mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-10 10:40:57 +01:00
Add CSV, polish ...
... and adapt it to newer scheme There's a bug: service should not be listed. It is listed though in JSON pretty (at least) with no severity and simulatenously with CSV. This needs to be corrected in testssl.sh before merging Saveing work, not complete yet
This commit is contained in:
parent
b4634de8dd
commit
4a3b8f90e6
@ -5,41 +5,74 @@ use Test::More;
|
|||||||
use Data::Dumper;
|
use Data::Dumper;
|
||||||
use JSON;
|
use JSON;
|
||||||
|
|
||||||
my (
|
my $out="";
|
||||||
$out,
|
my $json="";
|
||||||
$json,
|
my $json_pretty="";
|
||||||
$json_pretty,
|
my $csv="";
|
||||||
$found,
|
my $found="";
|
||||||
$tests
|
my $tests = 0;
|
||||||
);
|
my $check2run="--ip=one -s -p -P -e -U --ids-friendly --severity LOW --color 0";
|
||||||
|
my $linenum=0;
|
||||||
|
my $prg="./testssl.sh";
|
||||||
|
#my $uri="badssl.com";
|
||||||
|
my $uri="google.com";
|
||||||
|
|
||||||
$tests = 0;
|
die "Unable to open $prg" unless -f $prg;
|
||||||
|
|
||||||
|
# Provide proper start conditions
|
||||||
printf "\n%s\n", "Doing severity level checks";
|
|
||||||
unlink 'tmp.json';
|
unlink 'tmp.json';
|
||||||
|
unlink 'tmp.csv';
|
||||||
|
|
||||||
#1
|
printf "\n%s\n", "Doing severity level checks in JSON formats and CSV against \"$uri\"";
|
||||||
pass(" .. running testssl.sh against badssl.com to create a JSON report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++;
|
|
||||||
$out = `./testssl.sh -S -e -U --jsonfile tmp.json --severity LOW --color 0 badssl.com`;
|
#1 (first run)
|
||||||
|
printf ".. create JSON+CSV reports with severity level >= LOW (may take ~2 minutes)\n";
|
||||||
|
$out = `$prg $check2run --jsonfile tmp.json --csvfile tmp.csv $uri`;
|
||||||
$json = json('tmp.json');
|
$json = json('tmp.json');
|
||||||
unlink 'tmp.json';
|
$csv = csv('tmp.csv');
|
||||||
$found = 0;
|
$found = 0;
|
||||||
cmp_ok(@$json,'>',0,"At least 1 finding is expected"); $tests++;
|
cmp_ok(@$json,'>',0,"At least 1 finding is expected in JSON");
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
# 2 count lines in CSV
|
||||||
|
$linenum = $csv =~ tr/\n//;
|
||||||
|
ok($linenum ge 4, "we should have at least 4 results in CSV: $linenum" );
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
#3
|
||||||
foreach my $f ( @$json ) {
|
foreach my $f ( @$json ) {
|
||||||
if ( $f->{severity} eq "INFO" ) {
|
if ( $f->{severity} eq "INFO" ) {
|
||||||
$found = 1;
|
$found = 1;
|
||||||
last;
|
last;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
is($found,0,"We should not have any finding with INFO level"); $tests++;
|
is($found,0,"We should not have any findings with INFO level in JSON");
|
||||||
|
|
||||||
#2
|
|
||||||
pass(" .. running testssl.sh against badssl.com to create a JSON-PRETTY report with severity level equal greater than LOW (may take 2~3 minutes)"); $tests++;
|
|
||||||
$out = `./testssl.sh -S -e -U --jsonfile-pretty tmp.json --severity LOW --color 0 badssl.com`;
|
|
||||||
$json_pretty = json('tmp.json');
|
|
||||||
unlink 'tmp.json';
|
unlink 'tmp.json';
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
#4
|
||||||
|
unlike($csv, qr/,\"INFO\",/,"We should not have any findings with INFO level in CSV");
|
||||||
|
unlink 'tmp.csv';
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
|
||||||
|
#5 (second run)
|
||||||
|
# We still do CSV here despite it's thge same as above.
|
||||||
|
# There was a bug which creates an INFO level output.
|
||||||
|
printf ".. create a JSON-PRETTY report with severity level >= LOW (may take ~2 minutes)\n";
|
||||||
|
$out = `$prg $check2run --jsonfile-pretty tmp.json --csvfile tmp.csv $uri`;
|
||||||
|
$json_pretty = json('tmp.json');
|
||||||
|
$csv = csv('tmp.csv');
|
||||||
$found = 0;
|
$found = 0;
|
||||||
|
cmp_ok(@$json,'>',0,"At least 1 finding is expected");
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
#6 count lines in CSV
|
||||||
|
$linenum = $csv =~ tr/\n//;
|
||||||
|
ok($linenum ge 4, "we should have at least 4 results in CSV: $linenum" );
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
#7
|
||||||
my $vulnerabilities = $json_pretty->{scanResult}->[0]->{vulnerabilities};
|
my $vulnerabilities = $json_pretty->{scanResult}->[0]->{vulnerabilities};
|
||||||
foreach my $f ( @$vulnerabilities ) {
|
foreach my $f ( @$vulnerabilities ) {
|
||||||
if ( $f->{severity} eq "INFO" ) {
|
if ( $f->{severity} eq "INFO" ) {
|
||||||
@ -47,14 +80,28 @@ foreach my $f ( @$vulnerabilities ) {
|
|||||||
last;
|
last;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
is($found,0,"We should not have any finding with INFO level"); $tests++;
|
is($found,0,"We should not have any findings with INFO level in JSON");
|
||||||
|
unlink "tmp.json";
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
#8 failed. See bug above
|
||||||
|
unlike($csv, qr/,\"INFO\",/,"We should not have any findings with INFO level in CSV");
|
||||||
|
unlink 'tmp.csv';
|
||||||
|
$tests++;
|
||||||
|
|
||||||
|
|
||||||
|
done_testing();
|
||||||
|
# done_testing($tests);
|
||||||
printf "\n";
|
printf "\n";
|
||||||
done_testing($tests);
|
|
||||||
|
|
||||||
sub json($) {
|
sub json($) {
|
||||||
my $file = shift;
|
my $file = shift;
|
||||||
$file = `cat $file`;
|
$file = `cat $file`;
|
||||||
unlink $file;
|
|
||||||
return from_json($file);
|
return from_json($file);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub csv($) {
|
||||||
|
my $file = shift;
|
||||||
|
$file = `cat $file`;
|
||||||
|
return ($file);
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user