def __init__(self, config):
self.host = config.get('taxii', 'host')
self.port = config.getint('taxii', 'port')
self.inbox_path = config.get('taxii', 'inbox_path')
self.use_https = config.getboolean('taxii', 'use_https')
self.client = HttpClient()
self.client.setProxy('noproxy')
self.stix_transformer = StixTransformer(config)
def test_stix_transform(self):
"""
Objective: Test if our STIX xml can be validated.
"""
config = ConfigParser()
config_file = os.path.join(os.path.dirname(__file__), '../conpot.cfg')
config.read(config_file)
config.set('taxii', 'enabled', True)
config.set('taxii', 'use_contact_info', True)
config.set('taxii', 'contact_name', 'James Bond')
config.set('taxii', 'contact_mail', '[email protected]')
test_event = {
'remote': ('127.0.0.1', 54872),
'data_type': 's7comm',
'public_ip': '111.222.111.222',
'timestamp': datetime.now(),
'session_id': '101d9884-b695-4d8b-bf24-343c7dda1b68',
'data': {
0: {
'request': 'who are you',
'response': 'mr. blue'
},
1: {
'request': 'give me apples',
'response': 'no way'
}
}
}
stixTransformer = StixTransformer(config)
stix_package_xml = stixTransformer.transform(test_event)
xmlValidator = STIXValidator(None, True, False)
(isvalid, validation_error,
best_practice_warnings) = xmlValidator.validate(
StringIO(stix_package_xml.encode('utf-8')))
self.assertTrue(
isvalid,
'Error while parsing STIX xml: {0}'.format(validation_error))
