def test_get_overrides(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response('get_overrides', self.xml) self.login('foo', 'bar') response = self.query( ''' query { overrides { nodes { id text creationTime modificationTime active inUse orphan writable hosts name owner severity newSeverity } } } ''' ) json = response.json() self.assertResponseNoErrors(response) overrides = json['data']['overrides']['nodes'] self.assertEqual(len(overrides), 2) override1 = overrides[0] override2 = overrides[1] self.assertEqual( override1['id'], '08b69003-5fc2-4037-a479-93b440211c73' ) self.assertEqual(override1['text'], 'foo') self.assertEqual(override1['creationTime'], '2020-06-30T09:16:25+00:00') self.assertEqual( override1['modificationTime'], '2020-07-30T09:16:25+00:00' ) self.assertEqual(override1['active'], True) self.assertEqual(override1['owner'], 'Han') self.assertEqual(override1['inUse'], True) self.assertEqual(override1['orphan'], False) self.assertEqual(override1['writable'], True) self.assertEqual(override1['name'], 'Greedo') self.assertListEqual( override1['hosts'], ['123.456.789.1', '123.456.789.2'] ) self.assertEqual(override1['severity'], 5.5) self.assertEqual(override1['newSeverity'], 10) self.assertEqual( override2['id'], '6b2db524-9fb0-45b8-9b56-d958f84cb546' ) self.assertEqual(override2['text'], 'bar') self.assertEqual(override2['creationTime'], '2020-06-30T09:16:25+00:00') self.assertEqual( override2['modificationTime'], '2020-07-30T09:16:25+00:00' ) self.assertEqual(override2['active'], True) self.assertEqual(override2['owner'], 'Lorem') self.assertEqual(override2['inUse'], True) self.assertEqual(override2['orphan'], False) self.assertEqual(override2['writable'], True) self.assertEqual(override2['name'], 'Ipsum') self.assertEqual(override2['hosts'], ['123.456.789.3', '123.456.789.4']) self.assertEqual(override2['severity'], 5.5) self.assertEqual(override2['newSeverity'], 10)
def test_word_count_query(self, mock_gmp: GmpMockFactory): """ Test an aggregate using the word_counts mode. """ aggregate_xml_path = CWD / 'example-aggregate-word-counts.xml' aggregate_xml_str = aggregate_xml_path.read_text() mock_gmp.mock_response('get_aggregates', aggregate_xml_str) self.login('foo', 'bar') response = self.query( ''' query GetAggregate { aggregate( input: { dataType: NVT groupColumn: "name" maxGroups: 10 sortCriteria: [ {stat:COUNT, order: DESCENDING} ] mode: WORD_COUNTS } ) { groups { value count } } } ''' ) json = response.json() self.assertResponseNoErrors(response) mock_gmp.gmp_protocol.get_aggregates.assert_called_with( resource_type=GvmEntityType.NVT, filter=None, data_columns=None, group_column='name', subgroup_column=None, text_columns=None, sort_criteria=[ { 'stat': GvmAggregateStatistic.COUNT, 'order': GvmSortOrder.DESCENDING, } ], first_group=None, max_groups=10, mode='word_counts', ) aggregate = json['data']['aggregate'] groups = aggregate['groups'] self.assertEqual(len(groups), 10) self.assertEqual( groups, [ {'value': 'Update', 'count': 31721}, {'value': 'Security', 'count': 25570}, {'value': 'Advisory', 'count': 20274}, {'value': 'Fedora', 'count': 17010}, {'value': 'Vulnerability', 'count': 13482}, {'value': 'Vulnerabilities', 'count': 7522}, {'value': 'Multiple', 'count': 7126}, {'value': 'Debian', 'count': 6342}, {'value': 'Linux', 'count': 6056}, {'value': 'Windows', 'count': 5888}, ], )
def test_get_full_result_cve_type(self, mock_gmp: GmpMockFactory): result_xml_path = CWD / 'example-result-2.xml' result_xml_str = result_xml_path.read_text() mock_gmp.mock_response('get_result', result_xml_str) self.login('foo', 'bar') response = self.query(''' query { result ( id: "2b555c60-e597-4b18-9d24-dac30f61cfa8" ) { id name owner originResult{ id details{ name value } } report { id } task { id name } originalSeverity overrides{ id active creationTime modificationTime text endTime severity newSeverity } creationTime modificationTime host { ip id hostname } location information { __typename ... on ResultCVE{ id severity } } severity qod { value type } description notes { id creationTime modificationTime active text } tickets { id } userTags { count tags { id name } } } } ''') json = response.json() self.assertResponseNoErrors(response) result = json['data']['result'] self.assertEqual(result['id'], '2b555c60-e597-4b18-9d24-dac30f61cfa8') self.assertIsNone(result['name']) self.assertEqual(result['owner'], 'admin') self.assertEqual(result['creationTime'], '2021-04-07T07:41:47+00:00') self.assertEqual(result['modificationTime'], '2021-04-07T07:41:47+00:00') self.assertIsNotNone(result['originResult']) origin_result = result['originResult'] self.assertEqual(origin_result['id'], '2b555c60-e597-4b18-9d24-dac30f61cfa8') self.assertIsNotNone(origin_result['details']) details = origin_result['details'] self.assertEqual(len(details), 4) detail1 = details[0] self.assertEqual(detail1['name'], 'product') self.assertEqual(detail1['value'], 'cpe:/a:nginx:nginx:1.14.2') report = result['report'] self.assertEqual(report['id'], '9699a95d-e556-4af7-83ac-a7b70d90832a') self.assertEqual(result['task']['id'], 'ab9a1470-fc01-4547-9da0-33df6c1aa5d1') self.assertEqual( result['task']['name'], 'Report Container', ) self.assertEqual(result['host']['ip'], '192.168.9.113') self.assertEqual(result['host']['id'], 'eb357684-6fcf-4d31-a5e0-02abe040caa4') self.assertIsNone(result['host']['hostname']) self.assertEqual(result['severity'], 5.8) self.assertEqual(result['qod']['value'], 75) self.assertIsNone(result['qod']['type']) self.assertEqual(result['originalSeverity'], 5.8) self.assertEqual(result['information']['id'], 'CVE-2018-16845') self.assertEqual(result['information']['severity'], 6.1) self.assertEqual( result['description'], 'The host carries the product: cpe:/a:nginx:nginx:1.14.2', ) self.assertIsNone(result['notes']) self.assertIsNone(result['overrides']) self.assertIsNone(result['tickets']) self.assertIsNone(result['userTags'])
def test_get_policy_none_fields(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response( 'get_policy', ''' <get_config_response status="200" status_text="OK"> <config id="daba56c8-73ec-11df-a475-002264764cea"> <name>foo</name> </config> </get_config_response> ''', ) self.login('foo', 'bar') response = self.query(''' query { policy (id: "daba56c8-73ec-11df-a475-002264764cea", ) { name id trash familyCount familyGrowing nvtCount nvtGrowing usageType maxNvtCount knownNvtCount predefined families{ name } nvtPreferences{ nvt{ name } hrName } scannerPreferences{ hrName } audits{ id } nvtSelectors{ name } } } ''') json = response.json() self.assertResponseNoErrors(response) policy = json['data']['policy'] self.assertIsNone(policy['trash']) self.assertIsNone(policy['familyCount']) self.assertIsNone(policy['familyGrowing']) self.assertIsNone(policy['nvtCount']) self.assertIsNone(policy['nvtGrowing']) self.assertIsNone(policy['usageType']) self.assertIsNone(policy['maxNvtCount']) self.assertIsNone(policy['knownNvtCount']) self.assertIsNone(policy['predefined']) self.assertIsNone(policy['families']) self.assertIsNone(policy['nvtPreferences']) self.assertIsNone(policy['scannerPreferences']) self.assertIsNone(policy['audits']) self.assertIsNone(policy['nvtSelectors'])
def test_subgrouped_query(self, mock_gmp: GmpMockFactory): """ Test an aggregate with groups and subgroups. """ aggregate_xml_path = CWD / 'example-aggregate-subgrouped.xml' aggregate_xml_str = aggregate_xml_path.read_text() mock_gmp.mock_response('get_aggregates', aggregate_xml_str) self.login('foo', 'bar') response = self.query( ''' query GetAggregate { aggregate( input: { dataType: NVT filterString: "~openssl" groupColumn: "solution_type" subgroupColumn: "family" dataColumns: ["severity"] sortCriteria: [ {field: "severity", stat:MEAN, order:DESCENDING} ] } ) { groups { value count stats { column mean } subgroups { value count stats { column mean } } } subgroupValues columnInfo { name stat entityType column dataType } } } ''' ) json = response.json() self.assertResponseNoErrors(response) mock_gmp.gmp_protocol.get_aggregates.assert_called_with( resource_type=GvmEntityType.NVT, filter='~openssl', data_columns=['severity'], group_column='solution_type', subgroup_column='family', text_columns=None, sort_criteria=[ { 'field': 'severity', 'stat': GvmAggregateStatistic.MEAN, 'order': GvmSortOrder.DESCENDING, } ], first_group=None, max_groups=None, mode=None, ) aggregate = json['data']['aggregate'] groups = aggregate['groups'] self.assertEqual(len(groups), 5) # Test second group as it has more than one subgroup self.assertEqual( groups[1], { 'value': 'WillNotFix', 'count': 3, 'stats': [{'column': 'severity', 'mean': 3.8}], 'subgroups': [ { 'value': 'General', 'count': 1, 'stats': [{'column': 'severity', 'mean': 5}], }, { 'value': 'F5 Local Security Checks', 'count': 2, 'stats': [{'column': 'severity', 'mean': 3.2}], }, ], }, ) self.assertEqual(len(aggregate['subgroupValues']), 32) self.assertEqual( aggregate['subgroupValues'][:5], [ "Amazon Linux Local Security Checks", "Buffer overflow", "CISCO", "CentOS Local Security Checks", "Databases", ], )
def test_get_full_result(self, mock_gmp: GmpMockFactory): result_xml_path = CWD / 'example-result.xml' result_xml_str = result_xml_path.read_text() mock_gmp.mock_response('get_result', result_xml_str) self.login('foo', 'bar') response = self.query(''' query { result ( id: "9184608a-0b86-42e0-b733-4668feebc1c7" ) { id name comment reportId task { id name } scanNvtVersion originalThreat originalSeverity creationTime modificationTime host { ip id hostname } port nvt { oid severities { score severitiesList { type score vector } } } threat severity qod { value type } description } } ''') json = response.json() self.assertResponseNoErrors(response) result = json['data']['result'] self.assertEqual(result['id'], '9184608a-0b86-42e0-b733-4668feebc1c7') self.assertEqual( result['name'], 'Apache Tomcat RCE Vulnerability - April19 (Windows)', ) self.assertIsNone(result['comment']) self.assertEqual(result['creationTime'], '2020-06-19T09:31:15+00:00') self.assertEqual(result['modificationTime'], '2020-06-19T09:31:15+00:00') self.assertEqual(result['reportId'], 'f31d3b1a-4642-44bc-86ea-63ea029d4c63') self.assertEqual(result['task']['id'], 'dc9c6b7d-c81d-4e20-acd8-b187b018fa42') self.assertEqual( result['task']['name'], 'Offline Scan from 2019-06-27T08:10:13+01:00 38', ) self.assertEqual(result['host']['ip'], '0.0.0.0') self.assertEqual(result['host']['id'], '2bcc682e-3c91-4f9c-80d6-59949159801f') self.assertEqual(result['host']['hostname'], 'xyzxy') self.assertIsNone(result['scanNvtVersion']) self.assertEqual(result['threat'], 'High') self.assertEqual(result['severity'], 9.3) self.assertEqual(result['qod']['value'], 75) self.assertIsNone(result['qod']['type']) self.assertEqual(result['originalThreat'], 'High') self.assertEqual(result['originalSeverity'], 9.3) self.assertEqual(result['nvt']['oid'], '1.3.6.1.4.1.25623.1.0.142265') severities = result['nvt']['severities'] self.assertEqual(severities['score'], 93) self.assertEqual(severities['severitiesList'][0]['type'], 'cvss_base_v2') self.assertEqual(severities['severitiesList'][0]['score'], 93) self.assertEqual( severities['severitiesList'][0]['vector'], 'AV:N/AC:M/Au:N/C:C/I:C/A:C', ) self.assertIsNone(result['description'])
def test_get_nvts(self, mock_gmp: GmpMockFactory): nvt_xml_path = CWD / 'example-scan-config-nvt.xml' nvt_xml_str = nvt_xml_path.read_text() mock_gmp.mock_response('get_nvts', nvt_xml_str) self.login('foo', 'bar') response = self.query( ''' query { scanConfigNvts (details:true) { id name creationTime modificationTime category summary family cvssBase qod { value type } score severities { date origin score type vector } referenceWarning certReferences{ id type } cveReferences{ id type } bidReferences{ id type } otherReferences{ id type } tags { cvssBaseVector summary insight impact affected detectionMethod } preferenceCount timeout defaultTimeout solution { type method description } preferences { nvt { id name } name type value alternativeValues default hrName id } } } ''' ) json_response = response.json() self.assertResponseNoErrors(response) nvt = json_response['data']['scanConfigNvts'][0] self.assertEqual(nvt['id'], "1.3.6.1.4.1.25623.1.0.100315") self.assertEqual(nvt['name'], 'Some name') self.assertEqual(nvt['creationTime'], '2009-10-26T09:02:32Z') self.assertEqual(nvt['modificationTime'], '2020-05-11T05:36:14Z') self.assertEqual(nvt['category'], 1) self.assertEqual(nvt['summary'], 'Some summary') self.assertEqual(nvt['family'], 'Some family') self.assertEqual(nvt['cvssBase'], 5.0) self.assertEqual(nvt['score'], 50) self.assertEqual(nvt['qod'], {"value": 80, "type": "REMOTE_BANNER"}) self.assertEqual( nvt['severities'], [ { "date": "2009-10-26T09:02:32+00:00", "origin": "CVE-2011-9999", "score": 50, "type": "cvss_base_v2", "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", } ], ) self.assertEqual(nvt['referenceWarning'], 'database not available') self.assertEqual( nvt['certReferences'], [ {"id": "54321", "type": "cert-bund"}, {"id": "12345", "type": "dfn-cert"}, ], ) self.assertEqual( nvt['bidReferences'], [ {"id": "BID1337", "type": "bid"}, {"id": "BID31337", "type": "bugtraq_id"}, ], ) self.assertEqual( nvt['otherReferences'], [{"id": "http://test.test", "type": "url"}] ) self.assertEqual( nvt['cveReferences'], [ {"id": "CVE-2014-0682", "type": "cve"}, {"id": "CVE-2014-0681", "type": "cve_id"}, ], ) self.assertIsNotNone(nvt['tags']) tags = nvt['tags'] self.assertEqual(tags['cvssBaseVector'], 'vec') self.assertEqual(tags['summary'], 'sum') self.assertEqual(tags['insight'], 'ins') self.assertEqual(tags['impact'], 'imp') self.assertEqual(tags['affected'], 'aff') self.assertEqual(tags['detectionMethod'], 'vul') self.assertEqual(nvt['preferenceCount'], -1) self.assertEqual(nvt['timeout'], None) self.assertEqual(nvt['defaultTimeout'], None) self.assertEqual( nvt['solution'], {"type": "VendorFix", "method": "", "description": "Just update."}, ) self.assertEqual( nvt['preferences'], [ { "name": "Log failed nmap calls", "id": 13, "nvt": { "name": "Ping Host", "id": "1.3.6.1.4.1.25623.1.0.100315", }, "hrName": "Log failed nmap calls", "type": "checkbox", "value": "no", "default": "no", "alternativeValues": None, }, { "name": "nmap timing policy", "id": 14, "nvt": { "name": "Ping Host", "id": "1.3.6.1.4.1.25623.1.0.100315", }, "hrName": "nmap timing policy", "type": "radio", "value": "Normal", "default": "Normal", "alternativeValues": ["Paranid", "Sneaky"], }, ], ) mock_gmp.gmp_protocol.get_nvts.assert_called_with( config_id=None, details=True, family=None, preference_count=None, preferences=None, preferences_config_id=None, sort_field=None, sort_order=None, timeout=None, )
def test_get_permissions(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response('get_permissions', self.resp) self.login('foo', 'bar') response = self.query(''' query { permissions{ nodes { id name resource { id name type trash deleted permissions { name } } subject { id name type trash } } } } ''') json = response.json() self.assertResponseNoErrors(response) permissions = json['data']['permissions']['nodes'] self.assertEqual(len(permissions), 2) permission1 = permissions[0] permission2 = permissions[1] # Permission 1 self.assertEqual(permission1['name'], 'get_tasks') self.assertEqual(permission1['id'], '1cade4f9-cc42-4f51-b5db-7cbcf90fc8b6') self.assertEqual( permission1['resource'], { "id": "df479236-1803-4e46-9014-2981ba9e15b1", "name": "task Clone 1", "type": "task", "trash": False, "deleted": False, "permissions": None, }, ) self.assertEqual( permission1['subject'], { "id": "f8d47c31-e63f-4d3b-a5e8-0aa2f56ba2a0", "name": "myuser", "type": "user", "trash": False, }, ) # Permission 2 self.assertEqual(permission2['name'], 'create_agent') self.assertEqual(permission2['id'], '2cade4f9-cc42-4f51-b5db-7cbcf90fc8b6') self.assertEqual( permission2['resource'], { "id": "df479236-1803-4e46-9014-2981ba9e15b1", "name": "task Clone 1", "type": "task", "trash": False, "deleted": False, "permissions": None, }, ) self.assertEqual( permission2['subject'], { "id": "f8d47c31-e63f-4d3b-a5e8-0aa2f56ba2a0", "name": "myuser", "type": "user", "trash": False, }, ) mock_gmp.gmp_protocol.get_permissions.assert_called_with( filter_string=None)
def test_oval_definition(self, mock_gmp: GmpMockFactory): oval_definition_xml_path = CWD / 'example-oval-definition.xml' oval_definition_xml_str = oval_definition_xml_path.read_text() mock_gmp.mock_response('get_info', oval_definition_xml_str) self.login('foo', 'bar') response = self.query( ''' query { ovalDefinition(id: "oval:org.mitre.oval:def:29480_/oval/5.10/org.mitre.oval/v/family/windows.xml" ) { id name cveRefs deprecated description file class rawData score status title version } } ''' ) json = response.json() self.assertResponseNoErrors(response) oval_definition = json['data']['ovalDefinition'] self.assertEqual( oval_definition['name'], 'oval:org.mitre.oval:def:29480', ) self.assertEqual( oval_definition['id'], 'oval:org.mitre.oval:def:29480_/oval/5.10/org.mitre.oval/v/family/windows.xml', ) self.assertEqual( oval_definition['title'], 'Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code (CVE-2006-5857)', ) self.assertEqual( oval_definition['description'], 'short text', ) self.assertEqual(oval_definition['score'], 93) self.assertEqual(oval_definition['cveRefs'], 1) self.assertEqual(oval_definition['deprecated'], False) self.assertEqual( oval_definition['file'], '/oval/5.10/org.mitre.oval/v/family/windows.xml', ) self.assertEqual(oval_definition['class'], 'vulnerability') self.assertEqual(oval_definition['status'], 'INTERIM') self.assertEqual(oval_definition['version'], 2)
def test_create_audit(self, mock_gmp: GmpMockFactory): audit_id = str(uuid4()) policy_id = str(uuid4()) target_id = str(uuid4()) scanner_id = str(uuid4()) mock_gmp.mock_response( 'create_audit', f''' <create_task_response id="{audit_id}" status="200" status_text="OK"/> ''', ) self.login('foo', 'bar') response = self.query(f''' mutation {{ createAudit(input: {{ name: "bar", scannerId: "{scanner_id}", policyId: "{policy_id}", targetId: "{target_id}", preferences: {{ autoDeleteReports: 4, createAssets: true, createAssetsApplyOverrides: false, maxConcurrentNvts: 7, maxConcurrentHosts: 13, }} }}) {{ id }} }} ''') json = response.json() self.assertResponseNoErrors(response) uuid = json['data']['createAudit']['id'] self.assertEqual(uuid, audit_id) mock_gmp.gmp_protocol.create_audit.assert_called_with( "bar", policy_id, target_id, scanner_id, alert_ids=None, alterable=None, comment=None, preferences={ 'auto_delete': 'keep', 'auto_delete_data': 4, 'max_checks': 7, 'max_hosts': 13, 'in_assets': 'yes', 'assets_apply_overrides': 'no', }, schedule_id=None, )
def test_complex_host(self, mock_gmp: GmpMockFactory): host_xml_path = CWD / 'example-host.xml' host_xml_str = host_xml_path.read_text() mock_gmp.mock_response('get_host', host_xml_str) self.login('foo', 'bar') response = self.query(''' query { host(id: "291a7547-c817-4b46-88f2-32415d825335") { id name severity identifiers { id name value creationTime modificationTime sourceId sourceName sourceType sourceData sourceDeleted osId osTitle } details { name value source { id name type description } extra } routes { hosts { id ip distance sameSource } } } } ''') json = response.json() self.assertResponseNoErrors(response) host = json['data']['host'] self.assertEqual(host['name'], 'xyzxy') self.assertEqual(host['id'], 'd8c5fc4f-c01b-48aa-854b-cfe4bc9fb8c6') self.assertEqual(host['severity'], 7.5) identifiers = host['identifiers'] identifier = identifiers[1] self.assertEqual(identifier['id'], 'd2f59ef2-5ae4-4a74-857b-2a639955d28c') self.assertEqual(identifier['name'], 'ip') self.assertEqual(identifier['value'], '0.0.0.0') self.assertEqual(identifier['creationTime'], '2020-06-19T09:34:48+00:00') self.assertEqual(identifier['modificationTime'], '2020-06-19T09:34:48+00:00') self.assertEqual(identifier['sourceId'], '3404b586-40be-4a7d-a964-c23c435d9abc') self.assertEqual(identifier['sourceType'], 'Report Host') self.assertIsNone(identifier['sourceData']) self.assertFalse(identifier['sourceDeleted']) self.assertIsNone(identifier['sourceName']) self.assertIsNone(identifier['osId']) self.assertIsNone(identifier['osTitle']) self.assertEqual(identifiers[2]['sourceData'], 'CMDB-Parser') details = host['details'] detail = details[0] self.assertEqual(detail['name'], 'best_os_cpe') self.assertEqual(detail['value'], 'cpe:/o:red hat:enterprise_linux_server:7.6') self.assertEqual(detail['source']['id'], '3404b586-40be-4a7d-a964-c23c435d9abc') self.assertEqual(detail['source']['type'], 'Report') self.assertIsNone(detail['source']['name']) self.assertIsNone(detail['source']['description']) self.assertIsNone(detail['extra']) self.assertIsNone(host['routes'])
def test_get_scanners(self, mock_gmp: GmpMockFactory): scanners_xml_path = CWD / 'example-scanner-list.xml' scanners_xml_str = scanners_xml_path.read_text() mock_gmp.mock_response('get_scanners', scanners_xml_str) self.login('foo', 'bar') response = self.query(''' query { scanners { nodes { id name type host port configs { name } tasks { name } credential { name } caPub { certificate info { activationTime expirationTime issuer md5Fingerprint timeStatus } } info{ scanner{ name version } daemon{ name version } protocol{ name version } description params { id name default description type mandatory } } } } } ''') json = response.json() self.assertResponseNoErrors(response) scanners = json['data']['scanners']['nodes'] self.assertEqual(len(scanners), 2) scanner1 = scanners[0] scanner2 = scanners[1] # scanner 1 self.assertEqual(scanner1['id'], '08b69003-5fc2-4037-a479-93b440211c73') self.assertEqual(scanner1['name'], 'OpenVAS Default') self.assertEqual(scanner1['type'], "OPENVAS_SCANNER_TYPE") self.assertEqual( scanner1['host'], '/home/sdiedrich/install/var/run/ospd-openvas.sock', ) self.assertEqual(scanner1['port'], '0') self.assertIsNone(scanner1['configs']) tasks = scanner1['tasks'] self.assertEqual(len(tasks), 2) self.assertEqual(tasks[0]['name'], '012345') self.assertIsNone(scanner1['credential']['name']) info = scanner1['info'] self.assertIsNotNone(info['description']) scanner_info = info['scanner'] self.assertEqual(scanner_info['name'], 'openvas') self.assertEqual(scanner_info['version'], 'OpenVAS 7.0.0') daemon_info = info['daemon'] self.assertEqual(daemon_info['name'], 'OSPd OpenVAS') self.assertEqual(daemon_info['version'], '20.8a1') protocol_info = info['protocol'] self.assertEqual(protocol_info['name'], 'OSP') self.assertEqual(protocol_info['version'], '1.2') params = info['params'] self.assertEqual(len(params), 19) self.assertEqual(params[0]['id'], "debug_mode") self.assertEqual(params[0]['name'], "Debug Mode") self.assertEqual(params[0]['default'], "0") self.assertEqual( params[0]['description'], "Whether to get extra scan debug information.", ) self.assertEqual(params[0]['type'], "osp_boolean") self.assertFalse(params[0]['mandatory']) # scanner 2 self.assertEqual(scanner2['id'], '6b2db524-9fb0-45b8-9b56-d958f84cb546') self.assertEqual(scanner2['name'], 'OSP Scanner-openvas') self.assertEqual(scanner2['type'], "OSP_SCANNER_TYPE") self.assertEqual(scanner2['host'], '127.0.0.1') self.assertEqual(scanner2['port'], '2346') configs = scanner2['configs'] self.assertEqual(len(configs), 3) self.assertEqual(configs[0]['name'], 'Base 2') self.assertIsNone(scanner2['tasks']) credential = scanner2['credential'] self.assertEqual(credential['name'], 'Credential for Scanner OSP Scanner-openvas') ca_pub = scanner2['caPub'] self.assertIsNotNone(ca_pub['certificate']) info = ca_pub['info'] self.assertEqual(info['activationTime'], '2019-07-19T13:28:23+00:00') self.assertEqual(info['expirationTime'], '2020-07-18T13:28:23+00:00') self.assertEqual(info['issuer'], 'CN=localhost') self.assertEqual( info['md5Fingerprint'], '09:9f:2e:5c:27:93:be:75:25:55:f9:57:15:44:3d:e0', ) self.assertEqual(info['timeStatus'], 'valid')
def test_get_port_lists(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response('get_port_lists', self.xml) self.login('foo', 'bar') response = self.query(''' query { portLists { nodes { name id owner creationTime modificationTime writable inUse portCount { all tcp udp } portRanges { id start end protocolType } targets { id name } } } } ''') json = response.json() self.assertResponseNoErrors(response) port_lists = json['data']['portLists']['nodes'] self.assertEqual(len(port_lists), 2) port_list1 = port_lists[0] port_list2 = port_lists[1] self.assertEqual(port_list1['id'], '4a4717fe-57d2-11e1-9a26-406186ea4fc5') self.assertEqual(port_list1['owner'], 'Palpatine') self.assertEqual(port_list1['creationTime'], '2020-06-30T09:16:25+00:00') self.assertEqual(port_list1['modificationTime'], '2020-07-30T09:16:25+00:00') self.assertEqual(port_list1['writable'], True) self.assertEqual(port_list1['inUse'], True) self.assertEqual(port_list1['name'], 'All IANA assigned TCP and UDP') targets1 = port_list1['targets'] self.assertEqual(targets1[0]['id'], '66dcb401-2621-4d8e-9a1a-7044f1456f18') self.assertEqual(targets1[0]['name'], 'Sidious') port_ranges1 = port_list1['portRanges'] self.assertEqual(port_ranges1[0]['id'], '2864fa44-594a-45d5-88ee-6c9742481b8e') self.assertEqual(port_ranges1[0]['start'], 1) self.assertEqual(port_ranges1[0]['end'], 3) self.assertEqual(port_ranges1[0]['protocolType'], 'tcp') self.assertEqual(port_ranges1[1]['id'], '6390a473-86b3-4583-b4b9-e7e3b2a55355') self.assertEqual(port_ranges1[1]['start'], 5) self.assertEqual(port_ranges1[1]['end'], 5) self.assertEqual(port_ranges1[1]['protocolType'], 'udp') port_list_counts1 = port_list1['portCount'] self.assertEqual(port_list_counts1['all'], 42) self.assertEqual(port_list_counts1['tcp'], 21) self.assertEqual(port_list_counts1['udp'], 21) self.assertEqual(port_list2['id'], '33d0cd82-57c6-11e1-8ed1-406186ea4fc5') self.assertEqual(port_list2['owner'], 'Sen. Organa') self.assertEqual(port_list2['creationTime'], '2020-07-30T09:16:25+00:00') self.assertEqual(port_list2['modificationTime'], '2020-08-30T09:16:25+00:00') self.assertEqual(port_list2['writable'], False) self.assertEqual(port_list2['inUse'], False) self.assertEqual(port_list2['name'], 'All IANA assigned TCP') targets2 = port_list2['targets'] self.assertEqual(targets2[0]['id'], '66dcb401-2621-4d8e-9a1a-7044f1456f11') self.assertEqual(targets2[0]['name'], 'Bail') port_ranges2 = port_list2['portRanges'] self.assertEqual(port_ranges2[0]['id'], '2864fa44-594a-45d5-88ee-6c9742481b81') self.assertEqual(port_ranges2[0]['start'], 1) self.assertEqual(port_ranges2[0]['end'], 3) self.assertEqual(port_ranges2[0]['protocolType'], 'tcp') self.assertEqual(port_ranges2[1]['id'], '6390a473-86b3-4583-b4b9-e7e3b2a55351') self.assertEqual(port_ranges2[1]['start'], 5) self.assertEqual(port_ranges2[1]['end'], 5) self.assertEqual(port_ranges2[1]['protocolType'], 'udp') port_list_counts2 = port_list2['portCount'] self.assertEqual(port_list_counts2['all'], 42) self.assertEqual(port_list_counts2['tcp'], 21) self.assertEqual(port_list_counts2['udp'], 21)
def test_get_target(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response( 'get_target', ''' <get_target_response> <target id="08b69003-5fc2-4037-a479-93b440211c73"> <name>foo</name> <comment>bar</comment> <hosts>192.168.10.90</hosts> <exclude_hosts>192.168.10.9</exclude_hosts> <max_hosts>1</max_hosts> <ssh_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51a"> <name>baz</name> <port>42</port> <trash>0</trash> </ssh_credential> <smb_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51b"> <name>baz</name> <trash>0</trash> </smb_credential> <esxi_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51c"> <name>qux</name> <trash>0</trash> </esxi_credential> <snmp_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51d"> <name>quux</name> <trash>0</trash> </snmp_credential> <port_list id="33d0cd82-57c6-11e1-8ed1-406186ea4fc5"> <name>All IANA assigned TCP 2012-02-10</name> <trash>0</trash> </port_list> <reverse_lookup_only>0</reverse_lookup_only> <reverse_lookup_unify>0</reverse_lookup_unify> <alive_tests>Scan Config Default</alive_tests> </target> </get_target_response> ''', ) self.login('foo', 'bar') response = self.query(''' query { target(id: "08b69003-5fc2-4037-a479-93b440211c73") { id name comment hosts maxHosts excludeHosts sshCredential { id name port } smbCredential { id name } esxiCredential { id name } snmpCredential { id name } portList { id name } reverseLookupOnly reverseLookupUnify aliveTests portRange } } ''') json = response.json() self.assertResponseNoErrors(response) target = json['data']['target'] self.assertEqual(target['id'], '08b69003-5fc2-4037-a479-93b440211c73') self.assertEqual(target['hosts'], ['192.168.10.90']) self.assertEqual(target['excludeHosts'], ['192.168.10.9']) self.assertEqual(target['maxHosts'], 1) self.assertEqual( target['sshCredential']['id'], '33d0cd82-57c6-11e1-8ed1-4061823cc51a', ) self.assertEqual(target['sshCredential']['name'], 'baz') self.assertEqual(target['sshCredential']['port'], 42) self.assertEqual( target['smbCredential']['id'], '33d0cd82-57c6-11e1-8ed1-4061823cc51b', ) self.assertEqual(target['smbCredential']['name'], 'baz') self.assertEqual( target['esxiCredential']['id'], '33d0cd82-57c6-11e1-8ed1-4061823cc51c', ) self.assertEqual(target['esxiCredential']['name'], 'qux') self.assertEqual( target['snmpCredential']['id'], '33d0cd82-57c6-11e1-8ed1-4061823cc51d', ) self.assertEqual(target['snmpCredential']['name'], 'quux') self.assertEqual(target['portList']['id'], '33d0cd82-57c6-11e1-8ed1-406186ea4fc5') self.assertEqual(target['portList']['name'], 'All IANA assigned TCP 2012-02-10') self.assertEqual(target['name'], 'foo') self.assertEqual(target['aliveTests'], 'Scan Config Default') self.assertEqual(target['reverseLookupOnly'], False) self.assertEqual(target['reverseLookupUnify'], False) self.assertEqual(target['portRange'], None)
def test_sub_objects(self, mock_gmp: GmpMockFactory): task_xml_path = CWD / 'example-task-2.xml' task_xml_str = task_xml_path.read_text() mock_gmp.mock_response('get_task', task_xml_str) self.login('foo', 'bar') response = self.query(''' query { task(id: "7593ad78-6cbc-48aa-94a4-5e52bb6b3f80") { id name scanConfig { id name trash type } target { id name trash } scanner { id name type trash } schedule { id name trash icalendar timezone } alerts { id name } schedulePeriods hostsOrdering } } ''') json = response.json() self.assertResponseNoErrors(response) task = json['data']['task'] self.assertEqual(task['name'], 'Example') self.assertEqual(task['id'], '7593ad78-6cbc-48aa-94a4-5e52bb6b3f80') scan_config = task['scanConfig'] self.assertEqual(scan_config['name'], 'Base') self.assertEqual(scan_config['id'], 'd21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663') self.assertFalse(scan_config['trash']) self.assertEqual(scan_config['type'], 0) target = task['target'] self.assertEqual(target['name'], 'Localhost') self.assertEqual(target['id'], 'e1db1b66-f86f-4a09-bb9e-c81d73d85a5d') self.assertFalse(target['trash']) scanner = task['scanner'] self.assertEqual(scanner['name'], 'OpenVAS Default') self.assertEqual(scanner['id'], '08b69003-5fc2-4037-a479-93b440211c73') self.assertFalse(scanner['trash']) self.assertEqual(ScannerType[scanner['type']], ScannerType.OPENVAS_SCANNER_TYPE) schedule = task['schedule'] self.assertEqual(schedule['name'], 'Every Week on Friday 16h UTC') self.assertEqual(schedule['id'], '25473f83-6086-40cb-bbf9-c52cb6c5b92e') self.assertFalse(schedule['trash']) self.assertEqual(schedule['timezone'], 'UTC') self.assertRegex(schedule['icalendar'], r'^BEGIN:VCALENDAR.*') self.assertEqual(schedule['timezone'], 'UTC') schedule_periods = task['schedulePeriods'] self.assertEqual(schedule_periods, 0) hosts_ordering = task['hostsOrdering'] self.assertIsNone(hosts_ordering) alerts = task['alerts'] self.assertEqual(len(alerts), 2) alert1 = alerts[0] self.assertEqual(alert1['name'], 'Http Alert') self.assertEqual(alert1['id'], '8c1e0414-95e4-4bd6-8823-fc507c1fe34b') alert2 = alerts[1] self.assertEqual(alert2['name'], 'Send to Host') self.assertEqual(alert2['id'], '8957b33c-ed0d-47c3-a955-4056498bfef2')
def test(self, mock_gmp: GmpMockFactory): # get the gmp_commands gmp_commands = return_gmp_methods(mock_gmp.gmp_protocol) # create the mock response with the gmp_command and the gmp_name mock_gmp.mock_response(gmp_cmd, compose_mock_response(gmp_name)) self.login('foo', 'bar') response = self.query(compose_mock_query(plural_selene_name)) json = response.json() self.assertResponseNoErrors(response) get_entities = gmp_commands[gmp_cmd] get_entities.assert_called_with(filter_string='lorem', **kwargs) entities = json['data'][plural_selene_name]['nodes'] self.assertEqual(len(entities), 2) entity1 = entities[0] entity2 = entities[1] # Entity 1 self.assertEqual(entity1['id'], '08b69003-5fc2-4037-a479-93b440211c73') self.assertEqual(entity1['name'], 'foo') self.assertEqual(entity1['comment'], "bar") self.assertEqual(entity1['owner'], 'admin') self.assertEqual(entity1['creationTime'], '2019-07-19T13:33:21+00:00') self.assertEqual(entity1['modificationTime'], '2019-07-19T13:33:21+00:00') self.assertTrue(entity1['inUse']) self.assertTrue(entity1['writable']) permissions = entity1['permissions'] self.assertEqual(len(permissions), 1) self.assertEqual(permissions[0]['name'], 'Everything') user_tags = entity1['userTags'] self.assertEqual(user_tags['count'], 2) tags = user_tags['tags'] self.assertEqual(len(tags), 2) tag1 = tags[0] self.assertEqual(tag1['name'], 'test tag 1') self.assertEqual(tag1['id'], '480cdbd9-1af2-4be6-a195-163748b80381') self.assertIsNone(tag1['value']) self.assertIsNone(tag1['comment']) # Entity 2 self.assertEqual(entity2['id'], '6b2db524-9fb0-45b8-9b56-d958f84cb546') self.assertEqual(entity2['name'], 'lorem') self.assertEqual(entity2['comment'], 'ipsum') self.assertEqual(entity2['owner'], 'admin') self.assertEqual(entity2['creationTime'], '2019-07-19T13:33:21+00:00') self.assertEqual(entity2['modificationTime'], '2019-07-19T13:33:21+00:00') self.assertFalse(entity2['inUse']) self.assertTrue(entity2['writable']) permissions = entity2['permissions'] self.assertEqual(len(permissions), 2) self.assertEqual(permissions[0]['name'], gmp_name) self.assertIsNone(entity2['userTags'])
def test_complex_task(self, mock_gmp: GmpMockFactory): task_xml_path = CWD / 'example-task.xml' task_xml_str = task_xml_path.read_text() mock_gmp.mock_response('get_task', task_xml_str) self.login('foo', 'bar') response = self.query(''' query { task(id: "291a7547-c817-4b46-88f2-32415d825335") { id name alterable averageDuration reports { counts { total finished } currentReport { id timestamp scanStart scanEnd } lastReport { id severity timestamp scanStart scanEnd } } status trend creationTime modificationTime progress results { counts { current } } observers { users groups { name } roles { name } } scanConfig { id } target { id } scanner { id } schedule { id } alerts { id } preferences { name description value } } } ''') json = response.json() self.assertResponseNoErrors(response) task = json['data']['task'] self.assertEqual(task['name'], 'Task_for_Report') self.assertEqual(task['id'], '291a7547-c817-4b46-88f2-32415d825335') self.assertEqual(task['averageDuration'], 0) reports = task['reports'] last_report = reports['lastReport'] self.assertEqual(last_report['timestamp'], '2020-01-15T11:30:10+01:00') self.assertEqual(last_report['severity'], 10.0) self.assertEqual(last_report['id'], 'd453374b-64cc-4c25-9959-7bc7c5287242') self.assertEqual(last_report['scanStart'], '2020-01-15T11:30:28+01:00') self.assertEqual(last_report['scanEnd'], '2020-01-15T11:39:24+01:00') current_report = reports['currentReport'] self.assertEqual(current_report['id'], '64213415-efe5-4441-9ee6-562cacf4e3ce') self.assertEqual(current_report['timestamp'], '2020-02-04T09:42:14+01:00') self.assertEqual(current_report['scanStart'], '2020-02-04T09:42:33+01:00') self.assertIsNone(current_report['scanEnd']) reports_counts = reports['counts'] self.assertEqual(reports_counts['total'], 1) self.assertEqual(reports_counts['finished'], 1) self.assertFalse(task['alterable']) self.assertEqual(task['status'], 'Done') self.assertIsNone(task['trend']) dt = datetime(2020, 1, 8, hour=14, minute=36, second=21, tzinfo=timezone.utc) self.assertEqual(task['creationTime'], dt.isoformat()) self.assertEqual(task['modificationTime'], dt.isoformat()) self.assertEqual(task['progress'], -1) observers = task['observers'] self.assertIsNotNone(observers) self.assertEqual(len(observers['groups']), 1) self.assertEqual(observers['groups'][0]['name'], 'plebeians') self.assertEqual(len(observers['roles']), 1) self.assertEqual(observers['roles'][0]['name'], 'Admin') self.assertEqual(len(observers['users']), 2) self.assertListEqual(observers['users'], ['admin', 'admin_Clone_4']) self.assertIsNone(task['scanConfig']) self.assertIsNone(task['target']) self.assertIsNone(task['scanner']) self.assertIsNone(task['schedule']) self.assertIsNone(task['alerts']) preferences = task['preferences'] self.assertEqual(len(preferences), 8) pref_max_check = preferences[0] self.assertEqual( pref_max_check['description'], 'Maximum concurrently executed NVTs per host', ) self.assertEqual(pref_max_check['name'], 'max_checks') self.assertEqual(pref_max_check['value'], '4') pref_max_hosts = preferences[1] self.assertEqual(pref_max_hosts['description'], 'Maximum concurrently scanned hosts') self.assertEqual(pref_max_hosts['name'], 'max_hosts') self.assertEqual(pref_max_hosts['value'], '20') pref_source_iface = preferences[2] self.assertEqual(pref_source_iface['description'], 'Network Source Interface') self.assertEqual(pref_source_iface['name'], 'source_iface') self.assertIsNone(pref_source_iface['value']) pref_in_assets = preferences[3] self.assertEqual(pref_in_assets['description'], 'Add results to Asset Management') self.assertEqual(pref_in_assets['name'], 'in_assets') self.assertEqual(pref_in_assets['value'], 'yes') pref_assets_apply_overrides = preferences[4] self.assertEqual( pref_assets_apply_overrides['description'], 'Apply Overrides when adding Assets', ) self.assertEqual(pref_assets_apply_overrides['name'], 'assets_apply_overrides') self.assertEqual(pref_assets_apply_overrides['value'], 'yes') pref_assets_min_qod = preferences[5] self.assertEqual(pref_assets_min_qod['description'], 'Min QOD when adding Assets') self.assertEqual(pref_assets_min_qod['name'], 'assets_min_qod') self.assertEqual(pref_assets_min_qod['value'], '70') pref_auto_delete = preferences[6] self.assertEqual(pref_auto_delete['description'], 'Auto Delete Reports') self.assertEqual(pref_auto_delete['name'], 'auto_delete') self.assertEqual(pref_auto_delete['value'], '0') pref_auto_delete_data = preferences[7] self.assertEqual(pref_auto_delete_data['description'], 'Auto Delete Reports Data') self.assertEqual(pref_auto_delete_data['name'], 'auto_delete_data') self.assertEqual(pref_auto_delete_data['value'], '0') results_counts = task['results']['counts'] self.assertEqual(results_counts['current'], 50000)
def test_get_scan_config_nvt(self, mock_gmp: GmpMockFactory): nvt_xml_path = CWD / 'example-scan-config-nvt.xml' nvt_xml_str = nvt_xml_path.read_text() mock_gmp.mock_response('get_nvt', nvt_xml_str) self.login('foo', 'bar') response = self.query(''' query { scanConfigNvt (id:"1.3.6.1.4.1.25623.1.0.100315") { id name creationTime modificationTime category summary family cvssBase qod { value type } score severities { date origin score type vector } referenceWarning certReferences{ id type } cveReferences{ id type } bidReferences{ id type } otherReferences{ id type } tags { cvssBaseVector summary insight impact affected detectionMethod } preferenceCount timeout defaultTimeout solution{ type method description } } } ''') json_response = response.json() self.assertResponseNoErrors(response) nvt = json_response['data']['scanConfigNvt'] self.assertEqual(nvt['id'], "1.3.6.1.4.1.25623.1.0.100315") self.assertEqual(nvt['name'], 'Some name') self.assertEqual(nvt['creationTime'], '2009-10-26T09:02:32Z') self.assertEqual(nvt['modificationTime'], '2020-05-11T05:36:14Z') self.assertEqual(nvt['category'], 1) self.assertEqual(nvt['summary'], 'Some summary') self.assertEqual(nvt['family'], 'Some family') self.assertEqual(nvt['cvssBase'], 5.0) self.assertEqual(nvt['score'], 50) self.assertEqual( nvt['qod'], { "value": 80, "type": "remote_banner" }, ) self.assertEqual( nvt['severities'], [{ "date": "2009-10-26T09:02:32+00:00", "origin": "CVE-2011-9999", "score": 50, "type": "cvss_base_v2", "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P", }], ) self.assertEqual(nvt['referenceWarning'], 'database not available') self.assertEqual( nvt['certReferences'], [ { "id": "54321", "type": "cert-bund" }, { "id": "12345", "type": "dfn-cert" }, ], ) self.assertEqual( nvt['bidReferences'], [ { "id": "BID1337", "type": "bid" }, { "id": "BID31337", "type": "bugtraq_id" }, ], ) self.assertEqual( nvt['otherReferences'], [ { "id": "http://test.test", "type": "url" }, ], ) self.assertEqual( nvt['cveReferences'], [ { "id": "CVE-2014-0682", "type": "cve" }, { "id": "CVE-2014-0681", "type": "cve_id" }, ], ) self.assertIsNotNone(nvt['tags']) tags = nvt['tags'] self.assertEqual(tags['cvssBaseVector'], 'vec') self.assertEqual(tags['summary'], 'sum') self.assertEqual(tags['insight'], 'ins') self.assertEqual(tags['impact'], 'imp') self.assertEqual(tags['affected'], 'aff') self.assertEqual(tags['detectionMethod'], 'vul') self.assertEqual(nvt['preferenceCount'], -1) self.assertEqual(nvt['timeout'], None) self.assertEqual(nvt['defaultTimeout'], None) self.assertEqual( nvt['solution'], { "type": "VendorFix", "method": "", "description": "Just update.", }, ) mock_gmp.gmp_protocol.get_nvt.assert_called_with( "1.3.6.1.4.1.25623.1.0.100315")
def test_complex_audit(self, mock_gmp: GmpMockFactory): audit_xml_path = CWD / 'example-audit.xml' audit_xml_str = audit_xml_path.read_text() mock_gmp.mock_response('get_audit', audit_xml_str) self.login('foo', 'bar') response = self.query( ''' query { audit(id: "c4335bf9-de7d-4d45-984a-a4a19709a098") { id name comment alterable averageDuration reports { counts { total finished } currentReport { id creationTime scanStart scanEnd } lastReport { id creationTime scanStart scanEnd complianceCount { yes no incomplete } } } status trend creationTime modificationTime progress results { counts { current } } observers { users groups { name } roles { name } } policy { id name trash } target { id name trash } scanner { id name type trash } schedule { id name trash icalendar timezone duration } alerts { id name } preferences { autoDeleteReports createAssets createAssetsApplyOverrides createAssetsMinQod maxConcurrentHosts maxConcurrentNvts } } } ''' ) json = response.json() self.assertResponseNoErrors(response) audit = json['data']['audit'] self.assertEqual(audit['name'], 'Audit_for_Report') self.assertEqual(audit['id'], 'c4335bf9-de7d-4d45-984a-a4a19709a098') self.assertEqual(audit['comment'], 'foo') self.assertEqual(audit['status'], 'NEW') self.assertEqual(audit['progress'], -1) self.assertIsNone(audit['trend']) self.assertEqual(audit['averageDuration'], 0) reports = audit['reports'] current_report = reports['currentReport'] last_report = reports['lastReport'] compliance_count = last_report['complianceCount'] self.assertEqual( last_report['id'], '001b46dc-fdaa-4fc3-b094-0329805edcd0' ) self.assertEqual( last_report['creationTime'], '2021-02-09T15:54:45+00:00' ) self.assertEqual(last_report['scanStart'], '2021-02-09T15:54:50+00:00') self.assertEqual(last_report['scanEnd'], '2021-02-09T16:11:22+00:00') self.assertEqual( current_report['id'], '12e6275b-6933-4c04-9c8a-5762d8489c9e' ) self.assertEqual( current_report['creationTime'], '2021-02-11T15:07:24+00:00' ) self.assertEqual( current_report['scanStart'], '2021-02-11T15:07:28+00:00' ) self.assertIsNone(current_report['scanEnd']) self.assertEqual(compliance_count['yes'], 3) self.assertEqual(compliance_count['no'], 2) self.assertEqual(compliance_count['incomplete'], 1) self.assertEqual(reports['counts']['total'], 0) target = audit['target'] self.assertEqual(target['id'], '2d161fb3-1867-4683-a5dc-f2e375194552') self.assertEqual(target['name'], '234234Unnamed') scanner = audit['scanner'] self.assertEqual(scanner['id'], '08b69003-5fc2-4037-a479-93b440211c73') self.assertEqual(scanner['name'], 'OpenVAS Default') self.assertEqual(scanner['type'], 'OPENVAS_SCANNER_TYPE') schedule = audit['schedule'] self.assertEqual(schedule['id'], 'fef95cd5-3a0a-4df5-bb73-161f75aa3eda') self.assertEqual( schedule['name'], 'Schedule for alertask - 2020-10-21T08:56:08.850Z' ) self.assertEqual(schedule['duration'], 0) self.assertEqual(schedule['timezone'], 'UTC') self.assertEqual( schedule['icalendar'], """BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Greenbone.net//NONSGML Greenbone Security Manager 21.4.0~dev1~git-a98bd26-master//EN BEGIN:VEVENT DTSTART:20201021T085600Z DURATION:PT0S UID:339d3438-ae77-49cd-a680-505bc0bb026a DTSTAMP:20201021T085608Z END:VEVENT END:VCALENDAR """, ) self.assertEqual( audit['alerts'], [ {'id': '69a80538-161d-424c-ae57-8f0b92950092', 'name': 'Email'}, { 'id': '71bb9279-7204-4275-8ff9-ab9f1a64a7de', 'name': 'Email Clone 1', }, ], ) observers = audit['observers'] self.assertEqual(observers['users'], ['admin']) self.assertEqual( observers['roles'], [{'name': 'Admin'}, {'name': 'Info'}] ) self.assertEqual(observers['groups'], [{'name': 'group'}]) policy = audit['policy'] self.assertEqual(policy['id'], '9f822ad3-9208-4e02-ac03-78dce3ca9a23') self.assertEqual(policy['name'], 'EulerOS Linux Security Configuration') self.assertEqual(policy['trash'], 0) preferences = audit['preferences'] self.assertEqual(len(preferences), 6) self.assertIsNone(preferences['autoDeleteReports']) self.assertEqual(preferences['createAssets'], True) self.assertEqual(preferences['createAssetsApplyOverrides'], True) self.assertEqual(preferences['createAssetsMinQod'], 70) self.assertEqual(preferences['maxConcurrentNvts'], 4) self.assertEqual(preferences['maxConcurrentHosts'], 20)
def test_get_scan_config_nvt_none_fields(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response( 'get_nvt', ''' <get_nvts_response> <nvt oid="1.3.6.1.4.1.25623.1.0.814313"> <name>foo</name> </nvt> </get_nvts_response> ''', ) self.login('foo', 'bar') response = self.query(''' query { scanConfigNvt(id: "1.3.6.1.4.1.25623.1.0.814313") { id name creationTime modificationTime category family cvssBase qod { value } score severities { date } referenceWarning certReferences{ id type } cveReferences{ id type } bidReferences{ id type } otherReferences{ id type } tags { cvssBaseVector } preferenceCount preferences { nvt { id } hrName } timeout defaultTimeout solution{ type } } } ''') json = response.json() self.assertResponseNoErrors(response) nvt = json['data']['scanConfigNvt'] self.assertEqual(nvt['id'], '1.3.6.1.4.1.25623.1.0.814313') self.assertEqual(nvt['name'], 'foo') self.assertIsNone(nvt['category']) self.assertIsNone(nvt['family']) self.assertIsNone(nvt['cvssBase']) self.assertIsNone(nvt['score']) self.assertIsNone(nvt['qod']) self.assertIsNone(nvt['severities']) self.assertIsNone(nvt['referenceWarning']) self.assertIsNone(nvt['certReferences']) self.assertIsNone(nvt['cveReferences']) self.assertIsNone(nvt['bidReferences']) self.assertIsNone(nvt['otherReferences']) self.assertIsNone(nvt['tags']) self.assertIsNone(nvt['preferenceCount']) self.assertIsNone(nvt['preferences']) self.assertIsNone(nvt['timeout']) self.assertIsNone(nvt['defaultTimeout']) self.assertIsNone(nvt['solution'])
def test_get_policy(self, mock_gmp: GmpMockFactory): policy_xml_path = CWD / 'example-policy.xml' policy_xml_str = policy_xml_path.read_text() mock_gmp.mock_response('get_policy', policy_xml_str) self.login('foo', 'bar') response = self.query(''' query { policy (id: "daba56c8-73ec-11df-a475-002264764cea", ) { name id trash familyCount familyGrowing usageType maxNvtCount nvtGrowing knownNvtCount predefined families{ name nvtCount maxNvtCount growing } nvtPreferences{ nvt{ name id } hrName name id type value default alternativeValues } scannerPreferences{ hrName name id type value default alternativeValues } audits{ id name } nvtSelectors{ name include type familyOrNvt } } } ''') json = response.json() self.assertResponseNoErrors(response) policy = json['data']['policy'] self.assertEqual(policy['id'], "daba56c8-73ec-11df-a475-002264764cea") self.assertEqual(policy['name'], 'foo') self.assertEqual(policy['trash'], 0) self.assertEqual(policy['familyCount'], 2) self.assertEqual(policy['usageType'], 'scan') self.assertEqual(policy['maxNvtCount'], 249) self.assertEqual(policy['knownNvtCount'], 3) self.assertEqual(policy['predefined'], True) self.assertEqual( policy['families'], [ { "name": "Port scanners", "nvtCount": 2, "maxNvtCount": 9, "growing": False, }, { "name": "Service detection", "nvtCount": 1, "maxNvtCount": 240, "growing": False, }, ], ) self.assertEqual( policy['nvtPreferences'], [ { "name": "Log failed nmap calls", "id": 13, "nvt": { "name": "Ping Host", "id": "1.3.6.1.4.1.25623.1.0.100315", }, "hrName": "Log failed nmap calls", "type": "checkbox", "value": "no", "default": "no", "alternativeValues": None, }, { "name": "nmap timing policy", "id": 14, "nvt": { "name": "Ping Host", "id": "1.3.6.1.4.1.25623.1.0.100315", }, "hrName": "nmap timing policy", "type": "radio", "value": "Normal", "default": "Normal", "alternativeValues": ["Paranoid", "Sneaky"], }, ], ) self.assertEqual( policy['scannerPreferences'], [ { "name": "auto_enable_dependencies", "id": None, "hrName": "auto_enable_dependencies", "type": None, "value": "1", "default": "1", "alternativeValues": None, }, { "name": "cgi_path", "id": None, "hrName": "cgi_path", "type": None, "value": "/cgi-bin:/scripts", "default": "/cgi-bin:/scripts", "alternativeValues": ["Paranoid", "Sneaky"], }, ], ) self.assertEqual( policy['audits'], [{ "id": "49d082ec-73f5-4b3a-75b5-3b9d9e38d079", "name": "some_name", }], ) self.assertEqual( policy['nvtSelectors'], [ { "name": "f187d4cf-a157-471c-81a6-74990b5da181", "include": True, "type": 2, "familyOrNvt": "1.3.6.1.4.1.25623.1.0.100315", }, { "name": "f187d4cf-a157-471c-81a6-74990b5da181", "include": True, "type": 2, "familyOrNvt": "1.3.6.1.4.1.25623.1.0.14259", }, ], ) self.assertEqual(policy['nvtGrowing'], False) self.assertEqual(policy['familyGrowing'], True)
def test_get_scanner_with_certificate(self, mock_gmp: GmpMockFactory): scanner_xml_path = CWD / 'example-scanner-2.xml' scanner_xml_str = scanner_xml_path.read_text() mock_gmp.mock_response('get_scanner', scanner_xml_str) self.login('foo', 'bar') response = self.query( ''' query { scanner(id: "08b69003-5fc2-4037-a479-93b440211c73"){ id name type host port configs { name } tasks { name } credential { name } caPub { certificate info { activationTime expirationTime issuer md5Fingerprint timeStatus } } } } ''' ) json = response.json() self.assertResponseNoErrors(response) scanner = json['data']['scanner'] self.assertEqual(scanner['id'], '6b2db524-9fb0-45b8-9b56-d958f84cb546') self.assertEqual(scanner['name'], 'OSP Scanner-openvas') self.assertEqual(scanner['type'], "OSP_SCANNER_TYPE") self.assertEqual(scanner['host'], '127.0.0.1') self.assertEqual(scanner['port'], '2346') configs = scanner['configs'] self.assertEqual(len(configs), 3) self.assertEqual(configs[0]['name'], 'Base 2') self.assertIsNone(scanner['tasks']) credential = scanner['credential'] self.assertEqual( credential['name'], 'Credential for Scanner OSP Scanner-openvas' ) ca_pub = scanner['caPub'] self.assertIsNotNone(ca_pub['certificate']) info = ca_pub['info'] self.assertEqual(info['activationTime'], '2019-07-19T13:28:23+00:00') self.assertEqual(info['expirationTime'], '2020-07-18T13:28:23+00:00') self.assertEqual(info['issuer'], 'CN=localhost') self.assertEqual( info['md5Fingerprint'], '09:9f:2e:5c:27:93:be:75:25:55:f9:57:15:44:3d:e0', ) self.assertEqual(info['timeStatus'], 'valid')
def test_grouped_query(self, mock_gmp: GmpMockFactory): """ Test a grouped aggregate that also includes a filter, data columns and sort criteria. """ aggregate_xml_path = CWD / 'example-aggregate-grouped.xml' aggregate_xml_str = aggregate_xml_path.read_text() mock_gmp.mock_response('get_aggregates', aggregate_xml_str) self.login('foo', 'bar') response = self.query( ''' query GetAggregate { aggregate( input: { dataType: NVT filterString: "~openssl" groupColumn: "solution_type" dataColumns: ["severity", "qod"] sortCriteria: [ {field: "severity", stat: MEAN, order: DESCENDING} ] } ) { groups { value count cumulativeCount stats { column min max mean sum cumulativeSum } } columnInfo { name stat entityType column dataType } } } ''' ) json = response.json() self.assertResponseNoErrors(response) mock_gmp.gmp_protocol.get_aggregates.assert_called_with( resource_type=GvmEntityType.NVT, filter='~openssl', data_columns=['severity', 'qod'], group_column='solution_type', subgroup_column=None, text_columns=None, sort_criteria=[ { 'field': 'severity', 'stat': GvmAggregateStatistic.MEAN, 'order': GvmSortOrder.DESCENDING, } ], first_group=None, max_groups=None, mode=None, ) aggregate = json['data']['aggregate'] groups = aggregate['groups'] self.assertEqual(len(groups), 5) self.assertEqual( groups[0], { 'value': 'VendorFix', 'count': 1241, 'cumulativeCount': 1241, 'stats': [ { 'column': 'severity', 'min': 1.2, 'max': 10, 'mean': 6.18187, 'sum': 7671.67, 'cumulativeSum': 7671.67, }, { 'column': 'qod', 'min': 30, 'max': 100, 'mean': 90.9887, 'sum': 112917, 'cumulativeSum': 112917, }, ], }, ) self.assertEqual(groups[1]['value'], 'Mitigation') self.assertEqual(groups[1]['count'], 2) self.assertEqual(groups[1]['cumulativeCount'], 1243) self.assertEqual(groups[1]['stats'][0]['sum'], 10) self.assertEqual(groups[1]['stats'][0]['cumulativeSum'], 7681.67) column_info = aggregate['columnInfo'] self.assertEqual(len(column_info), 13) self.assertEqual(column_info[0]['name'], 'value') self.assertEqual(column_info[0]['stat'], 'VALUE') self.assertEqual(column_info[0]['entityType'], 'NVT') self.assertEqual(column_info[0]['column'], 'solution_type') self.assertEqual(column_info[0]['dataType'], 'text') self.assertEqual(column_info[1]['name'], 'count') self.assertEqual(column_info[1]['stat'], 'COUNT') self.assertEqual(column_info[1]['entityType'], 'NVT') self.assertIsNone(column_info[1]['column']) self.assertEqual(column_info[1]['dataType'], 'integer') self.assertEqual(column_info[5]['name'], 'severity_mean') self.assertEqual(column_info[5]['stat'], 'MEAN') self.assertEqual(column_info[5]['entityType'], 'NVT') self.assertEqual(column_info[5]['column'], 'severity') self.assertEqual(column_info[5]['dataType'], 'cvss')
def test_get_scanner(self, mock_gmp: GmpMockFactory): scanner_xml_path = CWD / 'example-scanner.xml' scanner_xml_str = scanner_xml_path.read_text() mock_gmp.mock_response('get_scanner', scanner_xml_str) self.login('foo', 'bar') response = self.query( ''' query { scanner(id: "08b69003-5fc2-4037-a479-93b440211c73"){ id name type host port configs { name } tasks { name } credential { name } info{ scanner{ name version } daemon{ name version } protocol{ name version } description params { id name default description type mandatory } } } } ''' ) json = response.json() self.assertResponseNoErrors(response) scanner = json['data']['scanner'] self.assertEqual(scanner['id'], '08b69003-5fc2-4037-a479-93b440211c73') self.assertEqual(scanner['name'], 'OpenVAS Default') self.assertEqual(scanner['type'], "OPENVAS_SCANNER_TYPE") self.assertEqual( scanner['host'], '/home/sdiedrich/install/var/run/ospd-openvas.sock' ) self.assertEqual(scanner['port'], '0') self.assertIsNone(scanner['configs']) tasks = scanner['tasks'] self.assertEqual(len(tasks), 2) self.assertEqual(tasks[0]['name'], '012345') self.assertIsNone(scanner['credential']['name']) info = scanner['info'] self.assertIsNotNone(info['description']) scanner_info = info['scanner'] self.assertEqual(scanner_info['name'], 'openvas') self.assertEqual(scanner_info['version'], 'OpenVAS 7.0.0') daemon_info = info['daemon'] self.assertEqual(daemon_info['name'], 'OSPd OpenVAS') self.assertEqual(daemon_info['version'], '20.8a1') protocol_info = info['protocol'] self.assertEqual(protocol_info['name'], 'OSP') self.assertEqual(protocol_info['version'], '1.2') params = info['params'] self.assertEqual(len(params), 19) self.assertEqual(params[0]['id'], "debug_mode") self.assertEqual(params[0]['name'], "Debug Mode") self.assertEqual(params[0]['default'], "0") self.assertEqual( params[0]['description'], "Whether to get extra scan debug information.", ) self.assertEqual(params[0]['type'], "osp_boolean") self.assertFalse(params[0]['mandatory'])
def test_text_column_query(self, mock_gmp: GmpMockFactory): """ Test an aggregate with text columns and limits (firstGroup, maxGroups). """ aggregate_xml_path = CWD / 'example-aggregate-text-columns.xml' aggregate_xml_str = aggregate_xml_path.read_text() mock_gmp.mock_response('get_aggregates', aggregate_xml_str) self.login('foo', 'bar') response = self.query( ''' query GetAggregate { aggregate( input: { dataType: NVT groupColumn: "uuid" textColumns: ["created", "name"] sortCriteria: [ {field: "created", stat:TEXT, order:ASCENDING} ] firstGroup: 10 maxGroups: 25 } ) { groups { value textColumns { column, text } } } } ''' ) json = response.json() self.assertResponseNoErrors(response) mock_gmp.gmp_protocol.get_aggregates.assert_called_with( resource_type=GvmEntityType.NVT, filter=None, data_columns=None, group_column='uuid', subgroup_column=None, text_columns=['created', 'name'], sort_criteria=[ { 'field': 'created', 'stat': GvmAggregateStatistic.TEXT, 'order': GvmSortOrder.ASCENDING, } ], first_group=10, max_groups=25, mode=None, ) aggregate = json['data']['aggregate'] groups = aggregate['groups'] self.assertEqual(len(groups), 25) self.assertEqual( groups[0], { 'value': '1.3.6.1.4.1.25623.1.0.14372', 'textColumns': [ {'column': 'created', 'text': '2005-11-03T13:08:04Z'}, { 'column': 'name', 'text': 'wu-ftpd S/KEY authentication overflow', }, ], }, )
def test_get_preference(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response( 'get_preference', ''' <get_preferences_response status="200" status_text="OK"> <preference> <nvt oid="1.3.6.1.4.1.25623.1.0.999999"> <name>Name of VT</name> </nvt> <id>42</id> <hr_name>Name of preference</hr_name> <name>Name of preference</name> <type>radio</type> <value>Some value</value> <alt>Some alternative1</alt> <alt>Some alternative2</alt> <default>Some default</default> </preference> </get_preferences_response> ''', ) self.login('foo', 'bar') response = self.query(''' query{ preference(name: "<type>:<Name of preference>", nvtOid:"Some NVT OID", configId: "daba56c8-73ec-11df-a475-002264764cea" ){ nvt { oid name } hrName name type value alt default } } ''') json = response.json() preference = json['data']['preference'] self.assertResponseNoErrors(response) self.assertEqual(preference['nvt']['oid'], '1.3.6.1.4.1.25623.1.0.999999') self.assertEqual(preference['nvt']['name'], 'Name of VT') self.assertEqual(preference['hrName'], 'Name of preference') self.assertEqual(preference['name'], 'Name of preference') self.assertEqual(preference['type'], 'radio') self.assertEqual(preference['value'], 'Some value') self.assertEqual(preference['alt'], ['Some alternative1', 'Some alternative2']) self.assertEqual(preference['default'], 'Some default') mock_gmp.gmp_protocol.get_preference.assert_called_with( name="<type>:<Name of preference>", nvt_oid="Some NVT OID", config_id="daba56c8-73ec-11df-a475-002264764cea", )
def test_minimal_query(self, mock_gmp: GmpMockFactory): """ Test a minimal query only giving the data type and returning only an overall count. """ aggregate_xml_path = CWD / 'example-aggregate-minimal.xml' aggregate_xml_str = aggregate_xml_path.read_text() mock_gmp.mock_response('get_aggregates', aggregate_xml_str) self.login('foo', 'bar') response = self.query( ''' query GetAggregate { aggregate( input: { dataType: NVT } ) { overall { count } columnInfo { name stat entityType column dataType } } } ''' ) json = response.json() self.assertResponseNoErrors(response) mock_gmp.gmp_protocol.get_aggregates.assert_called_with( resource_type=GvmEntityType.NVT, filter=None, data_columns=None, group_column=None, subgroup_column=None, text_columns=None, sort_criteria=None, first_group=None, max_groups=None, mode=None, ) aggregate = json['data']['aggregate'] self.assertEqual(aggregate['overall']['count'], 85949) column_info = aggregate['columnInfo'] self.assertEqual(len(column_info), 2) self.assertEqual(column_info[0]['name'], 'count') self.assertEqual(column_info[0]['stat'], 'COUNT') self.assertEqual(column_info[0]['entityType'], 'NVT') self.assertIsNone(column_info[0]['column']) self.assertEqual(column_info[0]['dataType'], 'integer') self.assertEqual(column_info[1]['name'], 'c_count') self.assertEqual(column_info[1]['stat'], 'C_COUNT') self.assertEqual(column_info[1]['entityType'], 'NVT') self.assertIsNone(column_info[1]['column']) self.assertEqual(column_info[1]['dataType'], 'integer')
def test_get_alerts(self, mock_gmp: GmpMockFactory): alerts_xml_path = CWD / 'example-alert-list.xml' alerts_xml_str = alerts_xml_path.read_text() mock_gmp.mock_response('get_alerts', alerts_xml_str) self.login('foo', 'bar') response = self.query(''' query { alerts { nodes { name id inUse comment writable owner creationTime modificationTime filter { trash name id } tasks { id name } event { type data { name value } } condition { type data { name value } } method { type data { name value } } permissions { name } active } } } ''') json = response.json() self.assertResponseNoErrors(response) alerts = json['data']['alerts']['nodes'] self.assertEqual(len(alerts), 2) alert1 = alerts[0] alert2 = alerts[1] # Alert 1 self.assertEqual(alert1['id'], '63431604-1cd5-402c-bb05-748e130edb03') self.assertEqual(alert1['name'], 'foo') self.assertIsNone(alert1['tasks']) self.assertIsNone(alert1['comment']) self.assertEqual(alert1['inUse'], False) self.assertEqual(alert1['writable'], True) self.assertEqual(alert1['active'], True) self.assertEqual(alert1['creationTime'], '2020-08-06T11:34:15+00:00') self.assertEqual(alert1['modificationTime'], '2020-08-06T11:34:15+00:00') self.assertEqual(alert1['permissions'][0]['name'], 'Everything') self.assertIsNone(alert1['filter']) event1 = alert1['event'] event_data1 = event1['data'] self.assertEqual(event1['type'], 'Task run status changed') self.assertEqual(event_data1[0]['name'], 'status') self.assertEqual(event_data1[0]['value'], 'Done') method1 = alert1['method'] method_data1 = method1['data'] self.assertEqual(len(method_data1), 11) self.assertEqual(method1['type'], 'Alemba vFire') self.assertEqual(method_data1[0]['name'], 'report_formats') self.assertEqual(method_data1[0]['value'], 'c1645568-627a-11e3-a660-406186ea4fc5') self.assertEqual(method_data1[1]['name'], 'vfire_base_url') self.assertEqual(method_data1[1]['value'], '127.0.0.1') # Alert 2 self.assertEqual(alert2['id'], '3a39bea5-fc9f-41f4-9107-7e0e69db9035') self.assertEqual(alert2['name'], 'bar') self.assertEqual(alert2['comment'], 'baz') self.assertEqual(alert2['inUse'], True) self.assertEqual(alert2['writable'], True) self.assertEqual(alert2['active'], True) self.assertEqual(alert2['creationTime'], '2020-08-06T11:30:41+00:00') self.assertEqual(alert2['modificationTime'], '2020-08-07T09:26:05+00:00') self.assertEqual(alert2['permissions'][0]['name'], 'Everything') self.assertEqual(len(alert2['tasks']), 1) self.assertEqual(alert2['tasks'][0]['name'], 'scan_local') self.assertEqual(alert2['tasks'][0]['id'], '173a38fe-1038-48a6-9c48-a623ffc04ba8') filter2 = alert2['filter'] self.assertEqual(filter2['id'], '75c8145d-b00c-408f-8907-6664d5ce6108') self.assertEqual(filter2['name'], 'resultFilter') self.assertEqual(filter2['trash'], 0) event2 = alert2['event'] event_data2 = event2['data'] self.assertEqual(event2['type'], 'Updated SecInfo arrived') self.assertEqual(event_data2[0]['name'], 'secinfo_type') self.assertEqual(event_data2[0]['value'], 'nvt') method2 = alert2['method'] method_data2 = method2['data'] self.assertEqual(len(method_data2), 7) self.assertEqual(method2['type'], 'Email') self.assertEqual(method_data2[0]['name'], 'notice') self.assertEqual(method_data2[0]['value'], '1') self.assertEqual(method_data2[1]['name'], 'from_address') self.assertEqual(method_data2[1]['value'], '*****@*****.**')
def test_get_result_none_fields(self, mock_gmp: GmpMockFactory): mock_gmp.mock_response( 'get_result', ''' <get_results_response> <result id="1f3261c9-e47c-4a21-b677-826ea92d1d59"> <name>abc</name> </result> </get_results_response> ''', ) self.login('foo', 'bar') response = self.query(''' query { result ( id: "1f3261c9-e47c-4a21-b677-826ea92d1d59" ) { id name owner originResult{ id details{ name value } } overrides{ id active creationTime modificationTime text endTime severity newSeverity } report { id } task { id name } originalSeverity creationTime modificationTime host { ip id hostname } location information { __typename ... on ResultNVT{ id version score severities { type score vector } } } severity qod { value type } description notes { id creationTime modificationTime active text } tickets { id } userTags { count tags { id name } } } } ''') json = response.json() self.assertResponseNoErrors(response) result = json['data']['result'] self.assertEqual(result['id'], '1f3261c9-e47c-4a21-b677-826ea92d1d59') self.assertEqual(result['name'], 'abc') self.assertIsNone(result['owner']) self.assertIsNone(result['creationTime']) self.assertIsNone(result['modificationTime']) self.assertIsNone(result['originResult']) self.assertIsNone(result['report']) self.assertIsNone(result['task']) self.assertIsNone(result['host']) self.assertIsNone(result['location']) self.assertIsNone(result['severity']) self.assertIsNone(result['qod']) self.assertIsNone(result['originalSeverity']) self.assertIsNone(result['information']) self.assertIsNone(result['description']) self.assertIsNone(result['notes']) self.assertIsNone(result['overrides']) self.assertIsNone(result['tickets']) self.assertIsNone(result['userTags'])
def test_complex_dfn_cert_advisory(self, mock_gmp: GmpMockFactory): dfn_cert_advisory_xml_path = CWD / 'example-dfn-cert.xml' dfn_cert_advisory_xml_str = dfn_cert_advisory_xml_path.read_text() mock_gmp.mock_response('get_info', dfn_cert_advisory_xml_str) self.login('foo', 'bar') response = self.query(''' query { dfnCertAdvisory(id: "DFN-CERT-2008-0644" ) { id name updateTime title summary maxCvss cveRefs cves link author { name uri } } } ''') json = response.json() self.assertResponseNoErrors(response) dfn_cert_advisory = json['data']['dfnCertAdvisory'] self.assertEqual( dfn_cert_advisory['name'], 'DFN-CERT-2008-0644', ) self.assertEqual( dfn_cert_advisory['id'], 'DFN-CERT-2008-0644', ) self.assertEqual( dfn_cert_advisory['title'], 'Schwachstelle im HP Software Update (Windows)', ) self.assertEqual( dfn_cert_advisory['summary'], '''Aufgrund mehrerer fehlerhafter ActiveX Controls im HP Software Update kann ein entfernter Angreifer im schlimmsten Fall beliebige Befehle mit den Rechten der Anwendung ausführen.''', ) self.assertEqual(dfn_cert_advisory['maxCvss'], 6.8) self.assertEqual(dfn_cert_advisory['cveRefs'], 1) self.assertEqual( dfn_cert_advisory['link'], 'https://adv-archiv.dfn-cert.de/adv/2008-0644/', ) self.assertEqual(dfn_cert_advisory['cves'], ['CVE-2008-0712']) self.assertEqual(dfn_cert_advisory['cveRefs'], 1) self.assertEqual(dfn_cert_advisory['cveRefs'], 1) self.assertIsNotNone(dfn_cert_advisory['author']) author = dfn_cert_advisory['author'] self.assertEqual(author['name'], 'DFN-CERT Services GmbH')