-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathmain_test.go
131 lines (110 loc) · 4.53 KB
/
main_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package main
import (
"testing"
"github.com/jarcoal/httpmock"
"github.com/stretchr/testify/assert"
)
func TestQueryCRTSH(t *testing.T) {
// Start HTTP mock
httpmock.Activate()
defer httpmock.DeactivateAndReset()
// Mock the crt.sh response
httpmock.RegisterResponder("GET", "https://crt.sh/?q=test.com&output=json",
httpmock.NewStringResponder(200, `[{"common_name":"subdomain.test.com"}]`))
// Set global variable 'domain' for the test
domain = "test.com"
// Call the function to test
subdomains, err := queryCRTSH()
assert.NoError(t, err, "Expected no error querying crt.sh")
// Verify that the returned subdomains contain the expected subdomain
assert.Contains(t, subdomains, "subdomain.test.com", "The returned subdomains should contain 'subdomain.test.com'")
}
func TestIsVulnerableCNAME_Vulnerable(t *testing.T) {
fingerprints := map[string]map[string]interface{}{
"vulnerable.com": {
"cname": []interface{}{"vulnerable.com"},
"vulnerable": true,
"fingerprint": "Vulnerable Service",
"nxdomain": false,
},
}
// Test a vulnerable CNAME
vulnerableCNAME := "subdomain.vulnerable.com."
directMatch, vulnerable, fingerprintText, hasNXDOMAINFlag := isVulnerableCNAME(vulnerableCNAME, fingerprints)
assert.True(t, directMatch, "Expected a direct match for the CNAME")
assert.True(t, vulnerable, "Expected the CNAME to be vulnerable")
assert.Equal(t, "Vulnerable Service", fingerprintText, "Expected the correct fingerprint text")
assert.False(t, hasNXDOMAINFlag, "Expected the NXDOMAIN flag to be false")
}
func TestIsVulnerableCNAME_NotVulnerable(t *testing.T) {
// Setup mock fingerprints data including both vulnerable and non-vulnerable entries
fingerprints := map[string]map[string]interface{}{
"vulnerable.com": {
"cname": []interface{}{"vulnerable.com"},
"vulnerable": true,
"fingerprint": "Vulnerable Service",
"nxdomain": false,
},
"safe.com": {
"cname": []interface{}{"safe.com"},
"vulnerable": false,
"fingerprint": "Safe Service",
"nxdomain": false,
},
}
// Test a non-vulnerable CNAME
safeCNAME := "subdomain.safe.com."
directMatch, vulnerable, fingerprintText, hasNXDOMAINFlag := isVulnerableCNAME(safeCNAME, fingerprints)
assert.True(t, directMatch, "Expected a direct match for the CNAME")
assert.False(t, vulnerable, "Expected the CNAME to be non-vulnerable")
assert.Equal(t, "Safe Service", fingerprintText, "Expected the correct fingerprint text")
assert.False(t, hasNXDOMAINFlag, "Expected the NXDOMAIN flag to be false")
}
func TestIsVulnerableCNAME_NotFound(t *testing.T) {
fingerprints := map[string]map[string]interface{}{
"vulnerable.com": {
"cname": []interface{}{"vulnerable.com"},
"vulnerable": true,
"fingerprint": "Vulnerable Service",
"nxdomain": false,
},
}
// Test a CNAME that is not present in the fingerprints
unknownCNAME := "unknown.com."
directMatch, vulnerable, fingerprintText, hasNXDOMAINFlag := isVulnerableCNAME(unknownCNAME, fingerprints)
assert.False(t, directMatch, "Expected no direct match for the CNAME")
assert.False(t, vulnerable, "Expected the CNAME to be considered non-vulnerable by default")
assert.Equal(t, "", fingerprintText, "Expected an empty fingerprint text")
assert.False(t, hasNXDOMAINFlag, "Expected the NXDOMAIN flag to be false for an unknown CNAME")
}
func TestExtractServiceName(t *testing.T) {
tests := []struct {
name string
domain string
expectedSLD string
}{
{"WithSubdomain", "sub.example.com.", "example"},
{"WithMultipleSubdomains", "deep.sub.example.com.", "example"},
{"OnlySLDAndTLD", "example.com.", "example"},
{"SingleLabelDomain", "localhost.", ""},
{"EmptyDomain", "", ""},
}
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
sld := extractServiceName(test.domain)
assert.Equal(t, test.expectedSLD, sld, "Extracted SLD should match the expected value for "+test.domain)
})
}
}
func TestAppendResultBasedOnVulnerability(t *testing.T) {
// Reset global variables for a clean test environment
couldBeExploitable = []string{}
notExploitable = []string{}
// Test adding a vulnerable subdomain
appendResultBasedOnVulnerability(true, "vulnerable.example.com")
assert.Contains(t, couldBeExploitable, "vulnerable.example.com", "The vulnerable domain should be added to the isExploitable list")
// Test adding a non-vulnerable subdomain
appendResultBasedOnVulnerability(false, "safe.example.com")
assert.
Contains(t, notExploitable, "safe.example.com", "The non-vulnerable domain should be added to the notExploitable list")
}