def setUp(self):
super(AnalysisSpec, self).setUp()
with responses.RequestsMock() as mock:
mock.add('POST',
url=self.full_url + '/get-access-token',
status=200,
json={'result': 'access-token'})
set_global_api()
get_global_api().set_session()
def setUp(self):
self.full_url = consts.BASE_URL + consts.API_VERSION
consts.CHECK_STATUS_INTERVAL = 0
self.patch_prop = 'builtins.open'
with responses.RequestsMock() as mock:
mock.add('POST',
url=self.full_url + '/get-access-token',
status=200,
json={'result': 'access-token'})
set_global_api()
get_global_api().set_session()
def login(api_key: str, api_url: str):
try:
if api_url:
key_store.store_default_url(api_url)
else:
api_url = default_config.api_url
key_store.delete_default_url()
api.set_global_api(api_key, default_config.api_version, api_url)
api.get_global_api().set_session()
key_store.store_api_key(api_key)
click.echo('You have successfully logged in')
except sdk_errors.InvalidApiKey:
click.echo('Invalid API key error, please contact us at [email protected] '
'and attach the log file in {}'.format(utilities.log_file_path))
raise click.Abort()
def test_send_fail_when_on_premise(self):
# Arrange
get_global_api().on_premise_version = OnPremiseVersion.V21_11
# Act
with self.assertRaises(errors.UnsupportedOnPremiseVersionError):
_ = UrlAnalysis(url='httpdddds://intezer.com')
def __init__(self,
file_path: str = None,
file_hash: str = None,
file_stream: typing.BinaryIO = None,
disable_dynamic_unpacking: bool = None,
disable_static_unpacking: bool = None,
api: IntezerApi = None,
file_name: str = None,
code_item_type: str = None) -> None:
if [file_path, file_hash, file_stream].count(None) != 2:
raise ValueError(
'Choose between file hash, file stream or file path analysis')
if file_hash and code_item_type:
logger.warning('Analyze by hash ignores code item type')
if code_item_type and code_item_type not in [
c.value for c in CodeItemType
]:
raise ValueError(
'Invalid code item type, possible code item types are: file, memory module'
)
self.status = None
self.analysis_id = None
self._file_hash = file_hash
self._disable_dynamic_unpacking = disable_dynamic_unpacking
self._disable_static_unpacking = disable_static_unpacking
self._file_path = file_path
self._file_stream = file_stream
self._file_name = file_name
self._code_item_type = code_item_type
self._report = None
self._api = api or get_global_api()
def __init__(self,
status: AnalysisStatusCode,
url: str,
api: IntezerApi = None):
self.status = status
self.url = url
self.result = None
self._api = api or get_global_api()
def test_capabilities_raises_when_on_premise_21_11(self):
# Arrange
sub_analysis = SubAnalysis('ab', 'asd', 'axaxax', 'root', None)
get_global_api().on_premise_version = OnPremiseVersion.V21_11
# Act and Assert
with self.assertRaises(errors.UnsupportedOnPremiseVersionError):
_ = sub_analysis.get_capabilities()
def get_family_by_name(family_name: str,
api: IntezerApi = None) -> typing.Optional[Family]:
api = api or get_global_api()
family = api.get_family_by_name(family_name)
if family:
return Family(family['family_id'], family['family_name'])
return None
def test_get_dynamic_ttps_raises_when_on_premise_on_21_11(self):
# Arrange
analysis = FileAnalysis(file_path='a')
analysis.status = consts.AnalysisStatusCode.FINISH
get_global_api().on_premise_version = OnPremiseVersion.V21_11
# Act and Assert
with self.assertRaises(errors.UnsupportedOnPremiseVersionError):
_ = analysis.dynamic_ttps
def __init__(self,
family_id: str,
name: str = None,
family_type: str = None,
*,
api: IntezerApi = None):
self.family_id = family_id
self._name = name
self._type = family_type
self._api = api or get_global_api()
def get_latest_analysis(file_hash: str,
api: IntezerApi = None) -> typing.Optional[Analysis]:
api = api or get_global_api()
analysis_report = api.get_latest_analysis(file_hash)
if not analysis_report:
return None
analysis = Analysis(file_hash=file_hash, api=api)
analysis.set_report(analysis_report)
return analysis
def __init__(self,
analysis_id: str,
composed_analysis_id: str,
sha256: str,
source: str,
extraction_info: Optional[dict],
api: IntezerApi = None):
self.composed_analysis_id = composed_analysis_id
self.analysis_id = analysis_id
self._sha256 = sha256
self._source = source
self._extraction_info = extraction_info
self._api = api or get_global_api()
self._code_reuse = None
self._metadata = None
self._operations = {}
def __init__(self,
index_as: consts.IndexType,
file_path: str = None,
sha256: str = None,
api: IntezerApi = None,
family_name: str = None):
if (sha256 is not None) == (file_path is not None):
raise ValueError('Choose between sha256 or file indexing')
if index_as == consts.IndexType.MALICIOUS and family_name is None:
raise ValueError('family_name is mandatory if the index type is malicious')
self.status = None
self.index_id = None
self._sha256 = sha256
self._file_path = file_path
self._api = api or get_global_api()
self._index_as = index_as
self._family_name = family_name
def test_get_latest_analysis_analysis_object_when_latest_analysis_found_with_on_premise(
self):
# Arrange
get_global_api().on_premise_version = OnPremiseVersion.V21_11
file_hash = 'hash'
analysis_id = 'analysis_id'
analysis_report = {'analysis_id': analysis_id}
with responses.RequestsMock() as mock:
mock.add('GET',
url='{}/files/{}'.format(self.full_url, file_hash),
status=200,
json={'result': analysis_report})
# Act
analysis = FileAnalysis.from_latest_hash_analysis(file_hash)
self.assertEqual(mock.calls[0].request.body, b'{}')
self.assertIsNotNone(analysis)
self.assertEqual(analysis_id, analysis.analysis_id)
self.assertEqual(consts.AnalysisStatusCode.FINISH, analysis.status)
self.assertDictEqual(analysis_report, analysis.result())
def __init__(self, api: IntezerApi = None):
self.status = None
self.analysis_id = None
self._api: IntezerApi = api or get_global_api()
self._report: Optional[Dict[str, Any]] = None
