nasl-pedant 0.1.1 → 0.1.2

data/test/unit/checks/test_script_not_signed_and_using_secret_kb_item.rb

@@ -0,0 +1,251 @@
+################################################################################
+# Copyright (c) 2016, Tenable Network Security
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+#    list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+#    this list of conditions and the following disclaimer in the documentation
+#    and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+################################################################################
+
+class TestScriptNotSignedAndUsingSecretKBItem < Test::Unit::TestCase
+  include Pedant::Test
+
+  def test_get_kb_item_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|get_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_kb_item_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|get_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_rm_kb_item_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|rm_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_rm_kb_item_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|rm_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_kb_list_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|get_kb_list("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_kb_list_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|get_kb_list("Secret/SSH/Username");|
+    )
+  end
+
+  def test_replace_kb_item_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|replace_kb_item(name:"Secret/SSH/Username", value:"yoda");|
+    )
+  end
+
+  def test_replace_kb_item_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|replace_kb_item(name:"Secret/SSH/Username", value:"yoda");|
+    )
+  end
+
+  def test_set_kb_item_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|set_kb_item(name:"Secret/SSH/Username", value:"yoda");|
+    )
+  end
+
+  def test_set_kb_item_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|set_kb_item(name:"Secret/SSH/Username", value:"yoda");|
+    )
+  end
+
+  def test_script_require_keys_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|script_require_keys("Secret/SSH/Username");|
+    )
+  end
+
+  def test_script_require_keys_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|script_require_keys("Secret/SSH/Username");|
+    )
+  end
+
+  def test_set_global_kb_item_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|set_global_kb_item(name:"Secret/SSH/Username", value:"yoda");|
+    )
+  end
+
+  def test_set_global_kb_item_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|set_global_kb_item(name:"Secret/SSH/Username", value:"yoda");|
+    )
+  end
+
+  def test_get_global_kb_item_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|get_global_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_global_kb_item_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|get_global_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_global_kb_list_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|get_global_kb_list("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_global_kb_list_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|get_global_kb_list("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_kb_item_or_exit_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|get_kb_item_or_exit("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_kb_item_or_exit_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|get_kb_item_or_exit("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_fresh_kb_item_and_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|get_fresh_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_fresh_kb_item_and_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|get_fresh_kb_item("Secret/SSH/Username");|
+    )
+  end
+
+  def test_set_kb_item_value_first_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|set_kb_item(value:20, name:"Secret/SSH/Username");|
+    )
+  end
+
+  def test_set_kb_item_value_first_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|set_kb_item(value:20, name:"Secret/SSH/Username");|
+    )
+  end
+
+  def test_get_kb_item_name_expr_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|#TRUSTED blah| +
+      %q|get_kb_item(name:"Secret/"+var+"lol");|
+    )
+  end
+
+  def test_get_kb_item_name_expr_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingSecretKBItem,
+      %q|get_kb_item(name:"Secret/"+var+"lol");|
+    )
+  end
+
+end

data/test/unit/checks/test_script_not_signed_and_using_trusted_functions.rb

@@ -0,0 +1,89 @@
+################################################################################
+# Copyright (c) 2016, Tenable Network Security
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+#    list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+#    this list of conditions and the following disclaimer in the documentation
+#    and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+################################################################################
+
+class TestScriptNotSignedAndUsingTrustedFunction < Test::Unit::TestCase
+  include Pedant::Test
+
+  def test_bind_sock_tcp_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingTrustedFunction,
+      %q|var = bind_sock_tcp();|
+    )
+  end
+
+  def test_bind_sock_tcp_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingTrustedFunction,
+      %q|#TRUSTED blah| +
+      %q|var = bind_sock_tcp();|
+    )
+  end
+
+  def test_exec_cmds_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingTrustedFunction,
+      %q|var = exec_cmds(cmds:"lol");|
+    )
+  end
+
+  def test_exec_cmds_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingTrustedFunction,
+      %q|#TRUSTED blah| +
+      %q|var = exec_cmds(cmds:"lol");|
+    )
+  end
+
+  def test_http_send_recv3_with_target_not_signed
+    check(
+      :fail,
+      :CheckScriptNotSignedAndUsingTrustedFunction,
+      %q|var = http_send_recv3(target:blah);|
+    )
+  end
+
+  def test_http_send_recv3_with_target_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingTrustedFunction,
+      %q|#TRUSTED blah| +
+      %q|var = http_send_recv3(target:blah);|
+    )
+  end
+
+  def test_http_send_recv3_without_target_not_signed
+    check(
+      :pass,
+      :CheckScriptNotSignedAndUsingTrustedFunction,
+      %q|var = http_send_recv3(something:blah, something_else:blah2);|
+    )
+  end
+
+end

data/test/unit/checks/test_socket_leak.rb

@@ -0,0 +1,174 @@
+################################################################################
+# Copyright (c) 2016, Tenable Network Security
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+#    list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+#    this list of conditions and the following disclaimer in the documentation
+#    and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+################################################################################
+
+class TestSockLeak < Test::Unit::TestCase
+  include Pedant::Test
+
+  def test_none
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q||
+    )
+  end
+  
+  def test_simple_no_close
+    check(
+      :warn,
+      :CheckSocketLeak,
+      %q|soc = open_sock_tcp(8080); exit(0);|
+    )
+  end
+  
+  def test_good_close
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|soc = open_sock_tcp(8080); close(soc);|
+    )
+  end
+  
+   def test_wrong_handle_close
+    check(
+      :warn,
+      :CheckSocketLeak,
+      %q|soc = open_sock_tcp(8080); close(sock);|
+    )
+  end
+
+   def test_local_var_no_close
+    check(
+      :warn,
+      :CheckSocketLeak,
+      %q|local_var soc = open_sock_tcp(8080); exit(0);|
+    )
+  end
+  
+  def test_local_var_close
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|local_var soc = open_sock_tcp(8080); close(soc);|
+    )
+  end
+
+  def test_local_var_close_wrong_handle
+    check(
+      :warn,
+      :CheckSocketLeak,
+      %q|local_var soc = open_sock_tcp(8080); close(sock);|
+    )
+  end
+  
+  # To avoid false positives the check won't mark returned sockets as leaks
+  def test_created_socket_returned
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|soc = open_sock_tcp(8080); return soc;|
+    )
+  end
+
+  def test_local_if_close
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|local_var soc = open_sock_tcp(8080); if (soc) close(soc); exit(0);|
+    )
+  end
+
+  def test_block_if_close
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|local_var soc = open_sock_tcp(8080); if (soc) { local_var test = 0; close(soc); } exit(0);|
+    )
+  end
+
+  def test_ftp_close
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|{ soc = open_sock_tcp(8080); ftp_close(soc); exit(0); };|
+    )
+  end
+  
+  def test_smtp_close
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|{ soc = open_sock_tcp(8080); smtp_close(soc); exit(0); };|
+    )
+  end
+  
+  def test_http_open_close
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|{ soc = http_open_socket(8080); http_close_socket(soc); exit(0); };|
+    )
+  end
+  
+  def test_http_leak
+    check(
+      :warn,
+      :CheckSocketLeak,
+      %q|{ soc = http_open_socket(8080); exit(0); };|
+    )
+  end
+
+  def ignore_smb
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|{ soc = http_open_socket(8080); session_init(0); };|
+    )
+  end
+  
+  def ignore_ssh
+    check(
+      :pass,
+      :CheckSocketLeak,
+      %q|{ soc = open_sock_tcp(8080); ssh_close_connection(); };|
+    )
+  end
+
+  def test_ignore_soc_check
+    check(
+      :warn,
+      :CheckSocketLeak,
+      %q|{ soc = http_open_socket(8080); if (!soc) close(soc); exit(0); };|
+    )
+  end
+
+  def test_check_early_exit
+    check(
+      :warn,
+      :CheckSocketLeak,
+      %q|{ soc = open_sock_tcp(8080); if(test()) exit(1); close(soc); };|
+    )
+  end
+end