def test_nouuid(self):
'''
Test for when no uuid was passed or the uuid doesn't correspond to a archive format supported by the nugget.
'''
testArg1 = "--type=JAVASCRIPT"
testArg2 = "--file=%s/test/resources/testtar.tar.gz" % cwd
rexp = re.compile(r"No\sformats\sregistered")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report no formats registered, but should have.")
output = c.runExternal([execPath, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report no formats registered, but should have.")
def test_nouuid(self):
'''
Test for when no uuid was passed or the uuid doesn't correspond to a archive format supported by the nugget.
'''
testArg1 = "--type=JAVASCRIPT"
testArg2 = "--file=%s/test/resources/testtar.tar.gz" % cwd
rexp = re.compile(r"No\sformats\sregistered")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches(
"".join(output), rexp,
"Didn't report no formats registered, but should have.")
output = c.runExternal([execPath, testArg2], cwd=cwd)
self.assertRegexpMatches(
"".join(output), rexp,
"Didn't report no formats registered, but should have.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/maliciousCVE-2008-4841.doc" % cwd
rexp = re.compile(r"CVE-2008-4841")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp,
"Didn't report CVE-2008-4841.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/eicar" % cwd
rexp = re.compile(r"ClamAV\sFound:\sEicar-Test-Signature")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp,
"Didn't report finding test signature.")
def test_diff(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/eicar" % cwd
rexp = re.compile(r"Expected token PDFVERS")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp,
"Didn't report invalid PDF signature.")
def test_clean(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/standard.doc" % cwd
rexp = re.compile(r"CVE-")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertNotRegexpMatches(
"".join(output), rexp,
"Reported alarm, but should have been clean.")
def test_clean(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/make" % cwd
rexp = re.compile(r"ClamAV\sFound:\sEicar-Test-Signature")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertNotRegexpMatches(
"".join(output), rexp,
"Reported alarm, but should have been clean.")
def test_clean(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/standard.swf" % cwd
rexp = re.compile(r"Warning:\sSWF\ssignature\sis\snot\svalid")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertNotRegexpMatches(
"".join(output), rexp,
"Reported alarm, but should have been clean.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/maliciousCVE-2008-2992.pdf" % cwd
rexp = re.compile(r"CVE-2008-2992")
rexp2 = re.compile(r"Returned with: 0")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp,
"Didn't report CVE-2008-2992.")
self.assertRegexpMatches("".join(output), rexp2, "Didn't return 0.")
def test_notsupported(self):
'''
Test for when the passed file isn't of the type specified by the passed uuid.
'''
testArg1 = "--type=AR_FILE"
testArg2 = "--file=%s/test/resources/testtar.tar.gz" % cwd
rexp = re.compile(r"Unrecognized\sarchive\sformat")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Warning should have been displayed about unrecognised archive.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/maliciousCVE_2007_0071.swf" % cwd
rexp = re.compile(
r"Adobe\sFlash\sPlayer\sMultimedia\sFile\sDefineSceneAndFrameLabelData\sCode\sExecution"
)
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp,
"Didn't report invalid SWF signature.")
def test_supported(self):
'''
Test for properly specified UUID and file.
'''
testArg1 = "--type=GZIP_FILE"
testArg2 = "--file=%s/test/resources/testtar.tar.gz" % cwd
rexp = re.compile(r"Extracting\sPath")
rexp2 = re.compile(r"File_Store")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report extracting path.")
self.assertRegexpMatches("".join(output), rexp2, "Didn't report calling File_Store.")
def test_notsupported(self):
'''
Test for when the passed file isn't of the type specified by the passed uuid.
'''
testArg1 = "--type=AR_FILE"
testArg2 = "--file=%s/test/resources/testtar.tar.gz" % cwd
rexp = re.compile(r"Unrecognized\sarchive\sformat")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches(
"".join(output), rexp,
"Warning should have been displayed about unrecognised archive.")
def test_supported(self):
'''
Test for properly specified UUID and file.
'''
testArg1 = "--type=GZIP_FILE"
testArg2 = "--file=%s/test/resources/testtar.tar.gz" % cwd
rexp = re.compile(r"Extracting\sPath")
rexp2 = re.compile(r"File_Store")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp,
"Didn't report extracting path.")
self.assertRegexpMatches("".join(output), rexp2,
"Didn't report calling File_Store.")
def test_clean(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/standard.doc" % cwd
rexp = re.compile(r"CVE-")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertNotRegexpMatches("".join(output), rexp, "Reported alarm, but should have been clean.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/eicar" % cwd
rexp = re.compile(r"ClamAV\sFound:\sEicar-Test-Signature")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report finding test signature.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/eicar" % cwd
rexp = re.compile(r"VirusTotal\sreported\sblock\sbad")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report finding test signature.")
def test_clean(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/make" % cwd
rexp = re.compile(r"VirusTotal:\sNothing\sfound")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertNotRegexpMatches("".join(output), rexp, "Reported alarm, but should have been clean.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/maliciousCVE_2007_0071.swf" % cwd
rexp = re.compile(r"Adobe\sFlash\sPlayer\sMultimedia\sFile\sDefineSceneAndFrameLabelData\sCode\sExecution")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report invalid SWF signature.")
def test_clean(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/make" % cwd
rexp = re.compile(r"ClamAV\sFound:\sEicar-Test-Signature")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertNotRegexpMatches("".join(output), rexp, "Reported alarm, but should have been clean.")
def test_clean(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/standard.swf" % cwd
rexp = re.compile(r"Warning:\sSWF\ssignature\sis\snot\svalid")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertNotRegexpMatches("".join(output), rexp, "Reported alarm, but should have been clean.")
def test_diff(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/eicar" % cwd
rexp = re.compile(r"Warning:\sSWF\ssignature\sis\snot\svalid")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report invalid SWF signature.")
def test_alarm(self):
testArg1 = ""
testArg2 = "--file=%s/test/resources/maliciousCVE-2008-4841.doc" % cwd
rexp = re.compile(r"CVE-2008-4841")
output = c.runExternal([execPath, testArg1, testArg2], cwd=cwd)
self.assertRegexpMatches("".join(output), rexp, "Didn't report CVE-2008-4841.")
