public void ExecuteCommand_CommandReturnsObject_SameObjectIsReturnedToCaller()
{
TestResult result = ExecutionWrapper.ExecuteCommand <TestResult>(
() => new TestResult(TestString));
Assert.AreEqual(TestString, result.Detail);
}
public void ExecuteCommand_CommandThrowsAxeWindowsAutomationException_StackTraceIsComplete()
{
try
{
ExecutionWrapper.ExecuteCommand <TestResult>(ThrowAxeWindowsAutomationException);
}
catch (AxeWindowsAutomationException e)
{
Assert.IsTrue(e.StackTrace.Contains("ThrowAxeWindowsAutomationException"), "Stack Trace information has been lost");
throw;
}
}
public void ExecuteCommand_CommandIsNull_ThrowsInnerNullReferenceException_Automation003InMessage()
{
try
{
ExecutionWrapper.ExecuteCommand <TestResult>(null);
}
catch (AxeWindowsAutomationException ex)
{
Assert.IsInstanceOfType(ex.InnerException, typeof(NullReferenceException));
Assert.IsTrue(ex.Message.Contains(" Automation003:"));
}
}
/// <summary>
/// Execute the Stop command. Used by both .NET and by PowerShell entry points
/// </summary>
/// <returns>A StopCommandResult that describes the result of the command</returns>
public static StopCommandResult Execute()
{
return(ExecutionWrapper.ExecuteCommand(() =>
{
AutomationSession.ClearInstance();
return new StopCommandResult
{
Completed = true,
SummaryMessage = DisplayStrings.SuccessStop,
Succeeded = true,
};
}, ErrorCommandResultFactory));
}
public void ExecuteCommand_CommandIsNull_CallsErrorFactory_Automation003InDetail()
{
TestResult result = ExecutionWrapper.ExecuteCommand <TestResult>(
null,
(errorDetail) =>
{
return(new TestResult(errorDetail, true));
});
Assert.IsTrue(result.IsError);
Assert.IsTrue(result.Detail.Contains(" Automation003:"));
Assert.IsTrue(result.Detail.Contains("System.NullReferenceException"));
}
public void ExecuteCommand_CommandThrowsAutomationException_TestStringInMessage()
{
try
{
ExecutionWrapper.ExecuteCommand <TestResult>(
() =>
{
throw new AxeWindowsAutomationException(TestString);
});
}
catch (AxeWindowsAutomationException ex)
{
Assert.AreEqual(TestString, ex.Message);
}
}
public void ExecuteCommand_CommandThrowsAutomationException_CallsErrorFactory_Automation003InDetail()
{
TestResult result = ExecutionWrapper.ExecuteCommand <TestResult>(
() =>
{
throw new A11yAutomationException(TestString);
},
(errorDetail) =>
{
return(new TestResult(errorDetail, true));
});
Assert.IsTrue(result.IsError);
Assert.AreEqual(TestString, result.Detail);
}
public void ExecuteCommand_CommandThrowsNonAutomationException_WrapsInAutomationException_Automation003InMessage()
{
try
{
ExecutionWrapper.ExecuteCommand <TestResult>(
() =>
{
throw new ArgumentException(TestString);
});
}
catch (AxeWindowsAutomationException ex)
{
Assert.IsInstanceOfType(ex.InnerException, typeof(ArgumentException));
Assert.IsTrue(ex.Message.Contains(" Automation003:"));
Assert.IsTrue(ex.Message.Contains(TestString));
}
}
public void ExecuteCommand_CommandThrowsNonAutomationException_CallsErrorFactory_Automation003InDetail()
{
TestResult result = ExecutionWrapper.ExecuteCommand <TestResult>(
() =>
{
throw new ArgumentException(TestString);
},
(errorDetail) =>
{
return(new TestResult(errorDetail, true));
});
Assert.IsTrue(result.IsError);
Assert.IsTrue(result.Detail.Contains(" Automation003:"));
Assert.IsTrue(result.Detail.Contains("System.ArgumentException"));
Assert.IsTrue(result.Detail.Contains(TestString));
}
public override async Task <PluginResult> Execute(PluginPointerModel pointer, string workingDirectory)
{
Logger = Extensions.LogFactory.CreateLogger("OwaspZap@" + pointer.Resource.ResourceId);
Logger.LogInformation("Starting OWASP ZAP plugin against Resource {0} with working directory {1}",
pointer.Resource?.ResourceId, workingDirectory);
var httpTarget = ResourceManager.Instance.GetByPointer(pointer.Resource) as HttpResource;
var wrapper = new ExecutionWrapper();
string pyScript;
if (GetOption(pointer.PluginParameters, "aggressive") == "false")
{
pyScript = "zap-baseline.py";
}
else
{
pyScript = "zap-full-scan.py";
}
Logger.LogDebug("Using scanner script {0} (aggressive option is {1})", pyScript,
GetOption(pointer.PluginParameters, "aggressive"));
var dockerCommandTemplate = "docker run " +
"-v {0}:/zap/wrk:rw " +
"-u zap " +
"-i ictu/zap2docker-weekly " +
"{1} -t {2} -J {3} -r {4} ";
if (GetOption(pointer.PluginParameters, "useajaxspider") == "true")
{
dockerCommandTemplate += "-j ";
}
Logger.LogDebug("Invoking command " + dockerCommandTemplate,
workingDirectory, pyScript, httpTarget.Url, JSON_REPORT_FILE, HTML_REPORT_FILE);
wrapper.Command = string.Format(dockerCommandTemplate,
workingDirectory, pyScript, httpTarget.Url, JSON_REPORT_FILE, HTML_REPORT_FILE);
wrapper.Process.OutputDataReceived += (s, e) => Logger.LogInformation(e.Data);
wrapper.Process.ErrorDataReceived += (s, e) => Logger.LogDebug(e.Data);
await wrapper.Start(pointer);
Logger.LogInformation("Completed OWASP ZAP scanner runtime execution in {0}", wrapper.ExecutionTime);
return(new OwaspZapPluginResult(pointer, workingDirectory));
}
public override Task <PluginResult> Execute(PluginPointerModel pointer, string workingDirectory)
{
var sw = new Stopwatch();
sw.Start();
var rng = new Random((int)DateTime.Now.Ticks);
var v = 0;
var g = 0;
while (v < 50)
{
g++;
Thread.Sleep(rng.Next(500, 2000));
v += rng.Next(2, 10);
Logger.LogInformation("Generation {0} -- {1}/100", g, v);
var exec = new ExecutionWrapper("echo This is a test of the echo back");
exec.Process.OutputDataReceived += (s, e) =>
{
if (e.Data != null)
{
Logger.LogCritical("RECEIVED DATA: {1}", e.Data);
}
};
var task = exec.Start(pointer);
task.Wait();
}
sw.Stop();
Logger.LogInformation("Completed in {0}", sw.Elapsed);
return(Task.FromResult((PluginResult) new DummyPluginResult(pointer, workingDirectory)
{
Generations = g,
Duration = sw.Elapsed
}));
}
