def setUp(self):
self.loop = asyncio.new_event_loop()
asyncio.set_event_loop(None)
self.session = json.loads(session.decode('utf-8'))
self.handler = SessionAnalyzer(loop=self.loop)
self.res = None
geoip2.database.Reader.__init__ = Mock(return_value=None)
rvalue = geoip2.models.City(
{
'city': {
'geoname_id': 4223379,
'names': {
'en': 'Smyrna',
'ru': 'Смирна',
'zh-CN': '士麦那'
}
},
'continent': {
'code': 'NA',
'geoname_id': 6255149,
'names': {
'de': 'Nordamerika',
'en': 'North America',
'es': 'Norteamérica',
'fr': 'Amérique du Nord',
'ja': '北アメリカ',
'pt-BR': 'América do Norte',
'ru': 'Северная Америка',
'zh-CN': '北美洲'
}
},
'country': {
'geoname_id': 6252001,
'iso_code': 'US',
'names': {
'de': 'USA',
'en': 'United States',
'es': 'Estados Unidos',
'fr': 'États-Unis',
'ja': 'アメリカ合衆国',
'pt-BR': 'Estados Unidos',
'ru': 'США',
'zh-CN': '美国'
}
},
'location': {
'accuracy_radius': 10,
'latitude': 33.8633,
'longitude': -84.4984,
'metro_code': 524,
'time_zone': 'America/New_York'
},
'postal': {
'code': '30080'
},
'registered_country': {
'geoname_id': 6252001,
'iso_code': 'US',
'names': {
'de': 'USA',
'en': 'United States',
'es': 'Estados Unidos',
'fr': 'États-Unis',
'ja': 'アメリカ合衆国',
'pt-BR': 'Estados Unidos',
'ru': 'США',
'zh-CN': '美国'
}
},
'subdivisions': [{
'geoname_id': 4197000,
'iso_code': 'GA',
'names': {
'en': 'Georgia',
'es': 'Georgia',
'fr': 'Géorgie',
'ja': 'ジョージア州',
'pt-BR': 'Geórgia',
'ru': 'Джорджия',
'zh-CN': '乔治亚'
}
}],
'traits': {
'ip_address': '74.217.37.8'
}
}, ['en'])
geoip2.database.Reader.city = Mock(return_value=rvalue)
class TestSessionAnalyzer(unittest.TestCase):
def setUp(self):
self.loop = asyncio.new_event_loop()
asyncio.set_event_loop(None)
self.session = json.loads(session.decode('utf-8'))
self.handler = SessionAnalyzer(loop=self.loop)
self.res = None
geoip2.database.Reader.__init__ = Mock(return_value=None)
rvalue = geoip2.models.City(
{
'city': {
'geoname_id': 4223379,
'names': {
'en': 'Smyrna',
'ru': 'Смирна',
'zh-CN': '士麦那'
}
},
'continent': {
'code': 'NA',
'geoname_id': 6255149,
'names': {
'de': 'Nordamerika',
'en': 'North America',
'es': 'Norteamérica',
'fr': 'Amérique du Nord',
'ja': '北アメリカ',
'pt-BR': 'América do Norte',
'ru': 'Северная Америка',
'zh-CN': '北美洲'
}
},
'country': {
'geoname_id': 6252001,
'iso_code': 'US',
'names': {
'de': 'USA',
'en': 'United States',
'es': 'Estados Unidos',
'fr': 'États-Unis',
'ja': 'アメリカ合衆国',
'pt-BR': 'Estados Unidos',
'ru': 'США',
'zh-CN': '美国'
}
},
'location': {
'accuracy_radius': 10,
'latitude': 33.8633,
'longitude': -84.4984,
'metro_code': 524,
'time_zone': 'America/New_York'
},
'postal': {
'code': '30080'
},
'registered_country': {
'geoname_id': 6252001,
'iso_code': 'US',
'names': {
'de': 'USA',
'en': 'United States',
'es': 'Estados Unidos',
'fr': 'États-Unis',
'ja': 'アメリカ合衆国',
'pt-BR': 'Estados Unidos',
'ru': 'США',
'zh-CN': '美国'
}
},
'subdivisions': [{
'geoname_id': 4197000,
'iso_code': 'GA',
'names': {
'en': 'Georgia',
'es': 'Georgia',
'fr': 'Géorgie',
'ja': 'ジョージア州',
'pt-BR': 'Geórgia',
'ru': 'Джорджия',
'zh-CN': '乔治亚'
}
}],
'traits': {
'ip_address': '74.217.37.8'
}
}, ['en'])
geoip2.database.Reader.city = Mock(return_value=rvalue)
def tests_load_session_fail(self):
async def sess_get(key):
return aioredis.ProtocolError
redis_mock = Mock()
redis_mock.get = sess_get
res = None
with self.assertLogs():
self.loop.run_until_complete(self.handler.analyze(
None, redis_mock))
def test_create_stats(self):
async def sess_get():
return session
async def set_of_members(key):
return set()
async def set_add():
return ''
redis_mock = Mock()
redis_mock.get = sess_get
redis_mock.smembers = set_of_members
redis_mock.zadd = set_add
with patch('builtins.open', new_callable=mock_open) as m:
stats = self.loop.run_until_complete(
self.handler.create_stats(self.session, redis_mock))
self.assertEqual(stats['possible_owners'], {'attacker': 1.0})
def test_choose_owner_crawler(self):
stats = dict(paths=[{
'path': '/robots.txt',
'timestamp': 1.0,
'response_status': 200,
'attack_type': 'index'
}],
attack_types={'index'},
requests_in_second=11.1,
referer=None,
peer_ip='ip')
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch('builtins.open', new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res['possible_owners'], {'crawler': 1.0})
def test_choose_owner_attacker(self):
stats = dict(paths=[{
'path': '/',
'timestamp': 1.0,
'response_status': 200,
'attack_type': 'rfi'
}],
attack_types={'rfi', 'lfi'},
requests_in_second=2,
user_agent='user',
peer_ip='ip')
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch('builtins.open', new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res['possible_owners'], {'attacker': 1.0})
def test_choose_owner_mixed(self):
stats = dict(
paths=[{
'path': '/',
'timestamp': 1.0,
'response_status': 200,
'attack_type': ''
}],
attack_types='',
requests_in_second=2,
user_agent=
'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)',
peer_ip='74.217.37.84',
hidden_links=0,
referer='/')
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch('builtins.open', new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res['possible_owners'], {
'attacker': 0.75,
'crawler': 0.25,
'tool': 0.15,
'user': 0.25
})
def test_choose_owner_user(self):
stats = dict(paths=[{
'path': '/',
'timestamp': 1.0,
'response_status': 200,
'attack_type': ''
}],
attack_types='',
requests_in_second=2,
user_agent='test_user_agent',
peer_ip='74.217.37.84',
hidden_links=0,
referer='/')
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch('builtins.open', new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res['possible_owners'], {'user': 1.0})
def test_find_location(self):
location_stats = self.handler.find_location("74.217.37.84")
expected_res = dict(
country='United States',
country_code='US',
city='Smyrna',
zip_code='30080',
)
self.assertEqual(location_stats, expected_res)
def setUp(self):
self.loop = asyncio.new_event_loop()
asyncio.set_event_loop(None)
self.session = json.loads(session.decode("utf-8"))
self.handler = SessionAnalyzer(loop=self.loop)
self.res = None
geoip2.database.Reader.__init__ = Mock(return_value=None)
rvalue = geoip2.models.City(
{
"city": {
"geoname_id": 4223379,
"names": {
"en": "Smyrna",
"ru": "Смирна",
"zh-CN": "士麦那"
}
},
"continent": {
"code": "NA",
"geoname_id": 6255149,
"names": {
"de": "Nordamerika",
"en": "North America",
"es": "Norteamérica",
"fr": "Amérique du Nord",
"ja": "北アメリカ",
"pt-BR": "América do Norte",
"ru": "Северная Америка",
"zh-CN": "北美洲",
},
},
"country": {
"geoname_id": 6252001,
"iso_code": "US",
"names": {
"de": "USA",
"en": "United States",
"es": "Estados Unidos",
"fr": "États-Unis",
"ja": "アメリカ合衆国",
"pt-BR": "Estados Unidos",
"ru": "США",
"zh-CN": "美国",
},
},
"location": {
"accuracy_radius": 10,
"latitude": 33.8633,
"longitude": -84.4984,
"metro_code": 524,
"time_zone": "America/New_York",
},
"postal": {
"code": "30080"
},
"registered_country": {
"geoname_id": 6252001,
"iso_code": "US",
"names": {
"de": "USA",
"en": "United States",
"es": "Estados Unidos",
"fr": "États-Unis",
"ja": "アメリカ合衆国",
"pt-BR": "Estados Unidos",
"ru": "США",
"zh-CN": "美国",
},
},
"subdivisions": [{
"geoname_id": 4197000,
"iso_code": "GA",
"names": {
"en": "Georgia",
"es": "Georgia",
"fr": "Géorgie",
"ja": "ジョージア州",
"pt-BR": "Geórgia",
"ru": "Джорджия",
"zh-CN": "乔治亚",
},
}],
"traits": {
"ip_address": "74.217.37.8"
},
},
["en"],
)
geoip2.database.Reader.city = Mock(return_value=rvalue)
def __init__(self, loop=None):
self.sessions = {}
self.analyzer = SessionAnalyzer(loop=loop)
self.logger = logging.getLogger(__name__)
class TestSessionAnalyzer(unittest.TestCase):
def setUp(self):
self.loop = asyncio.new_event_loop()
asyncio.set_event_loop(None)
self.session = json.loads(session.decode("utf-8"))
self.handler = SessionAnalyzer(loop=self.loop)
self.res = None
geoip2.database.Reader.__init__ = Mock(return_value=None)
rvalue = geoip2.models.City(
{
"city": {
"geoname_id": 4223379,
"names": {
"en": "Smyrna",
"ru": "Смирна",
"zh-CN": "士麦那"
}
},
"continent": {
"code": "NA",
"geoname_id": 6255149,
"names": {
"de": "Nordamerika",
"en": "North America",
"es": "Norteamérica",
"fr": "Amérique du Nord",
"ja": "北アメリカ",
"pt-BR": "América do Norte",
"ru": "Северная Америка",
"zh-CN": "北美洲",
},
},
"country": {
"geoname_id": 6252001,
"iso_code": "US",
"names": {
"de": "USA",
"en": "United States",
"es": "Estados Unidos",
"fr": "États-Unis",
"ja": "アメリカ合衆国",
"pt-BR": "Estados Unidos",
"ru": "США",
"zh-CN": "美国",
},
},
"location": {
"accuracy_radius": 10,
"latitude": 33.8633,
"longitude": -84.4984,
"metro_code": 524,
"time_zone": "America/New_York",
},
"postal": {
"code": "30080"
},
"registered_country": {
"geoname_id": 6252001,
"iso_code": "US",
"names": {
"de": "USA",
"en": "United States",
"es": "Estados Unidos",
"fr": "États-Unis",
"ja": "アメリカ合衆国",
"pt-BR": "Estados Unidos",
"ru": "США",
"zh-CN": "美国",
},
},
"subdivisions": [{
"geoname_id": 4197000,
"iso_code": "GA",
"names": {
"en": "Georgia",
"es": "Georgia",
"fr": "Géorgie",
"ja": "ジョージア州",
"pt-BR": "Geórgia",
"ru": "Джорджия",
"zh-CN": "乔治亚",
},
}],
"traits": {
"ip_address": "74.217.37.8"
},
},
["en"],
)
geoip2.database.Reader.city = Mock(return_value=rvalue)
def tests_load_session_fail(self):
async def sess_get(key):
return aioredis.ProtocolError
redis_mock = Mock()
redis_mock.get = sess_get
res = None
with self.assertLogs():
self.loop.run_until_complete(self.handler.analyze(
None, redis_mock))
def test_create_stats(self):
async def sess_get():
return session
async def set_of_members(key):
return set()
async def set_add():
return ""
redis_mock = Mock()
redis_mock.get = sess_get
redis_mock.smembers = set_of_members
redis_mock.zadd = set_add
with patch("builtins.open", new_callable=mock_open) as m:
stats = self.loop.run_until_complete(
self.handler.create_stats(self.session, redis_mock))
self.assertEqual(stats["possible_owners"], {"attacker": 1.0})
def test_choose_owner_crawler(self):
stats = dict(
paths=[{
"path": "/robots.txt",
"timestamp": 1.0,
"response_status": 200,
"attack_type": "index"
}],
attack_types={"index"},
requests_in_second=11.1,
referer=None,
peer_ip="ip",
)
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch("builtins.open", new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res["possible_owners"], {"crawler": 1.0})
def test_choose_owner_attacker(self):
stats = dict(
paths=[{
"path": "/",
"timestamp": 1.0,
"response_status": 200,
"attack_type": "rfi"
}],
attack_types={"rfi", "lfi"},
requests_in_second=2,
user_agent="user",
peer_ip="ip",
)
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch("builtins.open", new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res["possible_owners"], {"attacker": 1.0})
def test_choose_owner_mixed(self):
stats = dict(
paths=[{
"path": "/",
"timestamp": 1.0,
"response_status": 200,
"attack_type": ""
}],
attack_types="",
requests_in_second=2,
user_agent=
"Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)",
peer_ip="74.217.37.84",
hidden_links=0,
referer="/",
)
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch("builtins.open", new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res["possible_owners"], {
"attacker": 0.75,
"crawler": 0.25,
"tool": 0.15,
"user": 0.25
})
def test_choose_owner_user(self):
stats = dict(
paths=[{
"path": "/",
"timestamp": 1.0,
"response_status": 200,
"attack_type": ""
}],
attack_types="",
requests_in_second=2,
user_agent="test_user_agent",
peer_ip="74.217.37.84",
hidden_links=0,
referer="/",
)
async def test():
self.res = await self.handler.choose_possible_owner(stats)
with patch("builtins.open", new_callable=mock_open) as m:
self.loop.run_until_complete(test())
self.assertEqual(self.res["possible_owners"], {"user": 1.0})
def test_find_location(self):
location_stats = self.handler.find_location("74.217.37.84")
expected_res = dict(
country="United States",
country_code="US",
city="Smyrna",
zip_code="30080",
)
self.assertEqual(location_stats, expected_res)