def test_pickleable_vuln(self): original_vuln = MockVuln() kb.append('a', 'b', original_vuln) unpickled_vuln = kb.get('a', 'b')[0] self.assertEqual(original_vuln, unpickled_vuln)
def test_pickleable_info(self): original_info = MockInfo() kb.append('a', 'b', original_info) unpickled_info = kb.get('a', 'b')[0] self.assertEqual(original_info, unpickled_info)
def test_return_all_for_plugin(self): i1 = MockInfo() i2 = MockInfo() i3 = MockInfo() kb.append('a', 'b', i1) kb.append('a', 'b', i2) kb.append('a', 'b', i3) self.assertEqual(kb.get('a', 'b'), [i1, i2, i3])
def test_append_uniq_var_bug_10Dec2012(self): i1 = MockInfo() i1.set_uri(URL('http://moth/abc.html')) i1.set_var('id') i2 = MockInfo() i2.set_uri(URL('http://moth/abc.html')) i2.set_var('id') kb.append_uniq('a', 'b', i1) kb.append_uniq('a', 'b', i2) self.assertEqual(kb.get('a', 'b'), [i1, ])
def test_append(self): i1 = MockInfo() i2 = MockInfo() i3 = MockInfo() kb.append('a', 'b', i1) kb.append('a', 'b', i1) kb.append('a', 'b', i1) kb.append('a', 'b', i2) kb.append('a', 'b', i3) self.assertEqual(kb.get('a', 'b'), [i1, i1, i1, i2, i3])
def test_append_uniq_var_bug_10Dec2012(self): i1 = MockInfo() i1.set_uri(URL('http://moth/abc.html')) i1.set_var('id') i2 = MockInfo() i2.set_uri(URL('http://moth/abc.html')) i2.set_var('id') kb.append_uniq('a', 'b', i1) kb.append_uniq('a', 'b', i2) self.assertEqual(kb.get('a', 'b'), [ i1, ])
def test_append_uniq_url_different(self): i1 = MockInfo() i1.set_uri(URL('http://moth/abc.html?id=1')) i1.set_dc(QueryString([('id', '1')])) i1.set_var('id') i2 = MockInfo() i2.set_uri(URL('http://moth/def.html?id=3')) i2.set_dc(QueryString([('id', '3')])) i2.set_var('id') kb.append_uniq('a', 'b', i1, filter_by='URL') kb.append_uniq('a', 'b', i2, filter_by='URL') self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_save_append(self): ''' Although calling raw_write and then append is highly discouraged, someone would want to use it. ''' i0 = MockInfo() self.assertRaises(TypeError, kb.raw_write, 'a', 'b', i0) i1 = MockInfo() i2 = MockInfo() kb.append('a', 'b', i1) kb.append('a', 'b', i2) self.assertEqual(kb.get('a', 'b'), [i1, i2])
def test_append_uniq_var_default(self): i1 = MockInfo() i1.set_uri(URL('http://moth/abc.html?id=1')) i1.set_dc(QueryString([('id', '1')])) i1.set_var('id') i2 = MockInfo() i2.set_uri(URL('http://moth/abc.html?id=3')) i2.set_dc(QueryString([('id', '3')])) i2.set_var('id') kb.append_uniq('a', 'b', i1) kb.append_uniq('a', 'b', i2) self.assertEqual(kb.get('a', 'b'), [i1, ])
def test_pickleable_shells(self): pool = Pool(1) xurllib = ExtendedUrllib() original_shell = Shell(MockVuln(), xurllib, pool) kb.append('a', 'b', original_shell) unpickled_shell = kb.get('a', 'b')[0] self.assertEqual(original_shell, unpickled_shell) self.assertEqual(unpickled_shell.worker_pool, None) self.assertEqual(unpickled_shell._uri_opener, None) pool.terminate() pool.join()
def test_store_in_kb(self): dt = DAVTemplate() dt.store_in_kb() stored_data = kb.get(*dt.get_kb_location()) self.assertEqual(len(stored_data), 1) stored_vuln = stored_data[0] created_vuln = dt.create_vuln() stored_vuln.set_id(created_vuln.get_id()) self.assertEqual(stored_vuln, created_vuln)
def test_append_uniq_var_default(self): i1 = MockInfo() i1.set_uri(URL('http://moth/abc.html?id=1')) i1.set_dc(QueryString([('id', '1')])) i1.set_var('id') i2 = MockInfo() i2.set_uri(URL('http://moth/abc.html?id=3')) i2.set_dc(QueryString([('id', '3')])) i2.set_var('id') kb.append_uniq('a', 'b', i1) kb.append_uniq('a', 'b', i2) self.assertEqual(kb.get('a', 'b'), [ i1, ])
def test_strategy_run(self): core = w3afCore() target = core.target.get_options() target['target'].set_value(self.TARGET_URL) core.target.set_options(target) core.plugins.set_plugins(['sqli',], 'audit') core.plugins.init_plugins() core.verify_environment() core.scan_start_hook() def verify_threads_running(functor): thread_names = [t.name for t in threading.enumerate()] self.assertIn('WorkerThread', thread_names) self.called_teardown_audit = True return functor self.called_teardown_audit = False strategy = w3af_core_strategy(core) strategy._teardown_audit = verify_threads_running(strategy._teardown_audit) strategy.start() # Now test that those threads are being terminated self.assertTrue(self.called_teardown_audit) vulns = kb.get('sqli', 'sqli') self.assertEqual(len(vulns), 1) core.exploit_phase_prerequisites = lambda: 42 core.scan_end_hook() thread_names = [t.name for t in threading.enumerate()] self.assertEqual(len(thread_names), 3, thread_names) thread_names = set(thread_names) expected_names = set(['MainThread', 'SQLiteExecutor', 'OutputManager']) self.assertEqual(thread_names, expected_names)
def test_default_get(self): self.assertEqual(kb.get('a', 'b'), [])
def test_default_first_saved(self): kb.raw_write('a', 'b', 'c') self.assertEqual(kb.get('a', 'not-exist'), []) self.assertEqual(kb.raw_read('a', 'not-exist'), [])