-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathattacks_test.go
124 lines (90 loc) · 3.12 KB
/
attacks_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package main
import (
"testing"
"gopkg.in/jarcoal/httpmock.v1"
"net"
"fmt"
)
func TestRunHTTPSpam(t *testing.T) {
t.Run("Test run HTTP spam correctly reports on endpoints", func(t *testing.T) {
createMockHTTPServer(200)
defer httpmock.DeactivateAndReset()
c := createResponseChannel()
endpoint, attack := CreateTestEndpointAndAttackConfiguration("200", "HTTP_SPAM")
go RunHTTPSpam(endpoint, attack, c)
response := <- c
if !response.Passed {
t.Error("Valid config provided to HTTP Spam. HTTP SPAM did not return a passing report.")
}
endpoint, attack = CreateTestEndpointAndAttackConfiguration("404", "HTTP_SPAM")
go RunHTTPSpam(endpoint, attack, c)
response = <- c
if response.Passed {
t.Error("Failing config provided. Should have failed on expected status compare but returned passing report.")
}
})
}
func TestRunCorruptHTTP(t *testing.T) {
t.Run("Test run Corrupt HTTP correctly reports on endpoints", func(t *testing.T) {
go createMockTCPServer()
c := createResponseChannel()
endpoint, attack := CreateTestEndpointAndAttackConfiguration("200", "CORRUPT_HTTP")
go RunCorruptHTTP(endpoint, attack, c)
response := <- c
if !response.Passed {
t.Errorf("Valid config provided to corrupt HTTP. Corrupt HTTP did not return a passing report. %v", response)
}
endpoint, attack = CreateTestEndpointAndAttackConfiguration("404", "CORRUPT_HTTP")
go RunCorruptHTTP(endpoint, attack, c)
response = <- c
if response.Passed {
t.Error("Invalid config provided. Should have failed on status compare but returned passed")
}
})
}
func TestRunURLQuery(t *testing.T) {
t.Run("Test run URL Query attack correctly reports on endpoints", func(t *testing.T) {
// Spin up a HTTP server with the right values
createMockHTTPServer(400)
defer httpmock.DeactivateAndReset()
c := createResponseChannel()
endpoint, attack := CreateTestEndpointAndAttackConfiguration("400", "URL_QUERY_SPAM")
go RunURLQuery(endpoint, attack, c)
response := <- c
if !response.Passed {
t.Error("Valid config which should have passed provided, but reported as failing")
}
endpoint, attack = CreateTestEndpointAndAttackConfiguration("200", "URL_QUERY_SPAM")
go RunURLQuery(endpoint, attack, c)
response = <- c
if response.Passed {
t.Error("Valid config which should not have passed provided, but reported as passing.")
}
})
}
func createMockHTTPServer(status int) {
httpmock.Activate()
httpmock.RegisterResponder("GET", "http://localhost:8080/my-endpoint",
httpmock.NewStringResponder(status, `[{"something": 1}]`))
}
func createMockTCPServer() {
l, _ := net.Listen("tcp", ":8080")
count := 0
defer l.Close()
for {
conn, err := l.Accept()
if err != nil {
return
}
fmt.Println("Mock TCP Server returning 200")
conn.Write([]byte("MOCK RESPONSE: 200\n"))
defer conn.Close()
count ++
if(count == 2) {
return
}
}
}
func createResponseChannel() (chan Response) {
return make(chan Response)
}