-
Notifications
You must be signed in to change notification settings - Fork 32
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refac: Split vuln modules variables in a new module #2462
- Loading branch information
Showing
2 changed files
with
144 additions
and
140 deletions.
There are no files selected for viewing
144 changes: 144 additions & 0 deletions
144
deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/__init__.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,144 @@ | ||
import os | ||
|
||
from wazuh_testing.tools import WAZUH_PATH | ||
|
||
|
||
VULN_DETECTOR_GLOBAL_TIMEOUT = 20 | ||
VULN_DETECTOR_EXTENDED_GLOBAL_TIMEOUT = 60 | ||
VULN_DETECTOR_SCAN_TIMEOUT = 40 | ||
VULN_DETECTOR_BASELINE_SCAN_TIMEOUT = 90 | ||
DEBIAN_IMPORT_FEED_TIMEOUT = 50 | ||
DOWNLOAD_TIMEOUT = 140 | ||
|
||
DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'db') | ||
CVE_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'vulnerabilities', 'cve.db') | ||
MSU_PATH = os.path.join(WAZUH_PATH, 'queue', 'vulnerabilities', 'dictionaries', 'msu.json.gz') | ||
CPE_HELPER_PATH = os.path.join(WAZUH_PATH, 'queue', 'vulnerabilities', 'dictionaries', 'cpe_helper.json') | ||
DEFAULT_PACKAGE_NAME = "wazuhintegrationpackage" | ||
DEFAULT_VULNERABILITY_ID = "WVE-000" | ||
|
||
MOCKED_AGENT_NAME = 'mocked_agent' | ||
CVE_NUM_TABLES = 24 | ||
|
||
REAL_NVD_FEED = 'real_nvd_feed.json' | ||
CUSTOM_NVD_FEED = 'custom_nvd_feed.json' | ||
CUSTOM_REDHAT_JSON_FEED = 'custom_redhat_json_feed.json' | ||
CUSTOM_REDHAT_OVAL_FEED = 'custom_redhat_oval_feed.xml' | ||
CUSTOM_CANONICAL_OVAL_FEED = 'custom_canonical_oval_feed.xml' | ||
CUSTOM_DEBIAN_OVAL_FEED = 'custom_debian_oval_feed.xml' | ||
CUSTOM_DEBIAN_JSON_FEED = 'custom_debian_json_feed.json' | ||
CUSTOM_NVD_VULNERABILITIES_1 = 'nvd_vulnerabilities_1.json' | ||
CUSTOM_NVD_VULNERABILITIES_2 = 'nvd_vulnerabilities_2.json' | ||
CUSTOM_MSU_JSON_FEED = 'custom_msu.json' | ||
CUSTOM_ARCHLINUX_JSON_FEED = 'custom_archlinux_feed.json' | ||
CUSTOM_ALAS_JSON_FEED = 'custom_alas_feed.json' | ||
CUSTOM_ALAS2_JSON_FEED = 'custom_alas2_feed.json' | ||
INVALID_RHEL_FEEDS_CONF = 'wazuh_invalid_redhat_feed.yaml' | ||
INVALID_CANONICAL_FEEDS_CONF = 'wazuh_invalid_canonical_feed.yaml' | ||
INVALID_ARCHLINUX_FEEDS_CONF = 'wazuh_invalid_archlinux_feed.yaml' | ||
INVALID_DEBIAN_FEEDS_CONF = 'wazuh_invalid_debian_feed.yaml' | ||
INVALID_MSU_FEEDS_CONF = 'wazuh_invalid_msu_feed.yaml' | ||
INVALID_ALAS_FEEDS_CONF = 'wazuh_invalid_alas_feed.yaml' | ||
INVALID_ALAS2_FEEDS_CONF = 'wazuh_invalid_alas2_feed.yaml' | ||
|
||
REDHAT_NUM_CUSTOM_VULNERABILITIES = 1 | ||
CANONICAL_NUM_CUSTOM_VULNERABILITIES = 1 | ||
DEBIAN_NUM_CUSTOM_VULNERABILITIES = 3 | ||
NVD_NUM_CUSTOM_VULNERABILITIES = 5 | ||
ARCH_NUM_CUSTOM_VULNERABILITIES = 50 | ||
ALAS_NUM_CUSTOM_VULNERABILITIES = 36 | ||
ALAS2_NUM_CUSTOM_VULNERABILITIES = 18 | ||
|
||
SYSTEM_DATA = { | ||
'WINDOWS10': {'target': 'WINDOWS10', 'os_name': 'Microsoft Windows Server 2016 Datacenter Evaluation', | ||
'os_major': '10', 'os_minor': '0', 'os_platform': 'windows', 'name': 'windows', 'format': 'win'}, | ||
'MAC': {'target': 'MAC', 'os_name': 'Mac OS X', 'os_major': '10', 'os_minor': '15', 'os_platform': 'darwin', | ||
'name': 'macos-catalina', 'format': 'pkg'}, | ||
'MACS': {'target': 'MAC', 'os_name': 'Mac OS X Server', 'os_major': '5', 'os_minor': '10', 'os_platform': 'darwin', | ||
"name": "macos-server", 'format': 'pkg'}, | ||
'ARCH': {'target': 'ARCH', 'os_name': 'Arch Linux', 'os_major': '', 'os_minor': '', 'os_platform': '', | ||
'name': 'archlinux', 'format': 'rpm'}, | ||
'ALAS': {'target': 'Amazon-Linux', 'os_name': 'Amazon Linux AMI', 'os_major': '2018', 'os_minor': '03', | ||
'os_platform': 'amzn', 'name': 'amazonlinux', 'format': 'rpm'}, | ||
'ALAS2': {'target': 'Amazon-Linux-2', 'os_name': 'Amazon Linux', 'os_major': '2', 'os_minor': '', | ||
'os_platform': 'amzn', 'name': 'amazonlinux2', 'format': 'rpm'}, | ||
'RHEL8': {'target': 'RHEL8', 'os_name': 'CentOS Linux', 'os_major': '8', 'os_minor': '1', 'os_platform': 'centos', | ||
'name': 'centos8', 'format': 'rpm'}, | ||
'RHEL7': {'target': 'RHEL7', 'os_name': 'CentOS Linux', 'os_major': '7', 'os_minor': '1', 'os_platform': 'centos', | ||
'name': 'centos7', 'format': 'rpm'}, | ||
'RHEL6': {'target': 'RHEL6', 'os_name': 'CentOS Linux', 'os_major': '6', 'os_minor': '1', 'os_platform': 'centos', | ||
'name': 'centos6', 'format': 'rpm'}, | ||
'RHEL5': {'target': 'RHEL5', 'os_name': 'CentOS Linux', 'os_major': '5', 'os_minor': '1', 'os_platform': 'centos', | ||
'name': 'centos5', 'format': 'rpm'}, | ||
'BIONIC': {'target': 'BIONIC', 'os_name': 'Ubuntu', 'os_major': '18', 'os_minor': '04', 'os_platform': 'ubuntu', | ||
'name': 'Ubuntu-bionic', 'format': 'deb'}, | ||
'XENIAL': {'target': 'XENIAL', 'os_name': 'Ubuntu', 'os_major': '16', 'os_minor': '04', 'os_platform': 'ubuntu', | ||
'name': 'Ubuntu-xenial', 'format': 'deb'}, | ||
'TRUSTY': {'target': 'TRUSTY', 'os_name': 'Ubuntu', 'os_major': '14', 'os_minor': '04', 'os_platform': 'ubuntu', | ||
'name': 'Ubuntu-trusty', 'format': 'deb'}, | ||
'BUSTER': {'target': 'BUSTER', 'os_name': 'Debian GNU/Linux', 'os_major': '10', 'os_minor': '0', | ||
'os_platform': 'debian', 'name': 'debian10', 'format': 'deb'}, | ||
'STRETCH': {'target': 'STRETCH', 'os_name': 'Debian GNU/Linux', 'os_major': '9', 'os_minor': '0', | ||
'os_platform': 'debian', 'name': 'debian9', 'format': 'deb'} | ||
} | ||
|
||
VENDOR = { | ||
'RHEL8': 'Red Hat, Inc.', | ||
'RHEL7': 'Red Hat, Inc.', | ||
'RHEL6': 'Red Hat, Inc.', | ||
'RHEL5': 'Red Hat, Inc.', | ||
'BIONIC': 'canonical', | ||
'XENIAL': 'canonical', | ||
'TRUSTY': 'canonical', | ||
'BUSTER': 'debian', | ||
'STRETCH': 'debian', | ||
'Amazon-Linux': 'Amazon.com', | ||
'Amazon-Linux-2': 'Amazon.com', | ||
'ARCH': 'Arch Linux', | ||
} | ||
|
||
NVD_LOG = 'National Vulnerability Database' | ||
REDHAT_LOG = 'Red Hat Enterprise Linux' | ||
BIONIC_LOG = 'Ubuntu Bionic' | ||
ARCH_LOG = 'Arch Linux' | ||
ALAS_LOG = 'Amazon Linux 1' | ||
ALAS2_LOG = 'Amazon Linux 2' | ||
BUSTER_LOG = 'Debian Buster' | ||
MSU_LOG = 'Microsoft Security Update' | ||
CUSTOM_MSU = 'custom_msu.json' | ||
CUSTOM_CPE_HELPER = 'custom_cpe_helper.json' | ||
VULNERABILITIES = 'vulnerabilities.json' | ||
|
||
NVD_TABLES = [ | ||
{'name': 'NVD_REFERENCE', 'path': CVE_DB_PATH}, | ||
{'name': 'NVD_METRIC_CVSS', 'path': CVE_DB_PATH}, | ||
{'name': 'NVD_METADATA', 'path': CVE_DB_PATH}, | ||
{'name': 'NVD_CVE_MATCH', 'path': CVE_DB_PATH}, | ||
{'name': 'NVD_CVE_CONFIGURATION', 'path': CVE_DB_PATH}, | ||
{'name': 'NVD_CVE', 'path': CVE_DB_PATH}, | ||
{'name': 'NVD_CPE', 'path': CVE_DB_PATH}, | ||
] | ||
|
||
REDHAT_KEY_FIELDS_FEEDS = ['CVE', 'bugzilla_description', 'affected_packages'] | ||
|
||
XML_FEED_NAMESPACES = [ | ||
{'name': '', 'url': 'http://oval.mitre.org/XMLSchema/oval-definitions-5'}, | ||
{'name': 'ind-def', 'url': 'http://oval.mitre.org/XMLSchema/oval-definitions-5#independent'}, | ||
{'name': 'oval', 'url': 'http://oval.mitre.org/XMLSchema/oval-common-5'}, | ||
{'name': 'unix-def', 'url': 'http://oval.mitre.org/XMLSchema/oval-definitions-5#unix'}, | ||
{'name': 'linux-def', 'url': 'http://oval.mitre.org/XMLSchema/oval-definitions-5#linux'} | ||
] | ||
|
||
VULNERABILITY_DETECTOR_PREFIX = r'.*wazuh-modulesd:vulnerability-detector.*' | ||
VULNERABILITY_DETECTOR_ALERT_PREFIX = r'^vulnerability.*' | ||
|
||
# Test data variables | ||
EXTRA_TEST_DATA = [[1, 2, 3], {'a': 1, 'b': 2}, 'extra_tag', 12345, 'ñ', 'テスト', 'ИСПЫТАНИЕ', '测试', 'اختبار', ' ', ''] | ||
EXTRA_TEST_VALUES = [(tag, value) for tag in EXTRA_TEST_DATA for value in EXTRA_TEST_DATA] | ||
EXTRA_TEST_IDS = [f"tag: {value[0]}, value: {value[1]}" for value in EXTRA_TEST_VALUES] | ||
|
||
TEST_CHARACTERS = ['.', ':', '@', '#', '*', '-', '_', "'", '"', '/', '=', 'ñ', 'ç', '+', '^', '!', '?', '%', '&', '`', | ||
'¿', '?', '(', ')', '|', 'º', '$', '½', '¬', '!', '~', '¡', '[', ']', '{', '}'] | ||
|
||
CUSTOM_INPUT_TEST_VALUES = [None, '', 'dummy value', 12345, ['1', '2', '3', '4', '5'], 'ñ', 'テスト', 'ИСПЫТАНИЕ', '测试', | ||
'اختبار'] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters