TechQA.

RobotFrameWork with Eclipse - SSHLibrary doesn't seem to do anything. (based on book: Practical Security Automation and Testing)

269 views Asked by At

I am studying in the book: Practical Security Autmation and testing. on page [124] there is a script which uses RIDE with the SSHLibrary.

But I'm using Eclipse, so I tried to install it.

pip install wheel

pip install --upgrade robotframework-sshlibrary

did the trick, now you can start editting the .robot script.

I made it till the point: (so it is different from the book, but this works for Eclipse)

*** Settings ***
Library  SSHLibrary
*** Variables ***
${HOST_URL}  http://demo.testfire.net
${output}=  Execute Command  python sqlmap.py -u ${HOST_URL} --batch --banner

*** Test Cases ***
SQL Injection Testing
  Should Not Contain  ${output}  vulnerable

Now the problem is: it says 'passed' but when I alter the host_url in something I'm sure of it should fail it also says 'passed'. in other words: it doesn't seem to check or do anything.

I don't know what I am doing wrong here. need help.

eclipse robotframework robotframework-sshlibrary
Original Q&A
2

There are 2 answers

4
Todor Minakov On BEST ANSWER

You are not executing the command at all - keywords cannot be called in the Variables section. This line here

*** Variables ***
${HOST_URL}  http://demo.testfire.net
${output}=  Execute Command  python sqlmap.py -u ${HOST_URL} --batch --banner

will just create a string variable with that content. Move it inside the case (or in a keyword of its own)

*** Test Cases ***
SQL Injection Testing
    ${output}=  Execute Command  python sqlmap.py -u ${HOST_URL} --batch --banner
    Should Not Contain  ${output}  vulnerable
2
tijnn On

I mixed the content of page 124 and 126 (of book: Practical Security Automation and Testing)

there is an error on page 126. The code at the ride image is actually that of the RBFW one.

this is how it turns up without errors:

*** Settings ***
Library  SSHLibrary
Library  Collections
Library  String
Library  RequestsLibrary
Library  OperatingSystem

*** Variables ***
${HOST_URL}  http://demo.testfire.net
${url}  http://demo.testfire.net
${SpiderScan}  http://localhost:8090/JSON/spider/action/scan/?zapapiformat=JSON&formatMethod=GETurl=${url}&maxChildren=&recurse=&ontextName=&subtreeOnly=

*** Test Cases ***
SQL Injection Testing
  Get Connection    host=http://demo.testfire.net
  ${output}=  Execute Command  python sqlmap.py -u ${HOST_URL} --batch --banner
  Should Not Contain  ${output}  vulnerable
  

ZAP Spider Scan
  [Tags]  get skip
  Create session   ZAP  ${SpiderScan}
  ${resp}=    Get Request     ZAP   /
  Should Be Equal As Strings    ${resp.status_code}    200

Related Questions in ECLIPSE

Related Questions in ROBOTFRAMEWORK

Related Questions in ROBOTFRAMEWORK-SSHLIBRARY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions