set_options(target)
core.plugins.set_plugins(['sqli'], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
strategy = w3af_core_strategy(core)
strategy.join_all_consumers = Mock(side_effect=Exception)
strategy.terminate = Mock(wraps=strategy.terminate)
self.assertRaises(Exception, strategy.start)
# Now test that those threads are being terminated
self.assertEqual(strategy.terminate.called, True)
core.exploit_phase_prerequisites = lambda: 42
core.scan_end_hook()
self._assert_thread_names()
def test_strategy_verify_target_server(self):
core = w3afCore()
# TODO: Change 2312 by an always closed/non-http port
INVALID_TARGET = 'http://localhost:2312/'
target = core.target.get_options()
target['target'].set_value(INVALID_TARGET)
core.target.set_options(target)
core.plugins.set_plugins([
'sqli',
], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
strategy = w3af_core_strategy(core)
try:
strategy.start()
except ScanMustStopException, wmse:
message = str(wmse)
self.assertIn('Please verify your target configuration', message)
def test_strategy_exception(self):
core = w3afCore()
target = core.target.get_options()
target['target'].set_value(self.TARGET_URL)
core.target.set_options(target)
core.plugins.set_plugins(['sqli',], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
strategy = w3af_core_strategy(core)
strategy.join_all_consumers = Mock(side_effect=Exception)
strategy.terminate = Mock(wraps=strategy.terminate)
self.assertRaises(Exception, strategy.start)
# Now test that those threads are being terminated
self.assertEqual(strategy.terminate.called, True)
core.exploit_phase_prerequisites = lambda: 42
core.scan_end_hook()
self._assert_thread_names()
def test_strategy_run(self):
core = w3afCore()
target = core.target.get_options()
target['target'].set_value(self.TARGET_URL)
core.target.set_options(target)
core.plugins.set_plugins([
'sqli',
], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
def verify_threads_running(functor):
thread_names = [t.name for t in threading.enumerate()]
self.assertIn('WorkerThread', thread_names)
self.called_teardown_audit = True
return functor
self.called_teardown_audit = False
strategy = w3af_core_strategy(core)
strategy._teardown_audit = verify_threads_running(
strategy._teardown_audit)
strategy.start()
# Now test that those threads are being terminated
self.assertTrue(self.called_teardown_audit)
vulns = kb.get('sqli', 'sqli')
self.assertEqual(len(vulns), 1, vulns)
# Tell the core that we've finished, this should kill the WorkerThreads
core.exploit_phase_prerequisites = lambda: 42
core.scan_end_hook()
self._assert_thread_names()
def test_strategy_verify_target_server(self):
core = w3afCore()
# TODO: Change 2312 by an always closed/non-http port
INVALID_TARGET = 'http://localhost:2312/'
target = core.target.get_options()
target['target'].set_value(INVALID_TARGET)
core.target.set_options(target)
core.plugins.set_plugins(['sqli',], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
strategy = w3af_core_strategy(core)
try:
strategy.start()
except ScanMustStopException, wmse:
message = str(wmse)
self.assertIn('Please verify your target configuration', message)
def test_strategy_run(self):
core = w3afCore()
target = core.target.get_options()
target['target'].set_value(self.TARGET_URL)
core.target.set_options(target)
core.plugins.set_plugins(['sqli',], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
def verify_threads_running(functor):
thread_names = [t.name for t in threading.enumerate()]
self.assertIn('WorkerThread', thread_names)
self.called_teardown_audit = True
return functor
self.called_teardown_audit = False
strategy = w3af_core_strategy(core)
strategy._teardown_audit = verify_threads_running(strategy._teardown_audit)
strategy.start()
# Now test that those threads are being terminated
self.assertTrue(self.called_teardown_audit)
vulns = kb.get('sqli', 'sqli')
self.assertEqual(len(vulns), 1, vulns)
# Tell the core that we've finished, this should kill the WorkerThreads
core.exploit_phase_prerequisites = lambda: 42
core.scan_end_hook()
self._assert_thread_names()
