本文整理汇总了Python中w3af.core.controllers.w3afCore.w3afCore函数的典型用法代码示例。如果您正苦于以下问题:Python w3afCore函数的具体用法?Python w3afCore怎么用?Python w3afCore使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了w3afCore函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_save_current_to_new_profile
def test_save_current_to_new_profile(self):
w3af_core = w3afCore()
w3af_core.profiles.use_profile('OWASP_TOP10', workdir='.')
audit = w3af_core.plugins.get_enabled_plugins('audit')
disabled_plugin = audit[-1]
audit = audit[:-1]
w3af_core.plugins.set_plugins(audit, 'audit')
enabled = w3af_core.plugins.get_enabled_plugins('audit')
self.assertEquals(set(enabled), set(audit))
self.assertTrue(disabled_plugin not in enabled)
w3af_core.profiles.save_current_to_new_profile('unittest-OWASP_TOP10')
# Get a new, clean instance of the core.
w3af_core = w3afCore()
audit = w3af_core.plugins.get_enabled_plugins('audit')
self.assertEquals(audit, [])
w3af_core.profiles.use_profile('unittest-OWASP_TOP10')
enabled_plugins = w3af_core.plugins.get_all_enabled_plugins()
self.assertTrue(disabled_plugin not in enabled_plugins['audit'])
self.assertTrue('credit_cards' in enabled_plugins['grep'])
self.assertTrue('private_ip' in enabled_plugins['grep'])
self.assertTrue('dns_wildcard' in enabled_plugins['infrastructure'])
self.assertTrue('web_spider' in enabled_plugins['crawl'])
w3af_core.profiles.remove_profile('unittest-OWASP_TOP10')
示例2: test_kb_list_shells_xpath_2181
def test_kb_list_shells_xpath_2181(self):
"""
:see: https://github.com/andresriancho/w3af/issues/2181
"""
w3af_core = w3afCore()
vuln = MockVuln()
str_delim = '&'
true_cond = ''
use_difflib = False
is_error_response = IsErrorResponse(vuln, w3af_core.uri_opener,
use_difflib)
shell = XPathReader(vuln, w3af_core.uri_opener,
w3af_core.worker_pool, str_delim, true_cond,
is_error_response)
kb.append('a', 'b', shell)
shells = kb.get_all_shells(w3af_core=w3af_core)
self.assertEqual(len(shells), 1)
unpickled_shell = shells[0]
self.assertEqual(shell, unpickled_shell)
self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
self.assertEqual(unpickled_shell.STR_DELIM, shell.STR_DELIM)
self.assertEqual(unpickled_shell.TRUE_COND, shell.TRUE_COND)
self.assertEqual(unpickled_shell.is_error_resp.use_difflib, use_difflib)
self.assertEqual(unpickled_shell.is_error_resp.url_opener,
w3af_core.uri_opener)
w3af_core.quit()
示例3: test_kb_list_shells_rfi_port_scan_2181
def test_kb_list_shells_rfi_port_scan_2181(self):
"""
:see: https://github.com/andresriancho/w3af/issues/2181
"""
w3af_core = w3afCore()
vuln = MockVuln()
url = URL('http://moth/?a=1')
freq = FuzzableRequest(url)
exploit_mutant = QSMutant.create_mutants(freq, [''], [], False, {})[0]
shell = PortScanShell(vuln, w3af_core.uri_opener, w3af_core.worker_pool,
exploit_mutant)
kb.append('a', 'b', shell)
shells = kb.get_all_shells(w3af_core=w3af_core)
self.assertEqual(len(shells), 1)
unpickled_shell = shells[0]
self.assertEqual(shell, unpickled_shell)
self.assertIs(unpickled_shell._uri_opener, w3af_core.uri_opener)
self.assertIs(unpickled_shell.worker_pool, w3af_core.worker_pool)
self.assertEqual(unpickled_shell._exploit_mutant, exploit_mutant)
w3af_core.quit()
示例4: test_strategy_exception
def test_strategy_exception(self):
core = w3afCore()
target = core.target.get_options()
target['target'].set_value(self.TARGET_URL)
core.target.set_options(target)
core.plugins.set_plugins(['sqli'], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
strategy = CoreStrategy(core)
strategy._fuzzable_request_router = Mock(side_effect=Exception)
strategy.terminate = Mock(wraps=strategy.terminate)
self.assertRaises(Exception, strategy.start)
# Now test that those threads are being terminated
self.assertEqual(strategy.terminate.called, True)
core.exploit_phase_prerequisites = lambda: 42
core.scan_end_hook()
self._assert_thread_names()
示例5: test_use_all_profiles
def test_use_all_profiles(self):
"""
This test catches the errors in my profiles that generate these messages:
***************************************************************************
The profile you are trying to load (web_infrastructure) seems to be outdated,
this is a common issue which happens when the framework is updated and one of
its plugins adds/removes one of the configuration parameters referenced by a
profile, or the plugin is removed all together.
The profile was loaded but some of your settings might have been lost.
This is the list of issues that were found:
- Setting the options for plugin "infrastructure.server_header" raised
an exception due to unknown configuration parameters.
We recommend you review the specific plugin configurations, apply the
required changes and save the profile in order to update it and avoid
this message. If this warning does not disappear you can manually edit
the profile file to fix it.
***************************************************************************
"""
w3af_core = w3afCore()
valid, invalid = w3af_core.profiles.get_profile_list('.')
self.assertTrue(len(valid) > 5)
self.assertEqual(len(invalid), 0)
for profile_inst in valid:
profile_name = profile_inst.get_name()
w3af_core.profiles.use_profile(profile_name, workdir='.')
示例6: test_remove_profile
def test_remove_profile(self):
w3af_core = w3afCore()
w3af_core.profiles.save_current_to_new_profile('unittest-remove')
w3af_core.profiles.remove_profile('unittest-remove')
self.assertRaises(
BaseFrameworkException, w3af_core.profiles.use_profile, 'unittest-remove')
示例7: test_alert_if_target_is_301_all_internal_redir
def test_alert_if_target_is_301_all_internal_redir(self):
"""
Tests that no info is created if the site redirects internally
"""
core = w3afCore()
httpretty.register_uri(httpretty.GET,
re.compile("w3af.com/(.*)"),
body='301',
status=301,
adding_headers={'Location': 'http://w3af.com/xyz'})
target = core.target.get_options()
target['target'].set_value('http://w3af.com/')
core.target.set_options(target)
core.plugins.set_plugins(['sqli'], 'audit')
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
strategy = CoreStrategy(core)
strategy.start()
infos = kb.get('core', 'core')
self.assertEqual(len(infos), 0, infos)
示例8: test_save_current_to_new_profile
def test_save_current_to_new_profile(self):
self.core.profiles.use_profile('OWASP_TOP10', workdir='.')
audit = self.core.plugins.get_enabled_plugins('audit')
disabled_plugin = audit[-1]
audit = audit[:-1]
self.core.plugins.set_plugins(audit, 'audit')
enabled = self.core.plugins.get_enabled_plugins('audit')
self.assertEquals(set(enabled), set(audit))
self.assertTrue(disabled_plugin not in enabled)
new_profile_name = 'save-current-new'
self.core.profiles.save_current_to_new_profile(new_profile_name)
# Get a new, clean instance of the core.
clean_core = w3afCore()
audit = clean_core.plugins.get_enabled_plugins('audit')
self.assertEquals(audit, [])
clean_core.profiles.use_profile(new_profile_name)
enabled_plugins = clean_core.plugins.get_all_enabled_plugins()
self.assertNotIn(disabled_plugin, enabled_plugins['audit'])
self.assertIn('credit_cards', enabled_plugins['grep'])
self.assertIn('private_ip', enabled_plugins['grep'])
self.assertIn('dns_wildcard', enabled_plugins['infrastructure'])
self.assertIn('web_spider', enabled_plugins['crawl'])
# cleanup
clean_core.profiles.remove_profile(new_profile_name)
clean_core.worker_pool.terminate_join()
示例9: test_strategy_exception
def test_strategy_exception(self):
core = w3afCore()
target = core.target.get_options()
target["target"].set_value(self.TARGET_URL)
core.target.set_options(target)
core.plugins.set_plugins(["sqli"], "audit")
core.plugins.init_plugins()
core.verify_environment()
core.scan_start_hook()
strategy = w3af_core_strategy(core)
strategy.join_all_consumers = Mock(side_effect=Exception)
strategy.terminate = Mock(wraps=strategy.terminate)
self.assertRaises(Exception, strategy.start)
# Now test that those threads are being terminated
self.assertEqual(strategy.terminate.called, True)
core.exploit_phase_prerequisites = lambda: 42
core.scan_end_hook()
self._assert_thread_names()
示例10: test_error_handling
def test_error_handling(self):
class InvalidPlugin(object):
def information(self, msg, new_line=True):
raise Exception('Test')
def debug(self, *args, **kwargs):
pass
def error(self, msg, new_line=True):
pass
def get_name(self):
return 'InvalidPlugin'
invalid_plugin = InvalidPlugin()
w3af_core = w3afCore()
om.out._output_plugin_instances = [invalid_plugin, ]
om.out.information('abc')
om.out.process_all_messages()
exc_list = w3af_core.exception_handler.get_all_exceptions()
self.assertEqual(len(exc_list), 1, exc_list)
edata = exc_list[0]
self.assertEqual(str(edata.exception), 'Test')
示例11: test_use_profile_variable_replace
def test_use_profile_variable_replace(self):
w3af_core = w3afCore()
w3af_core.profiles.use_profile('OWASP_TOP10', workdir='.')
plugin_opts = w3af_core.plugins.get_plugin_options('audit',
'ssl_certificate')
ca_path = plugin_opts['caFileName'].get_value()
self.assertEqual(ca_path, self.INPUT_FILE)
示例12: test_get_plugin_instAll
def test_get_plugin_instAll(self):
w3af_core = w3afCore()
for plugin_type in itertools.chain(w3af_core.plugins.get_plugin_types(), ['attack']):
for plugin_name in w3af_core.plugins.get_plugin_list(plugin_type):
plugin_inst = w3af_core.plugins.get_plugin_inst(
plugin_type, plugin_name)
self.assertEquals(plugin_inst.get_name(), plugin_name)
示例13: test_multiple_instances
def test_multiple_instances(self):
"""
Just making sure nothing crashes if I have more than 1 instance of
w3afCore
"""
instances = []
for _ in xrange(5):
instances.append(w3afCore())
示例14: setUp
def setUp(self):
super(TestW3afCorePlugins, self).setUp()
self.listdir_patch = patch("os.listdir")
self.listdir_mock = self.listdir_patch.start()
self.listdir_mock.side_effect = listdir_remove_fs
self.core = w3afCore()
示例15: __init__
def __init__(self, torNodes=[]):
BasePlugin.__init__(self, torNodes, 'w3afPlugin')
self.setPluginDetails('w3afPlugin', 'Plugin to load the W3AF context in Tortazo. You can execute W3AF against the TOR deep web.', '1.0', 'Adastra: @jdaanial')
if len(torNodes) > 0:
self.info("[*] w3afPlugin Initialized!")
self.w3afCorePlugin = w3afCore()
self.w3afCorePlugin.plugins.init_plugins()
self.w3afCorePlugin.plugins.zero_enabled_plugins()
self.miscSettings = MiscSettings()