def test_honeypot_sql(self):
"""Objective: Testing overall Honeypot integration.
Input: Loads the honeypot module with mongodb as main database.
Expected Response: Honeypot responses with a non-empty HTTP response.
Note: This test verifies the overall functionality."""
db_file = tempfile.mkstemp()[1]
conn_string = "sqlite:///{0}".format(db_file)
sql_engine = create_engine(conn_string)
helpers.populate_main_sql_testdatabase(sql_engine)
config_file = tempfile.mkstemp()[1]
with open(config_file, 'w') as f:
f.writelines(helpers.gen_config(conn_string))
try:
raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n"
source_address = ["127.0.0.1", "12345"]
sensor_address = ["1.2.3.4", "8080"]
GlastopfHoneypot.prepare_environment(self.tmpdir)
self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir,
config=config_file)
self.glastopf.options["enabled"] = "False"
print "Sending request: http://localhost:8080/"
response = self.glastopf.handle_request(raw_request,
source_address,
sensor_address)
self.assertIsNot(response, None)
finally:
if os.path.isfile(config_file):
os.remove(config_file)
if os.path.isfile(db_file):
os.remove(db_file)
def test_honeypot_sql(self):
"""Objective: Testing overall Honeypot integration.
Input: Loads the honeypot module with mongodb as main database.
Expected Response: Honeypot responses with a non-empty HTTP response.
Note: This test verifies the overall functionality."""
db_file = tempfile.mkstemp()[1]
conn_string = "sqlite:///{0}".format(db_file)
sql_engine = create_engine(conn_string)
helpers.populate_main_sql_testdatabase(sql_engine)
config_file = tempfile.mkstemp()[1]
with open(config_file, "w") as f:
f.writelines(helpers.gen_config(conn_string))
try:
raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n"
source_address = ["127.0.0.1", "12345"]
sensor_address = ["1.2.3.4", "8080"]
GlastopfHoneypot.prepare_environment(self.tmpdir)
self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir, config=config_file)
self.glastopf.options["enabled"] = "False"
print "Sending request: http://localhost:8080/"
response = self.glastopf.handle_request(raw_request, source_address, sensor_address)
self.assertIsNot(response, None)
finally:
if os.path.isfile(config_file):
os.remove(config_file)
if os.path.isfile(db_file):
os.remove(db_file)
def test_honeypot_mongo(self):
"""Objective: Testing overall Honeypot integration.
Input: Loads the honeypot module with mongodb as main database.
Expected Response: Honeypot responses with a non-empty HTTP response.
Note: This test verifies the overall functionality."""
conn_string = helpers.create_mongo_database(fill=True)
config_file = tempfile.mkstemp()[1]
with open(config_file, 'w') as f:
f.writelines(helpers.gen_config(conn_string))
try:
raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n"
source_address = ["127.0.0.1", "12345"]
GlastopfHoneypot.prepare_environment(self.tmpdir)
self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir,
config=config_file)
self.glastopf.options["enabled"] = "False"
print "Sending request: http://localhost:8080/"
connection = FakeCon()
connection.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
response = self.glastopf.handle_request(raw_request,
source_address, connection)
connection.sock.close()
self.assertIsNot(response, None)
finally:
helpers.delete_mongo_testdata(conn_string)
if os.path.isfile(config_file):
os.remove(config_file)
def test_honeypot_mongo(self):
"""Objective: Testing overall Honeypot integration.
Input: Loads the honeypot module with mongodb as main database.
Expected Response: Honeypot responses with a non-empty HTTP response.
Note: This test verifies the overall functionality."""
conn_string = helpers.create_mongo_database(fill=True)
config_file = tempfile.mkstemp()[1]
with open(config_file, 'w') as f:
f.writelines(helpers.gen_config(conn_string))
try:
raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n"
source_address = ["127.0.0.1", "12345"]
GlastopfHoneypot.prepare_environment(self.tmpdir)
self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir, config=config_file)
self.glastopf.options["enabled"] = "False"
print "Sending request: http://localhost:8080/"
connection = FakeCon()
connection.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
response = self.glastopf.handle_request(raw_request,
source_address,
connection)
connection.sock.close()
self.assertIsNot(response, None)
finally:
helpers.delete_mongo_testdata(conn_string)
if os.path.isfile(config_file):
os.remove(config_file)
def test_surfcertids(self):
"""Objective: Testing if a basic event can be transmitted using hpfriends."""
config_file = tempfile.mkstemp()[1]
with open(config_file, "w") as f:
f.writelines(helpers.gen_config(""))
try:
attack_event = AttackEvent()
request = (
"GET /pub/WWW/TheProject.html HTTP/1.1\r\n"
"Host: www.evil.org\r\n"
"Referer: http://www.honeynet.org\r\n"
"User-Agent: Mozilla 5\r\n"
"\r\n\r\n"
"GET /beer\r\n"
)
attack_event.http_request = HTTPHandler(request, "1.2.3.4")
attack_event.source_addr = ("4.3.2.1", 41022)
logSURFcertIDS = LogSURFcertIDS(None, config_file)
logSURFcertIDS.connection = connectionMock()
finally:
if os.path.isfile(config_file):
os.remove(config_file)
def test_surfcertids(self):
"""Objective: Testing if a basic event can be transmitted using hpfriends."""
config_file = tempfile.mkstemp()[1]
with open(config_file, 'w') as f:
f.writelines(helpers.gen_config(''))
try:
attack_event = AttackEvent()
request = "GET /pub/WWW/TheProject.html HTTP/1.1\r\n" \
"Host: www.evil.org\r\n" \
"Referer: http://www.honeynet.org\r\n" \
"User-Agent: Mozilla 5\r\n" \
"\r\n\r\n" \
"GET /beer\r\n"
attack_event.http_request = HTTPHandler(request, "1.2.3.4")
attack_event.source_addr = ('4.3.2.1', 41022)
logSURFcertIDS = LogSURFcertIDS(None, os.getcwd(), config_file)
logSURFcertIDS.connection = connectionMock()
finally:
if os.path.isfile(config_file):
os.remove(config_file)
