def test_assign_entry_twice_causes_error(self):
kb = KnowledgeBase()
kb.random_entry = PieceOfData(123)
with self.assertRaises(AttributeError):
kb.random_entry = PieceOfData(456)
self.assertEqual(kb.random_entry.counter, 123)
def setUp(self):
self.rule = DetectSoft404()
self.engine = FakeEngine()
self.rule.set_engine(self.engine)
self.kb = KnowledgeBase()
self.rule.set_kb(self.kb)
self.patterns = ["/\l/\d.html", "/\d-\l.js", "/\L/", "/\i", "/.\l.js"]
async def configure_hammertime(proxy=None,
retry_count=3,
cookies=None,
concurrency=0,
**kwargs):
loop = custom_event_loop()
engine = AioHttpEngine(loop=loop, verify_ssl=False, proxy=proxy)
await engine.session.close()
connector = TCPConnector(loop=loop,
verify_ssl=False,
use_dns_cache=True,
ttl_dns_cache=None)
if cookies is not None:
engine.session = ClientSession(loop=loop,
connector=connector,
cookie_jar=DummyCookieJar(loop=loop))
else:
engine.session = ClientSession(loop=loop, connector=connector)
scale_policy = SlowStartPolicy(initial=3)
if concurrency > 0:
scale_policy = StaticPolicy(concurrency)
kb = KnowledgeBase()
hammertime = HammerTime(loop=loop,
request_engine=engine,
retry_count=retry_count,
proxy=proxy,
kb=kb,
scale_policy=scale_policy)
setup_hammertime_heuristics(hammertime, **kwargs)
hammertime.collect_successful_requests()
hammertime.kb = kb
return hammertime
def setUp(self):
self.engine = FakeHammerTimeEngine()
self.filter = RejectIgnoredQuery()
self.filter.set_child_heuristics(None)
self.filter.set_engine(self.engine)
self.kb = KnowledgeBase()
self.filter.set_kb(self.kb)
async def test_after_headers_add_request_response_to_knowledge_base(self):
first_host = "http://example1.com"
returned_entry = self.create_redirected_request(
"/anything", relative=True, redirected_to="/login.php")
self.fake_engine.perform_high_priority = make_mocked_coro(
return_value=returned_entry)
entry0 = self.create_redirected_request(
"/admin/restricted-resource.php",
host=first_host,
redirected_to="/login.php")
entry1 = self.create_redirected_request("/junkpath",
host=first_host,
redirected_to="/login.php")
entry2 = self.create_redirected_request("/path/to/admin/resource",
host=first_host,
redirected_to="/login.php")
second_host = "http://example2.com"
entry3 = self.create_redirected_request(
"/admin/restricted-resource.php",
host=second_host,
redirected_to="/login.php")
entry4 = self.create_redirected_request("/junkpath/",
host=second_host,
redirected_to="/login.php")
entry5 = self.create_redirected_request("/path/to/admin/resource",
host=second_host,
redirected_to="/login.php")
kb = KnowledgeBase()
self.heuristic.set_kb(kb)
with patch("hammertime.rules.redirects.uuid4",
MagicMock(return_value="uuid")):
await self.ignore_reject_request(self.heuristic.after_headers,
entry0)
await self.ignore_reject_request(self.heuristic.after_headers,
entry1)
await self.ignore_reject_request(self.heuristic.after_headers,
entry2)
await self.ignore_reject_request(self.heuristic.after_headers,
entry3)
await self.ignore_reject_request(self.heuristic.after_headers,
entry4)
await self.ignore_reject_request(self.heuristic.after_headers,
entry5)
self.assertEqual(kb.redirects["%s/admin/" % first_host],
"%s/login.php" % first_host)
self.assertEqual(kb.redirects["%s/" % first_host],
"%s/login.php" % first_host)
self.assertEqual(kb.redirects["%s/path/to/admin/" % first_host],
"%s/login.php" % first_host)
self.assertEqual(kb.redirects["%s/admin/" % second_host],
"%s/login.php" % second_host)
self.assertEqual(kb.redirects["%s/junkpath/" % second_host],
"%s/login.php" % second_host)
self.assertEqual(kb.redirects["%s/path/to/admin/" % second_host],
"%s/login.php" % second_host)
def test_assign_engine_and_kb_on_heuristics(self):
a = HeuristicA()
b = HeuristicB()
kb = KnowledgeBase()
h = Heuristics(request_engine="X", kb=kb)
h.add_multiple([a, b])
self.assertEqual(a.engine_set, "X")
self.assertEqual(b.kb_set, kb)
def test_add_load_kb_if_value_already_defined_in_kb(self):
kb = KnowledgeBase()
h = Heuristics(kb=kb, request_engine="engine")
parent_heuristic = ParentHeuristic()
h.add(parent_heuristic)
h.add(HeuristicB())
child_heuristic = HeuristicB()
parent_heuristic.child_heuristics.add(child_heuristic)
self.assertEqual(child_heuristic.kb_load, kb)
def setUp(self):
self.max_timeout = 10
self.min_timeout = 0.2
self.sample_size = 100
self.rule = DynamicTimeout(min_timeout=self.min_timeout,
max_timeout=self.max_timeout,
sample_size=self.sample_size)
self.knowledge_base = KnowledgeBase()
self.rule.set_kb(self.knowledge_base)
self.retry_engine = MagicMock()
self.retry_engine.retry_count = 3
self.rule.set_engine(self.retry_engine)
self.entry_factory = lambda: Entry.create("http://example.com")
async def test_after_headers_doesnt_request_random_filename_if_redirect_is_already_in_knowledge_base(
self):
self.fake_engine.perform_high_priority = make_mocked_coro()
kb = KnowledgeBase()
self.heuristic.set_kb(kb)
kb.redirects["%s/wp-admin/" % self.host] = "%s/somewhere" % self.host
entry = self.create_redirected_request("/wp-admin/admin.php",
redirected_to="/wp-login.php")
await self.heuristic.after_headers(entry)
self.fake_engine.perform_high_priority.assert_not_called()
def test_assign_entry(self):
kb = KnowledgeBase()
kb.random_entry = PieceOfData(123)
self.assertIn("random_entry", kb)
self.assertEqual(kb.random_entry.counter, 123)
def test_check_for_initialized_content(self):
kb = KnowledgeBase()
self.assertNotIn("random_entry", kb)
with self.assertRaises(AttributeError):
kb.random_entry
def setUp(self):
self.dead_host_detection = DeadHostDetection()
self.kb = KnowledgeBase()
self.dead_host_detection.set_kb(self.kb)
def setUp(self):
self.r = IgnoreLargeBody()
self.r.set_kb(KnowledgeBase())
self.entry = Entry.create("http://example.om/test",
response=StaticResponse(200, {}))
def setUpFetcher(self, loop):
self.hammertime = HammerTime(loop=loop,
request_engine=FakeHammerTimeEngine(),
kb=KnowledgeBase())
conf.target_host = self.host
self.file_fetcher = FileFetcher(self.host, self.hammertime)
def __init__(self, *, engine=None):
self.kb = KnowledgeBase()
self.heuristics = Heuristics(kb=self.kb, request_engine=engine)
self.child_heuristics = Heuristics(kb=self.kb, request_engine=engine)