Example 16 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlertUnitTest method shouldReplaceAlertSolnCorrectly.
@Test
public void shouldReplaceAlertSolnCorrectly() {
extAlert.setAlertOverrideProperty("1.solution", NEW_SOLN);
Alert alert1 = newAlert(1);
extAlert.applyOverrides(alert1);
// When/Then
assertEquals(ORIGINAL_NAME, alert1.getName());
assertEquals(ORIGINAL_DESC, alert1.getDescription());
assertEquals(NEW_SOLN, alert1.getSolution());
assertEquals(ORIGINAL_OTHER, alert1.getOtherInfo());
assertEquals(ORIGINAL_REF, alert1.getReference());
// Check other alerts are not affected
Alert alert2 = newAlert(2);
extAlert.applyOverrides(alert2);
// When/Then
assertEquals(ORIGINAL_NAME, alert2.getName());
assertEquals(ORIGINAL_DESC, alert2.getDescription());
assertEquals(ORIGINAL_SOLN, alert2.getSolution());
assertEquals(ORIGINAL_OTHER, alert2.getOtherInfo());
assertEquals(ORIGINAL_REF, alert2.getReference());
}Example 17 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ExtensionAlertUnitTest method shouldPrependAlertDescCorrectly.
@Test
public void shouldPrependAlertDescCorrectly() {
extAlert.setAlertOverrideProperty("1.description", "-" + NEW_DESC);
Alert alert1 = newAlert(1);
extAlert.applyOverrides(alert1);
// When/Then
assertEquals(ORIGINAL_NAME, alert1.getName());
assertEquals(NEW_DESC + ORIGINAL_DESC, alert1.getDescription());
assertEquals(ORIGINAL_SOLN, alert1.getSolution());
assertEquals(ORIGINAL_OTHER, alert1.getOtherInfo());
assertEquals(ORIGINAL_REF, alert1.getReference());
// Check other alerts are not affected
Alert alert2 = newAlert(2);
extAlert.applyOverrides(alert2);
// When/Then
assertEquals(ORIGINAL_NAME, alert2.getName());
assertEquals(ORIGINAL_DESC, alert2.getDescription());
assertEquals(ORIGINAL_SOLN, alert2.getSolution());
assertEquals(ORIGINAL_OTHER, alert2.getOtherInfo());
assertEquals(ORIGINAL_REF, alert2.getReference());
}Example 18 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class AlertAddDialog method getBtnOk.
/**
* This method initializes btnStart
*
* @return javax.swing.JButton
*/
private JButton getBtnOk() {
if (btnOk == null) {
btnOk = new JButton();
btnOk.setText(Constant.messages.getString("alert.add.button.save"));
btnOk.addActionListener(new java.awt.event.ActionListener() {
@Override
public void actionPerformed(java.awt.event.ActionEvent e) {
Alert alert = alertViewPanel.getAlert();
try {
ExtensionAlert extAlert = (ExtensionAlert) Control.getSingleton().getExtensionLoader().getExtension(ExtensionAlert.NAME);
if (alert.getAlertId() >= 0) {
// Its an existing alert so save it
if (extAlert != null) {
extAlert.updateAlert(alert);
} else if (historyRef != null) {
// Update history tree
historyRef.updateAlert(alert);
extension.notifyHistoryItemChanged(historyRef);
}
} else {
if (httpMessage != null) {
historyRef = new HistoryReference(Model.getSingleton().getSession(), historyType, httpMessage);
}
alert.setSource(Alert.Source.MANUAL);
// Raise it
if (extAlert != null) {
extAlert.alertFound(alert, historyRef);
} else {
historyRef.addAlert(alert);
extension.notifyHistoryItemChanged(historyRef);
}
}
} catch (Exception ex) {
logger.error(ex.getMessage(), ex);
}
clearAndCloseDialog();
}
});
}
return btnOk;
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
JButton(javax.swing.JButton)
Alert(org.parosproxy.paros.core.scanner.Alert)
ExtensionAlert(org.zaproxy.zap.extension.alert.ExtensionAlert)
ExtensionAlert(org.zaproxy.zap.extension.alert.ExtensionAlert)
HeadlessException(java.awt.HeadlessException)
Example 19 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class ActiveScanController method startScan.
@Override
public int startScan(String name, Target target, User user, Object[] contextSpecificObjects) {
activeScansLock.lock();
try {
int id = this.scanIdCounter++;
RuleConfigParam ruleConfigParam = null;
ExtensionRuleConfig extRC = Control.getSingleton().getExtensionLoader().getExtension(ExtensionRuleConfig.class);
if (extRC != null) {
ruleConfigParam = extRC.getRuleConfigParam();
}
ActiveScan ascan = new ActiveScan(name, extension.getScannerParam(), extension.getModel().getOptionsParam().getConnectionParam(), null, ruleConfigParam) {
@Override
public void alertFound(Alert alert) {
alert.setSource(Alert.Source.ACTIVE);
if (extAlert != null) {
extAlert.alertFound(alert, null);
}
super.alertFound(alert);
}
};
Session session = extension.getModel().getSession();
List<String> excludeList = new ArrayList<>();
excludeList.addAll(extension.getExcludeList());
excludeList.addAll(session.getExcludeFromScanRegexs());
excludeList.addAll(session.getGlobalExcludeURLRegexs());
ascan.setExcludeList(excludeList);
ScanPolicy policy = null;
ascan.setId(id);
ascan.setUser(user);
boolean techOverridden = false;
if (contextSpecificObjects != null) {
for (Object obj : contextSpecificObjects) {
if (obj instanceof ScannerParam) {
logger.debug("Setting custom scanner params");
ascan.setScannerParam((ScannerParam) obj);
} else if (obj instanceof ScanPolicy) {
policy = (ScanPolicy) obj;
logger.debug("Setting custom policy " + policy.getName());
ascan.setScanPolicy(policy);
} else if (obj instanceof TechSet) {
ascan.setTechSet((TechSet) obj);
techOverridden = true;
} else if (obj instanceof ScriptCollection) {
ascan.addScriptCollection((ScriptCollection) obj);
} else {
logger.error("Unexpected contextSpecificObject: " + obj.getClass().getCanonicalName());
}
}
}
if (policy == null) {
// use the default
policy = extension.getPolicyManager().getDefaultScanPolicy();
logger.debug("Setting default policy " + policy.getName());
ascan.setScanPolicy(policy);
}
if (!techOverridden && target.getContext() != null) {
ascan.setTechSet(target.getContext().getTechSet());
}
this.activeScanMap.put(id, ascan);
this.activeScanList.add(ascan);
ascan.start(target);
return id;
} finally {
activeScansLock.unlock();
}
}
Also used :
TechSet(org.zaproxy.zap.model.TechSet)
ArrayList(java.util.ArrayList)
ScriptCollection(org.zaproxy.zap.extension.script.ScriptCollection)
RuleConfigParam(org.zaproxy.zap.extension.ruleconfig.RuleConfigParam)
ExtensionRuleConfig(org.zaproxy.zap.extension.ruleconfig.ExtensionRuleConfig)
ScannerParam(org.parosproxy.paros.core.scanner.ScannerParam)
Alert(org.parosproxy.paros.core.scanner.Alert)
ExtensionAlert(org.zaproxy.zap.extension.alert.ExtensionAlert)
Session(org.parosproxy.paros.model.Session)
Example 20 with Alert
use of org.parosproxy.paros.core.scanner.Alert in project zaproxy by zaproxy.
the class PopupMenuHistoryReference method getSelectedHistoryReference.
private HistoryReference getSelectedHistoryReference() {
HistoryReference ref = null;
try {
switch(lastInvoker) {
case sites:
SiteNode sNode = (SiteNode) treeInvoker.getLastSelectedPathComponent();
ref = sNode.getHistoryReference();
break;
case ascan:
case history:
case bruteforce:
case search:
case fuzz:
ref = hrefsTableInvoker.getSelectedHistoryReference();
break;
case alerts:
AlertNode aNode = (AlertNode) treeInvoker.getLastSelectedPathComponent();
if (aNode.getUserObject() != null) {
Alert alert = aNode.getUserObject();
ref = alert.getHistoryRef();
}
break;
case hreftable:
ref = hrefTableInvoker.getSelectedHistoryReference();
break;
}
} catch (Exception e2) {
log.error(e2.getMessage(), e2);
}
return ref;
}
Also used :
HistoryReference(org.parosproxy.paros.model.HistoryReference)
AlertNode(org.zaproxy.zap.extension.alert.AlertNode)
Alert(org.parosproxy.paros.core.scanner.Alert)
SiteNode(org.parosproxy.paros.model.SiteNode)
Aggregations
Alert (org.parosproxy.paros.core.scanner.Alert)37
Test (org.junit.Test)15
ArrayList (java.util.ArrayList)7
RecordAlert (org.parosproxy.paros.db.RecordAlert)7
TableAlert (org.parosproxy.paros.db.TableAlert)7
HistoryReference (org.parosproxy.paros.model.HistoryReference)6
SiteNode (org.parosproxy.paros.model.SiteNode)6
ExtensionAlert (org.zaproxy.zap.extension.alert.ExtensionAlert)5
DatabaseException (org.parosproxy.paros.db.DatabaseException)4
TreePath (javax.swing.tree.TreePath)3
DefaultMutableTreeNode (javax.swing.tree.DefaultMutableTreeNode)2
Session (org.parosproxy.paros.model.Session)2
SiteMap (org.parosproxy.paros.model.SiteMap)2
AlertNode (org.zaproxy.zap.extension.alert.AlertNode)2
Component (java.awt.Component)1
Dimension (java.awt.Dimension)1
HeadlessException (java.awt.HeadlessException)1
Point (java.awt.Point)1
MouseEvent (java.awt.event.MouseEvent)1
Enumeration (java.util.Enumeration)1
