def _setup_audit(self):
"""
Starts the audit plugin consumer
"""
om.out.debug('Called _setup_audit()')
audit_plugins = self._w3af_core.plugins.plugins['audit']
if audit_plugins:
self._audit_consumer = audit(audit_plugins, self._w3af_core)
self._audit_consumer.start()
def _setup_audit(self):
"""
Starts the audit plugin consumer
"""
om.out.debug('Called _setup_audit()')
audit_plugins = self._w3af_core.plugins.plugins['audit']
if audit_plugins:
self._audit_consumer = audit(audit_plugins, self._w3af_core)
self._audit_consumer.start()
def test_teardown_with_must_stop_exception(self):
w3af_core = w3afCore()
xss_instance = xss()
xss_instance.set_url_opener(w3af_core.uri_opener)
xss_instance.set_worker_pool(w3af_core.worker_pool)
audit_plugins = [xss_instance]
audit_consumer = audit(audit_plugins, w3af_core)
audit_consumer.start()
url = 'http://w3af.org/?id=1'
httpretty.register_uri(httpretty.GET,
url,
body='hello world',
content_type='application/html')
url = URL(url)
fr = FuzzableRequest(url)
# This will trigger a few HTTP requests to the target URL which will
# also initialize all the xss plugin internals to be able to run end()
# later.
audit_consumer.in_queue_put(fr)
kb.kb.add_fuzzable_request(fr)
# Now that xss.audit() was called, we want to simulate network errors
# that will put the uri opener in a state where it always answers with
# ScanMustStopException
w3af_core.uri_opener._stop_exception = ScanMustStopException('mock')
# And now we just call terminate() which injects the poison pill and will
# call teardown, which should call xss.end(), which should try to send HTTP
# requests, which will raise a ScanMustStopException
with patch('w3af.core.controllers.core_helpers.consumers.audit.om.out'
) as om_mock:
audit_consumer.terminate()
msg = ('Spent 0.00 seconds running xss.end() until a scan must'
' stop exception was raised.')
self.assertIn(call.debug(msg), om_mock.mock_calls)
def test_teardown_with_must_stop_exception(self):
w3af_core = w3afCore()
xss_instance = xss()
xss_instance.set_url_opener(w3af_core.uri_opener)
xss_instance.set_worker_pool(w3af_core.worker_pool)
audit_plugins = [xss_instance]
audit_consumer = audit(audit_plugins, w3af_core)
audit_consumer.start()
url = 'http://w3af.org/?id=1'
httpretty.register_uri(httpretty.GET, url,
body='hello world',
content_type='application/html')
url = URL(url)
fr = FuzzableRequest(url)
# This will trigger a few HTTP requests to the target URL which will
# also initialize all the xss plugin internals to be able to run end()
# later.
audit_consumer.in_queue_put(fr)
kb.kb.add_fuzzable_request(fr)
# Now that xss.audit() was called, we want to simulate network errors
# that will put the uri opener in a state where it always answers with
# ScanMustStopException
w3af_core.uri_opener._stop_exception = ScanMustStopException('mock')
# And now we just call terminate() which injects the poison pill and will
# call teardown, which should call xss.end(), which should try to send HTTP
# requests, which will raise a ScanMustStopException
with patch('w3af.core.controllers.core_helpers.consumers.audit.om.out') as om_mock:
audit_consumer.terminate()
msg = ('Spent 0.00 seconds running xss.end() until a scan must'
' stop exception was raised.')
self.assertIn(call.debug(msg), om_mock.mock_calls)
