def test_get_summary_xml_failed(self):
summary = '\u0006 > <'
logging.Logger.warning = Mock()
xml_str = XmlStringVTHelper()
xml_str.get_summary_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
summary)
assert_called_once(logging.Logger.warning)
def test_get_insight_xml_failed(self):
logging.Logger.warning = Mock()
insight = '\u0006'
xml_str = XmlStringVTHelper()
xml_str.get_insight_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
insight)
assert_called_once(logging.Logger.warning)
def test_get_custom_xml_failed(self):
logging.Logger.warning = Mock()
custom = {'a': "\u0006"}
xml_str = XmlStringVTHelper()
xml_str.get_custom_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
custom=custom)
assert_called_once(logging.Logger.warning)
def test_get_detection_xml_failed(self):
logging.Logger.warning = Mock()
detection = '\u0006'
xml_str = XmlStringVTHelper()
xml_str.get_detection_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
detection)
assert_called_once(logging.Logger.warning)
def test_get_dependencies_xml_failed(self):
logging.Logger.error = Mock()
dep = ["\u0006"]
xml_str = XmlStringVTHelper()
xml_str.get_dependencies_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
vt_dependencies=dep)
assert_called_once(logging.Logger.error)
def test_get_severities_xml_failed(self):
logging.Logger.warning = Mock()
sever = {'severity_base_vector': "\u0006"}
xml_str = XmlStringVTHelper()
xml_str.get_severities_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
severities=sever)
assert_called_once(logging.Logger.warning)
def test_get_affected_xml_failed(self):
logging.Logger.warning = Mock()
affected = "\u0006" + "affected"
xml_str = XmlStringVTHelper()
xml_str.get_affected_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
affected=affected)
assert_called_once(logging.Logger.warning)
def test_get_mtime_xml_failed(self):
logging.Logger.warning = Mock()
mtime = '\u0006'
xml_str = XmlStringVTHelper()
xml_str.get_modification_time_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', mtime)
assert_called_once(logging.Logger.warning)
def test_get_dependencies_xml_missing_dep(self):
out = ('<dependencies>'
'<dependency vt_id="1.3.6.1.4.1.25623.1.2.3.4"/>'
'</dependencies>')
dep = ['1.3.6.1.4.1.25623.1.2.3.4', 'file_name.nasl']
xml_str = XmlStringVTHelper()
res = xml_str.get_dependencies_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', dep)
self.assertEqual(res, out)
def test_get_insight_xml(self):
w = DummyDaemon()
out = '<insight>some insight</insight>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
insight = vt.get('insight')
xml_str = XmlStringVTHelper()
res = xml_str.get_insight_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
insight)
self.assertEqual(res, out)
def test_get_summary_xml(self):
w = DummyDaemon()
out = '<summary>some summary</summary>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
summary = vt.get('summary')
xml_str = XmlStringVTHelper()
res = xml_str.get_summary_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
summary)
self.assertEqual(res, out)
def test_get_mtime_xml(self):
w = DummyDaemon()
out = '<modification_time>1533906565</modification_time>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
mtime = vt.get('modification_time')
xml_str = XmlStringVTHelper()
res = xml_str.get_modification_time_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', mtime)
self.assertEqual(res, out)
def test_get_ctime_xml(self):
w = DummyDaemon()
out = '<creation_time>1237458156</creation_time>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
ctime = vt.get('creation_time')
xml_str = XmlStringVTHelper()
res = xml_str.get_creation_time_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', ctime)
self.assertEqual(res, out)
def test_get_refs_xml(self):
w = DummyDaemon()
out = '<refs><ref type="url" id="http://www.mantisbt.org/"/></refs>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
refs = vt.get('vt_refs')
xml_str = XmlStringVTHelper()
res = xml_str.get_refs_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
refs)
self.assertEqual(res, out)
def test_get_affected_xml(self):
w = DummyDaemon()
out = '<affected>some affection</affected>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
affected = vt.get('affected')
xml_str = XmlStringVTHelper()
res = xml_str.get_affected_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', affected=affected)
self.assertEqual(res, out)
def test_get_detection_xml(self):
w = DummyDaemon()
out = '<detection qod_type="remote_banner"/>'
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
detection_type = vt.get('qod_type')
xml_str = XmlStringVTHelper()
res = xml_str.get_detection_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', qod_type=detection_type)
self.assertEqual(res, out)
def test_get_custom_xml(self):
out = ('<custom>'
'<required_ports>Services/www, 80</required_ports>'
'<category>3</category>'
'<excluded_keys>Settings/disable_cgi_scanning</excluded_keys>'
'<family>Product detection</family>'
'<filename>mantis_detect.nasl</filename>'
'<timeout>0</timeout>'
'</custom>')
w = DummyDaemon()
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
xml_str = XmlStringVTHelper()
res = xml_str.get_custom_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
vt.get('custom'))
self.assertEqual(len(res), len(out))
def test_get_severities_xml(self):
w = DummyDaemon()
out = ('<severities>'
'<severity type="cvss_base_v2">'
'<value>AV:N/AC:L/Au:N/C:N/I:N/A:N</value>'
'<origin>Greenbone</origin>'
'<date>1237458156</date>'
'</severity>'
'</severities>')
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
severities = vt.get('severities')
xml_str = XmlStringVTHelper()
res = xml_str.get_severities_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061', severities)
self.assertEqual(res, out)
def test_get_params_xml_failed(self):
logging.Logger.warning = Mock()
params = {
'1': {
'id': '1',
'type': 'entry',
'default': '\u0006',
'name': 'dns-fuzz.timelimit',
'description': 'Description',
}
}
xml_str = XmlStringVTHelper()
xml_str.get_params_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
params)
assert_called_once(logging.Logger.warning)
def test_get_params_xml(self):
w = DummyDaemon()
out = ('<params>'
'<param type="checkbox" id="2">'
'<name>Do not randomize the order in which ports are '
'scanned</name>'
'<default>no</default>'
'</param>'
'<param type="entry" id="1">'
'<name>Data length :</name>'
'</param>'
'</params>')
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
params = vt.get('vt_params')
xml_str = XmlStringVTHelper()
res = xml_str.get_params_vt_as_xml_str('1.3.6.1.4.1.25623.1.0.100061',
params)
self.assertEqual(len(res), len(out))
def test_get_solution_xml(self):
w = DummyDaemon()
out = ('<solution type="WillNotFix" method="DebianAPTUpgrade">'
'some solution'
'</solution>')
vt = w.VTS['1.3.6.1.4.1.25623.1.0.100061']
solution = vt.get('solution')
solution_type = vt.get('solution_type')
solution_method = vt.get('solution_method')
xml_str = XmlStringVTHelper()
res = xml_str.get_solution_vt_as_xml_str(
'1.3.6.1.4.1.25623.1.0.100061',
solution,
solution_type,
solution_method,
)
self.assertEqual(res, out)
def get_vt_xml(self, single_vt: Tuple[str, Dict]) -> Element:
"""Gets a single vulnerability test information in XML format.
Returns:
String of single vulnerability test information in XML format.
"""
if not single_vt or single_vt[1] is None:
return Element('vt')
vt_id, vt = single_vt
name = vt.get('name')
vt_xml = Element('vt')
vt_xml.set('id', vt_id)
for name, value in [('name', name)]:
elem = SubElement(vt_xml, name)
elem.text = str(value)
xml_helper = XmlStringVTHelper()
if vt.get('vt_params'):
params_xml_str = xml_helper.get_params_vt_as_xml_str(
vt_id, vt.get('vt_params'))
vt_xml.append(secET.fromstring(params_xml_str))
if vt.get('vt_refs'):
refs_xml_str = xml_helper.get_refs_vt_as_xml_str(
vt_id, vt.get('vt_refs'))
vt_xml.append(secET.fromstring(refs_xml_str))
if vt.get('vt_dependencies'):
dependencies = xml_helper.get_dependencies_vt_as_xml_str(
vt_id, vt.get('vt_dependencies'))
vt_xml.append(secET.fromstring(dependencies))
if vt.get('creation_time'):
vt_ctime = xml_helper.get_creation_time_vt_as_xml_str(
vt_id, vt.get('creation_time'))
vt_xml.append(secET.fromstring(vt_ctime))
if vt.get('modification_time'):
vt_mtime = xml_helper.get_modification_time_vt_as_xml_str(
vt_id, vt.get('modification_time'))
vt_xml.append(secET.fromstring(vt_mtime))
if vt.get('summary'):
summary_xml_str = xml_helper.get_summary_vt_as_xml_str(
vt_id, vt.get('summary'))
vt_xml.append(secET.fromstring(summary_xml_str))
if vt.get('impact'):
impact_xml_str = xml_helper.get_impact_vt_as_xml_str(
vt_id, vt.get('impact'))
vt_xml.append(secET.fromstring(impact_xml_str))
if vt.get('affected'):
affected_xml_str = xml_helper.get_affected_vt_as_xml_str(
vt_id, vt.get('affected'))
vt_xml.append(secET.fromstring(affected_xml_str))
if vt.get('insight'):
insight_xml_str = xml_helper.get_insight_vt_as_xml_str(
vt_id, vt.get('insight'))
vt_xml.append(secET.fromstring(insight_xml_str))
if vt.get('solution'):
solution_xml_str = xml_helper.get_solution_vt_as_xml_str(
vt_id,
vt.get('solution'),
vt.get('solution_type'),
vt.get('solution_method'),
)
vt_xml.append(secET.fromstring(solution_xml_str))
if vt.get('detection') or vt.get('qod_type') or vt.get('qod'):
detection_xml_str = xml_helper.get_detection_vt_as_xml_str(
vt_id, vt.get('detection'), vt.get('qod_type'), vt.get('qod'))
vt_xml.append(secET.fromstring(detection_xml_str))
if vt.get('severities'):
severities_xml_str = xml_helper.get_severities_vt_as_xml_str(
vt_id, vt.get('severities'))
vt_xml.append(secET.fromstring(severities_xml_str))
if vt.get('custom'):
custom_xml_str = xml_helper.get_custom_vt_as_xml_str(
vt_id, vt.get('custom'))
vt_xml.append(secET.fromstring(custom_xml_str))
return vt_xml