def test_strategy_exception(self): core = w3afCore() target = core.target.get_options() target['target'].set_value(self.TARGET_URL) core.target.set_options(target) core.plugins.set_plugins(['sqli',], 'audit') core.plugins.init_plugins() core.verify_environment() core.scan_start_hook() strategy = w3af_core_strategy(core) strategy.join_all_consumers = Mock(side_effect=Exception) strategy.terminate = Mock(wraps=strategy.terminate) self.assertRaises(Exception, strategy.start) # Now test that those threads are being terminated self.assertEqual(strategy.terminate.called, True) core.exploit_phase_prerequisites = lambda: 42 core.scan_end_hook() thread_names = [t.name for t in threading.enumerate()] self.assertEqual(len(thread_names), 3, thread_names) thread_names = set(thread_names) expected_names = set(['MainThread', 'SQLiteExecutor', 'OutputManager']) self.assertEqual(thread_names, expected_names)
def test_strategy_run(self): core = w3afCore() target = core.target.get_options() target['target'].set_value(self.TARGET_URL) core.target.set_options(target) core.plugins.set_plugins(['sqli',], 'audit') core.plugins.init_plugins() core.verify_environment() core.scan_start_hook() def verify_threads_running(functor): thread_names = [t.name for t in threading.enumerate()] self.assertIn('WorkerThread', thread_names) self.called_teardown_audit = True return functor self.called_teardown_audit = False strategy = w3af_core_strategy(core) strategy._teardown_audit = verify_threads_running(strategy._teardown_audit) strategy.start() # Now test that those threads are being terminated self.assertTrue(self.called_teardown_audit) vulns = kb.get('sqli', 'sqli') self.assertEqual(len(vulns), 1) core.exploit_phase_prerequisites = lambda: 42 core.scan_end_hook() thread_names = [t.name for t in threading.enumerate()] self.assertEqual(len(thread_names), 3, thread_names) thread_names = set(thread_names) expected_names = set(['MainThread', 'SQLiteExecutor', 'OutputManager']) self.assertEqual(thread_names, expected_names)
def test_strategy_verify_target_server(self): core = w3afCore() # TODO: Change 2312 by an always closed/non-http port INVALID_TARGET = 'http://localhost:2312/' target = core.target.get_options() target['target'].set_value(INVALID_TARGET) core.target.set_options(target) core.plugins.set_plugins(['sqli',], 'audit') core.plugins.init_plugins() core.verify_environment() core.scan_start_hook() strategy = w3af_core_strategy(core) try: strategy.start() except w3afMustStopException, wmse: message = str(wmse) self.assertIn('Please verify your target configuration', message)