Python IntegerConstant 예제들

예제 #1

def test_multiple_qualifiers():
    exp_and = stix2.AndBooleanExpression([stix2.EqualityComparisonExpression("network-traffic:dst_ref.type",
                                                                             "domain-name"),
                                          stix2.EqualityComparisonExpression("network-traffic:dst_ref.value",
                                                                             "example.com")])
    exp_ob = stix2.ObservationExpression(exp_and)
    qual_rep = stix2.RepeatQualifier(5)
    qual_within = stix2.WithinQualifier(stix2.IntegerConstant(1800))
    exp = stix2.QualifiedObservationExpression(stix2.QualifiedObservationExpression(exp_ob, qual_rep), qual_within)
    assert str(exp) == "[network-traffic:dst_ref.type = 'domain-name' AND network-traffic:dst_ref.value = 'example.com'] REPEATS 5 TIMES WITHIN 1800 SECONDS"  # noqa

예제 #2

def test_hash_followed_by_registryKey_expression():
    hash_exp = stix2.EqualityComparisonExpression("file:hashes.MD5",
                                                  stix2.HashConstant("79054025255fb1a26e4bc422aef54eb4", "MD5"))
    o_exp1 = stix2.ObservationExpression(hash_exp)
    reg_exp = stix2.EqualityComparisonExpression(stix2.ObjectPath("windows-registry-key", ["key"]),
                                                 stix2.StringConstant("HKEY_LOCAL_MACHINE\\foo\\bar"))
    o_exp2 = stix2.ObservationExpression(reg_exp)
    fb_exp = stix2.FollowedByObservationExpression([o_exp1, o_exp2])
    para_exp = stix2.ParentheticalExpression(fb_exp)
    qual_exp = stix2.WithinQualifier(stix2.IntegerConstant(300))
    exp = stix2.QualifiedObservationExpression(para_exp, qual_exp)
    assert str(exp) == "([file:hashes.MD5 = '79054025255fb1a26e4bc422aef54eb4'] FOLLOWEDBY [windows-registry-key:key = 'HKEY_LOCAL_MACHINE\\\\foo\\\\bar']) WITHIN 300 SECONDS"  # noqa

예제 #3

파일: STIXPatternVisitor.py 프로젝트: sroy8091/cti-stix-slider

 def visitTerminal(self, node):
     if node.symbol.type == STIXPatternParser.IntLiteral:
         return stix2.IntegerConstant(node.getText())
     elif node.symbol.type == STIXPatternParser.FloatLiteral:
         return stix2.FloatConstant(node.getText())
     elif node.symbol.type == STIXPatternParser.HexLiteral:
         return stix2.HexConstant(node.getText())
     elif node.symbol.type == STIXPatternParser.BinaryLiteral:
         return stix2.BinaryConstant(node.getText())
     elif node.symbol.type == STIXPatternParser.StringLiteral:
         return stix2.StringConstant(node.getText().strip('\''))
     elif node.symbol.type == STIXPatternParser.BoolLiteral:
         return stix2.BooleanConstant(node.getText())
     elif node.symbol.type == STIXPatternParser.TimestampLiteral:
         return stix2.TimestampConstant(node.getText())
     # TODO: timestamp
     else:
         return node

예제 #4

파일: test_pattern_expressions.py 프로젝트: zrush-mitre/cti-python-stix2

def test_repeat_qualifier():
    qual = stix2.RepeatQualifier(stix2.IntegerConstant(5))
    assert str(qual) == 'REPEATS 5 TIMES'

예제 #5

파일: test_pattern_expressions.py 프로젝트: zrush-mitre/cti-python-stix2

def test_invalid_integer_constant():
    with pytest.raises(ValueError):
        stix2.IntegerConstant('foo')

예제 #6

def test_invalid_integer_constant():
    with pytest.raises(ValueError) as excinfo:
        stix2.IntegerConstant('foo')
    assert 'must be an integer' in str(excinfo)