def setUp(self):
# load the test configuration
mwzoo.load_global_config(TEST_CONFIG_PATH)
self.http_server = mwzoo.HTTPServer(mwzoo.MalwareZoo())
from multiprocessing import Process
self.server_process = Process(target=self._server_process)
self.server_process.daemon = True
self.server_process.start()
def setUp(self):
# load the test configuration
mwzoo.load_global_config(TEST_CONFIG_PATH)
# generate some random data for file content
with open('/dev/urandom', 'rb') as fp:
self.file_content = fp.read(1024)
self.file_name = 'sample.exe'
self.tags = ['tag1', 'tag2']
self.sources = ['source1', 'source2']
self.sample = mwzoo.Sample(self.file_name, self.file_content,
self.tags, self.sources)
def setUp(self):
# load the test configuration
mwzoo.load_global_config(TEST_CONFIG_PATH)
self.zoo_process = None
self.zoo_stdout = ''
self.zoo_stdout_thread = None
self.zoo_stderr = ''
self.zoo_stderr_thread = None
self._clear_database()
self._start_malware_zoo()
self.zoo_started = threading.Event()
self.temp_dir = tempfile.mkdtemp()
def default_config_tests(self):
"""Default config has expected section names."""
mwzoo.load_global_config(DEFAULT_CONFIG_PATH)
# test that these sections exist
self.assertItemsEqual(mwzoo.global_config.sections(),
['networking', 'storage', 'mongodb', 'mysql'])
# just test that these settings exist
assert mwzoo.global_config.get('storage', 'malware_storage_dir',
None) is not None
assert mwzoo.global_config.get('mongodb', 'hostname', None) is not None
assert mwzoo.global_config.get('mongodb', 'database', None) is not None
assert mwzoo.global_config.get('mongodb', 'collection',
None) is not None
assert mwzoo.global_config.get('mongodb', 'port', None) is not None
assert mwzoo.global_config.get('mysql', 'hostname', None) is not None
assert mwzoo.global_config.get('mysql', 'database', None) is not None
assert mwzoo.global_config.get('mysql', 'user', None) is not None
assert mwzoo.global_config.get('mysql', 'password', None) is not None
action="store",
dest="maximum_process_count",
type=int,
default=0,
required=False,
help="Maximum number of processes to spawn to process samples. Set to 0 for serial processing.",
)
args = parser.parse_args()
if args.mwzoo_home is not None:
os.environ["MWZOO_HOME"] = args.mwzoo_home
# if we don't specify a directory then we default to cwd
if "MWZOO_HOME" not in os.environ:
os.environ["MWZOO_HOME"] = "."
try:
os.chdir(os.environ["MWZOO_HOME"])
except Exception, e:
sys.stderr.write("unable to change working directory to {0}: {1}\n", os.environ["MWZOO_HOME"], str(e))
sys.exit(1)
logging.config.fileConfig(args.logging_config_path)
mwzoo.load_global_config(args.config_path)
zoo = mwzoo.MalwareZoo(args.maximum_process_count)
zoo.start()
logging.info("starting malware zoo http server")
mwzoo.HTTPServer(zoo).start()
def invalid_configuration_test(self):
"""Specified configuration file does not exist."""
mwzoo.load_global_config(INVALID_CONFIG_PATH)
def missing_configuration_test(self):
"""Specified configuration file does not exist."""
mwzoo.load_global_config(MISSING_CONFIG_PATH)
def valid_configuration_test(self):
"""Tests that a valid configuration file is loaded."""
mwzoo.load_global_config(VALID_CONFIG_PATH)
def test_utilities(self):
# load the test configuration
mwzoo.load_global_config(TEST_CONFIG_PATH)
# wait for the http server to start
self.zoo_started.wait(5)
# submit the example file
submit_process = Popen([
'python', 'mz-submit.py', '--remote-host', 'localhost:8082', '-f',
'tests/data/HelloWorld.exe', '-t', 'tag1', 'tag2', '-s', 'source1',
'source2'
],
stdout=PIPE)
(stdout, stderr) = submit_process.communicate()
assert submit_process.returncode == 0
assert stdout.strip(
) == ".malware_test/3f8/3f896076056ef80ca508daf1317bbd22bd29de3e"
# test default output
query_process = Popen(
['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini'], stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
# expecting a single line of output
assert len(
stdout.split('\n')) == 2 # technically two including the new line
# expecting sha1 hash
assert stdout.strip() == '3f896076056ef80ca508daf1317bbd22bd29de3e'
# test summary output
query_process = Popen(
['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
# look for the sha1
assert '3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
# look for the md5
assert '5d2c773d17866b0135feda1ef50b573a' in stdout
# look for the two tags
assert 'tag1' in stdout
assert 'tag2' in stdout
# look for the two sources
assert 'source1' in stdout
assert 'source2' in stdout
# test file extraction
query_process = Popen([
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-d',
self.temp_dir
],
stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
assert stdout.strip() == os.path.join(self.temp_dir, 'HelloWorld.exe')
# make sure it pulled the right file
cmp_process = Popen([
'cmp',
os.path.join(self.temp_dir, 'HelloWorld.exe'),
'tests/data/HelloWorld.exe'
])
cmp_process.wait()
assert cmp_process.returncode == 0
# test query by various criteria
for argument_configuration in [
[
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-5',
'5d2c773d17866b0135feda1ef50b573a'
],
[
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-1',
'3f896076056ef80ca508daf1317bbd22bd29de3e'
],
[
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-n',
'HelloWorld.exe'
],
[
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-t',
'tag1'
],
[
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-t',
'tag2'
],
[
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-s',
'source1'
],
[
'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-s',
'source2'
]
]:
query_process = Popen(argument_configuration, stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
assert stdout.strip() == '3f896076056ef80ca508daf1317bbd22bd29de3e'
# test --commit
update_process = Popen([
'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--update',
'-t', 'tag3', '-s', 'source3'
],
stdin=PIPE,
stdout=PIPE)
update_process.stdin.write(
'3f896076056ef80ca508daf1317bbd22bd29de3e\n')
(stdout, stderr) = update_process.communicate()
assert query_process.returncode == 0
assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' not in stdout
# test update
update_process = Popen([
'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--update',
'-t', 'tag3', '-s', 'source3', '--commit'
],
stdin=PIPE,
stdout=PIPE)
update_process.stdin.write(
'3f896076056ef80ca508daf1317bbd22bd29de3e\n')
(stdout, stderr) = update_process.communicate()
assert query_process.returncode == 0
assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
# verify updates
query_process = Popen(
['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
# look for the new tag
assert 'tag3' in stdout
assert 'source3' in stdout
# make sure old tags and sources are gone
assert 'tag1' not in stdout
assert 'tag2' not in stdout
assert 'source1' not in stdout
assert 'source2' not in stdout
# test append
update_process = Popen([
'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--append',
'-t', 'tag4', '-s', 'source4', '--commit'
],
stdin=PIPE,
stdout=PIPE)
update_process.stdin.write(
'3f896076056ef80ca508daf1317bbd22bd29de3e\n')
(stdout, stderr) = update_process.communicate()
assert query_process.returncode == 0
assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
# verify updates
query_process = Popen(
['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
# look for the old and new tag
assert 'tag3' in stdout
assert 'tag4' in stdout
assert 'source3' in stdout
assert 'source4' in stdout
# test delete
update_process = Popen([
'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--delete',
'-t', 'tag3', '-s', 'source3', '--commit'
],
stdin=PIPE,
stdout=PIPE)
update_process.stdin.write(
'3f896076056ef80ca508daf1317bbd22bd29de3e\n')
(stdout, stderr) = update_process.communicate()
assert query_process.returncode == 0
assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
# verify updates
query_process = Popen(
['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
assert 'tag3' not in stdout
assert 'tag4' in stdout
assert 'source3' not in stdout
assert 'source4' in stdout
# test delete sample
update_process = Popen([
'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '-D',
'--commit'
],
stdin=PIPE,
stdout=PIPE)
update_process.stdin.write(
'3f896076056ef80ca508daf1317bbd22bd29de3e\n')
(stdout, stderr) = update_process.communicate()
assert query_process.returncode == 0
assert 'deleting sample 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
assert 'deleted sample 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
# verify delete
query_process = Popen(
['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
stdout=PIPE)
(stdout, stderr) = query_process.communicate()
assert query_process.returncode == 0
assert stdout.strip() == ''
def setUp(self):
# load the test configuration
mwzoo.load_global_config(TEST_CONFIG_PATH)
self.db = mwzoo.Database()
def setup_package():
# if we don't specify a directory then we default to cwd
if 'MWZOO_HOME' not in os.environ:
os.environ['MWZOO_HOME'] = '.'
try:
os.chdir(os.environ['MWZOO_HOME'])
except Exception, e:
raise Exception(
"unable to change working directory to {0}: {1}".format(
os.environ['MWZOO_HOME']))
# load the test configuration
mwzoo.load_global_config(TEST_CONFIG_PATH)
def teardown_package():
# delete the test mongodb
pass
class config_test(unittest.TestCase):
"""Tests configuration files."""
def setUp(self):
pass
def tearDown(self):
pass
parser.add_argument(
'--logging-config-path', action='store', dest='logging_config_path', default='etc/logging.ini', required=False,
help='Path to logging configuration file for the malware zoo.')
parser.add_argument(
'-m', '--maximum-process-count', action='store', dest='maximum_process_count', type=int, default=0, required=False,
help='Maximum number of processes to spawn to process samples. Set to 0 for serial processing.')
args = parser.parse_args()
if args.mwzoo_home is not None:
os.environ['MWZOO_HOME'] = args.mwzoo_home
# if we don't specify a directory then we default to cwd
if 'MWZOO_HOME' not in os.environ:
os.environ['MWZOO_HOME'] = '.'
try:
os.chdir(os.environ['MWZOO_HOME'])
except Exception, e:
sys.stderr.write("unable to change working directory to {0}: {1}\n",
os.environ['MWZOO_HOME'], str(e))
sys.exit(1)
logging.config.fileConfig(args.logging_config_path)
mwzoo.load_global_config(args.config_path)
zoo = mwzoo.MalwareZoo(args.maximum_process_count)
zoo.start()
logging.info("starting malware zoo http server")
mwzoo.HTTPServer(zoo).start()