| skipped 16 lines |
17 | 17 | | |
18 | 18 | | import static com.google.common.truth.Truth.assertThat; |
19 | 19 | | import static com.google.common.truth.Truth8.assertThat; |
| 20 | + | import static com.google.common.truth.extensions.proto.ProtoTruth.assertThat; |
20 | 21 | | |
21 | 22 | | import com.google.common.collect.ImmutableList; |
| 23 | + | import com.google.common.collect.Lists; |
22 | 24 | | import com.google.inject.AbstractModule; |
23 | 25 | | import com.google.inject.Guice; |
24 | 26 | | import com.google.inject.multibindings.MapBinder; |
| skipped 15 lines |
40 | 42 | | import com.google.tsunami.plugin.testing.FakeVulnDetectorBootstrapModule2; |
41 | 43 | | import com.google.tsunami.proto.DetectionReportList; |
42 | 44 | | import com.google.tsunami.proto.FingerprintingReport; |
| 45 | + | import com.google.tsunami.proto.MatchedPlugin; |
43 | 46 | | import com.google.tsunami.proto.NetworkService; |
44 | 47 | | import com.google.tsunami.proto.ReconnaissanceReport; |
45 | 48 | | import com.google.tsunami.proto.Software; |
46 | 49 | | import com.google.tsunami.proto.TargetInfo; |
| 50 | + | import com.google.tsunami.proto.TargetServiceName; |
| 51 | + | import com.google.tsunami.proto.TargetSoftware; |
47 | 52 | | import com.google.tsunami.proto.TransportProtocol; |
| 53 | + | import java.util.List; |
48 | 54 | | import java.util.Optional; |
49 | 55 | | import org.junit.Test; |
50 | 56 | | import org.junit.runner.RunWith; |
| skipped 420 lines |
471 | 477 | | .containsExactly(FakeRemoteVulnDetector.class, FakeRemoteVulnDetector.class); |
472 | 478 | | } |
473 | 479 | | |
| 480 | + | @Test |
| 481 | + | public void |
| 482 | + | getVulnDetectors_whenRemoteDetectorServiceNameFilterHasMatchingService_returnsMatchedService() { |
| 483 | + | NetworkService httpService = |
| 484 | + | NetworkService.newBuilder() |
| 485 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 80)) |
| 486 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 487 | + | .setServiceName("http") |
| 488 | + | .build(); |
| 489 | + | NetworkService httpsService = |
| 490 | + | NetworkService.newBuilder() |
| 491 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 443)) |
| 492 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 493 | + | .setServiceName("https") |
| 494 | + | .build(); |
| 495 | + | NetworkService noNameService = |
| 496 | + | NetworkService.newBuilder() |
| 497 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 12345)) |
| 498 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 499 | + | .build(); |
| 500 | + | ReconnaissanceReport fakeReconnaissanceReport = |
| 501 | + | ReconnaissanceReport.newBuilder() |
| 502 | + | .setTargetInfo(TargetInfo.getDefaultInstance()) |
| 503 | + | .addNetworkServices(httpService) |
| 504 | + | .addNetworkServices(httpsService) |
| 505 | + | .addNetworkServices(noNameService) |
| 506 | + | .build(); |
| 507 | + | PluginManager pluginManager = |
| 508 | + | Guice.createInjector( |
| 509 | + | new FakePortScannerBootstrapModule(), |
| 510 | + | new FakeServiceFingerprinterBootstrapModule(), |
| 511 | + | FakeFilteringRemoteDetector.getModule()) |
| 512 | + | .getInstance(PluginManager.class); |
| 513 | + | |
| 514 | + | ImmutableList<PluginMatchingResult<VulnDetector>> vulnDetectors = |
| 515 | + | pluginManager.getVulnDetectors(fakeReconnaissanceReport); |
| 516 | + | |
| 517 | + | assertThat(vulnDetectors).hasSize(1); |
| 518 | + | ImmutableList<MatchedPlugin> matchedResult = |
| 519 | + | ((FakeFilteringRemoteDetector) vulnDetectors.get(0).tsunamiPlugin()).getMatchedPlugins(); |
| 520 | + | assertThat(matchedResult).isNotEmpty(); |
| 521 | + | assertThat(matchedResult.get(0).getPlugin()) |
| 522 | + | .isEqualTo(FakeFilteringRemoteDetector.getHttpServiceDefinition()); |
| 523 | + | assertThat(matchedResult.get(0).getServicesList()).containsExactly(httpService, noNameService); |
| 524 | + | } |
| 525 | + | |
| 526 | + | @Test |
| 527 | + | public void getVulnDetectors_whenRemoteDetectorWithServiceNameHasNoMatch_returnsNoServices() { |
| 528 | + | NetworkService httpsService = |
| 529 | + | NetworkService.newBuilder() |
| 530 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 443)) |
| 531 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 532 | + | .setServiceName("https") |
| 533 | + | .build(); |
| 534 | + | ReconnaissanceReport fakeReconnaissanceReport = |
| 535 | + | ReconnaissanceReport.newBuilder() |
| 536 | + | .setTargetInfo(TargetInfo.getDefaultInstance()) |
| 537 | + | .addNetworkServices(httpsService) |
| 538 | + | .build(); |
| 539 | + | PluginManager pluginManager = |
| 540 | + | Guice.createInjector( |
| 541 | + | new FakePortScannerBootstrapModule(), |
| 542 | + | new FakeServiceFingerprinterBootstrapModule(), |
| 543 | + | FakeFilteringRemoteDetector.getModule()) |
| 544 | + | .getInstance(PluginManager.class); |
| 545 | + | |
| 546 | + | ImmutableList<PluginMatchingResult<VulnDetector>> vulnDetectors = |
| 547 | + | pluginManager.getVulnDetectors(fakeReconnaissanceReport); |
| 548 | + | |
| 549 | + | assertThat(vulnDetectors).hasSize(1); |
| 550 | + | ImmutableList<MatchedPlugin> matchedResult = |
| 551 | + | ((FakeFilteringRemoteDetector) vulnDetectors.get(0).tsunamiPlugin()).getMatchedPlugins(); |
| 552 | + | assertThat(matchedResult.get(0).getServicesList()).isEmpty(); |
| 553 | + | } |
| 554 | + | |
| 555 | + | @Test |
| 556 | + | public void |
| 557 | + | getVulnDetectors_whenRemoteDetectorSoftwareFilterHasMatchingService_returnsMatchedService() { |
| 558 | + | NetworkService wordPressService = |
| 559 | + | NetworkService.newBuilder() |
| 560 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 80)) |
| 561 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 562 | + | .setServiceName("http") |
| 563 | + | .setSoftware(Software.newBuilder().setName("WordPress")) |
| 564 | + | .build(); |
| 565 | + | NetworkService jenkinsService = |
| 566 | + | NetworkService.newBuilder() |
| 567 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 443)) |
| 568 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 569 | + | .setServiceName("https") |
| 570 | + | .setSoftware(Software.newBuilder().setName("Jenkins")) |
| 571 | + | .build(); |
| 572 | + | NetworkService noNameService = |
| 573 | + | NetworkService.newBuilder() |
| 574 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 12345)) |
| 575 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 576 | + | .build(); |
| 577 | + | ReconnaissanceReport fakeReconnaissanceReport = |
| 578 | + | ReconnaissanceReport.newBuilder() |
| 579 | + | .setTargetInfo(TargetInfo.getDefaultInstance()) |
| 580 | + | .addNetworkServices(wordPressService) |
| 581 | + | .addNetworkServices(jenkinsService) |
| 582 | + | .addNetworkServices(noNameService) |
| 583 | + | .build(); |
| 584 | + | PluginManager pluginManager = |
| 585 | + | Guice.createInjector( |
| 586 | + | new FakePortScannerBootstrapModule(), |
| 587 | + | new FakeServiceFingerprinterBootstrapModule(), |
| 588 | + | FakeFilteringRemoteDetector.getModule()) |
| 589 | + | .getInstance(PluginManager.class); |
| 590 | + | |
| 591 | + | ImmutableList<PluginMatchingResult<VulnDetector>> vulnDetectors = |
| 592 | + | pluginManager.getVulnDetectors(fakeReconnaissanceReport); |
| 593 | + | |
| 594 | + | assertThat(vulnDetectors).hasSize(1); |
| 595 | + | ImmutableList<MatchedPlugin> matchedResult = |
| 596 | + | ((FakeFilteringRemoteDetector) vulnDetectors.get(0).tsunamiPlugin()).getMatchedPlugins(); |
| 597 | + | assertThat(matchedResult).hasSize(2); |
| 598 | + | assertThat(matchedResult.get(1).getPlugin()) |
| 599 | + | .isEqualTo(FakeFilteringRemoteDetector.getJenkinsServiceDefinition()); |
| 600 | + | assertThat(matchedResult.get(1).getServicesList()) |
| 601 | + | .containsExactly(jenkinsService, noNameService); |
| 602 | + | } |
| 603 | + | |
| 604 | + | @Test |
| 605 | + | public void |
| 606 | + | getVulnDetectors_whenRemoteDetectorWithSoftwareFilterHasNoMatchingService_returnsNoServices() { |
| 607 | + | NetworkService wordPressService = |
| 608 | + | NetworkService.newBuilder() |
| 609 | + | .setNetworkEndpoint(NetworkEndpointUtils.forIpAndPort("1.1.1.1", 443)) |
| 610 | + | .setTransportProtocol(TransportProtocol.TCP) |
| 611 | + | .setServiceName("https") |
| 612 | + | .setSoftware(Software.newBuilder().setName("WordPress")) |
| 613 | + | .build(); |
| 614 | + | ReconnaissanceReport fakeReconnaissanceReport = |
| 615 | + | ReconnaissanceReport.newBuilder() |
| 616 | + | .setTargetInfo(TargetInfo.getDefaultInstance()) |
| 617 | + | .addNetworkServices(wordPressService) |
| 618 | + | .build(); |
| 619 | + | PluginManager pluginManager = |
| 620 | + | Guice.createInjector( |
| 621 | + | new FakePortScannerBootstrapModule(), |
| 622 | + | new FakeServiceFingerprinterBootstrapModule(), |
| 623 | + | FakeFilteringRemoteDetector.getModule()) |
| 624 | + | .getInstance(PluginManager.class); |
| 625 | + | |
| 626 | + | ImmutableList<PluginMatchingResult<VulnDetector>> vulnDetectors = |
| 627 | + | pluginManager.getVulnDetectors(fakeReconnaissanceReport); |
| 628 | + | |
| 629 | + | assertThat(vulnDetectors).hasSize(1); |
| 630 | + | ImmutableList<MatchedPlugin> matchedResult = |
| 631 | + | ((FakeFilteringRemoteDetector) vulnDetectors.get(0).tsunamiPlugin()).getMatchedPlugins(); |
| 632 | + | assertThat(matchedResult).hasSize(2); |
| 633 | + | assertThat(matchedResult.get(0).getServicesCount()).isEqualTo(0); |
| 634 | + | assertThat(matchedResult.get(1).getServicesCount()).isEqualTo(0); |
| 635 | + | } |
| 636 | + | |
474 | 637 | | @PluginInfo( |
475 | 638 | | type = PluginType.SERVICE_FINGERPRINT, |
476 | 639 | | name = "NoAnnotationFingerprinter", |
| skipped 100 lines |
577 | 740 | | @Override |
578 | 741 | | protected void configurePlugin() { |
579 | 742 | | registerPlugin(FakeSoftwareFilteringDetector.class); |
| 743 | + | } |
| 744 | + | } |
| 745 | + | } |
| 746 | + | |
| 747 | + | @PluginInfo( |
| 748 | + | type = PluginType.REMOTE_VULN_DETECTION, |
| 749 | + | name = "FakeFilteringRemoteDetector", |
| 750 | + | version = "v0.1", |
| 751 | + | description = "A fake RemoteVulnDetector.", |
| 752 | + | author = "fake", |
| 753 | + | bootstrapModule = |
| 754 | + | FakeFilteringRemoteDetector.FakeFilteringRemoteDetectorBootstrapModule.class) |
| 755 | + | private static final class FakeFilteringRemoteDetector implements RemoteVulnDetector { |
| 756 | + | |
| 757 | + | private final List<MatchedPlugin> matchedPlugins; |
| 758 | + | |
| 759 | + | FakeFilteringRemoteDetector() { |
| 760 | + | matchedPlugins = Lists.newArrayList(); |
| 761 | + | } |
| 762 | + | |
| 763 | + | public ImmutableList<MatchedPlugin> getMatchedPlugins() { |
| 764 | + | return ImmutableList.copyOf(matchedPlugins); |
| 765 | + | } |
| 766 | + | |
| 767 | + | @Override |
| 768 | + | public DetectionReportList detect( |
| 769 | + | TargetInfo targetInfo, ImmutableList<NetworkService> matchedServices) { |
| 770 | + | return null; |
| 771 | + | } |
| 772 | + | |
| 773 | + | @Override |
| 774 | + | public ImmutableList<com.google.tsunami.proto.PluginDefinition> getAllPlugins() { |
| 775 | + | return ImmutableList.of(getHttpServiceDefinition(), getJenkinsServiceDefinition()); |
| 776 | + | } |
| 777 | + | |
| 778 | + | @Override |
| 779 | + | public void addMatchedPluginToDetect(MatchedPlugin plugin) { |
| 780 | + | matchedPlugins.add(plugin); |
| 781 | + | } |
| 782 | + | |
| 783 | + | static com.google.tsunami.proto.PluginDefinition getHttpServiceDefinition() { |
| 784 | + | return com.google.tsunami.proto.PluginDefinition.newBuilder() |
| 785 | + | .setInfo( |
| 786 | + | com.google.tsunami.proto.PluginInfo.newBuilder() |
| 787 | + | .setType(com.google.tsunami.proto.PluginInfo.PluginType.VULN_DETECTION) |
| 788 | + | .setName("FakeHttpServiceVuln") |
| 789 | + | .setVersion("v0.1") |
| 790 | + | .setDescription("A fake VulnDetector.") |
| 791 | + | .setAuthor("fake")) |
| 792 | + | .setTargetServiceName(TargetServiceName.newBuilder().addValue("http")) |
| 793 | + | .build(); |
| 794 | + | } |
| 795 | + | |
| 796 | + | static com.google.tsunami.proto.PluginDefinition getJenkinsServiceDefinition() { |
| 797 | + | return com.google.tsunami.proto.PluginDefinition.newBuilder() |
| 798 | + | .setInfo( |
| 799 | + | com.google.tsunami.proto.PluginInfo.newBuilder() |
| 800 | + | .setType(com.google.tsunami.proto.PluginInfo.PluginType.VULN_DETECTION) |
| 801 | + | .setName("FakeJenkinsVuln") |
| 802 | + | .setVersion("v0.1") |
| 803 | + | .setDescription("A fake VulnDetector") |
| 804 | + | .setAuthor("fake")) |
| 805 | + | .setTargetSoftware(TargetSoftware.newBuilder().setName("Jenkins")) |
| 806 | + | .build(); |
| 807 | + | } |
| 808 | + | |
| 809 | + | static FakeFilteringRemoteDetectorBootstrapModule getModule() { |
| 810 | + | return new FakeFilteringRemoteDetectorBootstrapModule(); |
| 811 | + | } |
| 812 | + | |
| 813 | + | private static final class FakeFilteringRemoteDetectorBootstrapModule |
| 814 | + | extends PluginBootstrapModule { |
| 815 | + | @Override |
| 816 | + | protected void configurePlugin() { |
| 817 | + | registerPlugin(FakeFilteringRemoteDetector.class); |
580 | 818 | | } |
581 | 819 | | } |
582 | 820 | | } |
| skipped 25 lines |