def test_all_vulnerability_names_from_db_are_used(self):
vuln_names = VULNS.keys()
all_plugin_sources = self.get_all_plugins_source()
missing_ignore = {'TestCase',
'Blind SQL injection vulnerability'}
for vuln_name in vuln_names:
if vuln_name in missing_ignore:
continue
msg = '"%s" not in plugin sources' % vuln_name
self.assertIn(vuln_name, all_plugin_sources, msg)
def test_all_vulnerability_names_from_db_are_used(self):
vuln_names = VULNS.keys()
all_plugin_sources = self.get_all_plugins_source()
missing_ignore = {
'TestCase', 'Target redirect', 'Blind SQL injection vulnerability'
}
for vuln_name in vuln_names:
if vuln_name in missing_ignore:
continue
msg = '"%s" not in plugin sources' % vuln_name
self.assertIn(vuln_name, all_plugin_sources, msg)
def test_all_vulnerability_names_from_source_in_db(self):
vuln_names = VULNS.keys()
vuln_names_re = ' (Info|Vuln)\\(["\'](.*?)["\'] ?,.*?\\)'
all_plugin_sources = self.get_all_plugins_source()
vuln_names_in_source = re.findall(vuln_names_re, all_plugin_sources,
re.DOTALL)
extracted = []
not_in_db = []
for _type, vuln_title in vuln_names_in_source:
extracted.append(vuln_title)
if vuln_title not in vuln_names and vuln_title not in not_in_db:
not_in_db.append(vuln_title)
self.assertEqual(not_in_db, [])
self.assertGreater(len(extracted), 120, extracted)
def test_all_vulnerability_names_from_source_in_db(self):
vuln_names = VULNS.keys()
vuln_names_re = ' (Info|Vuln)\\(["\'](.*?)["\'] ?,.*?\\)'
all_plugin_sources = self.get_all_plugins_source()
vuln_names_in_source = re.findall(vuln_names_re, all_plugin_sources,
re.DOTALL)
extracted = []
not_in_db = []
for _type, vuln_title in vuln_names_in_source:
extracted.append(vuln_title)
if vuln_title not in vuln_names and vuln_title not in not_in_db:
not_in_db.append(vuln_title)
self.assertEqual(not_in_db, [])
self.assertGreater(len(extracted), 120, extracted)