Merge pull request #4300 from anneborcherding/fix/webscanner-helper

[contrib addons] updated imports and style.
This commit is contained in:
Maximilian Hils 2020-11-20 10:06:13 +01:00 committed by GitHub
commit e36c790d55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 18 additions and 9 deletions

View File

@ -7,6 +7,8 @@ Unreleased: mitmproxy next
* Fix query parameters in asgiapp addon (@jpstotz)
* Fix command history failing on file IO errors (@Kriechi)
* Deprecation of pathod and pathoc tools and modules. Future releases might not contain them! (@Kriechi)
* Addon to suppress unwanted error messages sent by mitmproxy. (@anneborcherding)
* Updated imports and styles for web scanner helper addons. (@anneborcherding)
* --- TODO: add new PRs above this line ---

View File

@ -6,7 +6,7 @@ from typing import Dict
from bs4 import BeautifulSoup
from mitmproxy.http import HTTPFlow
from examples.complex.webscanner_helper.urldict import URLDict
from examples.contrib.webscanner_helper.urldict import URLDict
NO_CONTENT = object()

View File

@ -30,6 +30,7 @@ def randomString(string_length=10):
class AuthorizationOracle(abc.ABC):
"""Abstract class for an authorization oracle which decides if a given request or response is authenticated."""
@abc.abstractmethod
def is_unauthorized_request(self, flow: mitmproxy.http.HTTPFlow) -> bool:
pass
@ -48,6 +49,7 @@ class SeleniumAddon:
created. This class needs to include the concrete selenium actions necessary to authenticate against the web
application. In addition, an authentication oracle which inherits from AuthorizationOracle should be created.
"""
def __init__(self, fltr: str, domain: str,
auth_oracle: AuthorizationOracle):
self.filter = flowfilter.parse(fltr)

View File

@ -5,7 +5,7 @@ from unittest.mock import MagicMock
from mitmproxy.test import tflow
from mitmproxy.test import tutils
from examples.complex.webscanner_helper.mapping import MappingAddon, MappingAddonConfig
from examples.contrib.webscanner_helper.mapping import MappingAddon, MappingAddonConfig
class TestConfig:

View File

@ -7,7 +7,8 @@ from mitmproxy.test import tflow
from mitmproxy.test import tutils
from mitmproxy.http import HTTPFlow
from examples.complex.webscanner_helper.proxyauth_selenium import logger, randomString, AuthorizationOracle, SeleniumAddon
from examples.contrib.webscanner_helper.proxyauth_selenium import logger, randomString, AuthorizationOracle, \
SeleniumAddon
class TestRandomString:
@ -104,7 +105,8 @@ class TestSeleniumAddon:
f = tflow.tflow(resp=tutils.tresp())
f.request.url = "http://example.com/login.php"
selenium_addon.set_cookies = False
with mock.patch('examples.complex.webscanner_helper.proxyauth_selenium.SeleniumAddon.login', return_value=[]) as mock_login:
with mock.patch('examples.complex.webscanner_helper.proxyauth_selenium.SeleniumAddon.login',
return_value=[]) as mock_login:
selenium_addon.response(f)
mock_login.assert_called()

View File

@ -1,5 +1,5 @@
from mitmproxy.test import tflow, tutils
from examples.complex.webscanner_helper.urldict import URLDict
from examples.contrib.webscanner_helper.urldict import URLDict
url = "http://10.10.10.10"
new_content_body = "New Body"

View File

@ -8,7 +8,8 @@ from unittest.mock import patch
from mitmproxy.test import tflow
from mitmproxy.test import tutils
from examples.complex.webscanner_helper.urlindex import UrlIndexWriter, SetEncoder, JSONUrlIndexWriter, TextUrlIndexWriter, WRITER, \
from examples.contrib.webscanner_helper.urlindex import UrlIndexWriter, SetEncoder, JSONUrlIndexWriter, \
TextUrlIndexWriter, WRITER, \
filter_404, \
UrlIndexAddon

View File

@ -5,7 +5,8 @@ from mitmproxy import flowfilter
from mitmproxy.test import tflow
from mitmproxy.test import tutils
from examples.complex.webscanner_helper.urlinjection import InjectionGenerator, HTMLInjection, RobotsInjection, SitemapInjection, \
from examples.contrib.webscanner_helper.urlinjection import InjectionGenerator, HTMLInjection, RobotsInjection, \
SitemapInjection, \
UrlInjectionAddon, logger
index = json.loads(

View File

@ -8,7 +8,7 @@ from mitmproxy.test import tflow
from mitmproxy.test import tutils
import multiprocessing
from examples.complex.webscanner_helper.watchdog import WatchdogAddon, logger
from examples.contrib.webscanner_helper.watchdog import WatchdogAddon, logger
class TestWatchdog:

View File

@ -14,6 +14,7 @@ def f_id(x):
class URLDict(MutableMapping):
"""Data structure to store information using filters as keys."""
def __init__(self):
self.store: Dict[flowfilter.TFilter, Any] = {}