Exemplo n.º 1
0
class AcunetixParserTest(unittest.TestCase):

    cd = os.path.dirname(os.path.realpath(__file__))

    def setUp(self):
        self.plugin = AcunetixPlugin()
        factory.register(Host)
        factory.register(Interface)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)

    def test_Plugin_creates_apropiate_objects(self):
        self.plugin.processReport(self.cd + '/acunetix_xml')
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.ADDHOST)
        self.assertEqual(action[1].name, "5.175.17.140")
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.ADDINTERFACE)
        self.assertEqual(action[2].name, "5.175.17.140")
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.ADDSERVICEINT)
        self.assertEqual(action[3].ports, [80])
        self.assertEqual(action[3].name, 'http')
        self.assertEqual(action[3].protocol, 'tcp')
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.ADDNOTESRV)
        action = self.plugin._pending_actions.get(block=True)
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.ADDVULNWEBSRV)
        self.assertEqual(action[3].name, "ASP.NET error message")
Exemplo n.º 2
0
    def test_Plugin_creates_apropiate_objects(self, monkeypatch):
        self.plugin = AcunetixPlugin()
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)

        pending_actions = Queue()
        # getID will wait for faraday-server api response.
        # Since the thread model controller is not running
        # no object will be persisted.
        # The mock is to simulated the api response
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
        self.plugin.set_actions_queue(pending_actions)
        self.plugin.processReport(self.cd + '/acunetix_xml')
        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions.keys() == [2000, 20008, 2038]
        assert len(actions[2000]) == 1
        assert actions[2000][0].name == "5.175.17.140"
        assert len(actions[20008]) == 1
        assert len(actions[2038]) == 52

        assert actions[20008][0].ports == [80]
        assert actions[20008][0].name == 'http'
        assert actions[20008][0].protocol == 'tcp'

        assert "ASP.NET error message" in map(lambda vuln_web: vuln_web.name,
                                              actions[2038])
Exemplo n.º 3
0
class AcunetixParserTest(unittest.TestCase):

    cd = os.path.dirname(os.path.realpath(__file__))

    def setUp(self):
        self.plugin = AcunetixPlugin()
        factory.register(Host)
        factory.register(Interface)
        factory.register(Service)
        factory.register(ModelObjectVuln)
        factory.register(ModelObjectVulnWeb)
        factory.register(ModelObjectNote)
        factory.register(ModelObjectCred)

    def test_Plugin_creates_apropiate_objects(self):
        self.plugin.processReport(self.cd + '/acunetix_xml')
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.CADDHOST)
        self.assertEqual(action[1], "87.230.29.167")
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.CADDINTERFACE)
        self.assertEqual(action[2], "87.230.29.167")
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.CADDSERVICEINT)
        self.assertEqual(action[5], ['80'])
        self.assertEqual(action[3], 'http')
        self.assertEqual(action[4], 'tcp')
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.CADDNOTESRV)
        action = self.plugin._pending_actions.get(block=True)
        action = self.plugin._pending_actions.get(block=True)
        self.assertEqual(action[0], modelactions.CADDVULNWEBSRV)
        self.assertEqual(action[3], "ASP.NET error message")
Exemplo n.º 4
0
 def setUp(self):
     self.plugin = AcunetixPlugin()
     factory.register(Host)
     factory.register(Interface)
     factory.register(Service)
     factory.register(Vuln)
     factory.register(VulnWeb)
     factory.register(Note)
     factory.register(Credential)
Exemplo n.º 5
0
 def setUp(self):
     self.plugin = AcunetixPlugin()
     factory.register(Host)
     factory.register(Interface)
     factory.register(Service)
     factory.register(ModelObjectVuln)
     factory.register(ModelObjectVulnWeb)
     factory.register(ModelObjectNote)
     factory.register(ModelObjectCred)
Exemplo n.º 6
0
    def test_Plugin_creates_apropiate_objects(self, monkeypatch):
        self.plugin = AcunetixPlugin()
        factory.register(Host)
        factory.register(Service)
        factory.register(Vuln)
        factory.register(VulnWeb)
        factory.register(Note)
        factory.register(Credential)

        pending_actions = Queue()
        # getID will wait for faraday-server api response.
        # Since the thread model controller is not running
        # no object will be persisted.
        # The mock is to simulated the api response
        monkeypatch.setattr(ModelBase, 'getID', lambda _: 1)
        self.plugin.set_actions_queue(pending_actions)
        self.plugin.processReport(self.cd + '/acunetix_xml')
        actions = defaultdict(list)
        while not pending_actions.empty():
            action = self.plugin._pending_actions.get(block=True)
            actions[action[0]].append(action[1])

        assert actions.keys() == [2000, 20008, 2038]
        assert len(actions[2000]) == 1
        assert actions[2000][0].name == "5.175.17.140"
        assert len(actions[20008]) == 1
        assert len(actions[2038]) == 52

        assert actions[20008][0].ports == [80]
        assert actions[20008][0].name == 'http'
        assert actions[20008][0].protocol == 'tcp'

        assert "ASP.NET error message" in map(lambda vuln_web: vuln_web.name, actions[2038])