Exemplo n.º 1
0
def test_create_service(session, host):
    data = bc.ServiceSchema(strict=True).load(service_data).data
    bc._create_service(host.workspace, host, data)
    assert count(Service, host.workspace) == 1
    service = Service.query.filter(Service.workspace == host.workspace).one()
    assert service.name == 'http'
    assert service.port == 80
Exemplo n.º 2
0
def test_create_service_with_invalid_vulns(session, host):
    service_data_ = service_data.copy()
    vuln_data_ = vuln_data.copy()
    del vuln_data_['name']
    service_data_['vulnerabilities'] = [1, 2, 3]
    with pytest.raises(ValidationError):
        data = bc.ServiceSchema(strict=True).load(service_data_).data
        bc._create_service(host.workspace, host, data)
    assert count(Service, host.workspace) == 0
    assert count(Vulnerability, host.workspace) == 0
Exemplo n.º 3
0
def test_create_existing_service(session, service):
    session.add(service)
    session.commit()
    data = {
        "name": service.name,
        "port": service.port,
        "protocol": service.protocol,
    }
    data = bc.ServiceSchema(strict=True).load(data).data
    bc._create_service(service.workspace, service.host, data)
    assert count(Service, service.host.workspace) == 1
Exemplo n.º 4
0
def test_create_service_with_vuln(session, host):
    service_data_ = service_data.copy()
    service_data_['vulnerabilities'] = [vuln_data]
    data = bc.ServiceSchema(strict=True).load(service_data_).data
    bc._create_service(host.workspace, host, data)
    assert count(Service, host.workspace) == 1
    service = host.workspace.services[0]
    assert count(Vulnerability, service.workspace) == 1
    vuln = Vulnerability.query.filter(
        Vulnerability.workspace == service.workspace).one()
    assert vuln.name == 'sql injection'
    assert vuln.service == service
Exemplo n.º 5
0
def test_create_service_with_cred(session, host):
    service_data_ = service_data.copy()
    service_data_['credentials'] = [credential_data]
    data = bc.ServiceSchema(strict=True).load(service_data_).data
    bc._create_service(host.workspace, host, data)
    assert count(Service, host.workspace) == 1
    service = host.workspace.services[0]
    assert count(Credential, service.workspace) == 1
    cred = Credential.query.filter(
        Credential.workspace == service.workspace).one()
    assert cred.service == service
    assert cred.name == 'test credential'
    assert cred.username == 'admin'
    assert cred.password == '12345'
Exemplo n.º 6
0
def test_create_service_with_vulnweb(session, host):
    service_data_ = service_data.copy()
    vuln_data_ = vuln_data.copy()
    vuln_data_.update(vuln_web_data)
    service_data_['vulnerabilities'] = [vuln_data_]
    data = bc.ServiceSchema(strict=True).load(service_data_).data
    bc._create_service(host.workspace, host, data)
    assert count(Service, host.workspace) == 1
    service = host.workspace.services[0]
    assert count(Vulnerability, service.workspace) == 0
    assert count(VulnerabilityWeb, service.workspace) == 1
    vuln = VulnerabilityWeb.query.filter(
        Vulnerability.workspace == service.workspace).one()
    assert vuln.name == 'sql injection'
    assert vuln.service == service
    assert vuln.method == 'POST'
    assert vuln.website == 'https://faradaysec.com'
    assert vuln.status_code == 200