def demux_sample_and_add_to_db(self, file_path, timeout=0, package="", options="", priority=1,
custom="", machine="", platform="", tags=None,
memory=False, enforce_timeout=False, clock=None,shrike_url=None,
shrike_msg=None, shrike_sid = None, shrike_refer=None, parent_id=None):
"""
Handles ZIP file submissions, submitting each extracted file to the database
Returns a list of added task IDs
"""
task_ids = []
# extract files from the (potential) ZIP
extracted_files = demux_sample(file_path, package, options)
# create tasks for each file in the ZIP
for file in extracted_files:
task_id = self.add_path(file_path=file,
timeout=timeout,
priority=priority,
options=options,
package=package,
machine=machine,
platform=platform,
memory=memory,
custom=custom,
enforce_timeout=enforce_timeout,
tags=tags,
clock=clock,
shrike_url=shrike_url,
shrike_msg=shrike_msg,
shrike_sid=shrike_sid,
shrike_refer=shrike_refer,
parent_id=parent_id)
if task_id:
task_ids.append(task_id)
return task_ids
def test_demux_package(self):
empty_file = tempfile.NamedTemporaryFile()
assert demux.demux_sample(filename=empty_file,
package="Emotet",
options="foo",
use_sflock=False) == [empty_file]
empty_file.close()
def test_demux_sample_microsoft_docx(self, grab_sample):
# .docx file
sample_hash = "c0c1c1c852a045eb3eb3b26dad2124aea866ea008449e0d7a84925c2ded7fddb"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(
filename=sample_location, package=None, options="foobar") == [
pathlib.Path(__file__).absolute().parent.as_posix() +
"/test_objects/" + sample_hash
]
def test_demux_sample_microsoft_docx(self, grab_sample):
# .docx file
sample_hash = "c0c1c1c852a045eb3eb3b26dad2124aea866ea008449e0d7a84925c2ded7fddb"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(filename=sample_location,
package=None,
options="foobar") == [
os.getcwd() + "/tests/test_objects/" +
sample_hash
]
def test_demux_sample_java(self, grab_sample):
# java class file for a simple hello world
sample_hash = "27c428570256f0e5f8229d053f352aea4276e5c9c5a601c20e04535a8ba1e41d"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(filename=sample_location,
package=None,
options="foo",
use_sflock=False) == [
os.getcwd() + "/tests/test_objects/" +
sample_hash
]
def test_demux_sample_pe32(self, grab_sample):
# pe32 from https://github.com/bootandy/dust/releases/download/v0.5.4/dust-v0.5.4-i686-pc-windows-msvc.zip
sample_hash = "5dd87d3d6b9d8b4016e3c36b189234772661e690c21371f1eb8e018f0f0dec2b"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(filename=sample_location,
package=None,
options="foo",
use_sflock=False) == [
os.getcwd() + "/tests/test_objects/" +
sample_hash
]
def test_demux_sample_microsoft_outlook(self, grab_sample):
# outlook message from https://github.com/HamiltonInsurance/outlook_msg/blob/e6c0293f098e8aee9cd4124aa6a5d409c798bc49/test_data/No%20attachment.msg
sample_hash = "0e16568cc1e8ddda0f0856b27857d1d043d7b18909a566ae5fa2460fc8fd3614"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(filename=sample_location,
package=None,
options="foo",
use_sflock=False) == [
os.getcwd() + "/tests/test_objects/" +
sample_hash
]
def test_demux_sample_microsoft_password_no_sflock_doc(self, grab_sample):
# password protected .doc file
sample_hash = "d211ce5c36f630aa1e85d4f36291fee2a600216d823d23805fe41bb68ea99dbb"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(filename=sample_location,
package=None,
options="password=infected",
use_sflock=False) == [
os.getcwd() + "/tests/test_objects/" +
sample_hash
]
def test_demux_sample_java(self, grab_sample):
# java class file for a simple hello world
sample_hash = "27c428570256f0e5f8229d053f352aea4276e5c9c5a601c20e04535a8ba1e41d"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(
filename=sample_location,
package=None,
options="foo",
use_sflock=False) == [
pathlib.Path(__file__).absolute().parent.as_posix() +
"/test_objects/" + sample_hash
]
def test_demux_sample_microsoft_no_password_no_sflock_doc(
self, grab_sample):
# no password .doc file
sample_hash = "d211ce5c36f630aa1e85d4f36291fee2a600216d823d23805fe41bb68ea99dbb"
sample_location = grab_sample(sample_hash)
assert demux.demux_sample(
filename=sample_location,
package=None,
options="foo",
use_sflock=False) == [
pathlib.Path(__file__).absolute().parent.as_posix() +
"/test_objects/" + sample_hash
]
def demux_sample_and_add_to_db(self,
file_path,
timeout=0,
package="",
options="",
priority=1,
custom="",
machine="",
platform="",
tags=None,
memory=False,
enforce_timeout=False,
clock=None):
"""
Handles ZIP file submissions, submitting each extracted file to the database
Returns a list of added task IDs
"""
task_ids = []
# extract files from the (potential) ZIP
extracted_files = demux_sample(file_path, package, options)
# create tasks for each file in the ZIP
for file in extracted_files:
task_id = self.add_path(file_path=file,
timeout=timeout,
priority=priority,
options=options,
package=package,
machine=machine,
platform=platform,
memory=memory,
custom=custom,
enforce_timeout=enforce_timeout,
tags=tags,
clock=clock)
if task_id:
task_ids.append(task_id)
return task_ids
