Fixed tests and formatting

minvws · Nov 26, 2024 · 6bf6118 · 6bf6118
1 parent 9b20e00
commit 6bf6118
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 8 deletions.
diff --git a/boefjes/boefjes/plugins/kat_kat_finding_types/kat_finding_types.json b/boefjes/boefjes/plugins/kat_kat_finding_types/kat_finding_types.json
@@ -136,7 +136,7 @@
     "description": "An open Microsoft Remote Desktop Protocol (RDP) port was detected.",
     "source": "https://www.cloudflare.com/en-gb/learning/access-management/rdp-security-risks/",
     "risk": "medium",
-    "impact":"Remote desktop ports are often the root cause in ransomware attacks, due to weak password usage, outdated software or insecure configurations.",
+    "impact": "Remote desktop ports are often the root cause in ransomware attacks, due to weak password usage, outdated software or insecure configurations.",
     "recommendation": "Disable the Microsoft RDP service on port 3389 if this is publicly reachable. Add additional security layers, such as VPN access if these ports do require to be enabled to limit the attack surface."
   },
   "KAT-OPEN-DATABASE-PORT": {

diff --git a/octopoes/bits/port_classification_ip/port_classification_ip.py b/octopoes/bits/port_classification_ip/port_classification_ip.py
@@ -36,7 +36,7 @@
     5432,  # PostgreSQL
 ]
 MICROSOFT_RDP_PORTS = [
-    3389,  # Microsoft Remote Desktop
+    3389  # Microsoft Remote Desktop
 ]
 
 
@@ -69,7 +69,8 @@ def run(input_ooi: IPPort, additional_oois: list, config: dict[str, Any]) -> Ite
                 yield Finding(
                     finding_type=open_sa_port.reference,
                     ooi=ip_port.reference,
-                    description=f"Port {port}/{protocol.value} is a system administrator port and should possibly not be open.",
+                    description=f"Port {port}/{protocol.value} is a system administrator port and "
+                    f"should possibly not be open.",
                 )
         elif protocol == Protocol.TCP and port in db_tcp_ports:
             ft = KATFindingType(id="KAT-OPEN-DATABASE-PORT")
@@ -91,7 +92,8 @@ def run(input_ooi: IPPort, additional_oois: list, config: dict[str, Any]) -> Ite
                 yield Finding(
                     finding_type=open_rdp_port.reference,
                     ooi=ip_port.reference,
-                    description=f"Port {port}/{protocol.value} is a Microsoft Remote Desktop port and should possibly not be open.",
+                    description=f"Port {port}/{protocol.value} is a Microsoft Remote Desktop port and "
+                    f"should possibly not be open.",
                 )
         elif (protocol == Protocol.TCP and port not in common_tcp_ports) or (
             protocol == Protocol.UDP and port not in common_udp_ports

diff --git a/octopoes/tests/integration/test_api_connector.py b/octopoes/tests/integration/test_api_connector.py
@@ -239,7 +239,7 @@ def test_no_disappearing_ports(octopoes_api_connector: OctopoesAPIConnector):
     assert findings.items == [
         Finding(
             finding_type=KATFindingType(id="KAT-OPEN-DATABASE-PORT").reference,
-            description="Port 3306/tcp is a database port and should not be open.",
+            description="Port 3306/tcp is a database port and should possibly not be open.",
             ooi=tcp_port.reference,
         )
     ]
@@ -276,7 +276,7 @@ def test_no_disappearing_ports(octopoes_api_connector: OctopoesAPIConnector):
     assert findings.items == [
         Finding(
             finding_type=KATFindingType(id="KAT-OPEN-DATABASE-PORT").reference,
-            description="Port 3306/tcp is a database port and should not be open.",
+            description="Port 3306/tcp is a database port and should possibly not be open.",
             ooi=tcp_port.reference,
         )
     ]
diff --git a/octopoes/tests/test_bit_ports.py b/octopoes/tests/test_bit_ports.py
@@ -29,7 +29,7 @@ def test_port_classification_tcp_22():
     assert len(results) == 2
     finding = results[-1]
     assert isinstance(finding, Finding)
-    assert finding.description == "Port 22/tcp is a system administrator port and should not be open."
+    assert finding.description == "Port 22/tcp is a system administrator port and should possibly not be open."
 
 
 def test_port_classification_tcp_5432():
@@ -40,7 +40,7 @@ def test_port_classification_tcp_5432():
     assert len(results) == 2
     finding = results[-1]
     assert isinstance(finding, Finding)
-    assert finding.description == "Port 5432/tcp is a database port and should not be open."
+    assert finding.description == "Port 5432/tcp is a database port and should possibly not be open."
 
 
 def test_port_classification_tcp_12345():