예제 #1
0
    def setUp(self):
        # load the test configuration
        mwzoo.load_global_config(TEST_CONFIG_PATH)

        self.http_server = mwzoo.HTTPServer(mwzoo.MalwareZoo())

        from multiprocessing import Process
        self.server_process = Process(target=self._server_process)
        self.server_process.daemon = True
        self.server_process.start()
예제 #2
0
    def setUp(self):
        # load the test configuration
        mwzoo.load_global_config(TEST_CONFIG_PATH)

        # generate some random data for file content
        with open('/dev/urandom', 'rb') as fp:
            self.file_content = fp.read(1024)

        self.file_name = 'sample.exe'
        self.tags = ['tag1', 'tag2']
        self.sources = ['source1', 'source2']
        self.sample = mwzoo.Sample(self.file_name, self.file_content,
                                   self.tags, self.sources)
예제 #3
0
    def setUp(self):
        # load the test configuration
        mwzoo.load_global_config(TEST_CONFIG_PATH)

        self.zoo_process = None
        self.zoo_stdout = ''
        self.zoo_stdout_thread = None
        self.zoo_stderr = ''
        self.zoo_stderr_thread = None
        self._clear_database()
        self._start_malware_zoo()

        self.zoo_started = threading.Event()
        self.temp_dir = tempfile.mkdtemp()
예제 #4
0
    def default_config_tests(self):
        """Default config has expected section names."""
        mwzoo.load_global_config(DEFAULT_CONFIG_PATH)
        # test that these sections exist
        self.assertItemsEqual(mwzoo.global_config.sections(),
                              ['networking', 'storage', 'mongodb', 'mysql'])

        # just test that these settings exist
        assert mwzoo.global_config.get('storage', 'malware_storage_dir',
                                       None) is not None

        assert mwzoo.global_config.get('mongodb', 'hostname', None) is not None
        assert mwzoo.global_config.get('mongodb', 'database', None) is not None
        assert mwzoo.global_config.get('mongodb', 'collection',
                                       None) is not None
        assert mwzoo.global_config.get('mongodb', 'port', None) is not None

        assert mwzoo.global_config.get('mysql', 'hostname', None) is not None
        assert mwzoo.global_config.get('mysql', 'database', None) is not None
        assert mwzoo.global_config.get('mysql', 'user', None) is not None
        assert mwzoo.global_config.get('mysql', 'password', None) is not None
예제 #5
0
    action="store",
    dest="maximum_process_count",
    type=int,
    default=0,
    required=False,
    help="Maximum number of processes to spawn to process samples.  Set to 0 for serial processing.",
)
args = parser.parse_args()

if args.mwzoo_home is not None:
    os.environ["MWZOO_HOME"] = args.mwzoo_home

# if we don't specify a directory then we default to cwd
if "MWZOO_HOME" not in os.environ:
    os.environ["MWZOO_HOME"] = "."

try:
    os.chdir(os.environ["MWZOO_HOME"])
except Exception, e:
    sys.stderr.write("unable to change working directory to {0}: {1}\n", os.environ["MWZOO_HOME"], str(e))
    sys.exit(1)

logging.config.fileConfig(args.logging_config_path)

mwzoo.load_global_config(args.config_path)

zoo = mwzoo.MalwareZoo(args.maximum_process_count)
zoo.start()
logging.info("starting malware zoo http server")
mwzoo.HTTPServer(zoo).start()
예제 #6
0
 def invalid_configuration_test(self):
     """Specified configuration file does not exist."""
     mwzoo.load_global_config(INVALID_CONFIG_PATH)
예제 #7
0
 def missing_configuration_test(self):
     """Specified configuration file does not exist."""
     mwzoo.load_global_config(MISSING_CONFIG_PATH)
예제 #8
0
 def valid_configuration_test(self):
     """Tests that a valid configuration file is loaded."""
     mwzoo.load_global_config(VALID_CONFIG_PATH)
예제 #9
0
    def test_utilities(self):
        # load the test configuration
        mwzoo.load_global_config(TEST_CONFIG_PATH)

        # wait for the http server to start
        self.zoo_started.wait(5)

        # submit the example file
        submit_process = Popen([
            'python', 'mz-submit.py', '--remote-host', 'localhost:8082', '-f',
            'tests/data/HelloWorld.exe', '-t', 'tag1', 'tag2', '-s', 'source1',
            'source2'
        ],
                               stdout=PIPE)
        (stdout, stderr) = submit_process.communicate()
        assert submit_process.returncode == 0
        assert stdout.strip(
        ) == ".malware_test/3f8/3f896076056ef80ca508daf1317bbd22bd29de3e"

        # test default output
        query_process = Popen(
            ['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini'], stdout=PIPE)
        (stdout, stderr) = query_process.communicate()
        assert query_process.returncode == 0
        # expecting a single line of output
        assert len(
            stdout.split('\n')) == 2  # technically two including the new line
        # expecting sha1 hash
        assert stdout.strip() == '3f896076056ef80ca508daf1317bbd22bd29de3e'

        # test summary output
        query_process = Popen(
            ['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
            stdout=PIPE)
        (stdout, stderr) = query_process.communicate()
        assert query_process.returncode == 0

        # look for the sha1
        assert '3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
        # look for the md5
        assert '5d2c773d17866b0135feda1ef50b573a' in stdout
        # look for the two tags
        assert 'tag1' in stdout
        assert 'tag2' in stdout
        # look for the two sources
        assert 'source1' in stdout
        assert 'source2' in stdout

        # test file extraction
        query_process = Popen([
            'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-d',
            self.temp_dir
        ],
                              stdout=PIPE)
        (stdout, stderr) = query_process.communicate()
        assert query_process.returncode == 0
        assert stdout.strip() == os.path.join(self.temp_dir, 'HelloWorld.exe')
        # make sure it pulled the right file
        cmp_process = Popen([
            'cmp',
            os.path.join(self.temp_dir, 'HelloWorld.exe'),
            'tests/data/HelloWorld.exe'
        ])
        cmp_process.wait()
        assert cmp_process.returncode == 0

        # test query by various criteria
        for argument_configuration in [
            [
                'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-5',
                '5d2c773d17866b0135feda1ef50b573a'
            ],
            [
                'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-1',
                '3f896076056ef80ca508daf1317bbd22bd29de3e'
            ],
            [
                'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-n',
                'HelloWorld.exe'
            ],
            [
                'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-t',
                'tag1'
            ],
            [
                'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-t',
                'tag2'
            ],
            [
                'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-s',
                'source1'
            ],
            [
                'python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-s',
                'source2'
            ]
        ]:

            query_process = Popen(argument_configuration, stdout=PIPE)
            (stdout, stderr) = query_process.communicate()
            assert query_process.returncode == 0
            assert stdout.strip() == '3f896076056ef80ca508daf1317bbd22bd29de3e'

        # test --commit
        update_process = Popen([
            'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--update',
            '-t', 'tag3', '-s', 'source3'
        ],
                               stdin=PIPE,
                               stdout=PIPE)
        update_process.stdin.write(
            '3f896076056ef80ca508daf1317bbd22bd29de3e\n')
        (stdout, stderr) = update_process.communicate()
        assert query_process.returncode == 0
        assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
        assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' not in stdout

        # test update
        update_process = Popen([
            'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--update',
            '-t', 'tag3', '-s', 'source3', '--commit'
        ],
                               stdin=PIPE,
                               stdout=PIPE)
        update_process.stdin.write(
            '3f896076056ef80ca508daf1317bbd22bd29de3e\n')
        (stdout, stderr) = update_process.communicate()
        assert query_process.returncode == 0
        assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
        assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout

        # verify updates
        query_process = Popen(
            ['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
            stdout=PIPE)
        (stdout, stderr) = query_process.communicate()
        assert query_process.returncode == 0

        # look for the new tag
        assert 'tag3' in stdout
        assert 'source3' in stdout

        # make sure old tags and sources are gone
        assert 'tag1' not in stdout
        assert 'tag2' not in stdout
        assert 'source1' not in stdout
        assert 'source2' not in stdout

        # test append
        update_process = Popen([
            'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--append',
            '-t', 'tag4', '-s', 'source4', '--commit'
        ],
                               stdin=PIPE,
                               stdout=PIPE)
        update_process.stdin.write(
            '3f896076056ef80ca508daf1317bbd22bd29de3e\n')
        (stdout, stderr) = update_process.communicate()
        assert query_process.returncode == 0
        assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
        assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout

        # verify updates
        query_process = Popen(
            ['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
            stdout=PIPE)
        (stdout, stderr) = query_process.communicate()
        assert query_process.returncode == 0

        # look for the old and new tag
        assert 'tag3' in stdout
        assert 'tag4' in stdout
        assert 'source3' in stdout
        assert 'source4' in stdout

        # test delete
        update_process = Popen([
            'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '--delete',
            '-t', 'tag3', '-s', 'source3', '--commit'
        ],
                               stdin=PIPE,
                               stdout=PIPE)
        update_process.stdin.write(
            '3f896076056ef80ca508daf1317bbd22bd29de3e\n')
        (stdout, stderr) = update_process.communicate()
        assert query_process.returncode == 0
        assert 'saving changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
        assert 'saved changes to 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout

        # verify updates
        query_process = Popen(
            ['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
            stdout=PIPE)
        (stdout, stderr) = query_process.communicate()
        assert query_process.returncode == 0

        assert 'tag3' not in stdout
        assert 'tag4' in stdout
        assert 'source3' not in stdout
        assert 'source4' in stdout

        # test delete sample
        update_process = Popen([
            'python', 'mz-update.py', '-c', 'etc/mwzoo_test.ini', '-D',
            '--commit'
        ],
                               stdin=PIPE,
                               stdout=PIPE)
        update_process.stdin.write(
            '3f896076056ef80ca508daf1317bbd22bd29de3e\n')
        (stdout, stderr) = update_process.communicate()
        assert query_process.returncode == 0
        assert 'deleting sample 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout
        assert 'deleted sample 3f896076056ef80ca508daf1317bbd22bd29de3e' in stdout

        # verify delete
        query_process = Popen(
            ['python', 'mz-query.py', '-c', 'etc/mwzoo_test.ini', '-S'],
            stdout=PIPE)
        (stdout, stderr) = query_process.communicate()
        assert query_process.returncode == 0
        assert stdout.strip() == ''
예제 #10
0
    def setUp(self):
        # load the test configuration
        mwzoo.load_global_config(TEST_CONFIG_PATH)

        self.db = mwzoo.Database()
예제 #11
0

def setup_package():
    # if we don't specify a directory then we default to cwd
    if 'MWZOO_HOME' not in os.environ:
        os.environ['MWZOO_HOME'] = '.'

    try:
        os.chdir(os.environ['MWZOO_HOME'])
    except Exception, e:
        raise Exception(
            "unable to change working directory to {0}: {1}".format(
                os.environ['MWZOO_HOME']))

    # load the test configuration
    mwzoo.load_global_config(TEST_CONFIG_PATH)


def teardown_package():
    # delete the test mongodb
    pass


class config_test(unittest.TestCase):
    """Tests configuration files."""
    def setUp(self):
        pass

    def tearDown(self):
        pass
예제 #12
0
파일: mwzoo.py 프로젝트: wbbigdave/mwzoo
parser.add_argument(
    '--logging-config-path', action='store', dest='logging_config_path', default='etc/logging.ini', required=False,
    help='Path to logging configuration file for the malware zoo.')
parser.add_argument(
    '-m', '--maximum-process-count', action='store', dest='maximum_process_count', type=int, default=0, required=False,
    help='Maximum number of processes to spawn to process samples.  Set to 0 for serial processing.')
args = parser.parse_args()

if args.mwzoo_home is not None:
    os.environ['MWZOO_HOME'] = args.mwzoo_home

# if we don't specify a directory then we default to cwd
if 'MWZOO_HOME' not in os.environ:
    os.environ['MWZOO_HOME'] = '.'

try:
    os.chdir(os.environ['MWZOO_HOME'])
except Exception, e:
    sys.stderr.write("unable to change working directory to {0}: {1}\n",
        os.environ['MWZOO_HOME'], str(e))
    sys.exit(1)

logging.config.fileConfig(args.logging_config_path)

mwzoo.load_global_config(args.config_path)

zoo = mwzoo.MalwareZoo(args.maximum_process_count)
zoo.start()
logging.info("starting malware zoo http server")
mwzoo.HTTPServer(zoo).start()