Issues (23)

tests/test_vthelper.py (2 issues)

1
# -*- coding: utf-8 -*-
2
# Copyright (C) 2014-2021 Greenbone Networks GmbH
3
#
4
# SPDX-License-Identifier: AGPL-3.0-or-later
5
#
6
# This program is free software: you can redistribute it and/or modify
7
# it under the terms of the GNU Affero General Public License as
8
# published by the Free Software Foundation, either version 3 of the
9
# License, or (at your option) any later version.
10
#
11
# This program is distributed in the hope that it will be useful,
12
# but WITHOUT ANY WARRANTY; without even the implied warranty of
13
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14
# GNU Affero General Public License for more details.
15
#
16
# You should have received a copy of the GNU Affero General Public License
17
# along with this program. If not, see <http://www.gnu.org/licenses/>.
18
19
20
from hashlib import sha256
21
from unittest import TestCase
22
23
from tests.dummydaemon import DummyDaemon
24
from tests.helper import assert_called_once
25
26
from ospd_openvas.vthelper import VtHelper
27
28
29
class VtHelperTestCase(TestCase):
30
    def test_get_single_vt(self):
31
        dummy = DummyDaemon()
32
        vthelper = VtHelper(dummy.nvti)
33
        res = vthelper.get_single_vt("1.3.6.1.4.1.25623.1.0.100061")
34
35
        assert_called_once(dummy.nvti.get_nvt_metadata)
36
        self.assertEqual("Mantis Detection", res.get('name'))
37
38
    def test_calculate_vts_collection_hash_no_params(self):
39
        dummy = DummyDaemon()
40
        vthelper = VtHelper(dummy.nvti)
41
        hash_out = vthelper.calculate_vts_collection_hash()
42
43
        vt_hash_str = (
44
            '1.3.6.1.4.1.25623.1.0.10006115339065651Data '
45
            + 'length :2Do not randomize the  order  in  which '
46
            + 'ports are scannedno'
47
        )
48
49
        vt_hash = sha256()
50
        vt_hash.update(vt_hash_str.encode('utf-8'))
51
        hash_test = vt_hash.hexdigest()
52
53
        self.assertEqual(hash_test, hash_out)
54
55
    def test_get_vt_iterator(self):
56
        dummy = DummyDaemon()
57
        vthelper = VtHelper(dummy.nvti)
58
59
        vt = ["1.3.6.1.4.1.25623.1.0.100061"]
60
61
        for key, _ in vthelper.get_vt_iterator():
62
            self.assertIn(key, vt)
63
64
    def test_get_vt_iterator_with_filter(self):
65
        dummy = DummyDaemon()
66
        vthelper = VtHelper(dummy.nvti)
67
68
        vt = ["1.3.6.1.4.1.25623.1.0.100061"]
69
70
        vtout = dummy.VTS["1.3.6.1.4.1.25623.1.0.100061"]
71
72
        for key, vt_dict in vthelper.get_vt_iterator(vt_selection=vt):
73
            self.assertIn(key, vt)
74
            for key2 in vtout:
75
                self.assertIn(key2, vt_dict)
76
77
    def test_get_vt_iterator_with_filter_no_vt(self):
78
        dummy = DummyDaemon()
79
        vthelper = VtHelper(dummy.nvti)
80
        dummy.nvti.get_nvt_metadata.return_value = None
81
        vt = ["1.3.6.1.4.1.25623.1.0.100065"]
82
83
        for _, values in vthelper.get_vt_iterator(vt_selection=vt):
84
            self.assertIs(values, None)
85
86 View Code Duplication
    def test_get_single_vt_severity_cvssv3(self):
0 ignored issues
show
This code seems to be duplicated in your project.
Loading history...
87
        dummy = DummyDaemon()
88
        dummy.nvti.get_nvt_metadata.return_value = {
89
            'category': '3',
90
            'creation_date': '1237458156',
91
            'cvss_base_vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:N',
92
            'severity_vector': 'CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L',
93
            'severity_date': '1237458156',
94
            'severity_origin': 'Greenbone',
95
            'excluded_keys': 'Settings/disable_cgi_scanning',
96
            'family': 'Product detection',
97
            'filename': 'mantis_detect.nasl',
98
            'last_modification': '1533906565',
99
            'name': 'Mantis Detection',
100
            'qod_type': 'remote_banner',
101
            'required_ports': 'Services/www, 80',
102
            'solution': 'some solution',
103
            'solution_type': 'WillNotFix',
104
            'solution_method': 'DebianAPTUpgrade',
105
            'impact': 'some impact',
106
            'insight': 'some insight',
107
            'summary': 'some summary',
108
            'affected': 'some affection',
109
            'timeout': '0',
110
            'vt_params': {
111
                '1': {
112
                    'id': '1',
113
                    'default': '',
114
                    'description': 'Description',
115
                    'name': 'Data length :',
116
                    'type': 'entry',
117
                },
118
                '2': {
119
                    'id': '2',
120
                    'default': 'no',
121
                    'description': 'Description',
122
                    'name': (  # pylint: disable=line-too-long
123
                        'Do not randomize the  order  in  which ports are'
124
                        ' scanned'
125
                    ),
126
                    'type': 'checkbox',
127
                },
128
            },
129
            'refs': {
130
                'bid': [''],
131
                'cve': [''],
132
                'xref': ['URL:http://www.mantisbt.org/'],
133
            },
134
        }
135
136
        vthelper = VtHelper(dummy.nvti)
137
138
        res = vthelper.get_single_vt("1.3.6.1.4.1.25623.1.0.100061")
139
        assert_called_once(dummy.nvti.get_nvt_metadata)
140
141
        severities = res.get('severities')
142
        self.assertEqual(
143
            "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L",
144
            severities.get('severity_base_vector'),
145
        )
146
        self.assertEqual("cvss_base_v3", severities.get('severity_type'))
147
        self.assertEqual("Greenbone", severities.get('severity_origin'))
148
        self.assertEqual("1237458156", severities.get('severity_date'))
149
150 View Code Duplication
    def test_get_single_vt_severity_cvssv2(self):
0 ignored issues
show
This code seems to be duplicated in your project.
Loading history...
151
        dummy = DummyDaemon()
152
        dummy.nvti.get_nvt_metadata.return_value = {
153
            'category': '3',
154
            'creation_date': '1237458156',
155
            'cvss_base_vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:N',
156
            'excluded_keys': 'Settings/disable_cgi_scanning',
157
            'family': 'Product detection',
158
            'filename': 'mantis_detect.nasl',
159
            'last_modification': '1533906565',
160
            'name': 'Mantis Detection',
161
            'qod_type': 'remote_banner',
162
            'required_ports': 'Services/www, 80',
163
            'solution': 'some solution',
164
            'solution_type': 'WillNotFix',
165
            'solution_method': 'DebianAPTUpgrade',
166
            'impact': 'some impact',
167
            'insight': 'some insight',
168
            'summary': 'some summary',
169
            'affected': 'some affection',
170
            'timeout': '0',
171
            'vt_params': {
172
                '1': {
173
                    'id': '1',
174
                    'default': '',
175
                    'description': 'Description',
176
                    'name': 'Data length :',
177
                    'type': 'entry',
178
                },
179
                '2': {
180
                    'id': '2',
181
                    'default': 'no',
182
                    'description': 'Description',
183
                    'name': (  # pylint: disable=line-too-long
184
                        'Do not randomize the  order  in  which ports are'
185
                        ' scanned'
186
                    ),
187
                    'type': 'checkbox',
188
                },
189
            },
190
            'refs': {
191
                'bid': [''],
192
                'cve': [''],
193
                'xref': ['URL:http://www.mantisbt.org/'],
194
            },
195
        }
196
197
        vthelper = VtHelper(dummy.nvti)
198
199
        res = vthelper.get_single_vt("1.3.6.1.4.1.25623.1.0.100061")
200
        assert_called_once(dummy.nvti.get_nvt_metadata)
201
202
        severities = res.get('severities')
203
        self.assertEqual(
204
            "AV:N/AC:L/Au:N/C:N/I:N/A:N",
205
            severities.get('severity_base_vector'),
206
        )
207
        self.assertEqual("cvss_base_v2", severities.get('severity_type'))
208
        self.assertEqual(None, severities.get('severity_origin'))
209
        self.assertEqual("1237458156", severities.get('severity_date'))
210
211
    def test_get_severity_score_v2(self):
212
        dummy = DummyDaemon()
213
        vthelper = VtHelper(dummy.nvti)
214
        vtaux = {
215
            'severities': {
216
                'severity_type': 'cvss_base_v2',
217
                'severity_base_vector': 'AV:N/AC:L/Au:N/C:P/I:N/A:N',
218
            }
219
        }
220
221
        self.assertEqual(vthelper.get_severity_score(vtaux), 5.0)
222
223
    def test_get_severity_score_v3(self):
224
        dummy = DummyDaemon()
225
        vthelper = VtHelper(dummy.nvti)
226
        vtaux = {
227
            'severities': {
228
                'severity_type': 'cvss_base_v3',
229
                'severity_base_vector': (
230
                    'CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:L'
231
                ),
232
            }
233
        }
234
235
        self.assertEqual(vthelper.get_severity_score(vtaux), 2.9)
236