def _setup_audit(self): """ Starts the audit plugin consumer """ om.out.debug('Called _setup_audit()') audit_plugins = self._w3af_core.plugins.plugins['audit'] if audit_plugins: self._audit_consumer = audit(audit_plugins, self._w3af_core) self._audit_consumer.start()
def _setup_audit(self): """ Starts the audit plugin consumer """ om.out.debug('Called _setup_audit()') audit_plugins = self._w3af_core.plugins.plugins['audit'] if audit_plugins: self._audit_consumer = audit(audit_plugins, self._w3af_core) self._audit_consumer.start()
def test_teardown_with_must_stop_exception(self): w3af_core = w3afCore() xss_instance = xss() xss_instance.set_url_opener(w3af_core.uri_opener) xss_instance.set_worker_pool(w3af_core.worker_pool) audit_plugins = [xss_instance] audit_consumer = audit(audit_plugins, w3af_core) audit_consumer.start() url = 'http://w3af.org/?id=1' httpretty.register_uri(httpretty.GET, url, body='hello world', content_type='application/html') url = URL(url) fr = FuzzableRequest(url) # This will trigger a few HTTP requests to the target URL which will # also initialize all the xss plugin internals to be able to run end() # later. audit_consumer.in_queue_put(fr) kb.kb.add_fuzzable_request(fr) # Now that xss.audit() was called, we want to simulate network errors # that will put the uri opener in a state where it always answers with # ScanMustStopException w3af_core.uri_opener._stop_exception = ScanMustStopException('mock') # And now we just call terminate() which injects the poison pill and will # call teardown, which should call xss.end(), which should try to send HTTP # requests, which will raise a ScanMustStopException with patch('w3af.core.controllers.core_helpers.consumers.audit.om.out' ) as om_mock: audit_consumer.terminate() msg = ('Spent 0.00 seconds running xss.end() until a scan must' ' stop exception was raised.') self.assertIn(call.debug(msg), om_mock.mock_calls)
def test_teardown_with_must_stop_exception(self): w3af_core = w3afCore() xss_instance = xss() xss_instance.set_url_opener(w3af_core.uri_opener) xss_instance.set_worker_pool(w3af_core.worker_pool) audit_plugins = [xss_instance] audit_consumer = audit(audit_plugins, w3af_core) audit_consumer.start() url = 'http://w3af.org/?id=1' httpretty.register_uri(httpretty.GET, url, body='hello world', content_type='application/html') url = URL(url) fr = FuzzableRequest(url) # This will trigger a few HTTP requests to the target URL which will # also initialize all the xss plugin internals to be able to run end() # later. audit_consumer.in_queue_put(fr) kb.kb.add_fuzzable_request(fr) # Now that xss.audit() was called, we want to simulate network errors # that will put the uri opener in a state where it always answers with # ScanMustStopException w3af_core.uri_opener._stop_exception = ScanMustStopException('mock') # And now we just call terminate() which injects the poison pill and will # call teardown, which should call xss.end(), which should try to send HTTP # requests, which will raise a ScanMustStopException with patch('w3af.core.controllers.core_helpers.consumers.audit.om.out') as om_mock: audit_consumer.terminate() msg = ('Spent 0.00 seconds running xss.end() until a scan must' ' stop exception was raised.') self.assertIn(call.debug(msg), om_mock.mock_calls)