def test_sessionEnded(self): # Mock the Time module. currentTime = 0 class MockTimeModule: def getCurrentTimestamp(self): return currentTime DatabaseManager.Time = MockTimeModule() # Initialize and close the initial database. self.initialDatabase.execute( "CREATE TABLE Users (Id char(9),AccessType STRING);") self.initialDatabase.execute( "CREATE TABLE Sessions (Id char(9),StartTime BIGINT,EndTime BIGINT);" ) self.initialDatabase.commit() self.initialDatabase.close() # Create the database, start and end sessions, and assert the sessions are correct. CuT = DatabaseManager.DatabaseManager(self.databaseFile) CuT.sessionStarted(Session.Session(User.User("000000001", 10), 5)) currentTime = 7 CuT.sessionEnded(Session.Session(User.User("000000001", 10), 5)) CuT.sessionStarted(Session.Session(User.User("000000002", 10), 8)) currentTime = 9 CuT.sessionEnded(Session.Session(User.User("000000002", 10), 8)) CuT.sessionStarted(Session.Session(User.User("000000001", 10), 15)) sessions = CuT.database.execute("SELECT * FROM Sessions;").fetchall() self.assertEqual(sessions[0], ("000000001", 5, 7), "Session is incorrect.") self.assertEqual(sessions[1], ("000000002", 8, 9), "Session is incorrect.") self.assertEqual(sessions[2], ("000000001", 15, 0), "Session is incorrect.")
def test_sessionStarted(self): # Initialize and close the initial database. self.initialDatabase.execute( "CREATE TABLE Users (Id char(9),AccessType STRING);") self.initialDatabase.execute( "CREATE TABLE Sessions (Id char(9),StartTime BIGINT,EndTime BIGINT);" ) self.initialDatabase.commit() self.initialDatabase.close() # Set the static database, start sessions, and assert the sessions are correct. DatabaseManager.staticDatabaseManager = DatabaseManager.DatabaseManager( self.databaseFile) DatabaseManager.sessionStarted( Session.Session(User.User("000000001", 10), 5)) DatabaseManager.sessionStarted( Session.Session(User.User("000000002", 10), 8)) DatabaseManager.sessionStarted( Session.Session(User.User("000000001", 10), 15)) sessions = DatabaseManager.staticDatabaseManager.database.execute( "SELECT * FROM Sessions;").fetchall() self.assertEqual(sessions[0], ("000000001", 5, 0), "Session is incorrect.") self.assertEqual(sessions[1], ("000000002", 8, 0), "Session is incorrect.") self.assertEqual(sessions[2], ("000000001", 15, 0), "Session is incorrect.")
def analyseSubmission(self, submission): sid = submission.id Session().expunge(submission) if type(submission) != Model.Submission: raise Exception("Invalid submission object") nb_of_modules_for_this_submission = 0 for m in self.modules: if m.analyse(submission) is True: nb_of_modules_for_this_submission += 1 submission = Session().query(Submission).filter(Submission.id == sid).one() submission.working_modules = nb_of_modules_for_this_submission Session.commit()
def post(current_user, self): if current_user[1]==False: return {'message': 'Access Denied!'}, 403 json_data = request.get_json(force=True) if not json_data: return {'message': 'No input data provided'}, 400 data, errors = session_schema.load(json_data) if errors: return errors, 422 lecon = Lecons.query.filter_by(id=data['lecons_id']).first() enseignant = Enseignants.query.filter_by(id=lecon.enseignant_id).first() if not current_user[0]==enseignant: return {'message': 'Action Forbidden!'}, 403 session = Session( salles_id=data['salles_id'], date_debut=data['date_debut'], lecons_id=data['lecons_id'], ) db.session.add(session) db.session.commit() session = Session.query.filter_by(lecons_id=data['lecons_id']).all() result = sessions_schema.dump(session).data result = result[len(result)-1] return 'Le numero de la seance est: ' +str(result['id']), 201
def post(self): uemail = self.request.get('email') upwd = self.request.get('pwd') if uemail == '' or upwd == '': self.redirect('/error') else: user = ndb.Key('User', uemail).get() if user and user.pwd == upwd: token = security.generate_random_string(length=20) session = Session(id=token) session.userKey = user.put() session.put() self.response.set_cookie(key='token', value=token, path='/') self.redirect("/home") else: self.redirect("/login")
def post(self): username=self.request.get("uname") uemail=self.request.get("email") upwd=self.request.get("pwd") if username == '' or uemail=='' or upwd=='': self.redirect('/error') else: user=User.get_by_id(uemail) if user: self.redirect('/error') else: newUser=User(id=uemail,uName=username,email=uemail,pwd=upwd) token = security.generate_random_string(length=20) session = Session(id=token) session.userKey=newUser.put() session.put() self.response.set_cookie(key='token', value=token, path='/') self.redirect('/home')
def post(self): uemail=self.request.get('email') upwd=self.request.get('pwd') if uemail=='' or upwd=='': self.redirect('/error') else: user = ndb.Key('User',uemail).get() if user and user.pwd==upwd: token = security.generate_random_string(length=20) session = Session(id=token) session.userKey=user.put() session.put() self.response.set_cookie(key='token', value=token, path='/') self.redirect("/home") else: self.redirect("/login")
def post(self): username = self.request.get("uname") uemail = self.request.get("email") upwd = self.request.get("pwd") if username == '' or uemail == '' or upwd == '': self.redirect('/error') else: user = User.get_by_id(uemail) if user: self.redirect('/error') else: newUser = User(id=uemail, uName=username, email=uemail, pwd=upwd) token = security.generate_random_string(length=20) session = Session(id=token) session.userKey = newUser.put() session.put() self.response.set_cookie(key='token', value=token, path='/') self.redirect('/home')
def post(self): json_data = request.get_json(force=True) if not json_data: return {'message': 'No input data provided'}, 400 # Validate and deserialize input data, errors = session_schema.load(json_data) if errors: return errors, 422 session = Session(start=json_data['start'], end=json_data['end']) db.session.add(session) db.session.commit() result = session_schema.dump(session).data return {"status": 'success', 'data': result}, 201
def startSession(self, user): # Log the session being ended if the id is changing. if self.currentSession is not None and self.currentSession.getUser( ).getId() != user.getId(): DatabaseManager.sessionEnded(self.currentSession) # Set the session. newSession = Session.startSession(user) self.currentSession = newSession self.notify(newSession) DatabaseManager.sessionStarted(newSession) # Start a thread to expire the session. sessionThread = SessionThread(self) sessionThread.daemon = True sessionThread.start()
def _do_work(self, submission): s = Session() r = Report( module=self.__ModuleName__, short="Short desc...", full="", submission=submission ) s.add(r) #Do the actual work sql = """select sha1, md5, FileName, FileSize, ProductName, ProductVersion, Language, ApplicationType, o.OpSystemCode, OpSystemName, OpSystemVersion, o.MfgCode, MfgName from file f inner join Prod p on p.ProductCode=f.ProductCode inner join OS o on f.OpSystemCode=o.OpSystemCode inner join Mfg m on m.MfgCode=o.MfgCode where sha1=?;""" results = self.db.execute(sql, (submission.file.sha1.upper(),)).fetchall() if len(results) == 0: # Unknown in Db r.short = "Unknown File - sha1 : %s" % (submission.file.sha1) else: # Known in Hash Db r.short = "File known to be safe (%s match)" % (len(results)) r.threat_level = 0 for result in results: report_details = { 'FileName': result[2], 'FileSize': result[3], 'Product': { 'ProductName': result[4], 'ProductVersion': result[5], 'Language': result[6], 'ApplicationType': result[7], 'OS': { 'OpSystemCode': result[8], 'OpSystemName': result[9], 'OpSystemVersion': result[10], 'MfgCode': result[11], 'MfgName': result[12], }, }, } json = JSONEncoder().encode(report_details) section = ReportSection( type='json', value=json, report=r ) s.add(section) s.commit() #r._sa_instance_state.session.expunge(r) return r
def _do_work_wrapper(self, submission_id): s = Session() submission = s.query(Submission).filter(Submission.id==submission_id).one() try: r = self._do_work(submission) s.expunge(r) self.result_queue.put(r) except Exception as e: logging.error("Got exception : %s"%e) r = Report( module=self.__ModuleName__, short="Got an exception in module : %s"%e, full="", submission=submission ) s.add(r) s.expunge(r) self.result_queue.put(r)
def _do_work(self, submission): # Do the actual work e = EntropyTool(submission.file.path) (entropy, mean, stdv, max_dev) = e.analyze() out = os.path.join(self.module_config["output_dir"], "%s.png" % submission.file.sha256) e.writeimg(out) mapout = os.path.join(self.module_config["output_dir"], "%s_map.png" % submission.file.sha256) MapFile().writeimg(submission.file.path, mapout) r1 = {"path": out.replace("\\", "/"), "comment": "Entropy of the file"} r2 = {"path": mapout.replace("\\", "/"), "comment": "Mapping of the file"} json1 = JSONEncoder().encode(r1) json2 = JSONEncoder().encode(r2) r = Report(module=self.__ModuleName__, short="%s" % e.FileTypeText(), full="", submission=submission) Session.add(r) section1 = ReportSection(type="img", value=json1, report=r) Session.add(section1) section2 = ReportSection(type="img", value=json2, report=r) Session.add(section2) Session.commit() return r
def _do_work(self, submission): #Do the actual work report = self.vt.get(submission.file.sha256) s = Session() r = Report( module=self.__ModuleName__, short="Short desc...", full="", submission=submission ) s.add(r) new_vt_submission = False if report is None: # Unknown in VT r.short = "Unknown on VT" if self.module_config['submit_unknown']: report = self.vt.scan(submission.file.path, reanalyze=True) report.join() new_vt_submission = True try: assert report.done is True # Known in VT r.short = "Detection rate : %s/%s - %s" % (report.positives, report.total, report.verbose_msg) if new_vt_submission: r.short += " (First submission in VT)" if report.positives == 0: r.threat_level = 0 elif report.positives > 5: r.threat_level = 100 report_details = report._report json = JSONEncoder().encode(report_details) section = ReportSection( type='json', value=json, report=r ) s.add(section) except Exception as e: logging.error("Could not get report from vt : %s"%e) s.commit() #r._sa_instance_state.session.expunge(r) return r
def _do_work(self, submission): a = AnalyzePDF(submission.file.path, toolpath=self.module_config['tool_path']) sev, comment = a.analyze() # (sev (0-5+), "comment") r = Report( module=self.__ModuleName__, short="%s (%s)" % (sev, comment), full="", submission=submission ) if sev >= 5: r.threat_level = 100 elif sev >=2: r.threat_level = 50 else: r.threat_level = 0 Session.add(r) section = ReportSection( type='text', value=a.anomalies_string, report=r ) Session.add(section) section = ReportSection( type='text', value=a.pdfid_str, report=r ) Session.add(section) Session.commit() #r._sa_instance_state.session.expunge(r) return r
def _do_work(self, submission): # Do the actual work metadata = self.exif_tool.get_metadata(submission.file.path) metadata_hierarchy = {} for key, value in metadata.iteritems(): parent = metadata_hierarchy subkeys = key.split(":") for i in range(len(subkeys) - 1): current = subkeys[i] if current not in parent: parent[current] = {} parent = parent[current] current = subkeys[-1] parent[current] = value json = JSONEncoder().encode(metadata_hierarchy) s = Session() r = Report(module=self.__ModuleName__, short="", full="", submission=submission) s.add(r) section = ReportSection(type="json", value=json, report=r) s.add(section) s.commit() # r._sa_instance_state.session.expunge(r) return r
def __init__(self): self.session = Session()
def test_constructor(self): Session.Session(self.testUser,50)
def test_getStartTime(self): CuT = Session.Session(self.testUser,50) self.assertEqual(CuT.getStartTime(),50,"Start time is incorrect.")
def test_getEndTime(self): CuT = Session.Session(self.testUser,50) self.assertEqual(CuT.getEndTime(),70,"End time is incorrect.")
def test_startSession(self): CuT = Session.startSession(self.testUser) self.assertEqual(CuT.getUser(),self.testUser,"User is incorrect.") self.assertNotEqual(CuT.getStartTime(),0,"Start time is incorrect.") self.assertAlmostEqual(CuT.getEndTime() - CuT.getStartTime(),20,"Delta time is incorrect.",0.1)