def remove_field_feed(request):
"""
It allows to modify the feed by removing a certain field and loading the new feed configuration
"""
backup_data = read_json_file(custom_msu_json_feed_path)
data = read_json_file(custom_msu_json_feed_path)
data_removed_field = dict(data['vulnerabilities']['CVE-010'][0])
data_removed_field.pop(request.param, None)
data['vulnerabilities']['CVE-010'][0] = data_removed_field
write_json_file(custom_msu_json_feed_path, data)
vd.clean_vuln_and_sys_programs_tables()
control_service('restart', daemon='wazuh-modulesd')
vd.set_system(system='Windows10')
yield request.param
write_json_file(custom_msu_json_feed_path, backup_data)
vd.clean_vuln_and_sys_programs_tables()
truncate_file(LOG_FILE_PATH)
def modify_feed(test_data, custom_input, request):
"""
Modify the MSU feed, setting a test field value
"""
backup_data = read_json_file(custom_msu_json_feed_path)
data = read_json_file(custom_msu_json_feed_path)
modified_data = dict(data['vulnerabilities']['CVE-010'][0])
modified_data[test_data['field']] = custom_input
data['vulnerabilities']['CVE-010'][0] = modified_data
write_json_file(custom_msu_json_feed_path, data)
vd.clean_vuln_and_sys_programs_tables()
control_service('restart', daemon='wazuh-modulesd')
vd.set_system(system='Windows10')
yield
write_json_file(custom_msu_json_feed_path, backup_data)
vd.clean_vuln_and_sys_programs_tables()
truncate_file(LOG_FILE_PATH)
def modify_feed(test_values, request):
"""
Modify the MSU OVAL feed, setting a test field value
"""
backup_data = read_json_file(custom_msu_json_feed_path)
modified_data = dict(backup_data)
# Insert key:value pair as string, since otherwise, you could not insert lists or dictionaries as a key
modified_string_data = vd.insert_data_json_feed(data=modified_data,
field_name=test_values[0],
field_value=test_values[1],
append_data=None)
write_file(custom_msu_json_feed_path, modified_string_data)
vd.clean_vuln_and_sys_programs_tables()
control_service('restart', daemon='wazuh-modulesd')
vd.set_system(system='Windows10')
yield
write_json_file(custom_msu_json_feed_path, backup_data)
vd.clean_vuln_and_sys_programs_tables()
truncate_file(LOG_FILE_PATH)
def modify_feed(test_values, request):
"""Modify the Arch Linux JSON feed by setting a test tag value."""
backup_data = read_json_file(custom_archlinux_json_feed_path)
modified_data = deepcopy(backup_data)
modified_data[0]['replace_this'] = test_values[1]
modified_string = json.dumps(modified_data, indent=4)
new_key = test_values[0]
if isinstance(new_key, str):
new_key = f'"{new_key}"'
else:
new_key = str(new_key)
modified_string = modified_string.replace('"replace_this"', new_key)
write_file(custom_archlinux_json_feed_path, modified_string)
vd.clean_vuln_and_sys_programs_tables()
control_service('restart', daemon='wazuh-modulesd')
vd.set_system(system='ARCH')
yield
write_json_file(custom_archlinux_json_feed_path, backup_data)
vd.clean_vuln_and_sys_programs_tables()
file.truncate_file(LOG_FILE_PATH)
def remove_field_feed(request):
"""It allows to modify the feed by removing a certain field and loading the new feed configuration."""
backup_data = read_json_file(custom_archlinux_json_feed_path)
modified_data = deepcopy(backup_data)
modified_data[0].pop(request.param, None)
write_json_file(custom_archlinux_json_feed_path, modified_data)
vd.clean_vuln_and_sys_programs_tables()
control_service('restart', daemon='wazuh-modulesd')
vd.set_system(system='Windows10')
yield request.param
write_json_file(custom_archlinux_json_feed_path, backup_data)
vd.clean_vuln_and_sys_programs_tables()
truncate_file(LOG_FILE_PATH)
def modify_feed(test_data, request):
"""Modify the Arch Linux feed by setting a test field value."""
backup_data = read_json_file(custom_archlinux_json_feed_path)
modified_data = json.dumps(dict(backup_data[0]), indent=4)
for item in backup_data[1:]:
modified_data += ",\n" + json.dumps(dict(item), indent=4)
modified_string_data = replace_regex(pattern=test_data['pattern'], new_value=test_data['update'],
data=modified_data, replace_group=True)
modified_string_data = f"[\n{modified_string_data}\n]"
write_file(custom_archlinux_json_feed_path, modified_string_data)
vd.clean_vuln_and_sys_programs_tables()
control_service('restart', daemon='wazuh-modulesd')
vd.set_system(system='Windows10')
yield
write_json_file(custom_archlinux_json_feed_path, backup_data)
vd.clean_vuln_and_sys_programs_tables()
truncate_file(LOG_FILE_PATH)
# Variables
current_test_path = os.path.dirname(os.path.realpath(__file__))
test_data_path = os.path.join(current_test_path, 'data')
configurations_path = os.path.join(test_data_path, 'wazuh_redhat_inventory.yaml')
redhat_vulnerabilities_data_path = os.path.join(test_data_path, 'redhat_vulnerabilities.json')
wazuh_log_monitor = FileMonitor(LOG_FILE_PATH)
SCAN_TIMEOUT = 40
# Set configuration
parameters = [{'NVD_JSON_PATH': os.path.join(test_data_path, vd.REAL_NVD_FEED)}]
ids = ['redhat_scan_configuration']
# Read JSON data template
redhat_vulnerabilities = file.read_json_file(redhat_vulnerabilities_data_path)
redhat_data_ids = [system['target'] for system in redhat_vulnerabilities]
# Configuration data
configurations = load_wazuh_configurations(configurations_path, __name__, params=parameters)
# Fixtures
@pytest.fixture(scope='module', params=configurations, ids=ids)
def get_configuration(request):
"""Get configurations from the module."""
return request.param
@pytest.fixture(scope='module', params=redhat_vulnerabilities, ids=redhat_data_ids)
configurations_path = os.path.join(test_data_path,
'wazuh_macos_inventory.yaml')
vulnerabilities_data_path = os.path.join(test_data_path,
'macos_vulnerabilities.json')
wazuh_log_monitor = FileMonitor(LOG_FILE_PATH)
SCAN_TIMEOUT = 40
# Set configuration
parameters = [{
'NVD_JSON_PATH': os.path.join(test_data_path, vd.REAL_NVD_FEED)
}]
ids = ['macos_scan_configuration']
# Read JSON data template
macos_vulnerabilities = file.read_json_file(vulnerabilities_data_path)
# Configuration data
configurations = load_wazuh_configurations(configurations_path,
__name__,
params=parameters)
macos_systems = [
macos_system['target'] for macos_system in macos_vulnerabilities
]
# Fixtures
@pytest.fixture(scope='module', params=configurations, ids=ids)
def get_configuration(request):
"""Get configurations from the module."""
configurations_path = os.path.join(test_data_path,
'wazuh_ubuntu_inventory.yaml')
ubuntu_vulnerabilities_data_path = os.path.join(test_data_path,
'ubuntu_vulnerabilities.json')
wazuh_log_monitor = FileMonitor(LOG_FILE_PATH)
SCAN_TIMEOUT = 40
# Set configuration
parameters = [{
'NVD_JSON_PATH': os.path.join(test_data_path, vd.REAL_NVD_FEED)
}]
ids = ['ubuntu_scan_configuration']
# Read JSON data template
ubuntu_vulnerabilities = file.read_json_file(ubuntu_vulnerabilities_data_path)
ubuntu_data_ids = [system['target'] for system in ubuntu_vulnerabilities]
# Configuration data
configurations = load_wazuh_configurations(configurations_path,
__name__,
params=parameters)
# Fixtures
@pytest.fixture(scope='module', params=configurations, ids=ids)
def get_configuration(request):
"""Get configurations from the module."""
return request.param
configurations_path = os.path.join(test_data_path,
'wazuh_debian_inventory.yaml')
debian_vulnerabilities_data_path = os.path.join(test_data_path,
'debian_vulnerabilities.json')
wazuh_log_monitor = FileMonitor(LOG_FILE_PATH)
SCAN_TIMEOUT = 40
# Set configuration
parameters = [{
'NVD_JSON_PATH': os.path.join(test_data_path, vd.REAL_NVD_FEED)
}]
ids = ['debian_scan_configuration']
# Read JSON data template
debian_vulnerabilities = file.read_json_file(debian_vulnerabilities_data_path)
debian_data_ids = [system['target'] for system in debian_vulnerabilities]
# Configuration data
configurations = load_wazuh_configurations(configurations_path,
__name__,
params=parameters)
# Fixtures
@pytest.fixture(scope='module', params=configurations, ids=ids)
def get_configuration(request):
"""Get configurations from the module."""
return request.param