def dork_generator_chain(self, dbtype): """ Helper method to constructs chain of objects to satify dependencies for the dork_generator. Returns an instance of dork_page_generator. """ if dbtype == "sql": engine = create_engine('sqlite:///') #Create mock of empty main db helpers.populate_main_sql_testdatabase(engine) db = database_sqla.Database(engine) elif dbtype == "mongodb": conn_string = helpers.create_mongo_database(fill=True) db = database_mongo.Database(helpers.create_mongo_database) else: raise Exception("Unsupported database type: {0}".format(dbtype)) reduced_dorks_file = os.path.join( os.path.split(os.path.abspath(__file__))[0], 'data/dorks_reduced.txt') file_processor = DorkFileProcessor(db, dorks_file=reduced_dorks_file) #setting the bar low for testing clusterer = cluster.Cluster("/\w+", 1, 1, 1, min_df=0.0) dork_generator = DorkPageGenerator(db, file_processor, clusterer, self.datadir) return db, engine, dork_generator
def test_honeypot_mongo(self): """Objective: Testing overall Honeypot integration. Input: Loads the honeypot module with mongodb as main database. Expected Response: Honeypot responses with a non-empty HTTP response. Note: This test verifies the overall functionality.""" conn_string = helpers.create_mongo_database(fill=True) config_file = tempfile.mkstemp()[1] with open(config_file, "w") as f: f.writelines(helpers.gen_config(conn_string)) try: raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n" source_address = ["127.0.0.1", "12345"] sensor_address = ["1.2.3.4", "8080"] GlastopfHoneypot.prepare_environment(self.tmpdir) self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir, config=config_file) self.glastopf.options["enabled"] = "False" print "Sending request: http://localhost:8080/" response = self.glastopf.handle_request(raw_request, source_address, sensor_address) self.assertIsNot(response, None) finally: helpers.delete_mongo_testdata(conn_string) if os.path.isfile(config_file): os.remove(config_file)
def test_honeypot_mongo(self): """Objective: Testing overall Honeypot integration. Input: Loads the honeypot module with mongodb as main database. Expected Response: Honeypot responses with a non-empty HTTP response. Note: This test verifies the overall functionality.""" conn_string = helpers.create_mongo_database(fill=True) config_file = tempfile.mkstemp()[1] with open(config_file, 'w') as f: f.writelines(helpers.gen_config(conn_string)) try: raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n" source_address = ["127.0.0.1", "12345"] sensor_address = ["1.2.3.4", "8080"] GlastopfHoneypot.prepare_environment(self.tmpdir) self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir, config=config_file) self.glastopf.options["enabled"] = "False" print "Sending request: http://localhost:8080/" response = self.glastopf.handle_request(raw_request, source_address, sensor_address) self.assertIsNot(response, None) finally: helpers.delete_mongo_testdata(conn_string) if os.path.isfile(config_file): os.remove(config_file)
def test_mongodb_insert(self): conn_string = helpers.create_mongo_database(fill=False) db_name = uri_parser.parse_uri(conn_string)['database'] try: maindb = log_mongodb.Database(conn_string) #prepare attack event attack_event = attack.AttackEvent() attack_event.event_time = self.event_time = datetime.now( ).strftime("%Y-%m-%d %H:%M:%S") attack_event.matched_pattern = "test_test" attack_event.source_addr = ("192.168.1.201", 12345) attack_event.parsed_request = util.HTTPRequest() attack_event.parsed_request.url = "/breadandbytter.php?a=b" attack_event.parsed_request.method = "GET" attack_event.parsed_request.header = { 'Accept-Charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3', 'Connection': 'keep-alive' } attack_event.parsed_request.body = "some stuff" maindb.insert(attack_event) with warnings.catch_warnings(record=True): collection = MongoClient(conn_string)[db_name]['events'] results = list(collection.find()) #Check if database returned the correct amount self.assertEqual(len(list(results)), 1) entry = results[0] self.assertEqual(entry["pattern"], "test_test") self.assertEqual(entry["request"]["body"], "some stuff") self.assertEqual(entry["request"]["parameters"], "") self.assertEqual(entry["request"]["url"], "/breadandbytter.php?a=b") self.assertEqual(entry["request"]["header"]['Accept-Charset'], "ISO-8859-1,utf-8;q=0.7,*;q=0.3") self.assertEqual(entry["request"]["header"]['Connection'], "keep-alive") self.assertEqual(entry["request"]["method"], "GET") self.assertEqual(entry["source"][0], "192.168.1.201") self.assertEqual(entry["source"][1], 12345) finally: helpers.delete_mongo_testdata(conn_string)
def test_mongodb_insert(self): conn_string = helpers.create_mongo_database(fill=False) db_name = uri_parser.parse_uri(conn_string)['database'] try: maindb = log_mongodb.Database(conn_string) #prepare attack event attack_event = attack.AttackEvent() attack_event.event_time = self.event_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S") attack_event.matched_pattern = "test_test" attack_event.source_addr = ("192.168.1.201", 12345) attack_event.parsed_request = util.HTTPRequest() attack_event.parsed_request.url = "/breadandbytter.php?a=b" attack_event.parsed_request.method = "GET" attack_event.parsed_request.header = {'Accept-Charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3', 'Connection': 'keep-alive'} attack_event.parsed_request.body = "some stuff" maindb.insert(attack_event) with warnings.catch_warnings(record=True): collection = MongoClient(conn_string)[db_name]['events'] results = list(collection.find()) #Check if database returned the correct amount self.assertEqual(len(list(results)), 1) entry = results[0] self.assertEqual(entry["pattern"], "test_test") self.assertEqual(entry["request"]["body"], "some stuff") self.assertEqual(entry["request"]["parameters"], "") self.assertEqual(entry["request"]["url"], "/breadandbytter.php?a=b") self.assertEqual(entry["request"]["header"]['Accept-Charset'], "ISO-8859-1,utf-8;q=0.7,*;q=0.3") self.assertEqual(entry["request"]["header"]['Connection'], "keep-alive") self.assertEqual(entry["request"]["method"], "GET") self.assertEqual(entry["source"][0], "192.168.1.201") self.assertEqual(entry["source"][1], 12345) finally: helpers.delete_mongo_testdata(conn_string)
def dork_generator_chain(self, dbtype): """ Helper method to constructs chain of objects to satify dependencies for the dork_generator. Returns an instance of dork_page_generator. """ if dbtype == "sql": engine = create_engine('sqlite:///') #Create mock of empty main db helpers.populate_main_sql_testdatabase(engine) db = database_sqla.Database(engine) elif dbtype == "mongodb": conn_string = helpers.create_mongo_database(fill=True) db = database_mongo.Database(helpers.create_mongo_database) else: raise Exception("Unsupported database type: {0}".format(dbtype)) reduced_dorks_file = os.path.join(os.path.split(os.path.abspath(__file__))[0], 'data/dorks_reduced.txt') file_processor = DorkFileProcessor(db, dorks_file=reduced_dorks_file) dork_generator = DorkPageGenerator(db, file_processor, self.datadir) return db, engine, dork_generator
def test_mongodb_insert(self): conn_string = helpers.create_mongo_database(fill=False) db_name = uri_parser.parse_uri(conn_string)["database"] try: maindb = log_mongodb.Database(conn_string) attack_event = attack.AttackEvent() attack_event.event_time = self.event_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S") attack_event.matched_pattern = "test_test" attack_event.source_addr = ("192.168.1.201", 12345) request = ( "GET /breadandbytter.php?a=b HTTP/1.0\r\n" "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n" "ISO-8859-1,utf-8;q=0.7,*;q=0.3r\n" "Connection: keep-alive\r\n\r\n" "some stuff" ) attack_event.http_request = HTTPHandler(request, None) maindb.insert(attack_event) with warnings.catch_warnings(record=True): collection = MongoClient(conn_string)[db_name]["events"] results = list(collection.find()) # Check if database returned the correct amount self.assertEqual(len(list(results)), 1) entry = results[0] self.assertEqual(entry["source"][0], "192.168.1.201") self.assertEqual(entry["source"][1], 12345) self.assertEqual(entry["pattern"], "test_test") self.assertEqual(entry["request_raw"], request) self.assertEqual(entry["request_url"], "/breadandbytter.php?a=b") finally: helpers.delete_mongo_testdata(conn_string)
def test_mongodb_insert(self): conn_string = helpers.create_mongo_database(fill=False) db_name = uri_parser.parse_uri(conn_string)["database"] try: maindb = log_mongodb.Database(conn_string) attack_event = attack.AttackEvent() attack_event.event_time = self.event_time = datetime.now( ).strftime("%Y-%m-%d %H:%M:%S") attack_event.matched_pattern = "test_test" attack_event.source_addr = ("192.168.1.201", 12345) request = ("GET /breadandbytter.php?a=b HTTP/1.0\r\n" "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n" "ISO-8859-1,utf-8;q=0.7,*;q=0.3r\n" "Connection: keep-alive\r\n\r\n" "some stuff") attack_event.http_request = HTTPHandler(request, None) maindb.insert(attack_event) with warnings.catch_warnings(record=True): collection = MongoClient(conn_string)[db_name]["events"] results = list(collection.find()) #Check if database returned the correct amount self.assertEqual(len(list(results)), 1) entry = results[0] self.assertEqual(entry["source"][0], "192.168.1.201") self.assertEqual(entry["source"][1], 12345) self.assertEqual(entry["pattern"], "test_test") self.assertEqual(entry["request_raw"], request) self.assertEqual(entry["request_url"], "/breadandbytter.php?a=b") finally: helpers.delete_mongo_testdata(conn_string)
def dork_generator_chain(self, dbtype, pages_dir): """ Helper method to constructs chain of objects to satify dependencies for the dork_generator. Returns an instance of dork_page_generator. """ if dbtype == "sql": engine = create_engine('sqlite:///') #Create mock of empty main db helpers.populate_main_sql_testdatabase(engine) db = database_sqla.Database(engine) elif dbtype == "mongodb": conn_string = helpers.create_mongo_database(fill=True) db = database_mongo.Database(helpers.create_mongo_database) else: raise Exception("Unsupported database type: {0}".format(dbtype)) reduced_dorks_file = os.path.join(os.path.split(os.path.abspath(__file__))[0], 'data/dorks_reduced.txt') file_processor = DorkFileProcessor(db, dorks_file=reduced_dorks_file) #setting the bar low for testing clusterer = cluster.Cluster("/\w+", 1, 1, 1, min_df=0.0) data_dir = os.getcwd() + "/modules/handlers/emulators/data" dork_generator = DorkPageGenerator(db, file_processor, clusterer, data_dir=data_dir, pages_dir=pages_dir) return db, engine, dork_generator