def test_kali(self):
test_kali_uname_1 = "Linux kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.4-2kali1 (2017-10-16) x86_64 GNU/Linux"
test_kali_uname_2 = "Linux kali 4.9.0-kali4-amd64 #1 SMP Debian 4.9.25-1kali1 (2017-10-16) x86_64 GNU/Linux"
test_kali_kernel_1 = Kernel(test_kali_uname_1, uname=True)
test_kali_kernel_2 = Kernel(test_kali_uname_2, uname=True)
self.assertEqual(test_kali_kernel_1.release, 4)
self.assertEqual(test_kali_kernel_2.release, 25)
def test_underlying_diff(self):
test_platform_diff = 'Linux-4.10-28-generic-x86_64-with-Ubuntu-16.04-xenial'
test_platform_diff_2 = 'Linux-3.14.5-kali1-amd64-with-Debian-8.0'
test_platform_diff_3 = 'Linux-3.14-kali1-amd64-x86_64-with-Kali-1.1.0-moto'
k_test_platform_diff = Kernel(test_platform_diff)
k_test_platform_diff_2 = Kernel(test_platform_diff_2)
k_test_platform_diff_3 = Kernel(test_platform_diff_3)
self.assertEqual(k_test_platform_diff.release, 0)
self.assertEqual(k_test_platform_diff_2.release, 5)
self.assertEqual(k_test_platform_diff_3.release, 0)
def test_diff_uname(self):
test_uname = "Linux amd64 4.14.0-rc7+ #18 SMP PREEMPT Sun Nov 5 05:52:33 MSK 2017 x86_64 GNU/Linux"
test_uname_2 = "Linux external4 3.14-kali1-amd64 #1 SMP Debian 3.14.5-1kali1 (2014-06-07) x86_64 GNU/Linux"
test_uname_3 = "Linux external4 3.14-kali1-amd64 #1 SMP Debian 3.14-1kali1 (2014-06-07) x86_64 GNU/Linux"
test_uname_kernel = Kernel(test_uname, uname=True)
test_uname_kernel_2 = Kernel(test_uname_2, uname=True)
test_uname_kernel_3 = Kernel(test_uname_3, uname=True)
self.assertEqual(test_uname_kernel.release, 0)
self.assertEqual(test_uname_kernel_2.release, 5)
self.assertEqual(test_uname_kernel_3.release, 0)
def test_kali(self):
test_kali_uname_1 = "Linux kali 4.13.0-kali1-amd64 #1 SMP Debian 4.13.4-2kali1 (2017-10-16) x86_64 GNU/Linux"
test_kali_uname_2 = "Linux kali 4.9.0-kali4-amd64 #1 SMP Debian 4.9.25-1kali1 (2017-10-16) x86_64 GNU/Linux"
test_kali_uname_3 = "Linux external4 3.14-kali1-amd64 #1 SMP Debian 3.14.5-1kali1 (2014-06-07) x86_64 GNU/Linux"
test_kali_kernel_1 = Kernel(test_kali_uname_1, uname=True)
test_kali_kernel_2 = Kernel(test_kali_uname_2, uname=True)
test_kali_kernel_3 = Kernel(test_kali_uname_3, uname=True)
self.assertEqual(test_kali_kernel_1.release, 0)
self.assertEqual(test_kali_kernel_2.release, 0)
self.assertEqual(test_kali_kernel_3.release, 5)
def test_uname_input(self):
test_linux_platform = "Linux-4.10.0-37-generic-x86_64-with-Ubuntu-16.04-xenial"
test_mac_platform = "Darwin-16.7.0-x86_64-i386-64bit"
test_linux_uname = "Linux ubuntuexploit 4.10.0-28-generic #32~16.04.2-Ubuntu SMP Thu Jul 20 10:19:48 " \
"UTC 2017 x86_64 x86_64 x86_64 GNU/Linux"
test_mac_uname = "Darwin coastals-MacBook-Pro.local 16.7.0 Darwin Kernel Version 16.7.0: Thu Jun 15 " \
"17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64 x86_64"
# have to set the unames to None because input for platform and uname kernels is different
test_linux_platform_kernel = Kernel(test_linux_platform).uname = None
test_linux_uname_kernel = Kernel(test_linux_uname,
uname=True).uname = None
test_mac_platform_kernel = Kernel(test_mac_platform).uname = None
test_mac_uname_kernel = Kernel(test_mac_uname, uname=True).uname = None
self.assertEqual(test_linux_platform_kernel, test_linux_uname_kernel)
self.assertEqual(test_mac_platform_kernel, test_mac_uname_kernel)
def test_vulnerable_kernel_matching(self):
# TODO: this kernel is not vulnerable to any of the exploits in the project, but is listed as vulnerable
# TODO: we need to unfortunately track down the kernel windows for each specific exploit for each
# TODO: specific distro for each specific kernel (i.e. 4.4.0-0 -> 4.4.x-last_patch)
test_uname = 'Linux-4.4.0-75-generic-x86_64-with-Ubuntu-16.04-xenial'
test_kernel = Kernel(test_uname)
exploit_results = find_exploit_locally(test_kernel)
print("")
self.assertTrue(total_exploits(exploit_results["confirmed"]) < 1)
def test_kernel_parsing(self):
test_linux_platform = "Linux-4.10.0-37-generic-x86_64-with-Ubuntu-16.04-xenial"
test_linux_kernel = Kernel(test_linux_platform)
self.assertEqual(test_linux_kernel.name, "xenial")
self.assertEqual(test_linux_kernel.type, "linux")
self.assertEqual(test_linux_kernel.major_version, 4)
self.assertEqual(test_linux_kernel.minor_version, 10)
self.assertEqual(test_linux_kernel.release, 37)
self.assertEqual(test_linux_kernel.architecture, "x86_64")
self.assertEqual(test_linux_kernel.uname, test_linux_platform)
test_mac_platform = "Darwin-16.7.0-x86_64-i386-64bit"
test_mac_kernel = Kernel(test_mac_platform)
self.assertEqual(test_mac_kernel.name, "Darwin")
self.assertEqual(test_mac_kernel.type, "mac")
self.assertEqual(test_mac_kernel.major_version, 16)
self.assertEqual(test_mac_kernel.minor_version, 7)
self.assertEqual(test_mac_kernel.release, 0)
self.assertEqual(test_mac_kernel.architecture, "x86_64")
self.assertEqual(test_mac_kernel.uname, test_mac_platform)
def test_potentially_vulnerable(self):
test_uname = "Linux-4.10.0-37-generic-x86_64-with-Ubuntu-16.04-xenial"
test_kernel = Kernel(test_uname)
exploit_module = CVE20091185()
self.assertTrue(potentially_vulnerable(test_kernel, exploit_module))
def test_find_exploit_locally(self):
test_uname = "Linux-4.10.0-1-generic-x86_64-with-Ubuntu-16.04-xenial"
test_kernel = Kernel(test_uname)
exploit_results = find_exploit_locally(test_kernel)
self.assertGreaterEqual(
len(exploit_results["confirmed"][HIGH_RELIABILITY]), 1)
def test_architecture_matching(self):
test_uname = "Linux-4.10.0-1-generic-i686-with-Ubuntu-16.04-xenial"
test_kernel = Kernel(test_uname)
exploit_module = CVE20171000371()
vuln_results = potentially_vulnerable(test_kernel, exploit_module)
self.assertEqual(vuln_results, CONFIRMED_VULNERABLE)
def test_architecture_not_matching(self):
test_uname = "Linux-4.10.0-1-generic-x86_64-with-Ubuntu-16.04-xenial"
test_kernel = Kernel(test_uname)
exploit_module = CVE20171000371()
self.assertEqual(potentially_vulnerable(test_kernel, exploit_module),
NOT_VULNERABLE)
def test_diff_uname(self): test_uname = "Linux amd64 4.14.0-rc7+ #18 SMP PREEMPT Sun Nov 5 05:52:33 MSK 2017 x86_64 GNU/Linux" test_uname_kernel = Kernel(test_uname, uname=True) self.assertEqual(test_uname_kernel.release, 0)
def test_patched_kernel_matching(self):
test_uname = "Linux-4.99.0-1-generic-i686-with-Ubuntu-16.04-xenial"
test_kernel = Kernel(test_uname)
exploit_results = find_exploit_locally(test_kernel)
self.assertTrue(total_exploits(exploit_results["confirmed"]) < 1)
