def dork_generator_chain(self, dbtype):
"""
Helper method to constructs chain of objects to satify dependencies for the dork_generator.
Returns an instance of dork_page_generator.
"""
if dbtype == "sql":
engine = create_engine('sqlite:///')
#Create mock of empty main db
helpers.populate_main_sql_testdatabase(engine)
db = database_sqla.Database(engine)
elif dbtype == "mongodb":
conn_string = helpers.create_mongo_database(fill=True)
db = database_mongo.Database(helpers.create_mongo_database)
else:
raise Exception("Unsupported database type: {0}".format(dbtype))
reduced_dorks_file = os.path.join(
os.path.split(os.path.abspath(__file__))[0],
'data/dorks_reduced.txt')
file_processor = DorkFileProcessor(db, dorks_file=reduced_dorks_file)
#setting the bar low for testing
clusterer = cluster.Cluster("/\w+", 1, 1, 1, min_df=0.0)
dork_generator = DorkPageGenerator(db, file_processor, clusterer,
self.datadir)
return db, engine, dork_generator
def test_honeypot_mongo(self):
"""Objective: Testing overall Honeypot integration.
Input: Loads the honeypot module with mongodb as main database.
Expected Response: Honeypot responses with a non-empty HTTP response.
Note: This test verifies the overall functionality."""
conn_string = helpers.create_mongo_database(fill=True)
config_file = tempfile.mkstemp()[1]
with open(config_file, "w") as f:
f.writelines(helpers.gen_config(conn_string))
try:
raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n"
source_address = ["127.0.0.1", "12345"]
sensor_address = ["1.2.3.4", "8080"]
GlastopfHoneypot.prepare_environment(self.tmpdir)
self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir, config=config_file)
self.glastopf.options["enabled"] = "False"
print "Sending request: http://localhost:8080/"
response = self.glastopf.handle_request(raw_request, source_address, sensor_address)
self.assertIsNot(response, None)
finally:
helpers.delete_mongo_testdata(conn_string)
if os.path.isfile(config_file):
os.remove(config_file)
def test_honeypot_mongo(self):
"""Objective: Testing overall Honeypot integration.
Input: Loads the honeypot module with mongodb as main database.
Expected Response: Honeypot responses with a non-empty HTTP response.
Note: This test verifies the overall functionality."""
conn_string = helpers.create_mongo_database(fill=True)
config_file = tempfile.mkstemp()[1]
with open(config_file, 'w') as f:
f.writelines(helpers.gen_config(conn_string))
try:
raw_request = "GET /honeypot_test HTTP/1.1\r\nHost: honeypot\r\n\r\n"
source_address = ["127.0.0.1", "12345"]
sensor_address = ["1.2.3.4", "8080"]
GlastopfHoneypot.prepare_environment(self.tmpdir)
self.glastopf = GlastopfHoneypot(work_dir=self.tmpdir,
config=config_file)
self.glastopf.options["enabled"] = "False"
print "Sending request: http://localhost:8080/"
response = self.glastopf.handle_request(raw_request,
source_address,
sensor_address)
self.assertIsNot(response, None)
finally:
helpers.delete_mongo_testdata(conn_string)
if os.path.isfile(config_file):
os.remove(config_file)
def test_mongodb_insert(self):
conn_string = helpers.create_mongo_database(fill=False)
db_name = uri_parser.parse_uri(conn_string)['database']
try:
maindb = log_mongodb.Database(conn_string)
#prepare attack event
attack_event = attack.AttackEvent()
attack_event.event_time = self.event_time = datetime.now(
).strftime("%Y-%m-%d %H:%M:%S")
attack_event.matched_pattern = "test_test"
attack_event.source_addr = ("192.168.1.201", 12345)
attack_event.parsed_request = util.HTTPRequest()
attack_event.parsed_request.url = "/breadandbytter.php?a=b"
attack_event.parsed_request.method = "GET"
attack_event.parsed_request.header = {
'Accept-Charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3',
'Connection': 'keep-alive'
}
attack_event.parsed_request.body = "some stuff"
maindb.insert(attack_event)
with warnings.catch_warnings(record=True):
collection = MongoClient(conn_string)[db_name]['events']
results = list(collection.find())
#Check if database returned the correct amount
self.assertEqual(len(list(results)), 1)
entry = results[0]
self.assertEqual(entry["pattern"], "test_test")
self.assertEqual(entry["request"]["body"], "some stuff")
self.assertEqual(entry["request"]["parameters"], "")
self.assertEqual(entry["request"]["url"],
"/breadandbytter.php?a=b")
self.assertEqual(entry["request"]["header"]['Accept-Charset'],
"ISO-8859-1,utf-8;q=0.7,*;q=0.3")
self.assertEqual(entry["request"]["header"]['Connection'],
"keep-alive")
self.assertEqual(entry["request"]["method"], "GET")
self.assertEqual(entry["source"][0], "192.168.1.201")
self.assertEqual(entry["source"][1], 12345)
finally:
helpers.delete_mongo_testdata(conn_string)
def test_mongodb_insert(self):
conn_string = helpers.create_mongo_database(fill=False)
db_name = uri_parser.parse_uri(conn_string)['database']
try:
maindb = log_mongodb.Database(conn_string)
#prepare attack event
attack_event = attack.AttackEvent()
attack_event.event_time = self.event_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
attack_event.matched_pattern = "test_test"
attack_event.source_addr = ("192.168.1.201", 12345)
attack_event.parsed_request = util.HTTPRequest()
attack_event.parsed_request.url = "/breadandbytter.php?a=b"
attack_event.parsed_request.method = "GET"
attack_event.parsed_request.header = {'Accept-Charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3',
'Connection': 'keep-alive'}
attack_event.parsed_request.body = "some stuff"
maindb.insert(attack_event)
with warnings.catch_warnings(record=True):
collection = MongoClient(conn_string)[db_name]['events']
results = list(collection.find())
#Check if database returned the correct amount
self.assertEqual(len(list(results)), 1)
entry = results[0]
self.assertEqual(entry["pattern"], "test_test")
self.assertEqual(entry["request"]["body"], "some stuff")
self.assertEqual(entry["request"]["parameters"], "")
self.assertEqual(entry["request"]["url"], "/breadandbytter.php?a=b")
self.assertEqual(entry["request"]["header"]['Accept-Charset'], "ISO-8859-1,utf-8;q=0.7,*;q=0.3")
self.assertEqual(entry["request"]["header"]['Connection'], "keep-alive")
self.assertEqual(entry["request"]["method"], "GET")
self.assertEqual(entry["source"][0], "192.168.1.201")
self.assertEqual(entry["source"][1], 12345)
finally:
helpers.delete_mongo_testdata(conn_string)
def dork_generator_chain(self, dbtype):
"""
Helper method to constructs chain of objects to satify dependencies for the dork_generator.
Returns an instance of dork_page_generator.
"""
if dbtype == "sql":
engine = create_engine('sqlite:///')
#Create mock of empty main db
helpers.populate_main_sql_testdatabase(engine)
db = database_sqla.Database(engine)
elif dbtype == "mongodb":
conn_string = helpers.create_mongo_database(fill=True)
db = database_mongo.Database(helpers.create_mongo_database)
else:
raise Exception("Unsupported database type: {0}".format(dbtype))
reduced_dorks_file = os.path.join(os.path.split(os.path.abspath(__file__))[0], 'data/dorks_reduced.txt')
file_processor = DorkFileProcessor(db, dorks_file=reduced_dorks_file)
dork_generator = DorkPageGenerator(db, file_processor, self.datadir)
return db, engine, dork_generator
def test_mongodb_insert(self):
conn_string = helpers.create_mongo_database(fill=False)
db_name = uri_parser.parse_uri(conn_string)["database"]
try:
maindb = log_mongodb.Database(conn_string)
attack_event = attack.AttackEvent()
attack_event.event_time = self.event_time = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
attack_event.matched_pattern = "test_test"
attack_event.source_addr = ("192.168.1.201", 12345)
request = (
"GET /breadandbytter.php?a=b HTTP/1.0\r\n"
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n"
"ISO-8859-1,utf-8;q=0.7,*;q=0.3r\n"
"Connection: keep-alive\r\n\r\n"
"some stuff"
)
attack_event.http_request = HTTPHandler(request, None)
maindb.insert(attack_event)
with warnings.catch_warnings(record=True):
collection = MongoClient(conn_string)[db_name]["events"]
results = list(collection.find())
# Check if database returned the correct amount
self.assertEqual(len(list(results)), 1)
entry = results[0]
self.assertEqual(entry["source"][0], "192.168.1.201")
self.assertEqual(entry["source"][1], 12345)
self.assertEqual(entry["pattern"], "test_test")
self.assertEqual(entry["request_raw"], request)
self.assertEqual(entry["request_url"], "/breadandbytter.php?a=b")
finally:
helpers.delete_mongo_testdata(conn_string)
def test_mongodb_insert(self):
conn_string = helpers.create_mongo_database(fill=False)
db_name = uri_parser.parse_uri(conn_string)["database"]
try:
maindb = log_mongodb.Database(conn_string)
attack_event = attack.AttackEvent()
attack_event.event_time = self.event_time = datetime.now(
).strftime("%Y-%m-%d %H:%M:%S")
attack_event.matched_pattern = "test_test"
attack_event.source_addr = ("192.168.1.201", 12345)
request = ("GET /breadandbytter.php?a=b HTTP/1.0\r\n"
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n"
"ISO-8859-1,utf-8;q=0.7,*;q=0.3r\n"
"Connection: keep-alive\r\n\r\n"
"some stuff")
attack_event.http_request = HTTPHandler(request, None)
maindb.insert(attack_event)
with warnings.catch_warnings(record=True):
collection = MongoClient(conn_string)[db_name]["events"]
results = list(collection.find())
#Check if database returned the correct amount
self.assertEqual(len(list(results)), 1)
entry = results[0]
self.assertEqual(entry["source"][0], "192.168.1.201")
self.assertEqual(entry["source"][1], 12345)
self.assertEqual(entry["pattern"], "test_test")
self.assertEqual(entry["request_raw"], request)
self.assertEqual(entry["request_url"], "/breadandbytter.php?a=b")
finally:
helpers.delete_mongo_testdata(conn_string)
def dork_generator_chain(self, dbtype, pages_dir):
"""
Helper method to constructs chain of objects to satify dependencies for the dork_generator.
Returns an instance of dork_page_generator.
"""
if dbtype == "sql":
engine = create_engine('sqlite:///')
#Create mock of empty main db
helpers.populate_main_sql_testdatabase(engine)
db = database_sqla.Database(engine)
elif dbtype == "mongodb":
conn_string = helpers.create_mongo_database(fill=True)
db = database_mongo.Database(helpers.create_mongo_database)
else:
raise Exception("Unsupported database type: {0}".format(dbtype))
reduced_dorks_file = os.path.join(os.path.split(os.path.abspath(__file__))[0], 'data/dorks_reduced.txt')
file_processor = DorkFileProcessor(db, dorks_file=reduced_dorks_file)
#setting the bar low for testing
clusterer = cluster.Cluster("/\w+", 1, 1, 1, min_df=0.0)
data_dir = os.getcwd() + "/modules/handlers/emulators/data"
dork_generator = DorkPageGenerator(db, file_processor, clusterer, data_dir=data_dir, pages_dir=pages_dir)
return db, engine, dork_generator
