def _impactDone(self, event, impact):
# Keep calling this from timeout_add until isSet
if not event.isSet():
return True
# We stop the throbber, and hide it
self.throbber.hide()
self.throbber.running(False)
# Analyze the impact
if impact.ok:
# Lets check if we found any vulnerabilities
#
# TODO: I should actually show ALL THE REQUESTS generated by audit plugins...
# not just the ones with vulnerabilities.
#
for result in impact.result:
for itemId in result.getId():
historyItem = HistoryItem()
historyItem.load(itemId)
historyItem.updateTag(historyItem.tag + result.plugin_name)
historyItem.info = result.getDesc()
historyItem.save()
else:
if impact.exception.__class__ == w3afException:
msg = str(impact.exception)
elif impact.exception.__class__ == w3afMustStopException:
msg = "Stopped sending requests because " + str(impact.exception)
else:
raise impact.exception
# We stop the throbber, and hide it
self.throbber.hide()
self.throbber.running(False)
gtk.gdk.threads_enter()
helpers.friendlyException(msg)
gtk.gdk.threads_leave()
return False
def test_find(self):
find_id = random.randint(1, 499)
url = url_object('http://w3af.org/a/b/foobar.php?foo=123')
tag_value = createRandAlNum(10)
for i in xrange(0, 500):
fr = FuzzReq(url, dc={'a': ['1']})
code = 200
if i == find_id:
code = 302
res = httpResponse(code, '<html>',{'Content-Type':'text/html'}, url, url)
h1 = HistoryItem()
h1.request = fr
res.setId(i)
h1.response = res
if i == find_id:
h1.toggleMark()
h1.updateTag(tag_value)
h1.save()
h2 = HistoryItem()
self.assertEqual(len(h2.find([('tag', "%"+tag_value+"%", 'like')])), 1)
self.assertEqual(len(h2.find([('code', 302, '=')])), 1)
self.assertEqual(len(h2.find([('mark', 1, '=')])), 1)
self.assertEqual(len(h2.find([('has_qs', 1, '=')])), 500)
self.assertEqual(len(h2.find([('has_qs', 1, '=')], resultLimit=10)), 10)
results = h2.find([('has_qs', 1, '=')], resultLimit=1, orderData=[('id','desc')])
self.assertEqual(results[0].id, 499)
search_data = []
search_data.append(('id', find_id + 1, "<"))
search_data.append(('id', find_id - 1, ">"))
self.assertEqual(len(h2.find(search_data)), 1)
def editTag(self, cell, path, new_text, model):
"""Edit tag."""
model[path][4] = new_text
historyItem = HistoryItem()
historyItem.load(model[path][0])
historyItem.updateTag(new_text, True)
return
def test_tag(self):
tag_id = random.randint(501, 999)
tag_value = createRandAlNum(10)
url = url_object('http://w3af.org/a/b/c.php')
for i in xrange(501, 1000):
fr = FuzzReq(url, dc={'a': ['1']})
res = httpResponse(200, '<html>',{'Content-Type':'text/html'}, url, url)
h1 = HistoryItem()
h1.request = fr
res.setId(i)
h1.response = res
if i == tag_id:
h1.updateTag(tag_value)
h1.save()
h2 = HistoryItem()
h2.load(tag_id)
self.assertEqual(h2.tag, tag_value)
