def test_sqlinject_dm_veryhigh_start(self):
'''sql注入特征库-dm类型数据库,风险等级为高,状态启用'''
rulename = self.rule[0] + self.name
SqlInject_Case.check_rule(isAll=2,
name=self.name,
risk_level=self.param['riskLevel'][4],
status=self.param['vpStatus'][2],
dbtype='dm',
sql=self.sql,
rulename=rulename,
cn_risk_level=self.param['风险级别']['极高'],
cn_res_behavior=self.param['响应行为']['阻断行为'])
SqlInject_Case.execsql_rule(dbtype='mysql',
sql=self.sql,
rulename=self.rule[1],
cn_risk_level=self.param['风险级别']['安全'],
cn_res_behavior=self.param['响应行为']['通过'])
def test_sqlinject_oracle_low_start(self):
'''sql注入特征库-oracle类型数据库,风险等级为低,状态启用'''
rulename = self.rule[0] + self.name
SqlInject_Case.check_rule(isAll=2,
name=self.name,
risk_level=self.param['riskLevel'][1],
status=self.param['vpStatus'][2],
dbtype='oracle',
sql=self.sql,
rulename=rulename,
cn_risk_level=self.param['风险级别']['低'],
cn_res_behavior=self.param['响应行为']['告警'])
SqlInject_Case.execsql_rule(dbtype='mysql',
sql=self.sql,
rulename=self.rule[1],
cn_risk_level=self.param['风险级别']['安全'],
cn_res_behavior=self.param['响应行为']['通过'])
def test_sqlinject_gbase_middle_start(self):
'''sql注入特征库-gbase类型数据库,风险等级为中,状态启用'''
rulename = self.rule[0] + self.name
SqlInject_Case.check_rule(isAll=2,
name=self.name,
risk_level=self.param['riskLevel'][2],
status=self.param['vpStatus'][2],
dbtype='gbase_s83',
sql=self.sql,
rulename=rulename,
cn_risk_level=self.param['风险级别']['中'],
cn_res_behavior=self.param['响应行为']['阻断行为'])
SqlInject_Case.execsql_rule(dbtype='sqlserver',
sql=self.sql,
rulename=self.rule[1],
cn_risk_level=self.param['风险级别']['安全'],
cn_res_behavior=self.param['响应行为']['通过'])
