def test_build_options(self):
class mock_machine:
resultserver_ip = "1.2.3.4"
resultserver_port = "1337"
mock_task_build_opts = mock_task()
mock_task_build_opts.package = "foo"
mock_task_build_opts.options = "foo=bar"
mock_task_build_opts.enforce_timeout = 1
mock_task_build_opts.clock = datetime.strptime("01-01-2099 09:01:01", "%m-%d-%Y %H:%M:%S")
mock_task_build_opts.timeout = 10
analysis_man = AnalysisManager(task=mock_task_build_opts, error_queue=queue.Queue())
analysis_man.machine = mock_machine()
opts = analysis_man.build_options()
opts["target"] = opts["target"].rsplit("/", 1)[-1]
assert opts == {
"category": "file",
"exports": "",
"target": "test_scheduler.py",
"package": "foo",
"terminate_processes": False,
"ip": "1.2.3.4",
"clock": datetime(2099, 1, 1, 9, 1, 1),
"port": "1337",
"file_type": "Python script, ASCII text executable",
"options": "foo=bar",
"enforce_timeout": 1,
"evtx": False,
"timeout": 10,
"file_name": "test_scheduler.py",
"browser": True,
"curtain": False,
"procmon": False,
"digisig": True,
"disguise": True,
"sysmon": False,
"filepickup": False,
"filecollector": True,
"permissions": False,
"screenshots_linux": False,
"screenshots_windows": True,
"tlsdump": True,
"usage": False,
"human_linux": False,
"human_windows": True,
"stap": False,
"id": 1234,
"do_upload_max_size": 0,
"upload_max_size": 100000000,
"during_script": False,
"pre_script": False,
}
def test_build_options_pe(self, grab_sample):
class mock_machine:
resultserver_ip = "1.2.3.4"
resultserver_port = "1337"
sample_location = grab_sample(sample_hash="5dd87d3d6b9d8b4016e3c36b189234772661e690c21371f1eb8e018f0f0dec2b")
mock_task_build_opts = mock_task()
mock_task_build_opts.package = "file"
mock_task_build_opts.enforce_timeout = 1
mock_task_build_opts.clock = datetime.strptime("01-01-2099 09:01:01", "%m-%d-%Y %H:%M:%S")
mock_task_build_opts.timeout = 10
mock_task_build_opts.target = sample_location
analysis_man = AnalysisManager(task=mock_task_build_opts, error_queue=queue.Queue())
analysis_man.machine = mock_machine()
opts = analysis_man.build_options()
opts["target"] = opts["target"].rsplit("/", 1)[-1]
assert opts == {
"category": "file",
"exports": "",
"target": "5dd87d3d6b9d8b4016e3c36b189234772661e690c21371f1eb8e018f0f0dec2b",
"package": "file",
"terminate_processes": False,
"ip": "1.2.3.4",
"clock": datetime(2099, 1, 1, 9, 1, 1),
"port": "1337",
"file_type": "PE32 executable (console) Intel 80386, for MS Windows",
"options": "foo=bar",
"enforce_timeout": 1,
"evtx": False,
"timeout": 10,
"file_name": "5dd87d3d6b9d8b4016e3c36b189234772661e690c21371f1eb8e018f0f0dec2b",
"browser": True,
"curtain": False,
"procmon": False,
"digisig": True,
"disguise": True,
"sysmon": False,
"filepickup": False,
"permissions": False,
"screenshots": True,
"tlsdump": True,
"usage": False,
"human": True,
"id": 1234,
"do_upload_max_size": 0,
"upload_max_size": 100000000,
}
def test_build_options_false_pe(self, mocker, caplog):
class mock_machine(object):
resultserver_ip = "1.2.3.4"
resultserver_port = "1337"
mock_task_build_opts = mock_task()
mock_task_build_opts.package = "foo"
mock_task_build_opts.enforce_timeout = 1
mock_task_build_opts.clock = datetime.strptime("01-01-2099 09:01:01", "%m-%d-%Y %H:%M:%S")
mock_task_build_opts.timeout = 10
analysis_man = AnalysisManager(task=mock_task_build_opts, error_queue=queue.Queue())
analysis_man.machine = mock_machine()
mocker.patch(
"lib.cuckoo.core.scheduler.File.get_type", return_value="PE32 executable (console) Intel 80386, for MS Windows"
)
opts = analysis_man.build_options()
opts["target"] = opts["target"].rsplit("/", 1)[-1]
assert "PE type not recognised" in caplog.text
def test_build_options(self):
class mock_machine(object):
resultserver_ip = "1.2.3.4"
resultserver_port = "1337"
mock_task_build_opts = mock_task()
mock_task_build_opts.package = "foo"
mock_task_build_opts.options = "foo=bar"
mock_task_build_opts.enforce_timeout = 1
mock_task_build_opts.clock = datetime.strptime("01-01-2099 09:01:01",
"%m-%d-%Y %H:%M:%S")
mock_task_build_opts.timeout = 10
analysis_man = AnalysisManager(task=mock_task_build_opts,
error_queue=queue.Queue())
analysis_man.machine = mock_machine()
opts = analysis_man.build_options()
opts["target"] = opts["target"].split("/")[-1]
assert opts == {
"category": "file",
"exports": "",
"target": "test_scheduler.py",
"package": "foo",
"terminate_processes": False,
"ip": "1.2.3.4",
"clock": datetime(2099, 1, 1, 9, 1, 1),
"port": "1337",
"file_type": "Python script, ASCII text executable",
"options": "foo=bar",
"enforce_timeout": 1,
"timeout": 10,
"file_name": "test_scheduler.py",
"curtain": False,
"procmon": False,
"sysmon": False,
"id": 1234,
"do_upload_max_size": 0,
"upload_max_size": 100000000,
}
