def test_get_overrides(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response('get_overrides', self.xml)
self.login('foo', 'bar')
response = self.query(
'''
query {
overrides {
nodes {
id
text
creationTime
modificationTime
active
inUse
orphan
writable
hosts
name
owner
severity
newSeverity
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
overrides = json['data']['overrides']['nodes']
self.assertEqual(len(overrides), 2)
override1 = overrides[0]
override2 = overrides[1]
self.assertEqual(
override1['id'], '08b69003-5fc2-4037-a479-93b440211c73'
)
self.assertEqual(override1['text'], 'foo')
self.assertEqual(override1['creationTime'], '2020-06-30T09:16:25+00:00')
self.assertEqual(
override1['modificationTime'], '2020-07-30T09:16:25+00:00'
)
self.assertEqual(override1['active'], True)
self.assertEqual(override1['owner'], 'Han')
self.assertEqual(override1['inUse'], True)
self.assertEqual(override1['orphan'], False)
self.assertEqual(override1['writable'], True)
self.assertEqual(override1['name'], 'Greedo')
self.assertListEqual(
override1['hosts'], ['123.456.789.1', '123.456.789.2']
)
self.assertEqual(override1['severity'], 5.5)
self.assertEqual(override1['newSeverity'], 10)
self.assertEqual(
override2['id'], '6b2db524-9fb0-45b8-9b56-d958f84cb546'
)
self.assertEqual(override2['text'], 'bar')
self.assertEqual(override2['creationTime'], '2020-06-30T09:16:25+00:00')
self.assertEqual(
override2['modificationTime'], '2020-07-30T09:16:25+00:00'
)
self.assertEqual(override2['active'], True)
self.assertEqual(override2['owner'], 'Lorem')
self.assertEqual(override2['inUse'], True)
self.assertEqual(override2['orphan'], False)
self.assertEqual(override2['writable'], True)
self.assertEqual(override2['name'], 'Ipsum')
self.assertEqual(override2['hosts'], ['123.456.789.3', '123.456.789.4'])
self.assertEqual(override2['severity'], 5.5)
self.assertEqual(override2['newSeverity'], 10)
def test_word_count_query(self, mock_gmp: GmpMockFactory):
"""
Test an aggregate using the word_counts mode.
"""
aggregate_xml_path = CWD / 'example-aggregate-word-counts.xml'
aggregate_xml_str = aggregate_xml_path.read_text()
mock_gmp.mock_response('get_aggregates', aggregate_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query GetAggregate {
aggregate(
input: {
dataType: NVT
groupColumn: "name"
maxGroups: 10
sortCriteria: [
{stat:COUNT, order: DESCENDING}
]
mode: WORD_COUNTS
}
) {
groups {
value
count
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
mock_gmp.gmp_protocol.get_aggregates.assert_called_with(
resource_type=GvmEntityType.NVT,
filter=None,
data_columns=None,
group_column='name',
subgroup_column=None,
text_columns=None,
sort_criteria=[
{
'stat': GvmAggregateStatistic.COUNT,
'order': GvmSortOrder.DESCENDING,
}
],
first_group=None,
max_groups=10,
mode='word_counts',
)
aggregate = json['data']['aggregate']
groups = aggregate['groups']
self.assertEqual(len(groups), 10)
self.assertEqual(
groups,
[
{'value': 'Update', 'count': 31721},
{'value': 'Security', 'count': 25570},
{'value': 'Advisory', 'count': 20274},
{'value': 'Fedora', 'count': 17010},
{'value': 'Vulnerability', 'count': 13482},
{'value': 'Vulnerabilities', 'count': 7522},
{'value': 'Multiple', 'count': 7126},
{'value': 'Debian', 'count': 6342},
{'value': 'Linux', 'count': 6056},
{'value': 'Windows', 'count': 5888},
],
)
def test_get_full_result_cve_type(self, mock_gmp: GmpMockFactory):
result_xml_path = CWD / 'example-result-2.xml'
result_xml_str = result_xml_path.read_text()
mock_gmp.mock_response('get_result', result_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
result (
id: "2b555c60-e597-4b18-9d24-dac30f61cfa8"
) {
id
name
owner
originResult{
id
details{
name
value
}
}
report {
id
}
task {
id
name
}
originalSeverity
overrides{
id
active
creationTime
modificationTime
text
endTime
severity
newSeverity
}
creationTime
modificationTime
host {
ip
id
hostname
}
location
information {
__typename
... on ResultCVE{
id
severity
}
}
severity
qod {
value
type
}
description
notes {
id
creationTime
modificationTime
active
text
}
tickets {
id
}
userTags {
count
tags {
id
name
}
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
result = json['data']['result']
self.assertEqual(result['id'], '2b555c60-e597-4b18-9d24-dac30f61cfa8')
self.assertIsNone(result['name'])
self.assertEqual(result['owner'], 'admin')
self.assertEqual(result['creationTime'], '2021-04-07T07:41:47+00:00')
self.assertEqual(result['modificationTime'],
'2021-04-07T07:41:47+00:00')
self.assertIsNotNone(result['originResult'])
origin_result = result['originResult']
self.assertEqual(origin_result['id'],
'2b555c60-e597-4b18-9d24-dac30f61cfa8')
self.assertIsNotNone(origin_result['details'])
details = origin_result['details']
self.assertEqual(len(details), 4)
detail1 = details[0]
self.assertEqual(detail1['name'], 'product')
self.assertEqual(detail1['value'], 'cpe:/a:nginx:nginx:1.14.2')
report = result['report']
self.assertEqual(report['id'], '9699a95d-e556-4af7-83ac-a7b70d90832a')
self.assertEqual(result['task']['id'],
'ab9a1470-fc01-4547-9da0-33df6c1aa5d1')
self.assertEqual(
result['task']['name'],
'Report Container',
)
self.assertEqual(result['host']['ip'], '192.168.9.113')
self.assertEqual(result['host']['id'],
'eb357684-6fcf-4d31-a5e0-02abe040caa4')
self.assertIsNone(result['host']['hostname'])
self.assertEqual(result['severity'], 5.8)
self.assertEqual(result['qod']['value'], 75)
self.assertIsNone(result['qod']['type'])
self.assertEqual(result['originalSeverity'], 5.8)
self.assertEqual(result['information']['id'], 'CVE-2018-16845')
self.assertEqual(result['information']['severity'], 6.1)
self.assertEqual(
result['description'],
'The host carries the product: cpe:/a:nginx:nginx:1.14.2',
)
self.assertIsNone(result['notes'])
self.assertIsNone(result['overrides'])
self.assertIsNone(result['tickets'])
self.assertIsNone(result['userTags'])
def test_get_policy_none_fields(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response(
'get_policy',
'''
<get_config_response status="200" status_text="OK">
<config id="daba56c8-73ec-11df-a475-002264764cea">
<name>foo</name>
</config>
</get_config_response>
''',
)
self.login('foo', 'bar')
response = self.query('''
query {
policy (id: "daba56c8-73ec-11df-a475-002264764cea",
) {
name
id
trash
familyCount
familyGrowing
nvtCount
nvtGrowing
usageType
maxNvtCount
knownNvtCount
predefined
families{
name
}
nvtPreferences{
nvt{
name
}
hrName
}
scannerPreferences{
hrName
}
audits{
id
}
nvtSelectors{
name
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
policy = json['data']['policy']
self.assertIsNone(policy['trash'])
self.assertIsNone(policy['familyCount'])
self.assertIsNone(policy['familyGrowing'])
self.assertIsNone(policy['nvtCount'])
self.assertIsNone(policy['nvtGrowing'])
self.assertIsNone(policy['usageType'])
self.assertIsNone(policy['maxNvtCount'])
self.assertIsNone(policy['knownNvtCount'])
self.assertIsNone(policy['predefined'])
self.assertIsNone(policy['families'])
self.assertIsNone(policy['nvtPreferences'])
self.assertIsNone(policy['scannerPreferences'])
self.assertIsNone(policy['audits'])
self.assertIsNone(policy['nvtSelectors'])
def test_subgrouped_query(self, mock_gmp: GmpMockFactory):
"""
Test an aggregate with groups and subgroups.
"""
aggregate_xml_path = CWD / 'example-aggregate-subgrouped.xml'
aggregate_xml_str = aggregate_xml_path.read_text()
mock_gmp.mock_response('get_aggregates', aggregate_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query GetAggregate {
aggregate(
input: {
dataType: NVT
filterString: "~openssl"
groupColumn: "solution_type"
subgroupColumn: "family"
dataColumns: ["severity"]
sortCriteria: [
{field: "severity", stat:MEAN, order:DESCENDING}
]
}
) {
groups {
value
count
stats {
column
mean
}
subgroups {
value
count
stats {
column
mean
}
}
}
subgroupValues
columnInfo {
name
stat
entityType
column
dataType
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
mock_gmp.gmp_protocol.get_aggregates.assert_called_with(
resource_type=GvmEntityType.NVT,
filter='~openssl',
data_columns=['severity'],
group_column='solution_type',
subgroup_column='family',
text_columns=None,
sort_criteria=[
{
'field': 'severity',
'stat': GvmAggregateStatistic.MEAN,
'order': GvmSortOrder.DESCENDING,
}
],
first_group=None,
max_groups=None,
mode=None,
)
aggregate = json['data']['aggregate']
groups = aggregate['groups']
self.assertEqual(len(groups), 5)
# Test second group as it has more than one subgroup
self.assertEqual(
groups[1],
{
'value': 'WillNotFix',
'count': 3,
'stats': [{'column': 'severity', 'mean': 3.8}],
'subgroups': [
{
'value': 'General',
'count': 1,
'stats': [{'column': 'severity', 'mean': 5}],
},
{
'value': 'F5 Local Security Checks',
'count': 2,
'stats': [{'column': 'severity', 'mean': 3.2}],
},
],
},
)
self.assertEqual(len(aggregate['subgroupValues']), 32)
self.assertEqual(
aggregate['subgroupValues'][:5],
[
"Amazon Linux Local Security Checks",
"Buffer overflow",
"CISCO",
"CentOS Local Security Checks",
"Databases",
],
)
def test_get_full_result(self, mock_gmp: GmpMockFactory):
result_xml_path = CWD / 'example-result.xml'
result_xml_str = result_xml_path.read_text()
mock_gmp.mock_response('get_result', result_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
result (
id: "9184608a-0b86-42e0-b733-4668feebc1c7"
) {
id
name
comment
reportId
task {
id
name
}
scanNvtVersion
originalThreat
originalSeverity
creationTime
modificationTime
host {
ip
id
hostname
}
port
nvt {
oid
severities {
score
severitiesList {
type
score
vector
}
}
}
threat
severity
qod {
value
type
}
description
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
result = json['data']['result']
self.assertEqual(result['id'], '9184608a-0b86-42e0-b733-4668feebc1c7')
self.assertEqual(
result['name'],
'Apache Tomcat RCE Vulnerability - April19 (Windows)',
)
self.assertIsNone(result['comment'])
self.assertEqual(result['creationTime'], '2020-06-19T09:31:15+00:00')
self.assertEqual(result['modificationTime'],
'2020-06-19T09:31:15+00:00')
self.assertEqual(result['reportId'],
'f31d3b1a-4642-44bc-86ea-63ea029d4c63')
self.assertEqual(result['task']['id'],
'dc9c6b7d-c81d-4e20-acd8-b187b018fa42')
self.assertEqual(
result['task']['name'],
'Offline Scan from 2019-06-27T08:10:13+01:00 38',
)
self.assertEqual(result['host']['ip'], '0.0.0.0')
self.assertEqual(result['host']['id'],
'2bcc682e-3c91-4f9c-80d6-59949159801f')
self.assertEqual(result['host']['hostname'], 'xyzxy')
self.assertIsNone(result['scanNvtVersion'])
self.assertEqual(result['threat'], 'High')
self.assertEqual(result['severity'], 9.3)
self.assertEqual(result['qod']['value'], 75)
self.assertIsNone(result['qod']['type'])
self.assertEqual(result['originalThreat'], 'High')
self.assertEqual(result['originalSeverity'], 9.3)
self.assertEqual(result['nvt']['oid'], '1.3.6.1.4.1.25623.1.0.142265')
severities = result['nvt']['severities']
self.assertEqual(severities['score'], 93)
self.assertEqual(severities['severitiesList'][0]['type'],
'cvss_base_v2')
self.assertEqual(severities['severitiesList'][0]['score'], 93)
self.assertEqual(
severities['severitiesList'][0]['vector'],
'AV:N/AC:M/Au:N/C:C/I:C/A:C',
)
self.assertIsNone(result['description'])
def test_get_nvts(self, mock_gmp: GmpMockFactory):
nvt_xml_path = CWD / 'example-scan-config-nvt.xml'
nvt_xml_str = nvt_xml_path.read_text()
mock_gmp.mock_response('get_nvts', nvt_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query {
scanConfigNvts (details:true) {
id
name
creationTime
modificationTime
category
summary
family
cvssBase
qod {
value
type
}
score
severities {
date
origin
score
type
vector
}
referenceWarning
certReferences{
id
type
}
cveReferences{
id
type
}
bidReferences{
id
type
}
otherReferences{
id
type
}
tags {
cvssBaseVector
summary
insight
impact
affected
detectionMethod
}
preferenceCount
timeout
defaultTimeout
solution {
type
method
description
}
preferences {
nvt {
id
name
}
name
type
value
alternativeValues
default
hrName
id
}
}
}
'''
)
json_response = response.json()
self.assertResponseNoErrors(response)
nvt = json_response['data']['scanConfigNvts'][0]
self.assertEqual(nvt['id'], "1.3.6.1.4.1.25623.1.0.100315")
self.assertEqual(nvt['name'], 'Some name')
self.assertEqual(nvt['creationTime'], '2009-10-26T09:02:32Z')
self.assertEqual(nvt['modificationTime'], '2020-05-11T05:36:14Z')
self.assertEqual(nvt['category'], 1)
self.assertEqual(nvt['summary'], 'Some summary')
self.assertEqual(nvt['family'], 'Some family')
self.assertEqual(nvt['cvssBase'], 5.0)
self.assertEqual(nvt['score'], 50)
self.assertEqual(nvt['qod'], {"value": 80, "type": "REMOTE_BANNER"})
self.assertEqual(
nvt['severities'],
[
{
"date": "2009-10-26T09:02:32+00:00",
"origin": "CVE-2011-9999",
"score": 50,
"type": "cvss_base_v2",
"vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
}
],
)
self.assertEqual(nvt['referenceWarning'], 'database not available')
self.assertEqual(
nvt['certReferences'],
[
{"id": "54321", "type": "cert-bund"},
{"id": "12345", "type": "dfn-cert"},
],
)
self.assertEqual(
nvt['bidReferences'],
[
{"id": "BID1337", "type": "bid"},
{"id": "BID31337", "type": "bugtraq_id"},
],
)
self.assertEqual(
nvt['otherReferences'], [{"id": "http://test.test", "type": "url"}]
)
self.assertEqual(
nvt['cveReferences'],
[
{"id": "CVE-2014-0682", "type": "cve"},
{"id": "CVE-2014-0681", "type": "cve_id"},
],
)
self.assertIsNotNone(nvt['tags'])
tags = nvt['tags']
self.assertEqual(tags['cvssBaseVector'], 'vec')
self.assertEqual(tags['summary'], 'sum')
self.assertEqual(tags['insight'], 'ins')
self.assertEqual(tags['impact'], 'imp')
self.assertEqual(tags['affected'], 'aff')
self.assertEqual(tags['detectionMethod'], 'vul')
self.assertEqual(nvt['preferenceCount'], -1)
self.assertEqual(nvt['timeout'], None)
self.assertEqual(nvt['defaultTimeout'], None)
self.assertEqual(
nvt['solution'],
{"type": "VendorFix", "method": "", "description": "Just update."},
)
self.assertEqual(
nvt['preferences'],
[
{
"name": "Log failed nmap calls",
"id": 13,
"nvt": {
"name": "Ping Host",
"id": "1.3.6.1.4.1.25623.1.0.100315",
},
"hrName": "Log failed nmap calls",
"type": "checkbox",
"value": "no",
"default": "no",
"alternativeValues": None,
},
{
"name": "nmap timing policy",
"id": 14,
"nvt": {
"name": "Ping Host",
"id": "1.3.6.1.4.1.25623.1.0.100315",
},
"hrName": "nmap timing policy",
"type": "radio",
"value": "Normal",
"default": "Normal",
"alternativeValues": ["Paranid", "Sneaky"],
},
],
)
mock_gmp.gmp_protocol.get_nvts.assert_called_with(
config_id=None,
details=True,
family=None,
preference_count=None,
preferences=None,
preferences_config_id=None,
sort_field=None,
sort_order=None,
timeout=None,
)
def test_get_permissions(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response('get_permissions', self.resp)
self.login('foo', 'bar')
response = self.query('''
query {
permissions{
nodes {
id
name
resource
{
id
name
type
trash
deleted
permissions
{
name
}
}
subject
{
id
name
type
trash
}
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
permissions = json['data']['permissions']['nodes']
self.assertEqual(len(permissions), 2)
permission1 = permissions[0]
permission2 = permissions[1]
# Permission 1
self.assertEqual(permission1['name'], 'get_tasks')
self.assertEqual(permission1['id'],
'1cade4f9-cc42-4f51-b5db-7cbcf90fc8b6')
self.assertEqual(
permission1['resource'],
{
"id": "df479236-1803-4e46-9014-2981ba9e15b1",
"name": "task Clone 1",
"type": "task",
"trash": False,
"deleted": False,
"permissions": None,
},
)
self.assertEqual(
permission1['subject'],
{
"id": "f8d47c31-e63f-4d3b-a5e8-0aa2f56ba2a0",
"name": "myuser",
"type": "user",
"trash": False,
},
)
# Permission 2
self.assertEqual(permission2['name'], 'create_agent')
self.assertEqual(permission2['id'],
'2cade4f9-cc42-4f51-b5db-7cbcf90fc8b6')
self.assertEqual(
permission2['resource'],
{
"id": "df479236-1803-4e46-9014-2981ba9e15b1",
"name": "task Clone 1",
"type": "task",
"trash": False,
"deleted": False,
"permissions": None,
},
)
self.assertEqual(
permission2['subject'],
{
"id": "f8d47c31-e63f-4d3b-a5e8-0aa2f56ba2a0",
"name": "myuser",
"type": "user",
"trash": False,
},
)
mock_gmp.gmp_protocol.get_permissions.assert_called_with(
filter_string=None)
def test_oval_definition(self, mock_gmp: GmpMockFactory):
oval_definition_xml_path = CWD / 'example-oval-definition.xml'
oval_definition_xml_str = oval_definition_xml_path.read_text()
mock_gmp.mock_response('get_info', oval_definition_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query {
ovalDefinition(id:
"oval:org.mitre.oval:def:29480_/oval/5.10/org.mitre.oval/v/family/windows.xml"
) {
id
name
cveRefs
deprecated
description
file
class
rawData
score
status
title
version
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
oval_definition = json['data']['ovalDefinition']
self.assertEqual(
oval_definition['name'],
'oval:org.mitre.oval:def:29480',
)
self.assertEqual(
oval_definition['id'],
'oval:org.mitre.oval:def:29480_/oval/5.10/org.mitre.oval/v/family/windows.xml',
)
self.assertEqual(
oval_definition['title'],
'Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code (CVE-2006-5857)',
)
self.assertEqual(
oval_definition['description'],
'short text',
)
self.assertEqual(oval_definition['score'], 93)
self.assertEqual(oval_definition['cveRefs'], 1)
self.assertEqual(oval_definition['deprecated'], False)
self.assertEqual(
oval_definition['file'],
'/oval/5.10/org.mitre.oval/v/family/windows.xml',
)
self.assertEqual(oval_definition['class'], 'vulnerability')
self.assertEqual(oval_definition['status'], 'INTERIM')
self.assertEqual(oval_definition['version'], 2)
def test_create_audit(self, mock_gmp: GmpMockFactory):
audit_id = str(uuid4())
policy_id = str(uuid4())
target_id = str(uuid4())
scanner_id = str(uuid4())
mock_gmp.mock_response(
'create_audit',
f'''
<create_task_response id="{audit_id}" status="200" status_text="OK"/>
''',
)
self.login('foo', 'bar')
response = self.query(f'''
mutation {{
createAudit(input: {{
name: "bar",
scannerId: "{scanner_id}",
policyId: "{policy_id}",
targetId: "{target_id}",
preferences: {{
autoDeleteReports: 4,
createAssets: true,
createAssetsApplyOverrides: false,
maxConcurrentNvts: 7,
maxConcurrentHosts: 13,
}}
}}) {{
id
}}
}}
''')
json = response.json()
self.assertResponseNoErrors(response)
uuid = json['data']['createAudit']['id']
self.assertEqual(uuid, audit_id)
mock_gmp.gmp_protocol.create_audit.assert_called_with(
"bar",
policy_id,
target_id,
scanner_id,
alert_ids=None,
alterable=None,
comment=None,
preferences={
'auto_delete': 'keep',
'auto_delete_data': 4,
'max_checks': 7,
'max_hosts': 13,
'in_assets': 'yes',
'assets_apply_overrides': 'no',
},
schedule_id=None,
)
def test_complex_host(self, mock_gmp: GmpMockFactory):
host_xml_path = CWD / 'example-host.xml'
host_xml_str = host_xml_path.read_text()
mock_gmp.mock_response('get_host', host_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
host(id: "291a7547-c817-4b46-88f2-32415d825335") {
id
name
severity
identifiers {
id
name
value
creationTime
modificationTime
sourceId
sourceName
sourceType
sourceData
sourceDeleted
osId
osTitle
}
details {
name
value
source {
id
name
type
description
}
extra
}
routes {
hosts {
id
ip
distance
sameSource
}
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
host = json['data']['host']
self.assertEqual(host['name'], 'xyzxy')
self.assertEqual(host['id'], 'd8c5fc4f-c01b-48aa-854b-cfe4bc9fb8c6')
self.assertEqual(host['severity'], 7.5)
identifiers = host['identifiers']
identifier = identifiers[1]
self.assertEqual(identifier['id'],
'd2f59ef2-5ae4-4a74-857b-2a639955d28c')
self.assertEqual(identifier['name'], 'ip')
self.assertEqual(identifier['value'], '0.0.0.0')
self.assertEqual(identifier['creationTime'],
'2020-06-19T09:34:48+00:00')
self.assertEqual(identifier['modificationTime'],
'2020-06-19T09:34:48+00:00')
self.assertEqual(identifier['sourceId'],
'3404b586-40be-4a7d-a964-c23c435d9abc')
self.assertEqual(identifier['sourceType'], 'Report Host')
self.assertIsNone(identifier['sourceData'])
self.assertFalse(identifier['sourceDeleted'])
self.assertIsNone(identifier['sourceName'])
self.assertIsNone(identifier['osId'])
self.assertIsNone(identifier['osTitle'])
self.assertEqual(identifiers[2]['sourceData'], 'CMDB-Parser')
details = host['details']
detail = details[0]
self.assertEqual(detail['name'], 'best_os_cpe')
self.assertEqual(detail['value'],
'cpe:/o:red hat:enterprise_linux_server:7.6')
self.assertEqual(detail['source']['id'],
'3404b586-40be-4a7d-a964-c23c435d9abc')
self.assertEqual(detail['source']['type'], 'Report')
self.assertIsNone(detail['source']['name'])
self.assertIsNone(detail['source']['description'])
self.assertIsNone(detail['extra'])
self.assertIsNone(host['routes'])
def test_get_scanners(self, mock_gmp: GmpMockFactory):
scanners_xml_path = CWD / 'example-scanner-list.xml'
scanners_xml_str = scanners_xml_path.read_text()
mock_gmp.mock_response('get_scanners', scanners_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
scanners {
nodes {
id
name
type
host
port
configs {
name
}
tasks {
name
}
credential {
name
}
caPub {
certificate
info {
activationTime
expirationTime
issuer
md5Fingerprint
timeStatus
}
}
info{
scanner{
name
version
}
daemon{
name
version
}
protocol{
name
version
}
description
params {
id
name
default
description
type
mandatory
}
}
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
scanners = json['data']['scanners']['nodes']
self.assertEqual(len(scanners), 2)
scanner1 = scanners[0]
scanner2 = scanners[1]
# scanner 1
self.assertEqual(scanner1['id'],
'08b69003-5fc2-4037-a479-93b440211c73')
self.assertEqual(scanner1['name'], 'OpenVAS Default')
self.assertEqual(scanner1['type'], "OPENVAS_SCANNER_TYPE")
self.assertEqual(
scanner1['host'],
'/home/sdiedrich/install/var/run/ospd-openvas.sock',
)
self.assertEqual(scanner1['port'], '0')
self.assertIsNone(scanner1['configs'])
tasks = scanner1['tasks']
self.assertEqual(len(tasks), 2)
self.assertEqual(tasks[0]['name'], '012345')
self.assertIsNone(scanner1['credential']['name'])
info = scanner1['info']
self.assertIsNotNone(info['description'])
scanner_info = info['scanner']
self.assertEqual(scanner_info['name'], 'openvas')
self.assertEqual(scanner_info['version'], 'OpenVAS 7.0.0')
daemon_info = info['daemon']
self.assertEqual(daemon_info['name'], 'OSPd OpenVAS')
self.assertEqual(daemon_info['version'], '20.8a1')
protocol_info = info['protocol']
self.assertEqual(protocol_info['name'], 'OSP')
self.assertEqual(protocol_info['version'], '1.2')
params = info['params']
self.assertEqual(len(params), 19)
self.assertEqual(params[0]['id'], "debug_mode")
self.assertEqual(params[0]['name'], "Debug Mode")
self.assertEqual(params[0]['default'], "0")
self.assertEqual(
params[0]['description'],
"Whether to get extra scan debug information.",
)
self.assertEqual(params[0]['type'], "osp_boolean")
self.assertFalse(params[0]['mandatory'])
# scanner 2
self.assertEqual(scanner2['id'],
'6b2db524-9fb0-45b8-9b56-d958f84cb546')
self.assertEqual(scanner2['name'], 'OSP Scanner-openvas')
self.assertEqual(scanner2['type'], "OSP_SCANNER_TYPE")
self.assertEqual(scanner2['host'], '127.0.0.1')
self.assertEqual(scanner2['port'], '2346')
configs = scanner2['configs']
self.assertEqual(len(configs), 3)
self.assertEqual(configs[0]['name'], 'Base 2')
self.assertIsNone(scanner2['tasks'])
credential = scanner2['credential']
self.assertEqual(credential['name'],
'Credential for Scanner OSP Scanner-openvas')
ca_pub = scanner2['caPub']
self.assertIsNotNone(ca_pub['certificate'])
info = ca_pub['info']
self.assertEqual(info['activationTime'], '2019-07-19T13:28:23+00:00')
self.assertEqual(info['expirationTime'], '2020-07-18T13:28:23+00:00')
self.assertEqual(info['issuer'], 'CN=localhost')
self.assertEqual(
info['md5Fingerprint'],
'09:9f:2e:5c:27:93:be:75:25:55:f9:57:15:44:3d:e0',
)
self.assertEqual(info['timeStatus'], 'valid')
def test_get_port_lists(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response('get_port_lists', self.xml)
self.login('foo', 'bar')
response = self.query('''
query {
portLists {
nodes {
name
id
owner
creationTime
modificationTime
writable
inUse
portCount {
all
tcp
udp
}
portRanges {
id
start
end
protocolType
}
targets {
id
name
}
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
port_lists = json['data']['portLists']['nodes']
self.assertEqual(len(port_lists), 2)
port_list1 = port_lists[0]
port_list2 = port_lists[1]
self.assertEqual(port_list1['id'],
'4a4717fe-57d2-11e1-9a26-406186ea4fc5')
self.assertEqual(port_list1['owner'], 'Palpatine')
self.assertEqual(port_list1['creationTime'],
'2020-06-30T09:16:25+00:00')
self.assertEqual(port_list1['modificationTime'],
'2020-07-30T09:16:25+00:00')
self.assertEqual(port_list1['writable'], True)
self.assertEqual(port_list1['inUse'], True)
self.assertEqual(port_list1['name'], 'All IANA assigned TCP and UDP')
targets1 = port_list1['targets']
self.assertEqual(targets1[0]['id'],
'66dcb401-2621-4d8e-9a1a-7044f1456f18')
self.assertEqual(targets1[0]['name'], 'Sidious')
port_ranges1 = port_list1['portRanges']
self.assertEqual(port_ranges1[0]['id'],
'2864fa44-594a-45d5-88ee-6c9742481b8e')
self.assertEqual(port_ranges1[0]['start'], 1)
self.assertEqual(port_ranges1[0]['end'], 3)
self.assertEqual(port_ranges1[0]['protocolType'], 'tcp')
self.assertEqual(port_ranges1[1]['id'],
'6390a473-86b3-4583-b4b9-e7e3b2a55355')
self.assertEqual(port_ranges1[1]['start'], 5)
self.assertEqual(port_ranges1[1]['end'], 5)
self.assertEqual(port_ranges1[1]['protocolType'], 'udp')
port_list_counts1 = port_list1['portCount']
self.assertEqual(port_list_counts1['all'], 42)
self.assertEqual(port_list_counts1['tcp'], 21)
self.assertEqual(port_list_counts1['udp'], 21)
self.assertEqual(port_list2['id'],
'33d0cd82-57c6-11e1-8ed1-406186ea4fc5')
self.assertEqual(port_list2['owner'], 'Sen. Organa')
self.assertEqual(port_list2['creationTime'],
'2020-07-30T09:16:25+00:00')
self.assertEqual(port_list2['modificationTime'],
'2020-08-30T09:16:25+00:00')
self.assertEqual(port_list2['writable'], False)
self.assertEqual(port_list2['inUse'], False)
self.assertEqual(port_list2['name'], 'All IANA assigned TCP')
targets2 = port_list2['targets']
self.assertEqual(targets2[0]['id'],
'66dcb401-2621-4d8e-9a1a-7044f1456f11')
self.assertEqual(targets2[0]['name'], 'Bail')
port_ranges2 = port_list2['portRanges']
self.assertEqual(port_ranges2[0]['id'],
'2864fa44-594a-45d5-88ee-6c9742481b81')
self.assertEqual(port_ranges2[0]['start'], 1)
self.assertEqual(port_ranges2[0]['end'], 3)
self.assertEqual(port_ranges2[0]['protocolType'], 'tcp')
self.assertEqual(port_ranges2[1]['id'],
'6390a473-86b3-4583-b4b9-e7e3b2a55351')
self.assertEqual(port_ranges2[1]['start'], 5)
self.assertEqual(port_ranges2[1]['end'], 5)
self.assertEqual(port_ranges2[1]['protocolType'], 'udp')
port_list_counts2 = port_list2['portCount']
self.assertEqual(port_list_counts2['all'], 42)
self.assertEqual(port_list_counts2['tcp'], 21)
self.assertEqual(port_list_counts2['udp'], 21)
def test_get_target(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response(
'get_target',
'''
<get_target_response>
<target id="08b69003-5fc2-4037-a479-93b440211c73">
<name>foo</name>
<comment>bar</comment>
<hosts>192.168.10.90</hosts>
<exclude_hosts>192.168.10.9</exclude_hosts>
<max_hosts>1</max_hosts>
<ssh_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51a">
<name>baz</name>
<port>42</port>
<trash>0</trash>
</ssh_credential>
<smb_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51b">
<name>baz</name>
<trash>0</trash>
</smb_credential>
<esxi_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51c">
<name>qux</name>
<trash>0</trash>
</esxi_credential>
<snmp_credential id="33d0cd82-57c6-11e1-8ed1-4061823cc51d">
<name>quux</name>
<trash>0</trash>
</snmp_credential>
<port_list id="33d0cd82-57c6-11e1-8ed1-406186ea4fc5">
<name>All IANA assigned TCP 2012-02-10</name>
<trash>0</trash>
</port_list>
<reverse_lookup_only>0</reverse_lookup_only>
<reverse_lookup_unify>0</reverse_lookup_unify>
<alive_tests>Scan Config Default</alive_tests>
</target>
</get_target_response>
''',
)
self.login('foo', 'bar')
response = self.query('''
query {
target(id: "08b69003-5fc2-4037-a479-93b440211c73") {
id
name
comment
hosts
maxHosts
excludeHosts
sshCredential {
id
name
port
}
smbCredential {
id
name
}
esxiCredential {
id
name
}
snmpCredential {
id
name
}
portList {
id
name
}
reverseLookupOnly
reverseLookupUnify
aliveTests
portRange
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
target = json['data']['target']
self.assertEqual(target['id'], '08b69003-5fc2-4037-a479-93b440211c73')
self.assertEqual(target['hosts'], ['192.168.10.90'])
self.assertEqual(target['excludeHosts'], ['192.168.10.9'])
self.assertEqual(target['maxHosts'], 1)
self.assertEqual(
target['sshCredential']['id'],
'33d0cd82-57c6-11e1-8ed1-4061823cc51a',
)
self.assertEqual(target['sshCredential']['name'], 'baz')
self.assertEqual(target['sshCredential']['port'], 42)
self.assertEqual(
target['smbCredential']['id'],
'33d0cd82-57c6-11e1-8ed1-4061823cc51b',
)
self.assertEqual(target['smbCredential']['name'], 'baz')
self.assertEqual(
target['esxiCredential']['id'],
'33d0cd82-57c6-11e1-8ed1-4061823cc51c',
)
self.assertEqual(target['esxiCredential']['name'], 'qux')
self.assertEqual(
target['snmpCredential']['id'],
'33d0cd82-57c6-11e1-8ed1-4061823cc51d',
)
self.assertEqual(target['snmpCredential']['name'], 'quux')
self.assertEqual(target['portList']['id'],
'33d0cd82-57c6-11e1-8ed1-406186ea4fc5')
self.assertEqual(target['portList']['name'],
'All IANA assigned TCP 2012-02-10')
self.assertEqual(target['name'], 'foo')
self.assertEqual(target['aliveTests'], 'Scan Config Default')
self.assertEqual(target['reverseLookupOnly'], False)
self.assertEqual(target['reverseLookupUnify'], False)
self.assertEqual(target['portRange'], None)
def test_sub_objects(self, mock_gmp: GmpMockFactory):
task_xml_path = CWD / 'example-task-2.xml'
task_xml_str = task_xml_path.read_text()
mock_gmp.mock_response('get_task', task_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
task(id: "7593ad78-6cbc-48aa-94a4-5e52bb6b3f80") {
id
name
scanConfig {
id
name
trash
type
}
target {
id
name
trash
}
scanner {
id
name
type
trash
}
schedule {
id
name
trash
icalendar
timezone
}
alerts {
id
name
}
schedulePeriods
hostsOrdering
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
task = json['data']['task']
self.assertEqual(task['name'], 'Example')
self.assertEqual(task['id'], '7593ad78-6cbc-48aa-94a4-5e52bb6b3f80')
scan_config = task['scanConfig']
self.assertEqual(scan_config['name'], 'Base')
self.assertEqual(scan_config['id'],
'd21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663')
self.assertFalse(scan_config['trash'])
self.assertEqual(scan_config['type'], 0)
target = task['target']
self.assertEqual(target['name'], 'Localhost')
self.assertEqual(target['id'], 'e1db1b66-f86f-4a09-bb9e-c81d73d85a5d')
self.assertFalse(target['trash'])
scanner = task['scanner']
self.assertEqual(scanner['name'], 'OpenVAS Default')
self.assertEqual(scanner['id'], '08b69003-5fc2-4037-a479-93b440211c73')
self.assertFalse(scanner['trash'])
self.assertEqual(ScannerType[scanner['type']],
ScannerType.OPENVAS_SCANNER_TYPE)
schedule = task['schedule']
self.assertEqual(schedule['name'], 'Every Week on Friday 16h UTC')
self.assertEqual(schedule['id'],
'25473f83-6086-40cb-bbf9-c52cb6c5b92e')
self.assertFalse(schedule['trash'])
self.assertEqual(schedule['timezone'], 'UTC')
self.assertRegex(schedule['icalendar'], r'^BEGIN:VCALENDAR.*')
self.assertEqual(schedule['timezone'], 'UTC')
schedule_periods = task['schedulePeriods']
self.assertEqual(schedule_periods, 0)
hosts_ordering = task['hostsOrdering']
self.assertIsNone(hosts_ordering)
alerts = task['alerts']
self.assertEqual(len(alerts), 2)
alert1 = alerts[0]
self.assertEqual(alert1['name'], 'Http Alert')
self.assertEqual(alert1['id'], '8c1e0414-95e4-4bd6-8823-fc507c1fe34b')
alert2 = alerts[1]
self.assertEqual(alert2['name'], 'Send to Host')
self.assertEqual(alert2['id'], '8957b33c-ed0d-47c3-a955-4056498bfef2')
def test(self, mock_gmp: GmpMockFactory):
# get the gmp_commands
gmp_commands = return_gmp_methods(mock_gmp.gmp_protocol)
# create the mock response with the gmp_command and the gmp_name
mock_gmp.mock_response(gmp_cmd, compose_mock_response(gmp_name))
self.login('foo', 'bar')
response = self.query(compose_mock_query(plural_selene_name))
json = response.json()
self.assertResponseNoErrors(response)
get_entities = gmp_commands[gmp_cmd]
get_entities.assert_called_with(filter_string='lorem', **kwargs)
entities = json['data'][plural_selene_name]['nodes']
self.assertEqual(len(entities), 2)
entity1 = entities[0]
entity2 = entities[1]
# Entity 1
self.assertEqual(entity1['id'], '08b69003-5fc2-4037-a479-93b440211c73')
self.assertEqual(entity1['name'], 'foo')
self.assertEqual(entity1['comment'], "bar")
self.assertEqual(entity1['owner'], 'admin')
self.assertEqual(entity1['creationTime'], '2019-07-19T13:33:21+00:00')
self.assertEqual(entity1['modificationTime'],
'2019-07-19T13:33:21+00:00')
self.assertTrue(entity1['inUse'])
self.assertTrue(entity1['writable'])
permissions = entity1['permissions']
self.assertEqual(len(permissions), 1)
self.assertEqual(permissions[0]['name'], 'Everything')
user_tags = entity1['userTags']
self.assertEqual(user_tags['count'], 2)
tags = user_tags['tags']
self.assertEqual(len(tags), 2)
tag1 = tags[0]
self.assertEqual(tag1['name'], 'test tag 1')
self.assertEqual(tag1['id'], '480cdbd9-1af2-4be6-a195-163748b80381')
self.assertIsNone(tag1['value'])
self.assertIsNone(tag1['comment'])
# Entity 2
self.assertEqual(entity2['id'], '6b2db524-9fb0-45b8-9b56-d958f84cb546')
self.assertEqual(entity2['name'], 'lorem')
self.assertEqual(entity2['comment'], 'ipsum')
self.assertEqual(entity2['owner'], 'admin')
self.assertEqual(entity2['creationTime'], '2019-07-19T13:33:21+00:00')
self.assertEqual(entity2['modificationTime'],
'2019-07-19T13:33:21+00:00')
self.assertFalse(entity2['inUse'])
self.assertTrue(entity2['writable'])
permissions = entity2['permissions']
self.assertEqual(len(permissions), 2)
self.assertEqual(permissions[0]['name'], gmp_name)
self.assertIsNone(entity2['userTags'])
def test_complex_task(self, mock_gmp: GmpMockFactory):
task_xml_path = CWD / 'example-task.xml'
task_xml_str = task_xml_path.read_text()
mock_gmp.mock_response('get_task', task_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
task(id: "291a7547-c817-4b46-88f2-32415d825335") {
id
name
alterable
averageDuration
reports {
counts {
total
finished
}
currentReport {
id
timestamp
scanStart
scanEnd
}
lastReport {
id
severity
timestamp
scanStart
scanEnd
}
}
status
trend
creationTime
modificationTime
progress
results {
counts {
current
}
}
observers {
users
groups {
name
}
roles {
name
}
}
scanConfig {
id
}
target {
id
}
scanner {
id
}
schedule {
id
}
alerts {
id
}
preferences {
name
description
value
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
task = json['data']['task']
self.assertEqual(task['name'], 'Task_for_Report')
self.assertEqual(task['id'], '291a7547-c817-4b46-88f2-32415d825335')
self.assertEqual(task['averageDuration'], 0)
reports = task['reports']
last_report = reports['lastReport']
self.assertEqual(last_report['timestamp'], '2020-01-15T11:30:10+01:00')
self.assertEqual(last_report['severity'], 10.0)
self.assertEqual(last_report['id'],
'd453374b-64cc-4c25-9959-7bc7c5287242')
self.assertEqual(last_report['scanStart'], '2020-01-15T11:30:28+01:00')
self.assertEqual(last_report['scanEnd'], '2020-01-15T11:39:24+01:00')
current_report = reports['currentReport']
self.assertEqual(current_report['id'],
'64213415-efe5-4441-9ee6-562cacf4e3ce')
self.assertEqual(current_report['timestamp'],
'2020-02-04T09:42:14+01:00')
self.assertEqual(current_report['scanStart'],
'2020-02-04T09:42:33+01:00')
self.assertIsNone(current_report['scanEnd'])
reports_counts = reports['counts']
self.assertEqual(reports_counts['total'], 1)
self.assertEqual(reports_counts['finished'], 1)
self.assertFalse(task['alterable'])
self.assertEqual(task['status'], 'Done')
self.assertIsNone(task['trend'])
dt = datetime(2020,
1,
8,
hour=14,
minute=36,
second=21,
tzinfo=timezone.utc)
self.assertEqual(task['creationTime'], dt.isoformat())
self.assertEqual(task['modificationTime'], dt.isoformat())
self.assertEqual(task['progress'], -1)
observers = task['observers']
self.assertIsNotNone(observers)
self.assertEqual(len(observers['groups']), 1)
self.assertEqual(observers['groups'][0]['name'], 'plebeians')
self.assertEqual(len(observers['roles']), 1)
self.assertEqual(observers['roles'][0]['name'], 'Admin')
self.assertEqual(len(observers['users']), 2)
self.assertListEqual(observers['users'], ['admin', 'admin_Clone_4'])
self.assertIsNone(task['scanConfig'])
self.assertIsNone(task['target'])
self.assertIsNone(task['scanner'])
self.assertIsNone(task['schedule'])
self.assertIsNone(task['alerts'])
preferences = task['preferences']
self.assertEqual(len(preferences), 8)
pref_max_check = preferences[0]
self.assertEqual(
pref_max_check['description'],
'Maximum concurrently executed NVTs per host',
)
self.assertEqual(pref_max_check['name'], 'max_checks')
self.assertEqual(pref_max_check['value'], '4')
pref_max_hosts = preferences[1]
self.assertEqual(pref_max_hosts['description'],
'Maximum concurrently scanned hosts')
self.assertEqual(pref_max_hosts['name'], 'max_hosts')
self.assertEqual(pref_max_hosts['value'], '20')
pref_source_iface = preferences[2]
self.assertEqual(pref_source_iface['description'],
'Network Source Interface')
self.assertEqual(pref_source_iface['name'], 'source_iface')
self.assertIsNone(pref_source_iface['value'])
pref_in_assets = preferences[3]
self.assertEqual(pref_in_assets['description'],
'Add results to Asset Management')
self.assertEqual(pref_in_assets['name'], 'in_assets')
self.assertEqual(pref_in_assets['value'], 'yes')
pref_assets_apply_overrides = preferences[4]
self.assertEqual(
pref_assets_apply_overrides['description'],
'Apply Overrides when adding Assets',
)
self.assertEqual(pref_assets_apply_overrides['name'],
'assets_apply_overrides')
self.assertEqual(pref_assets_apply_overrides['value'], 'yes')
pref_assets_min_qod = preferences[5]
self.assertEqual(pref_assets_min_qod['description'],
'Min QOD when adding Assets')
self.assertEqual(pref_assets_min_qod['name'], 'assets_min_qod')
self.assertEqual(pref_assets_min_qod['value'], '70')
pref_auto_delete = preferences[6]
self.assertEqual(pref_auto_delete['description'],
'Auto Delete Reports')
self.assertEqual(pref_auto_delete['name'], 'auto_delete')
self.assertEqual(pref_auto_delete['value'], '0')
pref_auto_delete_data = preferences[7]
self.assertEqual(pref_auto_delete_data['description'],
'Auto Delete Reports Data')
self.assertEqual(pref_auto_delete_data['name'], 'auto_delete_data')
self.assertEqual(pref_auto_delete_data['value'], '0')
results_counts = task['results']['counts']
self.assertEqual(results_counts['current'], 50000)
def test_get_scan_config_nvt(self, mock_gmp: GmpMockFactory):
nvt_xml_path = CWD / 'example-scan-config-nvt.xml'
nvt_xml_str = nvt_xml_path.read_text()
mock_gmp.mock_response('get_nvt', nvt_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
scanConfigNvt (id:"1.3.6.1.4.1.25623.1.0.100315") {
id
name
creationTime
modificationTime
category
summary
family
cvssBase
qod {
value
type
}
score
severities {
date
origin
score
type
vector
}
referenceWarning
certReferences{
id
type
}
cveReferences{
id
type
}
bidReferences{
id
type
}
otherReferences{
id
type
}
tags {
cvssBaseVector
summary
insight
impact
affected
detectionMethod
}
preferenceCount
timeout
defaultTimeout
solution{
type
method
description
}
}
}
''')
json_response = response.json()
self.assertResponseNoErrors(response)
nvt = json_response['data']['scanConfigNvt']
self.assertEqual(nvt['id'], "1.3.6.1.4.1.25623.1.0.100315")
self.assertEqual(nvt['name'], 'Some name')
self.assertEqual(nvt['creationTime'], '2009-10-26T09:02:32Z')
self.assertEqual(nvt['modificationTime'], '2020-05-11T05:36:14Z')
self.assertEqual(nvt['category'], 1)
self.assertEqual(nvt['summary'], 'Some summary')
self.assertEqual(nvt['family'], 'Some family')
self.assertEqual(nvt['cvssBase'], 5.0)
self.assertEqual(nvt['score'], 50)
self.assertEqual(
nvt['qod'],
{
"value": 80,
"type": "remote_banner"
},
)
self.assertEqual(
nvt['severities'],
[{
"date": "2009-10-26T09:02:32+00:00",
"origin": "CVE-2011-9999",
"score": 50,
"type": "cvss_base_v2",
"vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
}],
)
self.assertEqual(nvt['referenceWarning'], 'database not available')
self.assertEqual(
nvt['certReferences'],
[
{
"id": "54321",
"type": "cert-bund"
},
{
"id": "12345",
"type": "dfn-cert"
},
],
)
self.assertEqual(
nvt['bidReferences'],
[
{
"id": "BID1337",
"type": "bid"
},
{
"id": "BID31337",
"type": "bugtraq_id"
},
],
)
self.assertEqual(
nvt['otherReferences'],
[
{
"id": "http://test.test",
"type": "url"
},
],
)
self.assertEqual(
nvt['cveReferences'],
[
{
"id": "CVE-2014-0682",
"type": "cve"
},
{
"id": "CVE-2014-0681",
"type": "cve_id"
},
],
)
self.assertIsNotNone(nvt['tags'])
tags = nvt['tags']
self.assertEqual(tags['cvssBaseVector'], 'vec')
self.assertEqual(tags['summary'], 'sum')
self.assertEqual(tags['insight'], 'ins')
self.assertEqual(tags['impact'], 'imp')
self.assertEqual(tags['affected'], 'aff')
self.assertEqual(tags['detectionMethod'], 'vul')
self.assertEqual(nvt['preferenceCount'], -1)
self.assertEqual(nvt['timeout'], None)
self.assertEqual(nvt['defaultTimeout'], None)
self.assertEqual(
nvt['solution'],
{
"type": "VendorFix",
"method": "",
"description": "Just update.",
},
)
mock_gmp.gmp_protocol.get_nvt.assert_called_with(
"1.3.6.1.4.1.25623.1.0.100315")
def test_complex_audit(self, mock_gmp: GmpMockFactory):
audit_xml_path = CWD / 'example-audit.xml'
audit_xml_str = audit_xml_path.read_text()
mock_gmp.mock_response('get_audit', audit_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query {
audit(id: "c4335bf9-de7d-4d45-984a-a4a19709a098") {
id
name
comment
alterable
averageDuration
reports {
counts {
total
finished
}
currentReport {
id
creationTime
scanStart
scanEnd
}
lastReport {
id
creationTime
scanStart
scanEnd
complianceCount {
yes
no
incomplete
}
}
}
status
trend
creationTime
modificationTime
progress
results {
counts {
current
}
}
observers {
users
groups {
name
}
roles {
name
}
}
policy {
id
name
trash
}
target {
id
name
trash
}
scanner {
id
name
type
trash
}
schedule {
id
name
trash
icalendar
timezone
duration
}
alerts {
id
name
}
preferences {
autoDeleteReports
createAssets
createAssetsApplyOverrides
createAssetsMinQod
maxConcurrentHosts
maxConcurrentNvts
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
audit = json['data']['audit']
self.assertEqual(audit['name'], 'Audit_for_Report')
self.assertEqual(audit['id'], 'c4335bf9-de7d-4d45-984a-a4a19709a098')
self.assertEqual(audit['comment'], 'foo')
self.assertEqual(audit['status'], 'NEW')
self.assertEqual(audit['progress'], -1)
self.assertIsNone(audit['trend'])
self.assertEqual(audit['averageDuration'], 0)
reports = audit['reports']
current_report = reports['currentReport']
last_report = reports['lastReport']
compliance_count = last_report['complianceCount']
self.assertEqual(
last_report['id'], '001b46dc-fdaa-4fc3-b094-0329805edcd0'
)
self.assertEqual(
last_report['creationTime'], '2021-02-09T15:54:45+00:00'
)
self.assertEqual(last_report['scanStart'], '2021-02-09T15:54:50+00:00')
self.assertEqual(last_report['scanEnd'], '2021-02-09T16:11:22+00:00')
self.assertEqual(
current_report['id'], '12e6275b-6933-4c04-9c8a-5762d8489c9e'
)
self.assertEqual(
current_report['creationTime'], '2021-02-11T15:07:24+00:00'
)
self.assertEqual(
current_report['scanStart'], '2021-02-11T15:07:28+00:00'
)
self.assertIsNone(current_report['scanEnd'])
self.assertEqual(compliance_count['yes'], 3)
self.assertEqual(compliance_count['no'], 2)
self.assertEqual(compliance_count['incomplete'], 1)
self.assertEqual(reports['counts']['total'], 0)
target = audit['target']
self.assertEqual(target['id'], '2d161fb3-1867-4683-a5dc-f2e375194552')
self.assertEqual(target['name'], '234234Unnamed')
scanner = audit['scanner']
self.assertEqual(scanner['id'], '08b69003-5fc2-4037-a479-93b440211c73')
self.assertEqual(scanner['name'], 'OpenVAS Default')
self.assertEqual(scanner['type'], 'OPENVAS_SCANNER_TYPE')
schedule = audit['schedule']
self.assertEqual(schedule['id'], 'fef95cd5-3a0a-4df5-bb73-161f75aa3eda')
self.assertEqual(
schedule['name'], 'Schedule for alertask - 2020-10-21T08:56:08.850Z'
)
self.assertEqual(schedule['duration'], 0)
self.assertEqual(schedule['timezone'], 'UTC')
self.assertEqual(
schedule['icalendar'],
"""BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Greenbone.net//NONSGML Greenbone Security Manager
21.4.0~dev1~git-a98bd26-master//EN
BEGIN:VEVENT
DTSTART:20201021T085600Z
DURATION:PT0S
UID:339d3438-ae77-49cd-a680-505bc0bb026a
DTSTAMP:20201021T085608Z
END:VEVENT
END:VCALENDAR
""",
)
self.assertEqual(
audit['alerts'],
[
{'id': '69a80538-161d-424c-ae57-8f0b92950092', 'name': 'Email'},
{
'id': '71bb9279-7204-4275-8ff9-ab9f1a64a7de',
'name': 'Email Clone 1',
},
],
)
observers = audit['observers']
self.assertEqual(observers['users'], ['admin'])
self.assertEqual(
observers['roles'], [{'name': 'Admin'}, {'name': 'Info'}]
)
self.assertEqual(observers['groups'], [{'name': 'group'}])
policy = audit['policy']
self.assertEqual(policy['id'], '9f822ad3-9208-4e02-ac03-78dce3ca9a23')
self.assertEqual(policy['name'], 'EulerOS Linux Security Configuration')
self.assertEqual(policy['trash'], 0)
preferences = audit['preferences']
self.assertEqual(len(preferences), 6)
self.assertIsNone(preferences['autoDeleteReports'])
self.assertEqual(preferences['createAssets'], True)
self.assertEqual(preferences['createAssetsApplyOverrides'], True)
self.assertEqual(preferences['createAssetsMinQod'], 70)
self.assertEqual(preferences['maxConcurrentNvts'], 4)
self.assertEqual(preferences['maxConcurrentHosts'], 20)
def test_get_scan_config_nvt_none_fields(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response(
'get_nvt',
'''
<get_nvts_response>
<nvt oid="1.3.6.1.4.1.25623.1.0.814313">
<name>foo</name>
</nvt>
</get_nvts_response>
''',
)
self.login('foo', 'bar')
response = self.query('''
query {
scanConfigNvt(id: "1.3.6.1.4.1.25623.1.0.814313") {
id
name
creationTime
modificationTime
category
family
cvssBase
qod {
value
}
score
severities {
date
}
referenceWarning
certReferences{
id
type
}
cveReferences{
id
type
}
bidReferences{
id
type
}
otherReferences{
id
type
}
tags {
cvssBaseVector
}
preferenceCount
preferences {
nvt {
id
}
hrName
}
timeout
defaultTimeout
solution{
type
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
nvt = json['data']['scanConfigNvt']
self.assertEqual(nvt['id'], '1.3.6.1.4.1.25623.1.0.814313')
self.assertEqual(nvt['name'], 'foo')
self.assertIsNone(nvt['category'])
self.assertIsNone(nvt['family'])
self.assertIsNone(nvt['cvssBase'])
self.assertIsNone(nvt['score'])
self.assertIsNone(nvt['qod'])
self.assertIsNone(nvt['severities'])
self.assertIsNone(nvt['referenceWarning'])
self.assertIsNone(nvt['certReferences'])
self.assertIsNone(nvt['cveReferences'])
self.assertIsNone(nvt['bidReferences'])
self.assertIsNone(nvt['otherReferences'])
self.assertIsNone(nvt['tags'])
self.assertIsNone(nvt['preferenceCount'])
self.assertIsNone(nvt['preferences'])
self.assertIsNone(nvt['timeout'])
self.assertIsNone(nvt['defaultTimeout'])
self.assertIsNone(nvt['solution'])
def test_get_policy(self, mock_gmp: GmpMockFactory):
policy_xml_path = CWD / 'example-policy.xml'
policy_xml_str = policy_xml_path.read_text()
mock_gmp.mock_response('get_policy', policy_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
policy (id: "daba56c8-73ec-11df-a475-002264764cea",
) {
name
id
trash
familyCount
familyGrowing
usageType
maxNvtCount
nvtGrowing
knownNvtCount
predefined
families{
name
nvtCount
maxNvtCount
growing
}
nvtPreferences{
nvt{
name
id
}
hrName
name
id
type
value
default
alternativeValues
}
scannerPreferences{
hrName
name
id
type
value
default
alternativeValues
}
audits{
id
name
}
nvtSelectors{
name
include
type
familyOrNvt
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
policy = json['data']['policy']
self.assertEqual(policy['id'], "daba56c8-73ec-11df-a475-002264764cea")
self.assertEqual(policy['name'], 'foo')
self.assertEqual(policy['trash'], 0)
self.assertEqual(policy['familyCount'], 2)
self.assertEqual(policy['usageType'], 'scan')
self.assertEqual(policy['maxNvtCount'], 249)
self.assertEqual(policy['knownNvtCount'], 3)
self.assertEqual(policy['predefined'], True)
self.assertEqual(
policy['families'],
[
{
"name": "Port scanners",
"nvtCount": 2,
"maxNvtCount": 9,
"growing": False,
},
{
"name": "Service detection",
"nvtCount": 1,
"maxNvtCount": 240,
"growing": False,
},
],
)
self.assertEqual(
policy['nvtPreferences'],
[
{
"name": "Log failed nmap calls",
"id": 13,
"nvt": {
"name": "Ping Host",
"id": "1.3.6.1.4.1.25623.1.0.100315",
},
"hrName": "Log failed nmap calls",
"type": "checkbox",
"value": "no",
"default": "no",
"alternativeValues": None,
},
{
"name": "nmap timing policy",
"id": 14,
"nvt": {
"name": "Ping Host",
"id": "1.3.6.1.4.1.25623.1.0.100315",
},
"hrName": "nmap timing policy",
"type": "radio",
"value": "Normal",
"default": "Normal",
"alternativeValues": ["Paranoid", "Sneaky"],
},
],
)
self.assertEqual(
policy['scannerPreferences'],
[
{
"name": "auto_enable_dependencies",
"id": None,
"hrName": "auto_enable_dependencies",
"type": None,
"value": "1",
"default": "1",
"alternativeValues": None,
},
{
"name": "cgi_path",
"id": None,
"hrName": "cgi_path",
"type": None,
"value": "/cgi-bin:/scripts",
"default": "/cgi-bin:/scripts",
"alternativeValues": ["Paranoid", "Sneaky"],
},
],
)
self.assertEqual(
policy['audits'],
[{
"id": "49d082ec-73f5-4b3a-75b5-3b9d9e38d079",
"name": "some_name",
}],
)
self.assertEqual(
policy['nvtSelectors'],
[
{
"name": "f187d4cf-a157-471c-81a6-74990b5da181",
"include": True,
"type": 2,
"familyOrNvt": "1.3.6.1.4.1.25623.1.0.100315",
},
{
"name": "f187d4cf-a157-471c-81a6-74990b5da181",
"include": True,
"type": 2,
"familyOrNvt": "1.3.6.1.4.1.25623.1.0.14259",
},
],
)
self.assertEqual(policy['nvtGrowing'], False)
self.assertEqual(policy['familyGrowing'], True)
def test_get_scanner_with_certificate(self, mock_gmp: GmpMockFactory):
scanner_xml_path = CWD / 'example-scanner-2.xml'
scanner_xml_str = scanner_xml_path.read_text()
mock_gmp.mock_response('get_scanner', scanner_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query {
scanner(id: "08b69003-5fc2-4037-a479-93b440211c73"){
id
name
type
host
port
configs {
name
}
tasks {
name
}
credential {
name
}
caPub {
certificate
info {
activationTime
expirationTime
issuer
md5Fingerprint
timeStatus
}
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
scanner = json['data']['scanner']
self.assertEqual(scanner['id'], '6b2db524-9fb0-45b8-9b56-d958f84cb546')
self.assertEqual(scanner['name'], 'OSP Scanner-openvas')
self.assertEqual(scanner['type'], "OSP_SCANNER_TYPE")
self.assertEqual(scanner['host'], '127.0.0.1')
self.assertEqual(scanner['port'], '2346')
configs = scanner['configs']
self.assertEqual(len(configs), 3)
self.assertEqual(configs[0]['name'], 'Base 2')
self.assertIsNone(scanner['tasks'])
credential = scanner['credential']
self.assertEqual(
credential['name'], 'Credential for Scanner OSP Scanner-openvas'
)
ca_pub = scanner['caPub']
self.assertIsNotNone(ca_pub['certificate'])
info = ca_pub['info']
self.assertEqual(info['activationTime'], '2019-07-19T13:28:23+00:00')
self.assertEqual(info['expirationTime'], '2020-07-18T13:28:23+00:00')
self.assertEqual(info['issuer'], 'CN=localhost')
self.assertEqual(
info['md5Fingerprint'],
'09:9f:2e:5c:27:93:be:75:25:55:f9:57:15:44:3d:e0',
)
self.assertEqual(info['timeStatus'], 'valid')
def test_grouped_query(self, mock_gmp: GmpMockFactory):
"""
Test a grouped aggregate that also includes a filter,
data columns and sort criteria.
"""
aggregate_xml_path = CWD / 'example-aggregate-grouped.xml'
aggregate_xml_str = aggregate_xml_path.read_text()
mock_gmp.mock_response('get_aggregates', aggregate_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query GetAggregate {
aggregate(
input: {
dataType: NVT
filterString: "~openssl"
groupColumn: "solution_type"
dataColumns: ["severity", "qod"]
sortCriteria: [
{field: "severity", stat: MEAN, order: DESCENDING}
]
}
) {
groups {
value
count
cumulativeCount
stats {
column
min
max
mean
sum
cumulativeSum
}
}
columnInfo {
name
stat
entityType
column
dataType
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
mock_gmp.gmp_protocol.get_aggregates.assert_called_with(
resource_type=GvmEntityType.NVT,
filter='~openssl',
data_columns=['severity', 'qod'],
group_column='solution_type',
subgroup_column=None,
text_columns=None,
sort_criteria=[
{
'field': 'severity',
'stat': GvmAggregateStatistic.MEAN,
'order': GvmSortOrder.DESCENDING,
}
],
first_group=None,
max_groups=None,
mode=None,
)
aggregate = json['data']['aggregate']
groups = aggregate['groups']
self.assertEqual(len(groups), 5)
self.assertEqual(
groups[0],
{
'value': 'VendorFix',
'count': 1241,
'cumulativeCount': 1241,
'stats': [
{
'column': 'severity',
'min': 1.2,
'max': 10,
'mean': 6.18187,
'sum': 7671.67,
'cumulativeSum': 7671.67,
},
{
'column': 'qod',
'min': 30,
'max': 100,
'mean': 90.9887,
'sum': 112917,
'cumulativeSum': 112917,
},
],
},
)
self.assertEqual(groups[1]['value'], 'Mitigation')
self.assertEqual(groups[1]['count'], 2)
self.assertEqual(groups[1]['cumulativeCount'], 1243)
self.assertEqual(groups[1]['stats'][0]['sum'], 10)
self.assertEqual(groups[1]['stats'][0]['cumulativeSum'], 7681.67)
column_info = aggregate['columnInfo']
self.assertEqual(len(column_info), 13)
self.assertEqual(column_info[0]['name'], 'value')
self.assertEqual(column_info[0]['stat'], 'VALUE')
self.assertEqual(column_info[0]['entityType'], 'NVT')
self.assertEqual(column_info[0]['column'], 'solution_type')
self.assertEqual(column_info[0]['dataType'], 'text')
self.assertEqual(column_info[1]['name'], 'count')
self.assertEqual(column_info[1]['stat'], 'COUNT')
self.assertEqual(column_info[1]['entityType'], 'NVT')
self.assertIsNone(column_info[1]['column'])
self.assertEqual(column_info[1]['dataType'], 'integer')
self.assertEqual(column_info[5]['name'], 'severity_mean')
self.assertEqual(column_info[5]['stat'], 'MEAN')
self.assertEqual(column_info[5]['entityType'], 'NVT')
self.assertEqual(column_info[5]['column'], 'severity')
self.assertEqual(column_info[5]['dataType'], 'cvss')
def test_get_scanner(self, mock_gmp: GmpMockFactory):
scanner_xml_path = CWD / 'example-scanner.xml'
scanner_xml_str = scanner_xml_path.read_text()
mock_gmp.mock_response('get_scanner', scanner_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query {
scanner(id: "08b69003-5fc2-4037-a479-93b440211c73"){
id
name
type
host
port
configs {
name
}
tasks {
name
}
credential {
name
}
info{
scanner{
name
version
}
daemon{
name
version
}
protocol{
name
version
}
description
params {
id
name
default
description
type
mandatory
}
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
scanner = json['data']['scanner']
self.assertEqual(scanner['id'], '08b69003-5fc2-4037-a479-93b440211c73')
self.assertEqual(scanner['name'], 'OpenVAS Default')
self.assertEqual(scanner['type'], "OPENVAS_SCANNER_TYPE")
self.assertEqual(
scanner['host'], '/home/sdiedrich/install/var/run/ospd-openvas.sock'
)
self.assertEqual(scanner['port'], '0')
self.assertIsNone(scanner['configs'])
tasks = scanner['tasks']
self.assertEqual(len(tasks), 2)
self.assertEqual(tasks[0]['name'], '012345')
self.assertIsNone(scanner['credential']['name'])
info = scanner['info']
self.assertIsNotNone(info['description'])
scanner_info = info['scanner']
self.assertEqual(scanner_info['name'], 'openvas')
self.assertEqual(scanner_info['version'], 'OpenVAS 7.0.0')
daemon_info = info['daemon']
self.assertEqual(daemon_info['name'], 'OSPd OpenVAS')
self.assertEqual(daemon_info['version'], '20.8a1')
protocol_info = info['protocol']
self.assertEqual(protocol_info['name'], 'OSP')
self.assertEqual(protocol_info['version'], '1.2')
params = info['params']
self.assertEqual(len(params), 19)
self.assertEqual(params[0]['id'], "debug_mode")
self.assertEqual(params[0]['name'], "Debug Mode")
self.assertEqual(params[0]['default'], "0")
self.assertEqual(
params[0]['description'],
"Whether to get extra scan debug information.",
)
self.assertEqual(params[0]['type'], "osp_boolean")
self.assertFalse(params[0]['mandatory'])
def test_text_column_query(self, mock_gmp: GmpMockFactory):
"""
Test an aggregate with text columns and limits (firstGroup, maxGroups).
"""
aggregate_xml_path = CWD / 'example-aggregate-text-columns.xml'
aggregate_xml_str = aggregate_xml_path.read_text()
mock_gmp.mock_response('get_aggregates', aggregate_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query GetAggregate {
aggregate(
input: {
dataType: NVT
groupColumn: "uuid"
textColumns: ["created", "name"]
sortCriteria: [
{field: "created", stat:TEXT, order:ASCENDING}
]
firstGroup: 10
maxGroups: 25
}
) {
groups {
value
textColumns {
column,
text
}
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
mock_gmp.gmp_protocol.get_aggregates.assert_called_with(
resource_type=GvmEntityType.NVT,
filter=None,
data_columns=None,
group_column='uuid',
subgroup_column=None,
text_columns=['created', 'name'],
sort_criteria=[
{
'field': 'created',
'stat': GvmAggregateStatistic.TEXT,
'order': GvmSortOrder.ASCENDING,
}
],
first_group=10,
max_groups=25,
mode=None,
)
aggregate = json['data']['aggregate']
groups = aggregate['groups']
self.assertEqual(len(groups), 25)
self.assertEqual(
groups[0],
{
'value': '1.3.6.1.4.1.25623.1.0.14372',
'textColumns': [
{'column': 'created', 'text': '2005-11-03T13:08:04Z'},
{
'column': 'name',
'text': 'wu-ftpd S/KEY authentication overflow',
},
],
},
)
def test_get_preference(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response(
'get_preference',
'''
<get_preferences_response status="200" status_text="OK">
<preference>
<nvt oid="1.3.6.1.4.1.25623.1.0.999999">
<name>Name of VT</name>
</nvt>
<id>42</id>
<hr_name>Name of preference</hr_name>
<name>Name of preference</name>
<type>radio</type>
<value>Some value</value>
<alt>Some alternative1</alt>
<alt>Some alternative2</alt>
<default>Some default</default>
</preference>
</get_preferences_response>
''',
)
self.login('foo', 'bar')
response = self.query('''
query{
preference(name: "<type>:<Name of preference>",
nvtOid:"Some NVT OID",
configId: "daba56c8-73ec-11df-a475-002264764cea"
){
nvt {
oid
name
}
hrName
name
type
value
alt
default
}
}
''')
json = response.json()
preference = json['data']['preference']
self.assertResponseNoErrors(response)
self.assertEqual(preference['nvt']['oid'],
'1.3.6.1.4.1.25623.1.0.999999')
self.assertEqual(preference['nvt']['name'], 'Name of VT')
self.assertEqual(preference['hrName'], 'Name of preference')
self.assertEqual(preference['name'], 'Name of preference')
self.assertEqual(preference['type'], 'radio')
self.assertEqual(preference['value'], 'Some value')
self.assertEqual(preference['alt'],
['Some alternative1', 'Some alternative2'])
self.assertEqual(preference['default'], 'Some default')
mock_gmp.gmp_protocol.get_preference.assert_called_with(
name="<type>:<Name of preference>",
nvt_oid="Some NVT OID",
config_id="daba56c8-73ec-11df-a475-002264764cea",
)
def test_minimal_query(self, mock_gmp: GmpMockFactory):
"""
Test a minimal query only giving the data type and
returning only an overall count.
"""
aggregate_xml_path = CWD / 'example-aggregate-minimal.xml'
aggregate_xml_str = aggregate_xml_path.read_text()
mock_gmp.mock_response('get_aggregates', aggregate_xml_str)
self.login('foo', 'bar')
response = self.query(
'''
query GetAggregate {
aggregate(
input: {
dataType: NVT
}
) {
overall {
count
}
columnInfo {
name
stat
entityType
column
dataType
}
}
}
'''
)
json = response.json()
self.assertResponseNoErrors(response)
mock_gmp.gmp_protocol.get_aggregates.assert_called_with(
resource_type=GvmEntityType.NVT,
filter=None,
data_columns=None,
group_column=None,
subgroup_column=None,
text_columns=None,
sort_criteria=None,
first_group=None,
max_groups=None,
mode=None,
)
aggregate = json['data']['aggregate']
self.assertEqual(aggregate['overall']['count'], 85949)
column_info = aggregate['columnInfo']
self.assertEqual(len(column_info), 2)
self.assertEqual(column_info[0]['name'], 'count')
self.assertEqual(column_info[0]['stat'], 'COUNT')
self.assertEqual(column_info[0]['entityType'], 'NVT')
self.assertIsNone(column_info[0]['column'])
self.assertEqual(column_info[0]['dataType'], 'integer')
self.assertEqual(column_info[1]['name'], 'c_count')
self.assertEqual(column_info[1]['stat'], 'C_COUNT')
self.assertEqual(column_info[1]['entityType'], 'NVT')
self.assertIsNone(column_info[1]['column'])
self.assertEqual(column_info[1]['dataType'], 'integer')
def test_get_alerts(self, mock_gmp: GmpMockFactory):
alerts_xml_path = CWD / 'example-alert-list.xml'
alerts_xml_str = alerts_xml_path.read_text()
mock_gmp.mock_response('get_alerts', alerts_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
alerts {
nodes {
name
id
inUse
comment
writable
owner
creationTime
modificationTime
filter {
trash
name
id
}
tasks {
id
name
}
event {
type
data {
name
value
}
}
condition {
type
data {
name
value
}
}
method {
type
data {
name
value
}
}
permissions {
name
}
active
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
alerts = json['data']['alerts']['nodes']
self.assertEqual(len(alerts), 2)
alert1 = alerts[0]
alert2 = alerts[1]
# Alert 1
self.assertEqual(alert1['id'], '63431604-1cd5-402c-bb05-748e130edb03')
self.assertEqual(alert1['name'], 'foo')
self.assertIsNone(alert1['tasks'])
self.assertIsNone(alert1['comment'])
self.assertEqual(alert1['inUse'], False)
self.assertEqual(alert1['writable'], True)
self.assertEqual(alert1['active'], True)
self.assertEqual(alert1['creationTime'], '2020-08-06T11:34:15+00:00')
self.assertEqual(alert1['modificationTime'],
'2020-08-06T11:34:15+00:00')
self.assertEqual(alert1['permissions'][0]['name'], 'Everything')
self.assertIsNone(alert1['filter'])
event1 = alert1['event']
event_data1 = event1['data']
self.assertEqual(event1['type'], 'Task run status changed')
self.assertEqual(event_data1[0]['name'], 'status')
self.assertEqual(event_data1[0]['value'], 'Done')
method1 = alert1['method']
method_data1 = method1['data']
self.assertEqual(len(method_data1), 11)
self.assertEqual(method1['type'], 'Alemba vFire')
self.assertEqual(method_data1[0]['name'], 'report_formats')
self.assertEqual(method_data1[0]['value'],
'c1645568-627a-11e3-a660-406186ea4fc5')
self.assertEqual(method_data1[1]['name'], 'vfire_base_url')
self.assertEqual(method_data1[1]['value'], '127.0.0.1')
# Alert 2
self.assertEqual(alert2['id'], '3a39bea5-fc9f-41f4-9107-7e0e69db9035')
self.assertEqual(alert2['name'], 'bar')
self.assertEqual(alert2['comment'], 'baz')
self.assertEqual(alert2['inUse'], True)
self.assertEqual(alert2['writable'], True)
self.assertEqual(alert2['active'], True)
self.assertEqual(alert2['creationTime'], '2020-08-06T11:30:41+00:00')
self.assertEqual(alert2['modificationTime'],
'2020-08-07T09:26:05+00:00')
self.assertEqual(alert2['permissions'][0]['name'], 'Everything')
self.assertEqual(len(alert2['tasks']), 1)
self.assertEqual(alert2['tasks'][0]['name'], 'scan_local')
self.assertEqual(alert2['tasks'][0]['id'],
'173a38fe-1038-48a6-9c48-a623ffc04ba8')
filter2 = alert2['filter']
self.assertEqual(filter2['id'], '75c8145d-b00c-408f-8907-6664d5ce6108')
self.assertEqual(filter2['name'], 'resultFilter')
self.assertEqual(filter2['trash'], 0)
event2 = alert2['event']
event_data2 = event2['data']
self.assertEqual(event2['type'], 'Updated SecInfo arrived')
self.assertEqual(event_data2[0]['name'], 'secinfo_type')
self.assertEqual(event_data2[0]['value'], 'nvt')
method2 = alert2['method']
method_data2 = method2['data']
self.assertEqual(len(method_data2), 7)
self.assertEqual(method2['type'], 'Email')
self.assertEqual(method_data2[0]['name'], 'notice')
self.assertEqual(method_data2[0]['value'], '1')
self.assertEqual(method_data2[1]['name'], 'from_address')
self.assertEqual(method_data2[1]['value'], '*****@*****.**')
def test_get_result_none_fields(self, mock_gmp: GmpMockFactory):
mock_gmp.mock_response(
'get_result',
'''
<get_results_response>
<result id="1f3261c9-e47c-4a21-b677-826ea92d1d59">
<name>abc</name>
</result>
</get_results_response>
''',
)
self.login('foo', 'bar')
response = self.query('''
query {
result (
id: "1f3261c9-e47c-4a21-b677-826ea92d1d59"
) {
id
name
owner
originResult{
id
details{
name
value
}
}
overrides{
id
active
creationTime
modificationTime
text
endTime
severity
newSeverity
}
report {
id
}
task {
id
name
}
originalSeverity
creationTime
modificationTime
host {
ip
id
hostname
}
location
information {
__typename
... on ResultNVT{
id
version
score
severities {
type
score
vector
}
}
}
severity
qod {
value
type
}
description
notes {
id
creationTime
modificationTime
active
text
}
tickets {
id
}
userTags {
count
tags {
id
name
}
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
result = json['data']['result']
self.assertEqual(result['id'], '1f3261c9-e47c-4a21-b677-826ea92d1d59')
self.assertEqual(result['name'], 'abc')
self.assertIsNone(result['owner'])
self.assertIsNone(result['creationTime'])
self.assertIsNone(result['modificationTime'])
self.assertIsNone(result['originResult'])
self.assertIsNone(result['report'])
self.assertIsNone(result['task'])
self.assertIsNone(result['host'])
self.assertIsNone(result['location'])
self.assertIsNone(result['severity'])
self.assertIsNone(result['qod'])
self.assertIsNone(result['originalSeverity'])
self.assertIsNone(result['information'])
self.assertIsNone(result['description'])
self.assertIsNone(result['notes'])
self.assertIsNone(result['overrides'])
self.assertIsNone(result['tickets'])
self.assertIsNone(result['userTags'])
def test_complex_dfn_cert_advisory(self, mock_gmp: GmpMockFactory):
dfn_cert_advisory_xml_path = CWD / 'example-dfn-cert.xml'
dfn_cert_advisory_xml_str = dfn_cert_advisory_xml_path.read_text()
mock_gmp.mock_response('get_info', dfn_cert_advisory_xml_str)
self.login('foo', 'bar')
response = self.query('''
query {
dfnCertAdvisory(id:
"DFN-CERT-2008-0644"
) {
id
name
updateTime
title
summary
maxCvss
cveRefs
cves
link
author {
name
uri
}
}
}
''')
json = response.json()
self.assertResponseNoErrors(response)
dfn_cert_advisory = json['data']['dfnCertAdvisory']
self.assertEqual(
dfn_cert_advisory['name'],
'DFN-CERT-2008-0644',
)
self.assertEqual(
dfn_cert_advisory['id'],
'DFN-CERT-2008-0644',
)
self.assertEqual(
dfn_cert_advisory['title'],
'Schwachstelle im HP Software Update (Windows)',
)
self.assertEqual(
dfn_cert_advisory['summary'],
'''Aufgrund mehrerer fehlerhafter ActiveX Controls im HP Software Update
kann ein entfernter Angreifer im schlimmsten Fall beliebige Befehle
mit den Rechten der Anwendung ausführen.''',
)
self.assertEqual(dfn_cert_advisory['maxCvss'], 6.8)
self.assertEqual(dfn_cert_advisory['cveRefs'], 1)
self.assertEqual(
dfn_cert_advisory['link'],
'https://adv-archiv.dfn-cert.de/adv/2008-0644/',
)
self.assertEqual(dfn_cert_advisory['cves'], ['CVE-2008-0712'])
self.assertEqual(dfn_cert_advisory['cveRefs'], 1)
self.assertEqual(dfn_cert_advisory['cveRefs'], 1)
self.assertIsNotNone(dfn_cert_advisory['author'])
author = dfn_cert_advisory['author']
self.assertEqual(author['name'], 'DFN-CERT Services GmbH')
