def test_update_exception(self):
vuln = MockVuln()
kb.append('a', 'b', vuln)
original_id = vuln.get_uniq_id()
# Cause error by changing vuln uniq_id
update_vuln = vuln
update_vuln._uniq_id = str(uuid.uuid4())
modified_id = vuln.get_uniq_id()
self.assertNotEqual(original_id, modified_id)
self.assertRaises(DBException, kb.update, vuln, update_vuln)
def test_update_exception(self):
vuln = MockVuln()
kb.append('a', 'b', vuln)
original_id = vuln.get_uniq_id()
# Cause error by changing vuln uniq_id
update_vuln = vuln
update_vuln.set_name('a')
modified_id = vuln.get_uniq_id()
self.assertNotEqual(original_id, modified_id)
self.assertRaises(DBException, kb.update, vuln, update_vuln)
def test_get_one(self):
vuln = MockVuln()
kb.append('a', 'b', vuln)
kb_vuln = kb.get_one('a', 'b')
#pylint: disable=E1103
self.assertEqual(kb_vuln.get_uniq_id(), vuln.get_uniq_id())
self.assertEqual(kb_vuln, vuln)
def test_get_one(self):
vuln = MockVuln()
kb.append('a', 'b', vuln)
kb_vuln = kb.get_one('a', 'b')
#pylint: disable=E1103
self.assertEqual(kb_vuln.get_uniq_id(), vuln.get_uniq_id())
self.assertEqual(kb_vuln, vuln)
def test_all_of_info_exclude_ids(self):
i1 = MockInfo()
i2 = MockInfo()
v1 = MockVuln()
v2 = MockVuln()
iset = InfoSet([i2])
vset = InfoSet([v2])
kb.append('a', 'b', i1)
kb.append('w', 'z', iset)
kb.append('x', 'y', v1)
kb.append('4', '2', vset)
all_findings = kb.get_all_findings()
all_findings_except_v1 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(),))
all_findings_except_v1_v2 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(), vset.get_uniq_id()))
self.assertEqual(all_findings, [i1, iset, v1, vset])
self.assertEqual(all_findings_except_v1, [i1, iset, vset])
self.assertEqual(all_findings_except_v1_v2, [i1, iset])
def test_all_of_info_exclude_ids(self):
i1 = MockInfo()
i2 = MockInfo()
v1 = MockVuln()
v2 = MockVuln()
iset = InfoSet([i2])
vset = InfoSet([v2])
kb.append('a', 'b', i1)
kb.append('w', 'z', iset)
kb.append('x', 'y', v1)
kb.append('4', '2', vset)
all_findings = kb.get_all_findings()
all_findings_except_v1 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(),))
all_findings_except_v1_v2 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(), vset.get_uniq_id()))
self.assertEqual(all_findings, [i1, iset, v1, vset])
self.assertEqual(all_findings_except_v1, [i1, iset, vset])
self.assertEqual(all_findings_except_v1_v2, [i1, iset])
def test_cache_works_as_expected(self):
#
# Cache starts empty
#
cache = FindingsCache()
self.assertEquals(cache.list(), [])
#
# Create two vulnerabilities with their HTTP requests and responses
#
_id = 1
name = 'I have a name'
vuln1 = MockVuln(_id=_id)
vuln1.set_name(name)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
_id = 2
name = 'Just a name'
vuln2 = MockVuln(_id=_id)
vuln2.set_name(name)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h2 = HistoryItem()
h2.request = request
res.set_id(_id)
h2.response = res
h2.save()
#
# Save one vulnerability to the KB and call the cache-user
#
kb.kb.append('a', 'b', vuln1)
x = xml_file()
list(x.findings())
self.assertEquals(cache.list(), [vuln1.get_uniq_id()])
#
# Save another vulnerability to the KB and call the cache-user
#
kb.kb.append('a', 'c', vuln2)
list(x.findings())
expected = {vuln1.get_uniq_id(), vuln2.get_uniq_id()}
self.assertEquals(set(cache.list()), expected)
#
# Remove one vulnerability and see how it is removed from the cache
#
kb.kb.raw_write('a', 'c', 'noop')
list(x.findings())
expected = {vuln1.get_uniq_id()}
self.assertEquals(set(cache.list()), expected)
def test_cache_works_as_expected(self):
#
# Cache starts empty
#
cache = FindingsCache()
self.assertEquals(cache.list(), [])
#
# Create two vulnerabilities with their HTTP requests and responses
#
_id = 1
name = 'I have a name'
vuln1 = MockVuln(_id=_id)
vuln1.set_name(name)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h1 = HistoryItem()
h1.request = request
res.set_id(_id)
h1.response = res
h1.save()
_id = 2
name = 'Just a name'
vuln2 = MockVuln(_id=_id)
vuln2.set_name(name)
url = URL('http://w3af.com/a/b/c.php')
hdr = Headers([('User-Agent', 'w3af')])
request = HTTPRequest(url, data='a=1')
request.set_headers(hdr)
hdr = Headers([('Content-Type', 'text/html')])
res = HTTPResponse(200, '<html>', hdr, url, url)
h2 = HistoryItem()
h2.request = request
res.set_id(_id)
h2.response = res
h2.save()
#
# Save one vulnerability to the KB and call the cache-user
#
kb.kb.append('a', 'b', vuln1)
x = xml_file()
list(x.findings())
self.assertEquals(cache.list(), [vuln1.get_uniq_id()])
#
# Save another vulnerability to the KB and call the cache-user
#
kb.kb.append('a', 'c', vuln2)
list(x.findings())
expected = {vuln1.get_uniq_id(), vuln2.get_uniq_id()}
self.assertEquals(set(cache.list()), expected)
#
# Remove one vulnerability and see how it is removed from the cache
#
kb.kb.raw_write('a', 'c', 'noop')
list(x.findings())
expected = {vuln1.get_uniq_id()}
self.assertEquals(set(cache.list()), expected)
