def test_scan_invalid(self): # This is needed for dirb binary to be added to the path original_pathvar = os.environ['PATH'] os.environ['PATH'] = uppath(os.path.realpath(__file__), 2) \ + '/vendor/dirb/' + ':' \ + original_pathvar host_name = "infosec.mozilla.org" # Wordlist does not matter here, but we want to give it # an invalid command line option (e.g '-b') scanner = DirectoryEnumScanner(arguments_list=['-b']) return_code, result = scanner.scan(host_name) assert not return_code == 0 assert 'host' in result assert 'illegal' in result['errors']
def test_scan_timeout(self): # This is needed for dirb binary to be added to the path original_pathvar = os.environ['PATH'] os.environ['PATH'] = uppath(os.path.realpath(__file__), 2) \ + '/vendor/dirb/' + ':' \ + original_pathvar host_name = "infosec.mozilla.org" # Give it a long wordlist to guarantee time out scanner = DirectoryEnumScanner(wordlist='long') return_code, result = scanner.scan(host_name) assert not return_code == 0 assert 'host' in result assert 'output' in result assert 'TIMEDOUT' in result['errors'] # Set PATH to original value os.environ['PATH'] = original_pathvar
def runScanFromQ(event, context): # This is needed for nmap static library and # dirb to be added to the path _environ = dict(os.environ) nmap_path = os.environ['LAMBDA_TASK_ROOT'] + '/vendor/nmap-standalone/' dirb_path = os.environ['LAMBDA_TASK_ROOT'] + '/vendor/dirb/' try: os.environ.update({'PATH': os.environ['PATH'] + ':' + nmap_path + ':' + dirb_path}) # Read the queue for record, keys in event.items(): for item in keys: if "body" in item: message = item['body'] scan_type, target, uuid = message.split('|') if scan_type == "httpobservatory": scanner = HTTPObservatoryScanner(logger=logger) scan_result = scanner.scan(target) send_to_s3(target + "_httpobservatory", scan_result, client=S3_CLIENT, bucket=S3_BUCKET) elif scan_type == "sshobservatory": scanner = SSHObservatoryScanner(logger=logger) scan_result = scanner.scan(target) send_to_s3(target + "_sshobservatory", scan_result, client=S3_CLIENT, bucket=S3_BUCKET) elif scan_type == "tlsobservatory": scanner = TLSObservatoryScanner(logger=logger) scan_result = scanner.scan(target) send_to_s3(target + "_tlsobservatory", scan_result, client=S3_CLIENT, bucket=S3_BUCKET) elif scan_type == "portscan": scanner = PortScanner(target, logger=logger) nmap_scanner = scanner.scanTCP() while nmap_scanner.still_scanning(): # Wait for 1 second after the end of the scan nmap_scanner.wait(1) elif scan_type == "tenableio": scanner = TIOScanner(logger=logger) nessus_scanner = scanner.scan(target) nessus_scanner.launch(wait=False) elif scan_type == "websearch": searcher = WebSearcher(logger=logger) search_results = searcher.search(target) send_to_s3(target + "_websearch", search_results, client=S3_CLIENT, bucket=S3_BUCKET) elif scan_type == "direnumscan": scanner = DirectoryEnumScanner(logger=logger) return_code, direnum_result = scanner.scan(target) send_to_s3(target + "_direnum", direnum_result, client=S3_CLIENT, bucket=S3_BUCKET) else: # Manually invoked, just log the message logger.info("Message in queue: {}".format(message)) else: logger.error("Unrecognized message in queue: {}".format(message)) except Exception as e: logger.error("Exception occurred while running scans from the queue: {}".format(e)) finally: # Restore environment variables to their original values os.environ.update(_environ)
def test_scan_no_timeout(self): # This is needed for dirb binary to be added to the path original_pathvar = os.environ['PATH'] os.environ['PATH'] = uppath(os.path.realpath(__file__), 2) \ + '/vendor/dirb/' + ':' \ + original_pathvar host_name = "infosec.mozilla.org" # By default this will use the short wordlist scanner = DirectoryEnumScanner(wordlist='short') return_code, result = scanner.scan(host_name) assert return_code == 0 assert 'host' in result assert 'output' in result assert len(result['errors']) == 0 assert len(result['output']) > 0 # Set PATH to original value os.environ['PATH'] = original_pathvar
def test_invalid_wordlist(self): with pytest.raises(AssertionError): # We are expecting a failure here with an assertion error assert DirectoryEnumScanner(wordlist='invalid')
def test_defaults(self): scanner = DirectoryEnumScanner() assert scanner.tool == 'dirb' assert scanner.arguments == ['-f', '-w', '-S', '-r'] assert scanner.wordlist == 'short'
def test_invalid_wordlist(self): # We are expecting a failure here with an assertion error DirectoryEnumScanner(wordlist='invalid')