def test_signature_order():
class sig(Signature):
enabled = True
minimum = "2.0.0"
maximum = None
platform = "windows"
marks = []
def __init__(self, caller):
pass
class sig1(sig):
name = "sig1"
order = 3
class sig2(sig):
name = "sig2"
order = 1
class sig3(sig):
name = "sig3"
order = 2
set_cwd(tempfile.mkdtemp())
cuckoo_create()
with mock.patch("cuckoo.core.plugins.cuckoo") as p:
p.signatures = sig1, sig2, sig3
RunSignatures.init_once()
rs = RunSignatures({})
assert isinstance(rs.signatures[0], sig2)
assert isinstance(rs.signatures[1], sig3)
assert isinstance(rs.signatures[2], sig1)
def init_modules():
"""Initialize plugins."""
log.debug("Imported modules...")
categories = (
"auxiliary",
"machinery",
"processing",
"signatures",
"reporting",
)
# Call the init_once() static method of each plugin/module. If an exception
# is thrown in that initialization call, then a hard error is appropriate.
for category in categories:
for module in cuckoo.plugins[category]:
module.init_once()
for category in categories:
log.debug("Imported \"%s\" modules:", category)
entries = cuckoo.plugins[category]
for entry in entries:
if entry == entries[-1]:
log.debug("\t `-- %s", entry.__name__)
else:
log.debug("\t |-- %s", entry.__name__)
# Initialize the RunSignatures module with all available Signatures and
# the ExtractManager with all available Extractors.
RunSignatures.init_once()
ExtractManager.init_once()
def init_modules():
"""Initializes plugins."""
log.debug("Imported modules...")
categories = (
"auxiliary", "machinery", "processing", "signatures", "reporting",
)
# Call the init_once() static method of each plugin/module. If an exception
# is thrown in that initialization call, then a hard error is appropriate.
for category in categories:
for module in cuckoo.plugins[category]:
module.init_once()
for category in categories:
log.debug("Imported \"%s\" modules:", category)
entries = cuckoo.plugins[category]
for entry in entries:
if entry == entries[-1]:
log.debug("\t `-- %s", entry.__name__)
else:
log.debug("\t |-- %s", entry.__name__)
# Initialize the RunSignatures module with all available Signatures.
RunSignatures.init_once()
def test_signature_order():
class sig(object):
enabled = True
minimum = "2.0.0"
maximum = None
platform = "windows"
marks = []
def __init__(self, caller):
pass
class sig1(sig):
name = "sig1"
order = 3
class sig2(sig):
name = "sig2"
order = 1
class sig3(sig):
name = "sig3"
order = 2
with mock.patch("cuckoo.core.plugins.cuckoo") as p:
p.signatures = sig1, sig2, sig3
RunSignatures.init_once()
rs = RunSignatures({})
assert isinstance(rs.signatures[0], sig2)
assert isinstance(rs.signatures[1], sig3)
assert isinstance(rs.signatures[2], sig1)
def test_load_signatures():
set_cwd(tempfile.mkdtemp())
cuckoo_create()
shutil.rmtree(cwd("signatures"))
shutil.copytree("tests/files/enumplugins", cwd("signatures"))
sys.modules.pop("signatures", None)
load_signatures()
# Ensure that the Signatures are loaded in the global list.
names = []
for sig in cuckoo.signatures:
names.append(sig.__module__)
assert "signatures.sig1" in names
assert "signatures.sig2" in names
assert "signatures.sig3" in names
# Ensure that the Signatures are loaded in the RunSignatures object.
RunSignatures.init_once()
rs, names = RunSignatures({}), []
for sig in rs.signatures:
names.append(sig.__class__.__name__)
assert "Sig1" in names
assert "Sig2" in names
assert "Sig3" in names
def test_load_signatures():
set_cwd(tempfile.mkdtemp())
cuckoo_create()
shutil.rmtree(cwd("signatures"))
shutil.copytree("tests/files/enumplugins", cwd("signatures"))
sys.modules.pop("signatures", None)
load_signatures()
# Ensure that the Signatures are loaded in the global list.
names = []
for sig in cuckoo.signatures:
names.append(sig.__module__)
assert "signatures.sig1" in names
assert "signatures.sig2" in names
assert "signatures.sig3" in names
# Ensure that the Signatures are loaded in the RunSignatures object.
RunSignatures.init_once()
rs, names = RunSignatures({}), []
for sig in rs.signatures:
names.append(sig.__class__.__name__)
assert "Sig1" in names
assert "Sig2" in names
assert "Sig3" in names
class test_call_signature():
class sig(Signature):
enabled = True
name = "sig"
minimum = "2.0.0"
maximum = None
platform = "windows"
matched = False
order = 1
def __init__(self, caller):
pass
def on_signature(self, sig):
pass
set_cwd(tempfile.mkdtemp())
cuckoo_create()
with mock.patch("cuckoo.core.plugins.cuckoo") as p:
p.signatures = sig,
RunSignatures.init_once()
rs = RunSignatures({})
s1 = rs.signatures[0]
# Not a match.
f = mock.MagicMock(return_value=False)
s1.matched = False
rs.call_signature(s1, f, 1, 2, a=3, b=4)
assert s1.matched is False
f.assert_called_once_with(1, 2, a=3, b=4)
# It is a match.
f = mock.MagicMock(return_value=True)
rs.call_signature(s1, f, "foo", "bar")
assert s1.matched is True
f.assert_called_once_with("foo", "bar")
# Now it is a match, no longer call the handler.
f = mock.MagicMock()
rs.call_signature(s1, f, "foo", "bar")
f.assert_not_called()
