def setUp(self):
factory.register(Host)
factory.register(Interface)
factory.register(Service)
factory.register(ModelObjectVuln)
factory.register(ModelObjectVulnWeb)
factory.register(ModelObjectNote)
factory.register(ModelObjectCred)
from base64 import b64encode
from tempfile import NamedTemporaryFile
from collections import defaultdict
try:
from staticmap import StaticMap, CircleMarker
except ImportError:
print('Please install staticmap with: pip install staticmap')
from persistence.server import models
from persistence.server.server import _save_to_couch
from persistence.server.server_io_exceptions import ConflictInDatabase, CantCommunicateWithServerError, ResourceDoesNotExist
from model.common import factory
from math import radians, cos, sin, asin, sqrt
factory.register(models.Host)
factory.register(models.Vuln)
factory.register(models.Service)
factory.register(models.Interface)
__description__ = 'Import every AP found in a PCAP file'
__prettyname__ = 'Import Wardriving PCAP'
access_point_data = defaultdict(dict)
created_objs = defaultdict(set)
def haversine(lon1, lat1, lon2, lat2):
"""
Calculate the great circle distance between two points
on the earth (specified in decimal degrees)
def setUp(self):
factory.register(Host)
factory.register(Interface)
factory.register(Service)
factory.register(ModelObjectVuln)
factory.register(ModelObjectVulnWeb)
factory.register(ModelObjectNote)
factory.register(ModelObjectCred)
def setUp(self):
factory.register(Host)
factory.register(Interface)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
def setUp(self):
factory.register(Host)
factory.register(Interface)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
def test_Plugin_Calls_createAndAddHost(self, monkeypatch):
self.plugin = NessusPlugin()
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
self.plugin.set_actions_queue(pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.processReport(self.cd + '/nessus_xml')
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions[2000][0].name == "12.233.108.201"
assert actions.keys() == [2000, 2017, 2038, 20008]
assert len(actions[20008]) == 1
assert len(actions[2038]) == 1
assert actions[2038][0].name == "Nessus SYN scanner"
assert actions[20008][0].ports == [443]
assert actions[20008][0].name == 'https?'
assert actions[20008][0].protocol == 'tcp'
def register_factorties(self, monkeypatch):
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
self.pending_actions = Queue()
self.plugin.set_actions_queue(self.pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
def test_Plugin_creates_apropiate_objects(self, monkeypatch):
self.plugin = AcunetixPlugin()
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
# getID will wait for faraday-server api response.
# Since the thread model controller is not running
# no object will be persisted.
# The mock is to simulated the api response
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.set_actions_queue(pending_actions)
self.plugin.processReport(self.cd + '/acunetix_xml')
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions.keys() == [2000, 20008, 2038]
assert len(actions[2000]) == 1
assert actions[2000][0].name == "5.175.17.140"
assert len(actions[20008]) == 1
assert len(actions[2038]) == 52
assert actions[20008][0].ports == [80]
assert actions[20008][0].name == 'http'
assert actions[20008][0].protocol == 'tcp'
assert "ASP.NET error message" in map(lambda vuln_web: vuln_web.name,
actions[2038])
def test_Plugin_creates_apropiate_objects(self, monkeypatch):
self.plugin = AcunetixPlugin()
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
# getID will wait for faraday-server api response.
# Since the thread model controller is not running
# no object will be persisted.
# The mock is to simulated the api response
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.set_actions_queue(pending_actions)
self.plugin.processReport(self.cd + '/acunetix_xml')
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions.keys() == [2000, 20008, 2038]
assert len(actions[2000]) == 1
assert actions[2000][0].name == "5.175.17.140"
assert len(actions[20008]) == 1
assert len(actions[2038]) == 52
assert actions[20008][0].ports == [80]
assert actions[20008][0].name == 'http'
assert actions[20008][0].protocol == 'tcp'
assert "ASP.NET error message" in map(lambda vuln_web: vuln_web.name, actions[2038])
def test_Plugin_creates_adecuate_objects(self, monkeypatch):
self.plugin = BurpPlugin()
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
self.plugin.set_actions_queue(pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.processReport(self.cd + '/burp_xml')
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions[2000][0].name == "200.20.20.201"
assert actions.keys() == [2000, 20008, 2038]
assert len(actions[20008]) == 14
assert len(actions[2038]) == 14
assert all('http' == name for name in map(lambda service: service.name, actions[20008]))
assert all([80] == ports for ports in map(lambda service: service.getPorts(), actions[20008]))
assert all('tcp' == protocol for protocol in map(lambda service: service.protocol, actions[20008]))
assert all('open' for status in map(lambda service: service.status, actions[20008]))
def test_Plugin_Calls_createAndAddHost(self, monkeypatch):
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
self.plugin.set_actions_queue(pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.parseOutputString(self.outputWhoisInfobyte)
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions[2000][0].name == "205.251.196.172"
assert actions.keys() == [2000]
assert len(actions[2000]) == 8
def test_Plugin_Calls_createAndAddHost(self, monkeypatch):
self.plugin = NessusPlugin()
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
self.plugin.set_actions_queue(pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.processReport(self.cd + '/nessus_xml')
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions[2000][0].name == "12.233.108.201"
assert actions.keys() == [2000, 2017, 2038, 20008]
assert len(actions[20008]) == 1
assert len(actions[2038]) == 1
assert actions[2038][0].name == "Nessus SYN scanner"
assert actions[20008][0].ports == [443]
assert actions[20008][0].name == 'https?'
assert actions[20008][0].protocol == 'tcp'
def test_Plugin_creates_apropiate_objects(self, monkeypatch):
self.plugin = NexposeFullPlugin()
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
self.plugin.set_actions_queue(pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.processReport(self.cd + '/nexpose_full_xml')
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions[2000][0].name == "192.168.1.1"
assert actions.keys() == [2000, 2017, 2019, 2038, 20008]
assert len(actions[2000]) == 8
assert len(actions[20008]) == 20
assert len(actions[2027]) == 0
assert len(actions[2038]) == 403
assert len(actions[2039]) == 0
def test_Plugin_creates_adecuate_objects(self, monkeypatch):
self.plugin = BurpPlugin()
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
self.plugin.set_actions_queue(pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.processReport(self.cd + '/burp_xml')
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions[2000][0].name == "200.20.20.201"
assert actions.keys() == [2000, 20008, 2038]
assert len(actions[20008]) == 14
assert len(actions[2038]) == 14
assert all(
'http' == name
for name in map(lambda service: service.name, actions[20008]))
assert all([80] == ports for ports in map(
lambda service: service.getPorts(), actions[20008]))
assert all('tcp' == protocol for protocol in map(
lambda service: service.protocol, actions[20008]))
assert all(
'open'
for status in map(lambda service: service.status, actions[20008]))
def setUp(self):
self.plugin = AcunetixPlugin()
factory.register(Host)
factory.register(Interface)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
def setUp(self):
self.plugin = NessusPlugin()
factory.register(Host)
factory.register(Interface)
factory.register(Service)
factory.register(ModelObjectVuln)
factory.register(ModelObjectVulnWeb)
factory.register(ModelObjectNote)
factory.register(ModelObjectCred)
def test_Plugin_Calls_createAndAddHost(self, monkeypatch):
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
pending_actions = Queue()
self.plugin.set_actions_queue(pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
self.plugin.parseOutputString(self.outputTelnetLocalhost)
actions = defaultdict(list)
while not pending_actions.empty():
action = self.plugin._pending_actions.get(block=True)
actions[action[0]].append(action[1])
assert actions[2000][0].name == "127.0.0.1"
assert actions.keys() == [2000, 20008]
assert len(actions[2000]) == 1
assert len(actions[20008]) == 1
def register_factorties(self, monkeypatch):
factory.register(Host)
factory.register(Service)
factory.register(Vuln)
factory.register(VulnWeb)
factory.register(Note)
factory.register(Credential)
self.pending_actions = Queue()
self.plugin.set_actions_queue(self.pending_actions)
monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)