Skip to content

Commit

Permalink
Updating tests after removing references to the legacy vulnerability …
Browse files Browse the repository at this point in the history 
…detector module
  • Loading branch information
@pereyra-m
pereyra-m committed Jan 18, 2024
1 parent 598e874 commit 6f04988
Show file tree
Hide file tree
Showing 5 changed files with 10 additions and 239 deletions.
235 changes: 2 additions & 233 deletions tests/integration/test_wazuh_db/data/agent/agent_messages.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,218 +1,4 @@
---
-
name: "Agents' CVEs table: vuln_cves"
description: "Checks the commands insert and clear"
test_case:
-
input: 'agent 000 vuln_cves insert {"name":"test_name",
"version":"1.0",
"architecture":"x64",
"cve":"CVE-2021-0001",
"reference":"03c06c4f118618400772367b1cf7e73ce0178e02",
"type":"PACKAGE",
"status":"VALID",
"check_pkg_existence":true,
"severity":null,
"cvss2_score":0,
"cvss3_score":0}'
output: 'ok {"action":"INSERT","status":"SUCCESS"}'
stage: "agent vuln_cves insert package when it does not exist in sys_programs"
-
input: 'agent 000 vuln_cves insert {"name":"test_package",
"version":"1.0",
"architecture":"x86",
"cve":"CVE-2021-1001",
"reference":"03c06c4f118618400772367b1cf7e73ce0178e02",
"type":"PACKAGE",
"status":"VALID",
"check_pkg_existence":false,
"severity":"Medium",
"cvss2_score":5.0,
"cvss3_score":6.1}'
output: 'ok {"action":"INSERT","status":"SUCCESS"}'
stage: "agent vuln_cves insert test_package without checking if the package is present in sys_programs"
-
input: 'agent 000 sql SELECT * FROM vuln_cves where cve="CVE-2021-1001"'
output: 'ok [{"name":"test_package","version":"1.0","architecture":"x86","cve":"CVE-2021-1001","detection_time":"*","severity":"Medium","cvss2_score":5,"cvss3_score":6.1,"reference":"03c06c4f118618400772367b1cf7e73ce0178e02","type":"PACKAGE","status":"VALID"}]'
stage: "agent vuln_cves checking test_package"
use_regex: "yes"
-
input: 'agent 000 vuln_cves insert {"name":"test_package",
"version":"1.0",
"architecture":"x86",
"cve":"CVE-2021-1001",
"reference":"03c06c4f118618400772367b1cf7e73ce0178e02",
"type":"PACKAGE",
"status":"VALID",
"check_pkg_existence":false,
"severity":"Medium",
"cvss2_score":5.0,
"cvss3_score":6.1}'
output: 'ok {"action":"UPDATE","status":"SUCCESS"}'
stage: "agent vuln_cves update already inserted entry"
-
input: 'agent 000 sql INSERT INTO sys_programs (scan_id,scan_time,format,name,priority,section,size,vendor,install_time,version,architecture,multiarch,source,description,location,triaged,cpe,msu_name,checksum,item_id)
VALUES(0,"2021/04/07 22:00:00","deb","test package","optional","utils","7490","Wazuh wazuh@wazuh.com",NULL,"1.0.0","amd64",NULL,NULL,"Test package",NULL,0,NULL,NULL,"e7dbc9bba5a0ee252866536225b952d3de7ea5cb","777fef8cc434b597769d102361af718d29ef72c1")'
output: 'ok []'
stage: "agent vuln_cves adding dummy test package to sys_programs"
-
input: 'agent 000 sql SELECT * FROM sys_programs WHERE name = "test package"'
output: 'ok [{"scan_id":0,"scan_time":"2021/04/07 22:00:00","format":"deb","name":"test package","priority":"optional","section":"utils","size":7490,"vendor":"Wazuh wazuh@wazuh.com","version":"1.0.0","architecture":"amd64","description":"Test package","triaged":0,"checksum":"e7dbc9bba5a0ee252866536225b952d3de7ea5cb","item_id":"777fef8cc434b597769d102361af718d29ef72c1"}]'
stage: "agent vuln_cves checking test package in sys_programs"
-
input: 'agent 000 vuln_cves insert {"name":"test package",
"version":"1.0",
"architecture":"x86",
"cve":"CVE-2021-1002",
"reference":"777fef8cc434b597769d102361af718d29ef72c1",
"type":"OS",
"status":"PENDING",
"check_pkg_existence":true,
"severity":null,
"cvss2_score":0,
"cvss3_score":0}'
output: 'ok {"action":"INSERT","status":"SUCCESS"}'
stage: "agent vuln_cves insert with spaces in json payload and the test package exist in sys_programs"
-
input: 'agent 000 sql SELECT * FROM vuln_cves WHERE name = "test package"'
output: 'ok [{"name":"test package","version":"1.0","architecture":"x86","cve":"CVE-2021-1002","detection_time":"*","cvss2_score":0,"cvss3_score":0,"reference":"777fef8cc434b597769d102361af718d29ef72c1","type":"OS","status":"PENDING"}]'
stage: "agent vuln_cves checking test package"
use_regex: "yes"
-
input: 'agent 000 vuln_cves insert {"name":"test_package","cve":"CVE-2021-1001"}'
output: "err Invalid JSON data, missing required fields"
stage: "agent vuln_cves insert incomplete package"
-
input: 'agent 000 vuln_cves insert {"name":"test_package",'
output: "err Invalid JSON syntax, near '{\"name\":\"test_package\",'"
stage: "agent vuln_cves insert invalid JSON"
-
input: 'agent 000 vuln_cves'
output: "err Invalid vuln_cves query syntax, near 'vuln_cves'"
stage: "agent vuln_cves missing command"
-
input: 'agent 000 vuln_cves insert'
output: "err Invalid JSON syntax, near ''"
stage: "agent vuln_cves missing payload"
-
input: 'agent 000 vuln_cves insert {"name":"test_package2",
"version":"3.0",
"architecture":"x86",
"cve":"CVE-2021-1001",
"reference":"99efe684b5ff4646b3c754de46cb6a9cbee9fbaa",
"type":"PACKAGE",
"status":"VALID",
"check_pkg_existence":false,
"severity":"Untriaged",
"cvss2_score":0,
"cvss3_score":0}'
output: 'ok {"action":"INSERT","status":"SUCCESS"}'
stage: "agent vuln_cves insert package with same CVE without checking if the package is present in sys_programs"
-
input: 'agent 000 sql SELECT * FROM vuln_cves WHERE name = "test_package2"'
output: 'ok []'
stage: "agent vuln_cves checking package insertion with same CVE"
use_regex: "yes"
-
input: 'agent 000 vuln_cves insert {"name":"test_package2",
"version":"3.0",
"architecture":"x86",
"cve":"CVE-2021-1002",
"reference":"99efe684b5ff4646b3c754de46cb6a9cbee9fbaa",
"type":"PACKAGE",
"status":"VALID",
"check_pkg_existence":false,
"severity":"High",
"cvss2_score":8.2,
"cvss3_score":9.35}'
output: 'ok {"action":"INSERT","status":"SUCCESS"}'
stage: "agent vuln_cves insert same package with different CVE without checking if the package is present in sys_programs"
-
input: 'agent 000 sql SELECT * FROM vuln_cves WHERE name = "test_package2" AND cve = "CVE-2021-1002"'
output: 'ok [{"name":"test_package2","version":"3.0","architecture":"x86","cve":"CVE-2021-1002","detection_time":"*","severity":"High","cvss2_score":8.2,"cvss3_score":9.35,"reference":"99efe684b5ff4646b3c754de46cb6a9cbee9fbaa","type":"PACKAGE","status":"VALID"}]'
stage: "agent vuln_cves checking package with different CVE"
use_regex: "yes"
-
input: 'agent 000 vuln_cves update_status {"old_status":"PENDING",
"new_status":"OBSOLETE"}'
output: 'ok'
stage: "agent vuln_cves update specific status to another one"
-
input: 'agent 000 sql SELECT distinct status FROM vuln_cves'
output: 'ok [{"status":"OBSOLETE"},{"status":"VALID"}]'
stage: 'agent vuln_cves checking change specific status by another one'
-
input: 'agent 000 vuln_cves update_status {"new_status":"PENDING",
"type":"OS"}'
output: 'ok'
stage: 'agent vuln_cves update status by type "OS"'
-
input: 'agent 000 sql SELECT count(status) FROM vuln_cves WHERE type = "OS"'
output: 'ok [{"count(status)":1}]'
stage: 'agent vuln_cves checking update status by type "OS"'
-
input: 'agent 000 vuln_cves update_status {"new_status":"PENDING",
"type":"PACKAGE"}'
output: 'ok'
stage: 'agent vuln_cves update status by type "PACKAGE"'
-
input: 'agent 000 sql SELECT count(status) FROM vuln_cves WHERE type = "PACKAGE"'
output: 'ok [{"count(status)":4}]'
stage: 'agent vuln_cves checking update status by type "PACKAGE"'
-
input: 'agent 000 vuln_cves update_status {"new_status":"VALID",
"type":"PACKAGE"}'
output: 'ok'
stage: 'agent vuln_cves update status by type "PACKAGE" again'
-
input: 'agent 000 sql SELECT count(status) FROM vuln_cves WHERE type = "PACKAGE"'
output: 'ok [{"count(status)":4}]'
stage: 'agent vuln_cves checking update status by type "PACKAGE" again'
-
input: 'agent 000 vuln_cves remove {"status":"PENDING"}'
output: 'ok [{"name":"test package","version":"1.0","architecture":"x86","cve":"CVE-2021-1002","detection_time":"*","cvss2_score":0,"cvss3_score":0,"reference":"777fef8cc434b597769d102361af718d29ef72c1","type":"OS","status":"PENDING"}]'
stage: 'agent vuln_cves remove by status'
use_regex: "yes"
-
input: 'agent 000 sql SELECT distinct status FROM vuln_cves'
output: 'ok [{"status":"VALID"}]'
stage: 'agent vuln_cves checking remove by status'
-
input: 'agent 000 vuln_cves insert {"name":"test package",
"version":"1.0",
"architecture":"x86",
"cve":"CVE-2021-1002",
"reference":"777fef8cc434b597769d102361af718d29ef72c1",
"type":"OS",
"status":"PENDING",
"check_pkg_existence":true,
"severity":"Low",
"cvss2_score":3.2,
"cvss3_score":2.1}'
output: 'ok {"action":"INSERT","status":"SUCCESS"}'
stage: "agent vuln_cves insert with spaces in json payload and the test package exist in sys_programs again"
-
input: 'agent 000 sql SELECT distinct status FROM vuln_cves'
output: 'ok [{"status":"PENDING"},{"status":"VALID"}]'
stage: "agent vuln_cves checking status"
-
input: 'agent 000 vuln_cves update_status {"old_status":"*",
"new_status":"OBSOLETE"}'
output: 'ok'
stage: "agent vuln_cves update all status"
-
input: 'agent 000 sql SELECT distinct status FROM vuln_cves'
output: 'ok [{"status":"OBSOLETE"}]'
stage: 'agent vuln_cves checking update all status'
-
input: 'agent 000 vuln_cves remove {"status":"OBSOLETE"}'
output: 'ok [{"name":"test_name","version":"1.0","architecture":"x64","cve":"CVE-2021-0001","detection_time":"*","cvss2_score":0,"cvss3_score":0,"reference":"03c06c4f118618400772367b1cf7e73ce0178e02","type":"PACKAGE","status":"OBSOLETE"},{"name":"test_package","version":"1.0","architecture":"x86","cve":"CVE-2021-1001","detection_time":"*","severity":"Medium","cvss2_score":5,"cvss3_score":6.1,"reference":"03c06c4f118618400772367b1cf7e73ce0178e02","type":"PACKAGE","status":"OBSOLETE"},{"name":"test_package2","version":"3.0","architecture":"x86","cve":"CVE-2021-1001","detection_time":"*","severity":"Untriaged","cvss2_score":0,"cvss3_score":0,"reference":"99efe684b5ff4646b3c754de46cb6a9cbee9fbaa","type":"PACKAGE","status":"OBSOLETE"},{"name":"test_package2","version":"3.0","architecture":"x86","cve":"CVE-2021-1002","detection_time":"*","severity":"High","cvss2_score":8.2,"cvss3_score":9.35,"reference":"99efe684b5ff4646b3c754de46cb6a9cbee9fbaa","type":"PACKAGE","status":"OBSOLETE"},{"name":"test package","version":"1.0","architecture":"x86","cve":"CVE-2021-1002","detection_time":"*","severity":"Low","cvss2_score":3.2,"cvss3_score":2.1,"reference":"777fef8cc434b597769d102361af718d29ef72c1","type":"OS","status":"OBSOLETE"}]'
stage: 'agent vuln_cves remove by status to clear vuln_cve table'
use_regex: "yes"
-
input: 'agent 000 sql SELECT * FROM vuln_cves'
output: 'ok []'
stage: "agent vuln_cve checking empty table again"
-
name: 'Not existing agent'
description: 'Check messages from not registered agents.'
Expand All @@ -223,7 +9,7 @@
stage: 'Syscheck query to a non-existing agent'
-
name: "Agents' OS table: sys_osinfo"
description: "It checks the commands get, set and set_triaged"
description: "It checks the commands get and set"
test_case:
-
input: 'agent 000 sql DELETE FROM sys_osinfo'
Expand All @@ -239,16 +25,8 @@
stage: "agent sys_osinfo set information"
-
input: 'agent 000 osinfo get'
output: 'ok [{"scan_id":0,"scan_time":"2021/04/08 10:00:00","hostname":"focal","architecture":"x86_64","os_name":"Ubuntu","os_version":"20.04.2 LTS (Focal Fossa)","os_codename":"focal","os_major":"20","os_minor":"04","os_patch":"2","os_build":"1","os_platform":"ubuntu","sysname":"Linux","release":"5.4.0-70-generic","version":"#78-Ubuntu SMP Thu Apr 08 10:00:00 UTC 2021","os_release":"1","checksum":"legacy","triaged":0,"reference":"54d5344c8f49eae38d81651495227c5080755b45"}]'
output: 'ok [{"scan_id":0,"scan_time":"2021/04/08 10:00:00","hostname":"focal","architecture":"x86_64","os_name":"Ubuntu","os_version":"20.04.2 LTS (Focal Fossa)","os_codename":"focal","os_major":"20","os_minor":"04","os_patch":"2","os_build":"1","os_platform":"ubuntu","sysname":"Linux","release":"5.4.0-70-generic","version":"#78-Ubuntu SMP Thu Apr 08 10:00:00 UTC 2021","os_release":"1","checksum":"legacy","reference":"54d5344c8f49eae38d81651495227c5080755b45"}]'
stage: "agent sys_osinfo getting information"
-
input: 'agent 000 osinfo set_triaged'
output: 'ok'
stage: "agent sys_osinfo set triaged"
-
input: 'agent 000 sql SELECT triaged FROM sys_osinfo WHERE triaged = 1'
output: 'ok [{"triaged":1}]'
stage: "agent sys_osinfo checking triaged"
-
input: 'agent 000 sql DELETE FROM sys_osinfo'
output: "ok []"
Expand Down Expand Up @@ -309,15 +87,6 @@
input: 'agent 003 sql UPDATE sync_info SET last_attempt = 1, last_completion = 1 where component = "syscollector-packages"'
output: 'ok []'
stage: "agent sync_info set synced"
-
input: 'agent 003 sql UPDATE sys_programs SET triaged = 1 WHERE name = "test_rpm_pkg"'
output: 'ok []'
stage: "agent sys_programs set package as triaged"
-
input: 'agent 003 package get not_triaged'
output: ['due {"name":"test_deb_pkg","version":"1.0.0","architecture":"amd64","vendor":"Wazuh wazuh@wazuh.com","item_id":"1"}',
'ok {"status":"SUCCESS"}']
stage: "agent sys_programs getting not triaged packages"
-
input: 'agent 003 package get'
output: ['due {"name":"test_deb_pkg","version":"1.0.0","architecture":"amd64","vendor":"Wazuh wazuh@wazuh.com","item_id":"1"}',
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/test_wazuh_db/data/global/wazuh_db_backup_command.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,6 @@
-
backups_amount: 1
restore: true
snapshot:
snapshot: None
save_pre_restore: false
restore_response: err Invalid JSON syntax
restore_response: err Invalid JSON syntax
2 changes: 2 additions & 0 deletions tests/integration/test_wazuh_db/data/wazuh_db_backups_conf.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
- tags:
- wazuh_db
- wdb_socket
apply_to_modules:
- test_db_backup
- test_wdb_backup_configs
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/test_wazuh_db/test_agent_database_version.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
pytestmark = [TIER0, LINUX, SERVER]

# Variables
expected_database_version = '12'
expected_database_version = '13'


# Fixtures
Expand Down Expand Up @@ -45,7 +45,7 @@ def test_agent_database_version(restart_wazuh_daemon, remove_agents):
- Verify that database version is the expected one.
expected_output:
- Database version: 12
- Database version: 13
tags:
- wazuh_db
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/test_wazuh_db/test_wazuh_db.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -300,10 +300,10 @@ def pre_insert_packages():
for pkg_n in range(PACKAGES_NUMBER):
command = f"agent 000 sql INSERT OR REPLACE INTO sys_programs \
(scan_id,scan_time,format,name,priority,section,size,vendor,install_time,version,\
architecture,multiarch,source,description,location,triaged,cpe,msu_name,checksum,item_id)\
architecture,multiarch,source,description,location,cpe,msu_name,checksum,item_id)\
VALUES(0,'2021/04/07 22:00:00','deb','test_package_{pkg_n}','optional','utils',{random.randint(200,1000)},\
'Wazuh wazuh@wazuh.com',NULL,'{random.randint(1,10)}.0.0','all',NULL,NULL,'Test package {pkg_n}',\
NULL,0,NULL,NULL,'{random.getrandbits(128)}','{random.getrandbits(128)}')"
NULL,NULL,NULL,'{random.getrandbits(128)}','{random.getrandbits(128)}')"
receiver_sockets[0].send(command, size=True)
response = receiver_sockets[0].receive(size=True).decode()
data = response.split()
Expand Down

0 comments on commit 6f04988

Please sign in to comment.