def test_logging_not_done_bee(self):
"""
Tests that the consumer does not process bait sessions that are not marked as done.
"""
sessions = {}
BaitSession.client_id = "dummy_client_id"
BaitSession.honeypot_id = "dummy_hive_id"
beesession = BaitSession("telnet", "123", "1234", "4321")
beesession.alldone = False
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, "")
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
# forcing cooperative yield.
gevent.sleep(0)
# assert that the log method was not called
self.assertFalse(log_mock.called)
# assert that we still has a single item in the queue
self.assertEquals(len(sessions), 1)
consumer.stop_handling()
def test_logging_not_done_bee(self):
"""
Tests that the consumer does not process bait sessions that are not marked as done.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '123', '1234', '4321')
beesession.alldone = False
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, '')
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
# forcing cooperative yield.
gevent.sleep(0)
#assert that the log method was not called
self.assertFalse(log_mock.called)
#assert that we still has a single item in the queue
self.assertEquals(len(sessions), 1)
consumer.stop_handling()
def test_logging_done_bee(self):
"""
Tests that the consumer calls a logger class and that the beesession is removed
from the queue afterwards.
"""
sessions = {}
BaitSession.client_id = "dummy_client_id"
BaitSession.honeypot_id = "dummy_hive_id"
beesession = BaitSession("telnet", "1234", "4321", "123")
beesession.alldone = True
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, "")
# inject the dummy logger into the consumer
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
# forcing cooperative yield.
gevent.sleep(0)
# assert that the log method of the logger object was called with beesession as parameter.
dummy_logger.log.assert_called_once_with(beesession)
# assert that the beesession was removed from the queue
self.assertEquals(len(sessions), 0)
consumer.stop_handling()
def test_logging_done_bee(self):
"""
Tests that the consumer calls a logger class and that the beesession is removed
from the queue afterwards.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '1234', '4321', '123')
beesession.alldone = True
sessions[beesession.id] = beesession
# mock a dummy logger
dummy_logger = DummyLogger()
log_mock = Mock()
dummy_logger.log = log_mock
consumer = Consumer(sessions, {}, '')
# inject the dummy logger into the consumer
consumer.logger = dummy_logger
gevent.spawn(consumer.start_handling)
#forcing cooperative yield.
gevent.sleep(0)
#assert that the log method of the logger object was called with beesession as parameter.
dummy_logger.log.assert_called_once_with(beesession)
#assert that the beesession was removed from the queue
self.assertEquals(len(sessions), 0)
consumer.stop_handling()
def create_session(self, server_host, server_port, honeypot_id):
"""
Creates a new session.
:param server_host: IP address of the server
:param server_port: Server port
:return: A new `BaitSession` object.
"""
protocol = self.__class__.__name__.lower()
session = BaitSession(protocol, server_host, server_port, honeypot_id)
self.sessions[session.id] = session
return session
def populate_bait(self, honeypot_first):
honeypot_id = 1
client_id = 2
honeypot = Honeypot(id=honeypot_id)
client = Client(id=client_id)
db_session = database_setup.get_session()
db_session.add(honeypot)
db_session.add(client)
db_session.commit()
drone_data_socket = beeswarm.shared.zmq_context.socket(zmq.PUB)
drone_data_socket.bind(SocketNames.DRONE_DATA.value)
fd, config_file = tempfile.mkstemp()
os.close(fd)
os.remove(config_file)
# persistence actor needs to communicate with on config REQ/REP socket
config_actor = ConfigActor(config_file, '')
config_actor.start()
# startup session database
database_actor = DatabaseActor(999, delay_seconds=2)
database_actor.start()
gevent.sleep(1)
BaitSession.client_id = client_id
honeypot_session = HoneypotSession(source_ip='192.168.100.22', source_port=52311, protocol='pop3', users={},
destination_port=110)
honeypot_session.add_auth_attempt('plaintext', True, username='******', password='******')
honeypot_session.honeypot_id = honeypot_id
bait_session = BaitSession('pop3', '1234', 110, honeypot_id)
bait_session.add_auth_attempt('plaintext', True, username='******', password='******')
bait_session.honeypot_id = honeypot_id
bait_session.did_connect = bait_session.did_login = bait_session.alldone = bait_session.did_complete = True
if honeypot_first:
drone_data_socket.send('{0} {1} {2}'.format(Messages.SESSION_HONEYPOT.value, honeypot_id,
json.dumps(honeypot_session.to_dict(), default=json_default,
ensure_ascii=False)))
drone_data_socket.send('{0} {1} {2}'.format(Messages.SESSION_CLIENT.value, client_id,
json.dumps(bait_session.to_dict(), default=json_default,
ensure_ascii=False)))
else:
drone_data_socket.send('{0} {1} {2}'.format(Messages.SESSION_CLIENT.value, client_id,
json.dumps(bait_session.to_dict(), default=json_default,
ensure_ascii=False)))
drone_data_socket.send('{0} {1} {2}'.format(Messages.SESSION_HONEYPOT.value, honeypot_id,
json.dumps(honeypot_session.to_dict(), default=json_default,
ensure_ascii=False)))
# some time for the session actor to work
gevent.sleep(2)
config_actor.stop()
database_actor.stop()
if os.path.isfile(config_file):
os.remove(config_file)
def test_logging_done_bee(self):
"""
Tests that the consumer calls a logger class and that the beesession is removed
from the queue afterwards.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '1234', '4321', '123')
beesession.alldone = True
sessions[beesession.id] = beesession
#mock a dummy logger
dummy_logger = LoggerBase({})
log_mock = Mock()
dummy_logger.log = log_mock
status = {
'mode': 'Client',
'total_bees': 0,
'active_bees': 0,
'enabled_bees': [],
'client_id': uuid.uuid4(),
'managment_url': '',
'ip_address': '127.0.0.1'
}
consumer = Consumer(sessions, {}, status)
#inject the dummy logger into the consumer
consumer.active_loggers = [dummy_logger]
gevent.spawn(consumer.start_handling)
#forcing cooperative yield.
gevent.sleep(0)
#assert that the log method of the logger object was called with beesession as parameter.
dummy_logger.log.assert_called_once_with(beesession)
#assert that the beesession was removed from the queue
self.assertEquals(len(sessions), 0)
consumer.stop_handling()
def test_logging_not_done_bee(self):
"""
Tests that the consumer does not process bait sessions that are not marked as done.
"""
sessions = {}
BaitSession.client_id = 'dummy_client_id'
BaitSession.honeypot_id = 'dummy_hive_id'
beesession = BaitSession('telnet', '123', '1234', '4321')
beesession.alldone = False
sessions[beesession.id] = beesession
#mock a dummy logger
dummy_logger = LoggerBase({})
log_mock = Mock()
dummy_logger.log = log_mock
status = {
'mode': 'Client',
'total_bees': 0,
'active_bees': 0,
'enabled_bees': [],
'client_id': uuid.uuid4(),
'managment_url': '',
'ip_address': '127.0.0.1'
}
consumer = Consumer(sessions, {}, status)
consumer.active_loggers = [dummy_logger]
gevent.spawn(consumer.start_handling)
#forcing cooperative yield.
gevent.sleep(0)
#assert that the log method was not called
self.assertFalse(log_mock.called)
#assert that we still has a single item in the queue
self.assertEquals(len(sessions), 1)
consumer.stop_handling()
def populate_bait(self, honeypot_first):
honeypot_id = 1
client_id = 2
honeypot = Honeypot(id=honeypot_id)
client = Client(id=client_id)
db_session = database_setup.get_session()
db_session.add(honeypot)
db_session.add(client)
db_session.commit()
drone_data_socket = beeswarm.shared.zmq_context.socket(zmq.PUB)
drone_data_socket.bind(SocketNames.DRONE_DATA.value)
config_file = tempfile.mkstemp()[1]
os.remove(config_file)
# persistence actor needs to communicate with on config REQ/REP socket
config_actor = ConfigActor(config_file, '')
config_actor.start()
# startup session database
database_actor = DatabaseActor(999, delay_seconds=2)
database_actor.start()
gevent.sleep(1)
BaitSession.client_id = client_id
honeypot_session = HoneypotSession(source_ip='192.168.100.22',
source_port=52311,
protocol='pop3',
users={},
destination_port=110)
honeypot_session.add_auth_attempt('plaintext',
True,
username='******',
password='******')
honeypot_session.honeypot_id = honeypot_id
bait_session = BaitSession('pop3', '1234', 110, honeypot_id)
bait_session.add_auth_attempt('plaintext',
True,
username='******',
password='******')
bait_session.honeypot_id = honeypot_id
bait_session.did_connect = bait_session.did_login = bait_session.alldone = bait_session.did_complete = True
if honeypot_first:
drone_data_socket.send('{0} {1} {2}'.format(
Messages.SESSION_HONEYPOT.value, honeypot_id,
json.dumps(honeypot_session.to_dict(),
default=json_default,
ensure_ascii=False)))
drone_data_socket.send('{0} {1} {2}'.format(
Messages.SESSION_CLIENT.value, client_id,
json.dumps(bait_session.to_dict(),
default=json_default,
ensure_ascii=False)))
else:
drone_data_socket.send('{0} {1} {2}'.format(
Messages.SESSION_CLIENT.value, client_id,
json.dumps(bait_session.to_dict(),
default=json_default,
ensure_ascii=False)))
drone_data_socket.send('{0} {1} {2}'.format(
Messages.SESSION_HONEYPOT.value, honeypot_id,
json.dumps(honeypot_session.to_dict(),
default=json_default,
ensure_ascii=False)))
# some time for the session actor to work
gevent.sleep(2)
config_actor.stop()
database_actor.stop()
if os.path.isfile(config_file):
os.remove(config_file)
