class TestFalsePositiveFindBackdoor2017_1(PluginTest):
"""
:see: https://github.com/andresriancho/w3af/issues/2017
"""
domain = 'httpretty-mock'
target_url = 'http://%s/' % domain
APACHE_403 = get_apache_403('/foobar', domain)
MOCK_RESPONSES = [MockResponse(re.compile('(.*)'), APACHE_403, status=403)]
def test_2017_false_positive_backdoor_1(self):
cfg = run_configs['base']
self._scan(self.target_url, cfg['plugins'])
vulns = self.kb.get('find_backdoors', 'backdoors')
self.assertEqual(len(vulns), 0, vulns)
class TestFalsePositiveFindBackdoor2017_2(PluginTest):
domain = 'httpretty-mock'
target_url = 'http://%s/' % domain
APACHE_403 = get_apache_403('/forbidden/foobar', domain)
MOCK_RESPONSES = [MockResponse('/', '<a href="/forbidden/">403</a>'),
MockResponse('/forbidden/c99shell.php',
'<HTML><title>c99shell</title>'),
MockResponse(re.compile('http://.*?/forbidden/.*'),
APACHE_403, status=403)]
def test_2017_false_positive_backdoor_2(self):
cfg = run_configs['crawl']
self._scan(self.target_url, cfg['plugins'])
vulns = self.kb.get('find_backdoors', 'backdoors')
self.assertEqual(len(vulns), 1, vulns)
class TestFalsePositiveFindBackdoor2017_1(PluginTest):
"""
:see: https://github.com/andresriancho/w3af/issues/2017
"""
# TODO: Here I'm appending "-1" because of some strange cache issue with
# the previous test. I need to debug and fix this issue to prevent other
# unittests from breaking!
domain = 'httpretty-mock-1'
target_url = 'http://%s/' % domain
APACHE_403 = get_apache_403('/foobar', domain)
MOCK_RESPONSES = [MockResponse(re.compile('(.*)'), APACHE_403, status=403)]
def test_2017_false_positive_backdoor(self):
cfg = run_configs['base']
self._scan(self.target_url, cfg['plugins'])
vulns = self.kb.get('find_backdoors', 'backdoors')
self.assertEqual(len(vulns), 0, vulns)