Contents

require File.dirname(__FILE__) + '/../lib/yawast'
require File.dirname(__FILE__) + '/base'

class TestScannerApache < Minitest::Test
  include TestBase

  def test_check_tomcat_put_rce
    override_stdout

    port = rand(60000) + 1024 # pick a random port number
    server = start_web_server File.dirname(__FILE__) + '/data/apache_server_info.txt', '', port
    uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])

    error = nil
    begin
      Yawast::Scanner::Plugins::Servers::Apache.check_tomcat_put_rce uri
    rescue => e
      error = e.message
    end

    assert !stdout_value.include?('[V]'), "Unexpected finding: #{stdout_value}"
    assert error == nil, "Unexpected error: #{error}"

    restore_stdout

    server.exit
  end

  def test_check_struts2_samples
    override_stdout

    port = rand(60000) + 1024 # pick a random port number
    server = start_web_server File.dirname(__FILE__) + '/data/apache_server_info.txt', '', port
    uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])

    error = nil
    begin
      Yawast::Scanner::Plugins::Servers::Apache.check_struts2_samples uri
    rescue => e
      error = e.message
    end

    assert !stdout_value.include?('[W]'), "Unexpected finding: #{stdout_value}"
    assert error == nil, "Unexpected error: #{error}"

    restore_stdout

    server.exit
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version	Path
yawast-0.7.0.beta2	test/test_scan_apache.rb
yawast-0.7.0.beta1	test/test_scan_apache.rb
yawast-0.6.0	test/test_scan_apache.rb
yawast-0.6.0.beta6	test/test_scan_apache.rb
yawast-0.6.0.beta5	test/test_scan_apache.rb