You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
103 lines
4.2 KiB
103 lines
4.2 KiB
7 months ago
|
import pytest
|
||
|
import random
|
||
|
import string
|
||
|
import re
|
||
|
from sherlock.sherlock import sherlock
|
||
|
from sherlock.notify import QueryNotify
|
||
|
from sherlock.result import QueryStatus
|
||
|
#from sherlock_interactives import Interactives
|
||
|
|
||
|
|
||
|
def simple_query(sites_info: dict, site: str, username: str) -> QueryStatus:
|
||
|
query_notify = QueryNotify()
|
||
|
site_data: dict = {}
|
||
|
site_data[site] = sites_info[site]
|
||
|
return sherlock(
|
||
|
username=username,
|
||
|
site_data=site_data,
|
||
|
query_notify=query_notify,
|
||
|
)[site]['status'].status
|
||
|
|
||
|
|
||
|
# Known positives should only use sites trusted to be reliable and unchanging
|
||
|
@pytest.mark.parametrize('site,username',[
|
||
|
('GitLab', 'ppfeister'),
|
||
|
('AllMyLinks', 'blue'),
|
||
|
])
|
||
|
def test_known_positives_via_message(sites_info, site, username):
|
||
|
assert simple_query(sites_info=sites_info, site=site, username=username) is QueryStatus.CLAIMED
|
||
|
|
||
|
|
||
|
# Known positives should only use sites trusted to be reliable and unchanging
|
||
|
@pytest.mark.parametrize('site,username',[
|
||
|
('GitHub', 'ppfeister'),
|
||
|
('GitHub', 'sherlock-project'),
|
||
|
('Docker Hub', 'ppfeister'),
|
||
|
('Docker Hub', 'sherlock'),
|
||
|
])
|
||
|
def test_known_positives_via_status_code(sites_info, site, username):
|
||
|
assert simple_query(sites_info=sites_info, site=site, username=username) is QueryStatus.CLAIMED
|
||
|
|
||
|
|
||
|
# Known positives should only use sites trusted to be reliable and unchanging
|
||
|
@pytest.mark.parametrize('site,username',[
|
||
|
('BodyBuilding', 'blue'),
|
||
|
('labpentestit', 'CSV'),
|
||
|
])
|
||
|
def test_known_positives_via_response_url(sites_info, site, username):
|
||
|
assert simple_query(sites_info=sites_info, site=site, username=username) is QueryStatus.CLAIMED
|
||
|
|
||
|
|
||
|
# Randomly generate usernames of high length and test for positive availability
|
||
|
# Randomly generated usernames should be simple alnum for simplicity and high
|
||
|
# compatibility. Several attempts may be made ~just in case~ a real username is
|
||
|
# generated.
|
||
|
@pytest.mark.parametrize('site,random_len',[
|
||
|
('GitLab', 255),
|
||
|
('Codecademy', 30)
|
||
|
])
|
||
|
def test_likely_negatives_via_message(sites_info, site, random_len):
|
||
|
num_attempts: int = 3
|
||
|
attempted_usernames: list[str] = []
|
||
|
status: QueryStatus = QueryStatus.CLAIMED
|
||
|
for i in range(num_attempts):
|
||
|
acceptable_types = string.ascii_letters + string.digits
|
||
|
random_handle = ''.join(random.choice(acceptable_types) for _ in range (random_len))
|
||
|
attempted_usernames.append(random_handle)
|
||
|
status = simple_query(sites_info=sites_info, site=site, username=random_handle)
|
||
|
if status is QueryStatus.AVAILABLE:
|
||
|
break
|
||
|
assert status is QueryStatus.AVAILABLE, f"Could not validate available username after {num_attempts} attempts with randomly generated usernames {attempted_usernames}."
|
||
|
|
||
|
|
||
|
# Randomly generate usernames of high length and test for positive availability
|
||
|
# Randomly generated usernames should be simple alnum for simplicity and high
|
||
|
# compatibility. Several attempts may be made ~just in case~ a real username is
|
||
|
# generated.
|
||
|
@pytest.mark.parametrize('site,random_len',[
|
||
|
('GitHub', 39),
|
||
|
('Docker Hub', 30)
|
||
|
])
|
||
|
def test_likely_negatives_via_status_code(sites_info, site, random_len):
|
||
|
num_attempts: int = 3
|
||
|
attempted_usernames: list[str] = []
|
||
|
status: QueryStatus = QueryStatus.CLAIMED
|
||
|
for i in range(num_attempts):
|
||
|
acceptable_types = string.ascii_letters + string.digits
|
||
|
random_handle = ''.join(random.choice(acceptable_types) for _ in range (random_len))
|
||
|
attempted_usernames.append(random_handle)
|
||
|
status = simple_query(sites_info=sites_info, site=site, username=random_handle)
|
||
|
if status is QueryStatus.AVAILABLE:
|
||
|
break
|
||
|
assert status is QueryStatus.AVAILABLE, f"Could not validate available username after {num_attempts} attempts with randomly generated usernames {attempted_usernames}."
|
||
|
|
||
|
|
||
|
def test_username_illegal_regex(sites_info):
|
||
|
site: str = 'BitBucket'
|
||
|
invalid_handle: str = '*#$Y&*JRE'
|
||
|
pattern = re.compile(sites_info[site]['regexCheck'])
|
||
|
# Ensure that the username actually fails regex before testing sherlock
|
||
|
assert pattern.match(invalid_handle) is None
|
||
|
assert simple_query(sites_info=sites_info, site=site, username=invalid_handle) is QueryStatus.ILLEGAL
|
||
|
|