def test_etw_nt_logger(self):
"""
Tests to ensure nt kernel logger capture works properly
:return: None
"""
capture = ETW(
session_name='NT Kernel Logger',
providers=[
ProviderInfo('Windows Kernel Trace',
GUID("{9E814AAD-3204-11D2-9A82-006008A86939}"),
any_keywords=['process'])
],
event_callback=lambda event_tufo: self.event_tufo_list.append(
event_tufo))
capture.start()
# start ping.exe
args = ['ping.exe']
p = sp.Popen(args, stdout=sp.DEVNULL, stderr=sp.DEVNULL)
time.sleep(2)
p.kill()
capture.stop()
event = self.find_event('PROCESS')
self.assertTrue(event)
event = self.trim_fields(event)
# This event should have 10 fields
self.assertEqual(len(event), 10)
self.event_tufo = []
return
def test_etw_capture(self):
"""
Tests the etw capture
:return: None
"""
# Instantiate an ETW object
capture = ETW(providers=[
ProviderInfo('Microsoft-Windows-WinINet',
GUID("{43D1A55C-76D6-4F7E-995C-64C711E5CAFE}"))
],
event_callback=lambda event_tufo: self.event_tufo_list.
append(event_tufo))
capture.start()
self.makeRequest()
# Ensure that we have a chance for all the events to come back
time.sleep(5)
# Stop the ETW instance
capture.stop()
event = self.find_event('WININET_READDATA')
self.assertTrue(event)
event = self.trim_fields(event)
# This event should have 3 fields
self.assertEqual(len(event), 3)
self.event_tufo = []
return
def test_etw_callback_wait(self):
"""
Tests the etw capture wait time
:return: None
"""
# Instantiate an ETW object
capture = ETW(providers=[
ProviderInfo('Microsoft-Windows-Kernel-Process',
GUID("{22FB2CD6-0E7B-422B-A0C7-2FAD1FD0E716}"))
],
event_callback=lambda event_tufo: self.event_tufo_list.
append(event_tufo),
callback_wait_time=0.0025)
capture.start()
# start ping
args = ['ping.exe']
p = sp.Popen(args, stdout=sp.DEVNULL, stderr=sp.DEVNULL)
time.sleep(5)
p.kill()
# Stop the ETW instance
capture.stop()
# check for process start
event = self.find_event('PROCESSSTART')
self.assertTrue(event)
event = self.trim_fields(event)
# This event should have 6 fields
self.assertEqual(len(event), 6)
self.event_tufo = []
return
def test_etw_capture_multi_providers(self):
"""
Tests the etw capture class using multiple providers
:return: None
"""
# Instantiate an ETW object
providers = [
ProviderInfo('Microsoft-Windows-WinINet',
GUID("{43D1A55C-76D6-4F7E-995C-64C711E5CAFE}")),
ProviderInfo('Microsoft-Windows-Kernel-Process',
GUID("{22FB2CD6-0E7B-422B-A0C7-2FAD1FD0E716}"))
]
capture = ETW(providers=providers,
event_callback=lambda event_tufo: self.event_tufo_list.
append(event_tufo))
capture.start()
# start ping
args = ['ping.exe']
p = sp.Popen(args, stdout=sp.DEVNULL, stderr=sp.DEVNULL)
time.sleep(5)
p.kill()
self.makeRequest()
# Stop the ETW instance
capture.stop()
# check for process start
event = self.find_event('PROCESSSTART')
self.assertTrue(event)
event = self.trim_fields(event)
# This event should have 6 fields
self.assertEqual(len(event), 6)
event = self.find_event('WININET_READDATA')
self.assertTrue(event)
event = self.trim_fields(event)
# This event should have 3 fields
self.assertEqual(len(event), 3)
self.event_tufo = []
return
def RunTest(driver, test):
# Set up the timeouts and other options
driver.set_page_load_timeout(test.GetTimeout())
driver.set_window_position(0, 0, driver.current_window_handle)
driver.set_window_size(1024, 768, driver.current_window_handle)
#start ETW logging
etw = ETW()
etw_file = test.GetFileETW()
if os.path.exists(etw_file):
os.unlink(etw_file)
etw.start(etw_file)
# Run through all of the script commands (just navigate for now but placeholder)
while not test.Done():
action = test.GetNextCommand()
if action['command'] == 'navigate':
driver.get(action['target'])
etw.stop()
def RunTest(driver, test):
global PAGE_DATA_SCRIPT
global USER_TIMING_SCRIPT
# Set up the timeouts and other options
driver.set_page_load_timeout(test.GetTimeout())
driver.set_window_position(0, 0, driver.current_window_handle)
driver.set_window_size(test.BrowserWidth(), test.BrowserHeight(),
driver.current_window_handle)
# Prepare the recorder
recorder = WptRecord()
recorder.Prepare(test)
#start ETW logging
etw = ETW()
etw_file = test.GetFileETW()
try:
etw.Start(etw_file)
except:
pass
# Start Recording
recorder.Start()
# Run through all of the script commands (just navigate for now but placeholder)
while not test.Done():
action = test.GetNextCommand()
try:
if action['command'] == 'navigate':
driver.get(action['target'])
except:
pass
# Wait for idle if it is not an onload-ending test
if not test.EndAtOnLoad():
recorder.WaitForIdle(30)
# Stop Recording
recorder.Stop()
try:
etw.Stop()
except:
pass
# Pull metrics from the DOM
dom_data = None
try:
dom_data = driver.execute_script(PAGE_DATA_SCRIPT)
logging.debug('Navigation Timing: {0}'.format(json.dumps(dom_data)))
except:
pass
# check for any user timing marks or measures
try:
user_timing_file = test.GetFileUserTiming()
if user_timing_file is not None:
if os.path.exists(user_timing_file):
os.unlink(user_timing_file)
if os.path.exists(user_timing_file + '.gz'):
os.unlink(user_timing_file + '.gz')
user_timing = driver.execute_script(USER_TIMING_SCRIPT)
if user_timing is not None:
with gzip.open(user_timing_file + '.gz', 'wb') as f:
json.dump(user_timing, f)
except:
pass
# collect custom metrics
try:
custom_metric_scripts = test.GetCustomMetrics()
custom_metrics_file = test.GetFileCustomMetrics()
if custom_metric_scripts is not None and custom_metrics_file is not None:
if os.path.exists(custom_metrics_file):
os.unlink(custom_metrics_file)
if os.path.exists(custom_metrics_file + '.gz'):
os.unlink(custom_metrics_file + '.gz')
custom_metrics = None
for metric in custom_metric_scripts:
script = custom_metric_scripts[metric]
result = driver.execute_script(script)
if result is not None:
if custom_metrics is None:
custom_metrics = {}
custom_metrics[metric] = result
if custom_metrics is not None:
with gzip.open(custom_metrics_file + '.gz', 'wb') as f:
json.dump(custom_metrics, f)
except:
pass
# grab a screen shot
try:
png = test.GetScreenshotPNG()
if png is not None:
if os.path.exists(png):
os.unlink(png)
driver.get_screenshot_as_file(png)
jpeg = test.GetScreenshotJPEG()
quality = test.GetImageQuality()
if jpeg is not None and os.path.exists(png):
command = 'magick "{0}" -set colorspace sRGB -quality {1:d} "{2}"'.format(
png, quality, jpeg)
subprocess.call(command, shell=True)
if os.path.exists(jpeg) and not test.KeepPNG():
os.unlink(png)
except:
pass
# process the etw trace
start_offset = 0
try:
start_offset = etw.Write(test, dom_data)
except:
pass
if os.path.exists(etw_file):
os.unlink(etw_file)
# Process the recording
print('Processing video capture')
recorder.Process(start_offset)
recorder.Done()
# Delete the actual video files if video capture was not enabled
if not test.Video():
pattern = test.GetFileVideoBase() + '*'
files = glob.glob(pattern)
for path in files:
if os.path.isfile(path):
try:
os.remove(path)
except Exception:
pass
def RunTest(driver, test):
global PAGE_DATA_SCRIPT
global USER_TIMING_SCRIPT
# Set up the timeouts and other options
driver.set_page_load_timeout(test.GetTimeout())
driver.set_window_position(0, 0, driver.current_window_handle)
driver.set_window_size(1024, 768, driver.current_window_handle)
#start ETW logging
try:
etw = ETW()
etw_file = test.GetFileETW()
etw.Start(etw_file)
except:
pass
# Run through all of the script commands (just navigate for now but placeholder)
while not test.Done():
action = test.GetNextCommand()
try:
if action['command'] == 'navigate':
driver.get(action['target'])
except:
pass
try:
etw.Stop()
except:
pass
# Pull metrics from the DOM
try:
dom_data = driver.execute_script(PAGE_DATA_SCRIPT)
except:
pass
# check for any user timing marks or measures
try:
user_timing_file = test.GetFileUserTiming()
if user_timing_file is not None:
if os.path.exists(user_timing_file):
os.unlink(user_timing_file)
if os.path.exists(user_timing_file + '.gz'):
os.unlink(user_timing_file + '.gz')
user_timing = driver.execute_script(USER_TIMING_SCRIPT)
if user_timing is not None:
with gzip.open(user_timing_file + '.gz', 'wb') as f:
json.dump(user_timing, f)
except:
pass
# collect custom metrics
try:
custom_metric_scripts = test.GetCustomMetrics()
custom_metrics_file = test.GetFileCustomMetrics()
if custom_metric_scripts is not None and custom_metrics_file is not None:
if os.path.exists(custom_metrics_file):
os.unlink(custom_metrics_file)
if os.path.exists(custom_metrics_file + '.gz'):
os.unlink(custom_metrics_file + '.gz')
custom_metrics = None
for metric in custom_metric_scripts:
script = custom_metric_scripts[metric]
result = driver.execute_script(script)
if result is not None:
if custom_metrics is None:
custom_metrics = {}
custom_metrics[metric] = result
if custom_metrics is not None:
with gzip.open(custom_metrics_file + '.gz', 'wb') as f:
json.dump(custom_metrics, f)
except:
pass
# grab a screen shot
try:
png = test.GetScreenshotPNG()
if png is not None:
if os.path.exists(png):
os.unlink(png)
driver.get_screenshot_as_file(png)
jpeg = test.GetScreenshotJPEG()
quality = test.GetScreenshotJPEGQuality()
if jpeg is not None and os.path.exists(png):
command = 'magick "{0}" -set colorspace sRGB -quality {1:d} "{2}"'.format(
png, quality, jpeg)
subprocess.call(command, shell=True)
if os.path.exists(jpeg) and not test.KeepPNG():
os.unlink(png)
except:
pass
# process the etw trace
try:
etw.Write(test, dom_data)
except:
pass
if os.path.exists(etw_file):
os.unlink(etw_file)