(zapconfig)
| 81 | return stripped |
| 82 | |
| 83 | def test_zap(zapconfig): |
| 84 | |
| 85 | parser = SafeConfigParser() |
| 86 | parser.read(zapconfig) |
| 87 | |
| 88 | zapUrl = parser.get("Proxy", "url"); |
| 89 | |
| 90 | zap = ZAP(proxies={'http': zapUrl, 'https': zapUrl}) |
| 91 | |
| 92 | if (parser.getboolean("Actions", "start")): |
| 93 | # print "platform=" + platform.system() |
| 94 | if (platform.system() == "Windows"): |
| 95 | zapScript = "start /b zap.bat" |
| 96 | else: |
| 97 | zapScript = "zap.sh" |
| 98 | |
| 99 | zapInstall = parser.get("Proxy", "install"); |
| 100 | if (len(zapInstall) == 0): |
| 101 | if (platform.system() == "Windows"): |
| 102 | # Win 7 default path |
| 103 | zapInstall = "C:\Program Files (x86)\ZAP\Zed Attack Proxy"; |
| 104 | if ( not os.path.exists(zapInstall)): |
| 105 | # Win XP default path |
| 106 | zapInstall = "C:\Program Files\ZAP\Zed Attack Proxy"; |
| 107 | else: |
| 108 | # No default path for Mac OS or Linux |
| 109 | print("Installation directory must be set in " + zapconfig) |
| 110 | |
| 111 | if (len(parser.get("Proxy", "home")) > 0): |
| 112 | zapScript = zapScript + " -d " + parser.get("Proxy", "home") |
| 113 | |
| 114 | os.chdir(zapInstall); |
| 115 | os.system(zapScript); |
| 116 | time.sleep(20); |
| 117 | |
| 118 | spiderUrls = parser.get("Actions", "spider"); |
| 119 | if (len(spiderUrls) > 0): |
| 120 | for spiderUrl in spiderUrls.split(','): |
| 121 | zap.urlopen(spiderUrl) |
| 122 | # Give the sites tree a chance to get updated |
| 123 | time.sleep(2) |
| 124 | |
| 125 | print('Spidering %s' % spiderUrl) |
| 126 | zap.start_spider(spiderUrl) |
| 127 | |
| 128 | # Give the Spider a chance to start |
| 129 | time.sleep(2) |
| 130 | while (int(zap.spider_status[0]) < 100): |
| 131 | #print 'Spider progress %: ' + zap.spider_status[0] |
| 132 | time.sleep(5) |
| 133 | print('Finished spidering %s' % spiderUrl) |
| 134 | |
| 135 | print('Spider completed') |
| 136 | # Give the passive scanner a chance to finish |
| 137 | time.sleep(5) |
| 138 | |
| 139 | scanUrls = parser.get("Actions", "scan"); |
| 140 | if (len(scanUrls) > 0): |
nothing calls this directly
no test coverage detected