def setUp(self) -> None: super().setUp() with open(get_fixture_location(__file__, 'host_response.json')) as f: self.hosts = [json.loads(f.read())] with open(get_fixture_location(__file__, 'users_response.json')) as f: self.users = json.loads(f.read()) self.config_id = Config.objects.first().id
def not_updated_cve(self): with open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) as handle: CveFactory.process(handle) NotificationCache.clear() with open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) as handle: CveFactory.process(handle) self.assertEqual(NotificationCache.get(), [])
def setUp(self): super().setUp() self.config = Config.objects.first() self.internal_xml = open(get_fixture_location(__file__, 'internal.xml')) self.internal_targets_xml = open( get_fixture_location(__file__, 'internal_targets.xml')) self.uut = NessusReportParser(self.config) self.addr1 = "192.168.1.1/32" self.addr2 = "192.168.1.1" self.addr3 = "10.0.0.1/30" self.addr4 = "192.168.2.1-192.168.2.5"
def test_get_targets_gmp_9(self): with open(get_fixture_location(__file__, "report_gmp_9.xml"), 'r') as xml: target_xml = get_root_element( get_fixture_location(__file__, "target_gmp_9.xml")) with patch.object(self.uut, "_get_target_definition", return_value=target_xml) as target_def: target = self.uut.get_targets(xml) self.assertEqual(target, IPSet(IPNetwork("192.168.0.0/24"))) target_def.assert_called_once_with( "71ffd436-52da-48c4-a39d-0ac28080c876")
def setUp(self): super().setUp() with open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) as handle: CveFactory.process(handle) thread_pool_executor.wait_for_all()
def test_parse(self): with open(get_fixture_location(__file__, 'report_omp_7.xml'), 'r') as file: parser = GmpParserOMP7(self.config) vulns, scanned_hosts = parser.parse(file, "report_omp_7.xml") self.assertEquals(len(scanned_hosts), 7) self.assertEquals(scanned_hosts[0].last_scan_date, '2020-04-08T21:04:47Z') self.assertEquals( set([ '10.10.10.31', '10.10.10.30', '10.10.10.32', '10.10.10.21', '10.10.10.20', '10.10.10.7', '10.10.10.23' ]), set(x.ip_address for x in scanned_hosts)) self.assertEquals(len(vulns), 17) vuln = vulns['c2649538-c269-3902-9361-de3e3558a449'] self.assertEquals(vuln.cve.base_score_v2, 5.0) self.assertEquals(vuln.cve.access_vector_v2, AccessVectorV2.NETWORK) self.assertEquals(vuln.cve.access_complexity_v2, AccessComplexityV2.LOW) self.assertEquals(vuln.cve.authentication_v2, AuthenticationV2.NONE) self.assertEquals(vuln.cve.confidentiality_impact_v2, ImpactV2.PARTIAL) self.assertEquals(vuln.cve.integrity_impact_v2, ImpactV2.NONE) self.assertEquals(vuln.cve.availability_impact_v2, ImpactV2.NONE) self.assertEquals(vuln.port, '135') self.assertEquals(vuln.protocol, 'tcp') self.assertEquals(vuln.scan_date, '2020-04-08T21:06:33Z') self.assertEquals( vuln.name, 'DCE/RPC and MSRPC Services Enumeration Reporting') self.assertEquals(vuln.solution, 'Filter incoming traffic to this ports.') self.assertEquals(vuln.scan_file_url, "report_omp_7.xml")
def test_call(self, get_file): file = open(get_fixture_location(__file__, 'cwec_v2.12.xml')) get_file.return_value = file update_cwe() get_file.assert_called_once_with('https://cwe.mitre.org/data/xml/cwec_v2.12.xml.zip') self.assertEqual(models.Cwe.objects.count(), 2)
def test_parse_called_for_vurtual_servers(self): with open(get_fixture_location(__file__, 'virtual_host_response.json')) as f: self.hosts = [json.loads(f.read())] result = self.uut.parse(self.hosts) self.assert_fields(result) self.assertEqual(result[self.asset_id].business_owner, [{}]) self.assertEqual(result[self.asset_id].technical_owner, [{}])
def test_call(self, get_file): file = open(get_fixture_location(__file__, 'cwec_v2.12.xml')) get_file.return_value = file update_cwe() get_file.assert_called_once_with( 'https://cwe.mitre.org/data/xml/cwec_v2.12.xml.zip') self.assertEqual(Search().index(CweDocument.Index.name).count(), 2)
def test_call(self, get_file): file = open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) get_file.return_value = file update_cve(2017) get_file.assert_called_once_with( 'https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2017.json.gz') self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
def test_parse(self): with open(get_fixture_location(__file__, 'report_gmp_9.xml'), 'r') as file: parser = GMP9Parser(self.config) vulns, scanned_hosts = parser.parse(file, "report_gmp_9.xml") self.assertEquals(scanned_hosts[0].last_scan_date, '2020-11-03T21:47:56Z') self.assertEquals(len(scanned_hosts), 34) self.assertEquals( set([ '192.168.0.103', '192.168.0.40', '192.168.0.7', '192.168.0.37', '192.168.0.39', '192.168.0.51', '192.168.0.102', '192.168.0.32', '192.168.0.27', '192.168.0.45', '192.168.0.28', '192.168.0.31', '192.168.0.49', '192.168.0.36', '192.168.0.46', '192.168.0.35', '192.168.0.101', '192.168.0.9', '192.168.0.13', '192.168.0.5', '192.168.0.42', '192.168.0.25', '192.168.0.6', '192.168.0.2', '192.168.0.10', '192.168.0.14', '192.168.0.3', '192.168.0.15', '192.168.0.30', '192.168.0.38', '192.168.0.8', '192.168.0.23', '192.168.0.50', '192.168.0.26' ]), set([x.ip_address for x in scanned_hosts])) self.assertEquals(len(vulns), 155) vuln = vulns['798d53cb-4479-3010-b6ed-7bcf2e816880'] self.assertEquals(vuln.cve.id, 'NOCVE-1.3.6.1.4.1.25623.1.0.900600') self.assertEquals(vuln.cve.base_score_v2, 6.4) self.assertEquals(vuln.cve.access_vector_v2, AccessVectorV2.NETWORK) self.assertEquals(vuln.cve.access_complexity_v2, AccessComplexityV2.LOW) self.assertEquals(vuln.cve.authentication_v2, AuthenticationV2.NONE) self.assertEquals(vuln.cve.confidentiality_impact_v2, ImpactV2.PARTIAL) self.assertEquals(vuln.cve.integrity_impact_v2, ImpactV2.PARTIAL) self.assertEquals(vuln.cve.availability_impact_v2, ImpactV2.NONE) self.assertEquals(vuln.port, '21') self.assertEquals(vuln.protocol, 'tcp') self.assertEquals(vuln.scan_date, '2020-11-03T21:43:10Z') self.assertEquals(vuln.name, 'Anonymous FTP Login Reporting') self.assertEquals( vuln.solution, 'If you do not want to share files, you should disable\n anonymous logins.' ) self.assertEquals(vuln.scan_file_url, "report_gmp_9.xml") vuln = vulns['e25a7c6d-471a-3097-9701-58663d84d98e'] self.assertEquals(vuln.cve.id, 'CVE-2003-1567') self.assertEquals(vuln.port, '80') self.assertEquals(vuln.protocol, 'tcp') self.assertEquals(vuln.scan_date, '2020-11-03T21:50:18Z') self.assertEquals(vuln.name, 'HTTP Debugging Methods (TRACE/TRACK) Enabled') self.assertEquals(vuln.scan_file_url, "report_gmp_9.xml")
def test_should_not_update(self): self.assertEqual(Search().index(CveDocument.Index.name).count(), 2) with open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) as handle: CveFactory.process(handle) thread_pool_executor.wait_for_all() self.assertEqual(Search().index(CveDocument.Index.name).count(), 2)
def test_get_targets(self): xml = get_root_element( get_fixture_location(__file__, "report_with_target.xml")) target_xml = get_root_element( get_fixture_location(__file__, "target.xml")) target2_xml = get_root_element( get_fixture_location(__file__, "target2.xml")) target3_xml = get_root_element( get_fixture_location(__file__, "target3.xml")) with patch.object(self.uut, "_get_target_definition", return_value=target_xml) as target_def: target = self.uut.get_targets(xml) self.assertEqual(target, IPSet(IPNetwork("192.168.1.0/24"))) target_def.assert_called_once_with( "e39cf6fa-1932-42c5-89d4-b66f469c615b") with patch.object(self.uut, "_get_target_definition", return_value=target2_xml) as target_def: ip_set = IPSet(IPRange(start="192.168.1.1", end="192.168.1.200")) target = self.uut.get_targets(xml) self.assertEqual(target, ip_set) target_def.assert_called_once_with( "e39cf6fa-1932-42c5-89d4-b66f469c615b") with patch.object(self.uut, "_get_target_definition", return_value=target3_xml) as target_def: ip_set = IPSet() ip_set.add(IPAddress("10.31.2.30")) ip_set.add(IPAddress("10.31.2.23")) ip_set.add(IPAddress("10.31.2.7")) ip_set.add(IPAddress("10.31.2.31")) ip_set.add(IPAddress("10.31.2.11")) ip_set.add(IPAddress("10.31.2.21")) ip_set.add(IPRange(start="10.31.2.34", end="10.31.2.35")) ip_set.add(IPAddress("10.31.2.20")) ip_set.add(IPAddress("10.31.2.32")) target = self.uut.get_targets(xml) self.assertEqual(target, ip_set) target_def.assert_called_once_with( "e39cf6fa-1932-42c5-89d4-b66f469c615b")
def test_call(self, get_file): file = open(get_fixture_location(__file__, 'official-cpe-dictionary_v2.2.xml')) get_file.return_value = file update_cpe() get_file.assert_called_once_with( 'https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.zip' ) self.assertEqual(models.Cpe.objects.count(), 1)
def test_call(self, get_file): file = open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) get_file.return_value = file update_cve(2017) get_file.assert_called_once_with( 'https://nvd.nist.gov/feeds/json/cve/1.0/nvdcve-1.0-2017.json.gz' ) self.assertEqual(models.Cve.objects.count(), 2)
def test_update(self): cve = models.Cve.objects.get(id='CVE-2017-0008') cve.last_modified_date = None cve.save() cache.clear() factory = CveFactory() with open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) as handle: factory.process(handle) self.assertEqual([('CVE-2017-0008', False)], NotificationCache.get()) self.assertEqual(factory.updated, 1)
def test_call_get_host_by_id(self, request_mock): with open(get_fixture_location(__file__, 'host_response.json')) as f: j = f.read() api_response = json.loads(j) api_response_json = json.dumps(json.loads(j)) self.uut.get_token = Mock( return_value='79ee13720dbf474399dde532daad558aaeb131c3') request_mock.request.return_value = ResponseMock( json.dumps(api_response), 200) result = self.uut.get_host_data_by_id(62) self.assertEqual(result, api_response_json)
def test_call_get_all_assets(self, request_mock): self.uut.get_token = Mock( return_value='79ee13720dbf474399dde532daad558aaeb131c3') with open(get_fixture_location(__file__, 'all_hosts_response.json')) as f: j = f.read() api_response = j request_mock.request.return_value = ResponseMock(api_response, 200) result = self.uut.get_all_assets() self.assertIs(type(result), list) self.assertIs(type(result[0]), dict) self.assertEqual(len(result), 1)
def test_update(self): cve = CveDocument.search().filter('term', id='CVE-2017-0002').execute().hits[0] cve.last_modified_date = None cve.save(refresh=True) with open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) as handle: CveFactory.process(handle) thread_pool_executor.wait_for_all() self.assertEqual( CveDocument.search().filter('term', id='CVE-2017-0002').count(), 1) new_cve = CveDocument.search().filter( 'term', id='CVE-2017-0002').execute().hits[0] self.assertTrue(cve.last_modified_date != new_cve.last_modified_date)
def test_parse(self): xml = ET.parse(get_fixture_location(__file__, 'report.xml')) parser = GmpParser(self.config) vulns, scanned_hosts = parser.parse(xml) self.assertEquals([ '10.10.10.21', '10.10.10.21', '10.10.10.23', '10.10.10.23', '10.10.10.30', '10.10.10.7', '10.10.10.20', '10.10.10.30', '10.10.10.31', '10.10.10.32', '10.10.10.7', '10.10.10.20', '10.10.10.23', '10.10.10.30', '10.10.10.31', '10.10.10.32', '10.10.10.7' ], scanned_hosts) self.assertEquals(len(vulns), 17) vuln = vulns['d133b95a-04cc-324b-95d0-fb329f4a811f'] self.assertEquals(vuln.port, '135') self.assertEquals(vuln.protocol, 'tcp') self.assertEquals(vuln.solution, 'Filter incoming traffic to this ports.')
def test_call(self): self.con.download_scan.return_value = open(get_fixture_location(__file__, 'internal.xml')) update_data(config_pk=self.config_id, scan_id=1, scaner_api=self.scanner_api) self.scanner_api.assert_called_once_with(Config.objects.get(pk=1)) self.con.download_scan.assert_called_once_with(1) vuln = Vulnerability.objects.filter(asset__ip_address='10.0.2.15').first() self.assertEqual(vuln.asset.ip_address, '10.0.2.15') self.assertEqual(vuln.asset.os, 'Linux Kernel 3.10.0-957.5.1.el7.x86_64 on CentOS Linux release 7.6.1810 (Core)') self.assertEqual(vuln.port.number, 22) self.assertEqual(vuln.port.svc_name, 'ssh') self.assertEqual(vuln.port.protocol, 'tcp') self.assertEqual(vuln.cve.id, 'CVE-2008-5161') self.assertEqual(vuln.solution, 'Contact the vendor or consult product documentation to disable CBC mode ' 'cipher encryption, and enable CTR or GCM cipher mode encryption.') self.assertFalse(vuln.exploit_available)
def test_call_call_not_update(self): with open(get_fixture_location(__file__, 'nvdcve-1.0-2017-2.json')) as handle: CveFactory.process(handle) thread_pool_executor.wait_for_all() result = CveDocument.search().filter('term', id='CVE-2017-0002').execute() self.assertEqual(len(result.hits), 1) cve = result.hits[0] self.assertEqual(cve.id, 'CVE-2017-0002') self.assertEqual(cve.access_vector_v2, metrics.AccessVectorV2.NETWORK) self.assertEqual(cve.access_complexity_v2, metrics.AccessComplexityV2.MEDIUM) self.assertEqual(cve.authentication_v2, metrics.AuthenticationV2.NONE) self.assertEqual(cve.confidentiality_impact_v2, metrics.ImpactV2.PARTIAL) self.assertEqual(cve.integrity_impact_v2, metrics.ImpactV2.PARTIAL) self.assertEqual(cve.availability_impact_v2, metrics.ImpactV2.PARTIAL)
def load_data(self): with open(get_fixture_location(__file__, 'nvdcve-1.0-2017.json')) as handle: CveFactory.process(handle) with open(get_fixture_location(__file__, 'via4.json')) as handle: self.data = handle.read()
def setUp(self): super().setUp() with open(get_fixture_location(__file__, 'cwec_v2.12.xml')) as handle: CWEFactory.process(handle) thread_pool_executor.wait_for_all()
def setUp(self) -> None: with open(get_fixture_location(__file__, 'host_response.json')) as f: self.hosts = json.loads(f.read())
def test_get_reports_ids_call(self): xml = ET.parse(get_fixture_location(__file__, 'reports_omp_7.xml')) parser = GmpParserOMP7(self.config) ids = parser.get_scans_ids(xml) self.assertEquals(ids, ['0f9ea6ca-→abf5-4139-a772-cb68937cdfbb'])
def test_get_parser_gmp_9_call(self, client): client().get_version.return_value = ET.parse( get_fixture_location(__file__, 'gm_9_version.xml')) parser = self.uut.get_parser() self.assertIsInstance(parser, GMP9Parser) self.assertTrue(parser.get_targets)
def test_omp_7_get_parser(self, client): client().get_version.return_value = ET.parse( get_fixture_location(__file__, 'omp_7_version.xml')) parser = self.uut.get_parser() self.assertIsInstance(parser, GmpParserOMP7) self.assertTrue(parser.get_targets)
def test_should_not_update(self): self.assertEqual(Search().index(CweDocument.Index.name).count(), 2) with open(get_fixture_location(__file__, 'cwec_v2.12.xml')) as handle: CWEFactory.process(handle) thread_pool_executor.wait_for_all() self.assertEqual(Search().index(CweDocument.Index.name).count(), 2)
def test_get_reports_ids_call(self): xml = ET.parse(get_fixture_location(__file__, 'reports_gmp_9.xml')) parser = GMP9Parser(self.config) ids = parser.get_scans_ids(xml) self.assertEquals(ids, ['b0fd2f9e-50e5-4bb4-8af9-bff540154dcc'])