def test_nikto(): plugin_name = "testing/scan/nikto" csv_file = "test_nikto.csv" print "Testing plugin: %s" % plugin_name audit_config = AuditConfig() audit_config.targets = ["www.example.com", "localhost"] audit_config.include_subdomains = False with PluginTester(audit_config = audit_config) as t: print "Testing Nikto plugin parser..." plugin, plugin_info = t.get_plugin(plugin_name) Config._context._PluginContext__plugin_info = plugin_info try: r, c = plugin.parse_nikto_results(BaseUrl("http://www.example.com/"), path.join(here, csv_file)) #for d in r: #print "-" * 10 #print repr(d) assert c == 3 assert len(r) == 5 c = defaultdict(int) for d in r: c[d.__class__.__name__] += 1 #print c assert c.pop("IP") == 1 assert c.pop("Url") == 1 assert c.pop("UrlVulnerability") == 3 assert len(c) == 0 finally: Config._context._PluginContext__plugin_info = None print "Testing Nikto plugin against localhost..." r = t.run_plugin(plugin_name, BaseUrl("http://localhost/")) for d in r: print "\t%r" % d
def test_auditdb_dump(): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = "sqlite://test_auditdb.db" with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert t.audit.name == "test_auditdb" assert type(disk) is AuditSQLiteDB assert disk.filename == "test_auditdb.db" assert disk.connection_url == "sqlite://test_auditdb.db" print "Testing the audit database dump..." print " -> Writing..." for x in xrange(30): d1 = Url("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) disk.mark_plugin_finished(d1.identity, "some_plugin") disk.mark_plugin_finished(d2.identity, "some_plugin") disk.mark_plugin_finished(d3.identity, "some_plugin") disk.mark_stage_finished(d1.identity, 1) disk.mark_stage_finished(d2.identity, 2) disk.mark_stage_finished(d3.identity, 3) disk.add_shared_values("fake_set_id", ( "string", u"unicode", 100, 200L, 5.0, True, False, complex(1, 1), None, frozenset({"string", 100, 1.0}), (None, True, False), )) disk.put_mapped_values("fake_map_id", ( ("a_string", "string"), ("a_unicode_string", u"unicode"), ("an_integer", 100), ("a_long", 200L), ("a_float", 5.0), ("a_bool", True), ("another_bool", False), ("a_complex", complex(1, 1)), ("none", None), ("a_frozenset", frozenset({"string", 100, 1.0})), ("a_tuple", (None, True, False)), )) print " -> Dumping..." disk.dump("test_auditdb.sql")
def do_scan_create(self, audit_config): """ Implementation of: /scan/create :param audit_config: Audit configuration. :type audit_config: dict(str -> \\*) """ # Load the audit configuration from the dictionary. o_audit_config = AuditConfig() o_audit_config.from_dictionary(audit_config) # Create the new audit. start_audit(o_audit_config)
def helper_test_auditdb_consistency_setup(audit_name, audit_db): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_name = audit_name audit_config.audit_db = audit_db with PluginTester(main_config, audit_config) as t: print "--> Testing general consistency..." helper_test_auditdb_general_consistency(t.audit.database) print "--> Testing data consistency..." for x in xrange(100): key = generate_random_string(10) data = generate_random_string(100) helper_test_auditdb_data_consistency(t.audit.database, key, data)
def test_import(): print "Testing OpenVAS importer..." orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["192.168.56.101"] audit_config.audit_db = ":memory:" with PluginTester(orchestrator_config, audit_config) as t: t.run_plugin("import/xml_openvas", path.join(here, "test_openvas.xml")) results = Database.get_many( Database.keys(Data.TYPE_VULNERABILITY) ) assert len(results) == 1, len(results) v = results[0] assert v.level == "informational", v.level assert v.plugin_id == "import/xml_openvas", v.plugin_id assert "Remote web server does not reply with 404 error code." in v.description, v.description
def validate(audit): audit = AuditConfig() audit.from_dictionary({ "audit_name": audit, "audit_db": "sqlite://%s.db" % audit, }) disk = AuditDB(audit) try: # Make sure all objects completed all stages. for stage in sorted(PluginManager.STAGES.values()): assert disk.get_pending_data(stage) == set() finally: disk.close()
def test_scope_example(): print "Testing scope with: www.example.com" main_config = OrchestratorConfig() main_config.ui_mode = "disabled" main_config.use_colors = False audit_config = AuditConfig() audit_config.targets = ["http://www.example.com"] audit_config.include_subdomains = True with PluginTester(main_config, audit_config) as t: print Config.audit_scope for token, flag in ( (None, False), ("", False), ("www.example.com", True), ("example.com", True), ("com", False), ("subdomain.example.com", True), ("subdomain.www.example.com", True), ("www.example.org", False), ("wwwexample.com", False), ("www.wrong.com", False), ("127.0.0.1", False), ("::1", False), ("[::1]", False), ("http://www.example.com", True), ("https://example.com", True), ("ftp://ftp.example.com", True), ("mailto://[email protected]", True), ##("*****@*****.**", True), ): assert ((token in Config.audit_scope) == flag), repr(token) assert gethostbyname("www.example.com") in Config.audit_scope for address in gethostbyname_ex("www.example.com")[2]: assert address in Config.audit_scope for register in DNS.get_a("www.example.com"): assert register.address in Config.audit_scope for register in DNS.get_aaaa("www.example.com"): assert register.address in Config.audit_scope assert "[%s]" % register.address in Config.audit_scope for register in DNS.get_a("www.google.com"): assert register.address not in Config.audit_scope for register in DNS.get_aaaa("www.google.com"): assert register.address not in Config.audit_scope assert "[%s]" % register.address not in Config.audit_scope
def test_nikto(): DEBUG = False ##DEBUG = True plugin_id = "testing/scan/nikto" csv_file = "test_nikto.csv" print "Testing plugin: %s" % plugin_id orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "console" audit_config = AuditConfig() audit_config.targets = ["http://www.example.com", "http://localhost"] audit_config.include_subdomains = False audit_config.enable_plugins = ["nikto"] audit_config.disable_plugins = ["all"] with PluginTester(orchestrator_config = orchestrator_config, audit_config = audit_config) as t: print "Testing Nikto plugin parser..." plugin, plugin_info = t.get_plugin(plugin_id) Config._context._PluginContext__plugin_info = plugin_info try: r, c = plugin.parse_nikto_results( BaseUrl("http://www.example.com/"), path.join(here, csv_file)) if DEBUG: for d in r: print "-" * 10 print repr(d) assert c == 6, c assert len(r) == 10, len(r) c = defaultdict(int) for d in r: c[d.__class__.__name__] += 1 #print c assert c.pop("IP") == 1 assert c.pop("Url") == 3 assert c.pop("UncategorizedVulnerability") == 6 assert len(c) == 0 finally: Config._context._PluginContext__plugin_info = None print "Testing Nikto plugin against localhost..." r = t.run_plugin(plugin_id, BaseUrl("http://localhost/")) for d in r: print "\t%r" % d
def test_scope_example(): print "Testing scope with: www.example.com" main_config = OrchestratorConfig() main_config.ui_mode = "disabled" main_config.use_colors = False audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.include_subdomains = True with PluginTester(main_config, audit_config) as t: assert None not in Config.audit_scope assert "" not in Config.audit_scope assert "www.example.com" in Config.audit_scope assert "example.com" in Config.audit_scope assert "com" not in Config.audit_scope assert "subdomain.example.com" in Config.audit_scope assert "subdomain.www.example.com" in Config.audit_scope assert "www.example.org" not in Config.audit_scope assert "wwwexample.com" not in Config.audit_scope assert "www.wrong.com" not in Config.audit_scope assert "127.0.0.1" not in Config.audit_scope assert "::1" not in Config.audit_scope assert "[::1]" not in Config.audit_scope assert "http://www.example.com" in Config.audit_scope assert "https://example.com" in Config.audit_scope assert "ftp://ftp.example.com" in Config.audit_scope assert "mailto://[email protected]" in Config.audit_scope ## assert "*****@*****.**" in Config.audit_scope assert gethostbyname("www.example.com") in Config.audit_scope for address in gethostbyname_ex("www.example.com")[2]: assert address in Config.audit_scope for register in DNS.get_a("www.example.com"): assert register.address in Config.audit_scope for register in DNS.get_aaaa("www.example.com"): assert register.address in Config.audit_scope assert "[%s]" % register.address in Config.audit_scope for register in DNS.get_a("www.google.com"): assert register.address not in Config.audit_scope for register in DNS.get_aaaa("www.google.com"): assert register.address not in Config.audit_scope assert "[%s]" % register.address not in Config.audit_scope
def test(): config = OrchestratorConfig() config.from_dictionary({ "plugins_folder": path.abspath(path.join(here, "plugin_tests")), "ui_mode": "test", }) audit = AuditConfig() audit.from_dictionary({ "targets": ["http://www.example.com/folder/subfolder/index.html",], "reports": ["-",], "audit_db": "", }) ##audit.plugin_load_overrides = [(True, "recon/test")] # XXX DEBUG shorter run try: print "Launching GoLismero..." print t1 = time.time() code = run(config, audit) t2 = time.time() print print "GoLismero ran for %f seconds" % (t2 - t1) print assert code == 0 print "Validating the audit database..." print validate(audit) finally: print "Cleaning up..." print try: os.unlink("%s.db" % audit.audit_name) except Exception: pass print "Done!"
def test_scope_localhost(): print "Testing scope with: localhost" main_config = OrchestratorConfig() main_config.ui_mode = "disabled" main_config.use_colors = False audit_config = AuditConfig() audit_config.targets = ["localhost"] audit_config.include_subdomains = True with PluginTester(main_config, audit_config) as t: assert None not in Config.audit_scope assert "" not in Config.audit_scope assert "www.example.com" not in Config.audit_scope assert "localhost.com" not in Config.audit_scope assert "www.localhost.com" not in Config.audit_scope assert "localhost" in Config.audit_scope assert "subdomain.localhost" in Config.audit_scope assert "127.0.0.1" in Config.audit_scope assert "::1" in Config.audit_scope assert "[::1]" in Config.audit_scope assert "http://localhost" in Config.audit_scope assert "mailto://user@localhost" in Config.audit_scope ## assert "user@localhost" in Config.audit_scope assert gethostbyname("localhost") in Config.audit_scope for address in gethostbyname_ex("localhost")[2]: assert address in Config.audit_scope for register in DNS.get_a("localhost"): assert register.address in Config.audit_scope for register in DNS.get_aaaa("localhost"): assert register.address in Config.audit_scope assert "[%s]" % register.address in Config.audit_scope for register in DNS.get_a("www.google.com"): assert register.address not in Config.audit_scope for register in DNS.get_aaaa("www.google.com"): assert register.address not in Config.audit_scope assert "[%s]" % register.address not in Config.audit_scope
def test_nikto(): DEBUG = False ##DEBUG = True plugin_id = "testing/scan/nikto" csv_file = "test_nikto.csv" print "Testing plugin: %s" % plugin_id orchestrator_config = OrchestratorConfig() orchestrator_config.ui_mode = "console" audit_config = AuditConfig() audit_config.targets = ["http://www.example.com", "http://localhost"] audit_config.include_subdomains = False audit_config.enable_plugins = ["nikto"] audit_config.disable_plugins = ["all"] with PluginTester(orchestrator_config = orchestrator_config, audit_config = audit_config) as t: print "Testing Nikto plugin parser..." plugin, plugin_info = t.get_plugin(plugin_id) Config._context._PluginContext__plugin_info = plugin_info try: r, c = plugin.parse_nikto_results( BaseURL("http://www.example.com/"), path.join(here, csv_file)) if DEBUG: for d in r: print "-" * 10 print repr(d) assert c == 6, c assert len(r) == 10, len(r) c = defaultdict(int) for d in r: c[d.__class__.__name__] += 1 #print c assert c.pop("IP") == 1 assert c.pop("URL") == 3 assert c.pop("UncategorizedVulnerability") == 6 assert len(c) == 0 finally: Config._context._PluginContext__plugin_info = None print "Testing Nikto plugin against localhost..." r = t.run_plugin(plugin_id, BaseURL("http://localhost/")) for d in r: print "\t%r" % d
def main(): # Get the command line parser. parser = cmdline_parser() # Parse the command line options. try: args = sys.argv[1:] envcfg = getenv("GOLISMERO_SETTINGS") if envcfg: args = parser.convert_arg_line_to_args(envcfg) + args P = parser.parse_args(args) command = P.command.upper() if command in COMMANDS: P.command = command else: P.targets.insert(0, P.command) P.command = "SCAN" # Load the Orchestrator options. cmdParams = OrchestratorConfig() cmdParams.command = P.command if P.config: cmdParams.config_file = path.abspath(P.config) if not path.isfile(cmdParams.config_file): raise ValueError("File not found: %r" % cmdParams.config_file) if cmdParams.config_file: cmdParams.from_config_file(cmdParams.config_file, allow_profile = True) if P.profile: cmdParams.profile = P.profile cmdParams.profile_file = get_profile(cmdParams.profile) if cmdParams.profile_file: cmdParams.from_config_file(cmdParams.profile_file) cmdParams.from_object(P) cmdParams.plugin_load_overrides = P.plugin_load_overrides # Enable console colors if requested. Console.use_colors = cmdParams.color # Show the program banner. parser.must_show_banner = False if cmdParams.verbose: show_banner() # Load the target audit options. auditParams = AuditConfig() auditParams.profile = cmdParams.profile auditParams.profile_file = cmdParams.profile_file auditParams.config_file = cmdParams.config_file if auditParams.config_file: auditParams.from_config_file(auditParams.config_file) if auditParams.profile_file: auditParams.from_config_file(auditParams.profile_file) auditParams.from_object(P) auditParams.plugin_load_overrides = P.plugin_load_overrides # If importing is turned off, remove the list of imports. if P.disable_importing: auditParams.imports = [] # If reports are turned off, remove the list of reports. # Otherwise, if no reports are specified, default to screen report. if P.disable_reporting: auditParams.reports = [] elif not auditParams.reports and P.command in ("SCAN", "REPORT"): auditParams.reports = ["-"] if auditParams.only_vulns is None: auditParams.only_vulns = True # Show exceptions as command line parsing errors. except Exception, e: ##raise # XXX DEBUG parser.error(str(e))
def helper_auditdb_stress(n, dbname = ":auto:"): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = dbname with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert type(disk) is AuditSQLiteDB print " Testing %d elements..." % (n * 3) t1 = time.time() print " -> Writing..." for x in xrange(n): d1 = Url("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) t2 = time.time() print " -- Reading..." keys = disk.get_data_keys() assert len(keys) == (n * 3) for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None keys = disk.get_data_keys(Data.TYPE_INFORMATION) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_INFORMATION) data = disk.get_data(key, Data.TYPE_INFORMATION) assert data is not None assert data.data_type == Data.TYPE_INFORMATION assert isinstance(data, Text) keys = disk.get_data_keys(Data.TYPE_RESOURCE) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_RESOURCE) data = disk.get_data(key, Data.TYPE_RESOURCE) assert data is not None assert data.data_type == Data.TYPE_RESOURCE assert isinstance(data, Url) keys = disk.get_data_keys(Data.TYPE_VULNERABILITY) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_VULNERABILITY) data = disk.get_data(key, Data.TYPE_VULNERABILITY) assert data is not None assert data.data_type == Data.TYPE_VULNERABILITY assert isinstance(data, UrlDisclosure) t3 = time.time() print " <- Deleting..." for key in keys: disk.remove_data(key) t4 = time.time() print " Write time: %d seconds (%f seconds per element)" % (t2 - t1, (t2 - t1) / (n * 3.0)) print " Read time: %d seconds (%f seconds per element)" % (t3 - t2, (t3 - t2) / (n * 3.0)) print " Delete time: %d seconds (%f seconds per element)" % (t4 - t3, (t4 - t3) / (n * 3.0)) print " Total time: %d seconds (%f seconds per element)" % (t4 - t1, (t4 - t1) / (n * 3.0))
def test_auditdb_dump(): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = "sqlite://test_auditdb.db" with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert t.audit.name == "test_auditdb" assert type(disk) is AuditSQLiteDB assert disk.filename == "test_auditdb.db" assert disk.connection_url == "sqlite://test_auditdb.db" print "Testing the audit database dump..." print " -> Writing..." for x in xrange(30): d1 = Url("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) disk.mark_plugin_finished(d1.identity, "some_plugin") disk.mark_plugin_finished(d2.identity, "some_plugin") disk.mark_plugin_finished(d3.identity, "some_plugin") disk.mark_stage_finished(d1.identity, 1) disk.mark_stage_finished(d2.identity, 2) disk.mark_stage_finished(d3.identity, 3) disk.add_state_variable("fake_plugin", "a_string", "string") disk.add_state_variable("fake_plugin", "an_integer", 100) disk.add_state_variable("fake_plugin", "a_float", 1.0) disk.add_state_variable("fake_plugin", "an_object", object()) disk.add_state_variable("fake_plugin", "a_list", ["string", 100, 1.0]) disk.add_state_variable("fake_plugin", "a_set", {"string", 100, 1.0}) disk.add_state_variable("fake_plugin", "a_tuple", ("string", 100, 1.0)) disk.add_state_variable("fake_plugin", "a_dictionary", { "string": 100, 1.0: None }) disk.add_shared_values("fake_set_id", ( "string", u"unicode", 100, 200L, 5.0, True, False, complex(1, 1), None, frozenset({"string", 100, 1.0}), (None, True, False), )) disk.put_mapped_values("fake_map_id", ( ("a_string", "string"), ("a_unicode_string", u"unicode"), ("an_integer", 100), ("a_long", 200L), ("a_float", 5.0), ("a_bool", True), ("another_bool", False), ("a_complex", complex(1, 1)), ("none", None), ("a_frozenset", frozenset({"string", 100, 1.0})), ("a_tuple", (None, True, False)), )) print " -> Dumping..." disk.dump("test_auditdb.sql")
def main(): # Show the program banner. show_banner() # Get the command line parser. parser = cmdline_parser() # Parse the command line options. try: args = sys.argv[1:] envcfg = getenv("GOLISMERO_SETTINGS") if envcfg: args = parser.convert_arg_line_to_args(envcfg) + args P = parser.parse_args(args) # Load the Orchestrator options. cmdParams = OrchestratorConfig() if P.config: cmdParams.config_file = path.abspath(P.config) if not path.isfile(cmdParams.config_file): raise ValueError("File not found: %r" % cmdParams.config_file) if cmdParams.config_file: cmdParams.from_config_file(cmdParams.config_file, allow_profile = True) if P.profile: cmdParams.profile = P.profile cmdParams.profile_file = get_profile(cmdParams.profile) if cmdParams.profile_file: cmdParams.from_config_file(cmdParams.profile_file) cmdParams.from_object(P) cmdParams.plugin_load_overrides = P.plugin_load_overrides # Load the target audit options. auditParams = AuditConfig() auditParams.profile = cmdParams.profile auditParams.profile_file = cmdParams.profile_file auditParams.config_file = cmdParams.config_file if auditParams.config_file: auditParams.from_config_file(auditParams.config_file) if auditParams.profile_file: auditParams.from_config_file(auditParams.profile_file) auditParams.from_object(P) auditParams.plugin_load_overrides = P.plugin_load_overrides # If importing is turned off, remove the list of imports. if P.disable_importing: auditParams.imports = [] # If reports are turned off, remove the list of reports. # Otherwise, if no reports are specified, default to screen report. if P.disable_reporting: auditParams.reports = [] elif not auditParams.reports: auditParams.reports = ["-"] # If there are no targets but there's a database, # get the targets (scope) from the database. if not auditParams.targets and auditParams.audit_db: try: cfg = AuditDB.get_config_from_closed_database( auditParams.audit_db, auditParams.audit_name) if cfg: auditParams.targets = cfg.targets auditParams.include_subdomains = cfg.include_subdomains if cmdParams.verbose > 1: if auditParams.targets: print "Found the following targets in the database:" for t in auditParams.targets: print "--> " + t print except Exception: pass ##raise # XXX DEBUG # Show exceptions as command line parsing errors. except Exception, e: ##raise # XXX DEBUG parser.error(str(e))
def build_config_from_cmdline(): # Get the command line parser. parser = cmdline_parser() # Parse the command line options. try: args = sys.argv[1:] envcfg = getenv("GOLISMERO_SETTINGS") if envcfg: args = parser.convert_arg_line_to_args(envcfg) + args P, V = parser.parse_known_args(args) if P.targets: P.targets += V else: P.targets = V P.plugin_args = {} command = P.command.upper() if command in COMMANDS: P.command = command if command == "RESCAN": P.command = "SCAN" P.redo = True else: P.redo = False else: P.targets.insert(0, P.command) P.command = "SCAN" # Load the Orchestrator options. cmdParams = OrchestratorConfig() cmdParams.command = P.command if P.config: cmdParams.config_file = path.abspath(P.config) if not path.isfile(cmdParams.config_file): raise ValueError("File not found: %s" % cmdParams.config_file) if cmdParams.config_file: cmdParams.from_config_file(cmdParams.config_file, allow_profile=True) if P.user_config: cmdParams.user_config_file = path.abspath(P.user_config) if not path.isfile(cmdParams.user_config_file): raise ValueError("File not found: %s" % cmdParams.user_config_file) if cmdParams.user_config_file: cmdParams.from_config_file(cmdParams.user_config_file, allow_profile=True) if P.profile: cmdParams.profile = P.profile cmdParams.profile_file = get_profile(cmdParams.profile) if cmdParams.profile_file: cmdParams.from_config_file(cmdParams.profile_file) cmdParams.from_object(P) cmdParams.plugin_load_overrides = P.plugin_load_overrides # Enable console colors if requested. Console.use_colors = cmdParams.color # Show the program banner. parser.must_show_banner = False if cmdParams.verbose: show_banner() # Load the target audit options. auditParams = AuditConfig() auditParams.profile = cmdParams.profile auditParams.profile_file = cmdParams.profile_file auditParams.config_file = cmdParams.config_file auditParams.user_config_file = cmdParams.user_config_file if auditParams.config_file: auditParams.from_config_file(auditParams.config_file) if auditParams.user_config_file: auditParams.from_config_file(auditParams.user_config_file) if auditParams.profile_file: auditParams.from_config_file(auditParams.profile_file) auditParams.from_object(P) auditParams.plugin_load_overrides = P.plugin_load_overrides # If importing is turned off, remove the list of imports. # FIXME this should be done by argparse in argument order! if P.disable_importing: auditParams.imports = [] # If reports are turned off, remove the list of reports. # Otherwise, if no reports are specified, default to screen report. # FIXME this should be done by argparse in argument order! if P.disable_reporting: auditParams.reports = [] elif (not auditParams.reports and (P.command != "REPORT" or not auditParams.targets)): auditParams.reports = ["-"] if auditParams.only_vulns is None: auditParams.only_vulns = True # Show exceptions as command line parsing errors. except Exception, e: ##raise # XXX DEBUG parser.error("arguments error: %s" % str(e))
def helper_auditdb_stress(n): main_config = OrchestratorConfig() main_config.ui_mode = "disabled" audit_config = AuditConfig() audit_config.targets = ["www.example.com"] audit_config.audit_db = "sqlite://" with PluginTester(main_config, audit_config) as t: disk = t.audit.database assert type(disk) is AuditSQLiteDB print " Testing %d elements..." % (n * 3) t1 = time.time() print " -> Writing..." for x in xrange(n): d1 = Url("http://www.example.com/" + generate_random_string()) d2 = Text(generate_random_string()) d3 = UrlDisclosure(d1) d1.add_information(d2) disk.add_data(d1) disk.add_data(d2) disk.add_data(d3) t2 = time.time() print " -- Reading..." keys = disk.get_data_keys() assert len(keys) == (n * 3) for key in keys: assert disk.has_data_key(key) data = disk.get_data(key) assert data is not None keys = disk.get_data_keys(Data.TYPE_INFORMATION) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_INFORMATION) data = disk.get_data(key, Data.TYPE_INFORMATION) assert data is not None assert data.data_type == Data.TYPE_INFORMATION assert isinstance(data, Text) keys = disk.get_data_keys(Data.TYPE_RESOURCE) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_RESOURCE) data = disk.get_data(key, Data.TYPE_RESOURCE) assert data is not None assert data.data_type == Data.TYPE_RESOURCE assert isinstance(data, Url) keys = disk.get_data_keys(Data.TYPE_VULNERABILITY) assert len(keys) == n for key in keys: assert disk.has_data_key(key, Data.TYPE_VULNERABILITY) data = disk.get_data(key, Data.TYPE_VULNERABILITY) assert data is not None assert data.data_type == Data.TYPE_VULNERABILITY assert isinstance(data, UrlDisclosure) t3 = time.time() print " <- Deleting..." for key in keys: disk.remove_data(key) t4 = time.time() print " Write time: %d seconds (%f seconds per element)" % ( t2 - t1, (t2 - t1) / (n * 3.0)) print " Read time: %d seconds (%f seconds per element)" % ( t3 - t2, (t3 - t2) / (n * 3.0)) print " Delete time: %d seconds (%f seconds per element)" % ( t4 - t3, (t4 - t3) / (n * 3.0)) print " Total time: %d seconds (%f seconds per element)" % ( t4 - t1, (t4 - t1) / (n * 3.0))