def test_config(self):
"""Test the configuration object"""
config = Configuration({self.key: self.value})
self.assertEqual(self.value, config.get(self.key))
self.assertEqual(self.value, config.get(self.key, self.new_value))
self.assertEqual(self.new_value,
config.get("InexistentKey", self.new_value))
def test_config(self):
"""Test the configuration object"""
config = Configuration({self.key: self.value})
self.assertEqual(self.value, config.get(self.key))
self.assertEqual(self.value, config.get(self.key,
self.new_value))
self.assertEqual(self.new_value, config.get("InexistentKey",
self.new_value))
def test_session_manager(self):
"""Test session manager"""
# Obtain a session from the manager
session_manager = SessionManager(Configuration())
session = session_manager.get_session("test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
# Check that the session obtained matches with the requested data
self.assertIsInstance(session, Session)
self.assertIs(session.event_queue, session_manager.event_queue)
self.assertEqual(session.service, "test")
self.assertEqual(session.source_ip, "127.0.0.1")
self.assertEqual(session.source_port, 3200)
self.assertEqual(session.target_ip, "127.0.0.1")
self.assertEqual(session.target_port, 3201)
# Check that different sessions are created for other service/ip/ports
another_session = session_manager.get_session("test", "127.0.0.1",
3200, "127.0.0.1", 3202)
self.assertIsNot(session, another_session)
another_session = session_manager.get_session("test", "127.0.0.1",
3200, "127.0.0.2", 3201)
self.assertIsNot(session, another_session)
another_session = session_manager.get_session("test", "127.0.0.2",
3200, "127.0.0.1", 3201)
self.assertIsNot(session, another_session)
another_session = session_manager.get_session("test", "127.0.0.1",
3201, "127.0.0.1", 3201)
self.assertIsNot(session, another_session)
another_session = session_manager.get_session("service", "127.0.0.1",
3201, "127.0.0.1", 3201)
self.assertIsNot(session, another_session)
def test_feed_manager(self):
"""Test attack feed manager"""
# Create a session manager and the feed manager attached to it
config = Configuration()
session_manager = SessionManager(config)
feed_manager = FeedManager(config, session_manager)
feed_manager.add_feed(DummyFeed(config))
feed_manager.run()
# Create an event
event = Event("Test event")
# Obtain a session and add the event
session = session_manager.get_session("test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
session.add_event(event)
# Give the feed manager time for processing the event
sleep(1)
# Stop the feed manager and check if the event was processed
feed_manager.stop()
new_event = DummyFeed.events.get()
self.assertIs(event, new_event)
def test_dbfeeds(self):
"""Tests event storage on a database"""
self.test_filename = mkstemp(".sqlite", "dbfeedstest")[1]
# Register an event using the DBFeed
configuration = Configuration({
"feed":
"DBFeed",
"db_engine":
"sqlite:///%s" % self.test_filename
})
feed = DBFeed(configuration)
event = Event("Test event")
event.session = Session(Queue(), "test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
feed.log(event)
feed.stop()
# Now check the event in the database
conn = sqlite3.connect(self.test_filename)
cursor = conn.cursor()
cursor.execute('SELECT * FROM events')
results = cursor.fetchall()
self.assertEqual(len(results), 1)
self.assertEqual(results[0][1], str(event.session.uuid))
self.assertEqual(results[0][2], str(event.timestamp))
self.assertEqual(results[0][3], repr(event))
def test_datastore_load_config(self):
"""Test loading the datastore with the config data."""
dummy = self.DummyDataStore()
config = Configuration({self.key: self.value})
dummy.load_config(config)
self.assertEqual(self.value, dummy.get_data(self.key))
def test_config_json_include(self):
"""Test json custom include directive."""
test_filename = mkstemp()[1]
test_filename_include = mkstemp()[1]
with file(test_filename, 'w') as f:
f.write("""{
"%s": "%s",
"%s": { "!include": "%s" }
}""" % (self.key, self.value, self.new_key, test_filename_include))
with file(test_filename_include, 'w') as f:
json.dump({self.new_new_key: self.new_new_value}, f)
config = Configuration()
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
self.assertEqual({self.new_new_key: self.new_new_value},
config.get(self.new_key))
self.assertListEqual([test_filename_include, test_filename],
config.get_config_files())
remove(test_filename)
remove(test_filename_include)
def test_config_for(self):
"""Test the config_for method lookup."""
config = Configuration({
self.key:
self.value,
self.new_key: [{
self.new_key: self.new_value,
self.new_new_key: self.new_new_value
}, {
self.new_key: self.new_new_value,
self.key: self.value
}]
})
self.assertEqual(self.value, config.get(self.key))
self.assertListEqual([],
config.config_for(self.new_new_key,
self.new_new_key, "SomeClass"))
self.assertListEqual([],
config.config_for(self.new_key, self.new_key,
"SomeClass"))
self.assertListEqual([{
self.key: self.value,
self.new_key: self.new_value,
self.new_new_key: self.new_new_value
}], config.config_for(self.new_key, self.new_key, self.new_value))
self.assertListEqual([{
self.key: self.value,
self.new_key: self.new_new_value
}], config.config_for(self.new_key, self.new_key, self.new_new_value))
def test_config_yaml_include(self):
"""Test yaml custom include directive."""
test_filename = mkstemp()[1]
test_filename_include = mkstemp()[1]
with file(test_filename, 'w') as f:
f.write(
"""---
%s: %s
%s: !include %s""" %
(self.key, self.value, self.new_key, test_filename_include))
with file(test_filename_include, 'w') as f:
yaml.dump({self.new_new_key: self.new_new_value}, f)
config = Configuration()
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
self.assertEqual({self.new_new_key: self.new_new_value},
config.get(self.new_key))
self.assertListEqual([test_filename_include, test_filename],
config.get_config_files())
remove(test_filename)
remove(test_filename_include)
def test_datastoremanager_default(self):
"""Test the DataStoreManager loading the default DataStore
"""
manager = DataStoreManager(Configuration())
datastore = manager.get_datastore()
#self.assertIsInstance(datastore, MemoryDataStore)
new_datastore = manager.get_datastore()
self.assertIs(datastore, new_datastore)
def test_config_yaml_include(self):
"""Test yaml custom include directive."""
test_filename = mkstemp()[1]
test_filename_include = mkstemp()[1]
with file(test_filename, 'w') as f:
f.write("""---
%s: %s
%s: !include %s""" % (self.key, self.value,
self.new_key, test_filename_include))
with file(test_filename_include, 'w') as f:
yaml.dump({self.new_new_key: self.new_new_value}, f)
config = Configuration()
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
self.assertEqual({self.new_new_key: self.new_new_value}, config.get(self.new_key))
self.assertListEqual([test_filename_include, test_filename],
config.get_config_files())
remove(test_filename)
remove(test_filename_include)
def test_config_json_include(self):
"""Test json custom include directive."""
test_filename = mkstemp()[1]
test_filename_include = mkstemp()[1]
with file(test_filename, 'w') as f:
f.write("""{
"%s": "%s",
"%s": { "!include": "%s" }
}""" % (self.key, self.value, self.new_key,
test_filename_include))
with file(test_filename_include, 'w') as f:
json.dump({self.new_new_key: self.new_new_value}, f)
config = Configuration()
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
self.assertEqual({self.new_new_key: self.new_new_value}, config.get(self.new_key))
self.assertListEqual([test_filename_include, test_filename],
config.get_config_files())
remove(test_filename)
remove(test_filename_include)
def test_hpfeeds(self):
"""Tests the HPFeed by connecting to honeynet's HPFriends service.
"""
# Register an event using the HPFeed
configuration = Configuration({
"feed": "HPFeed",
"feed_host": self.test_host,
"feed_port": self.test_port,
"feed_ident": self.test_ident,
"feed_secret": self.test_secret,
"channels": [self.test_channel]
})
def test_hpfeeds(self):
"""Tests the HPFeed by connecting to honeynet's HPFriends service.
"""
# Register an event using the HPFeed
configuration = Configuration({"feed": "HPFeed",
"feed_host": self.test_host,
"feed_port": self.test_port,
"feed_ident": self.test_ident,
"feed_secret": self.test_secret,
"channels": [self.test_channel]})
feed = HPFeed(configuration)
event = Event("Test event")
event.session = Session(Queue(), "test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
feed.log(event)
feed.stop()
def test_logfeeds(self):
self.test_filename = mkstemp(".log", "logfeedstest")[1]
# Register an event using the LogFeed
configuration = Configuration({
"feed": "LogFeed",
"log_filename": self.test_filename
})
feed = LogFeed(configuration)
event = Event("Test event")
event.session = Session(Queue(), "test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
feed.log(event)
feed.stop()
self.assertIs(path.exists(self.test_filename), True)
def test_config_for(self):
"""Test the config_for method lookup."""
config = Configuration({self.key: self.value,
self.new_key: [{self.new_key: self.new_value,
self.new_new_key: self.new_new_value},
{self.new_key: self.new_new_value,
self.key: self.value}]})
self.assertEqual(self.value, config.get(self.key))
self.assertListEqual([], config.config_for(self.new_new_key, self.new_new_key, "SomeClass"))
self.assertListEqual([], config.config_for(self.new_key, self.new_key, "SomeClass"))
self.assertListEqual([{self.key: self.value,
self.new_key: self.new_value,
self.new_new_key: self.new_new_value}],
config.config_for(self.new_key, self.new_key, self.new_value))
self.assertListEqual([{self.key: self.value,
self.new_key: self.new_new_value}],
config.config_for(self.new_key, self.new_key, self.new_new_value))
def test_datastoremanager_invalid(self):
"""Test the DataStoreManager loading an invalid DataStore
"""
with self.assertRaises(DataStoreNotFound):
DataStoreManager(
Configuration({"datastore_class": "InexistentClass"}))
def test_config_update(self):
"""Test the configuration object update methods"""
config = Configuration()
# Update from empty using careful
config.update({self.key: self.value},
mode="careful")
self.assertIs(None, config.get(self.key))
# Update using loose mode
config.update({self.key: self.value},
mode="loose")
self.assertIs(self.value, config.get(self.key))
# Update using careful mode
config.update({self.new_key: self.new_value},
mode="careful")
self.assertIs(self.value, config.get(self.key))
self.assertIs(None, config.get(self.new_key))
# Updating from another Configuration object
config.update(Configuration({self.new_new_key: self.new_new_value}))
self.assertIs(self.new_new_value, config.get(self.new_new_key))
def test_config_update(self):
"""Test the configuration object update methods"""
config = Configuration()
# Update from empty using careful
config.update({self.key: self.value}, mode="careful")
self.assertIs(None, config.get(self.key))
# Update using loose mode
config.update({self.key: self.value}, mode="loose")
self.assertIs(self.value, config.get(self.key))
# Update using careful mode
config.update({self.new_key: self.new_value}, mode="careful")
self.assertIs(self.value, config.get(self.key))
self.assertIs(None, config.get(self.new_key))
# Updating from another Configuration object
config.update(Configuration({self.new_new_key: self.new_new_value}))
self.assertIs(self.new_new_value, config.get(self.new_new_key))
def test_config_parsers(self):
"""Test the update from a file."""
test_filename = mkstemp()[1]
# Test using invalid filenames
config = Configuration()
with self.assertRaises(ValueError):
config.update("invalid_filename", from_file=True)
with self.assertRaises(ValueError):
config.update({}, from_file=True)
# Test using a file with random content
config = Configuration()
with file(test_filename, 'w') as f:
f.write("junk: %lalala%")
with self.assertRaises(ConfigurationParserNotFound):
config.update(test_filename, from_file=True)
# Test using valid json
config = Configuration()
with file(test_filename, 'w') as f:
json.dump({self.key: self.value}, f)
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
# Test using json with comments
config = Configuration()
with file(test_filename, 'w') as f:
f.write("""{
# Some one-line comment
%s: %s,
/* Other multi-line
comment */
}""" % (self.key, self.value))
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
# Test using valid yaml
config = Configuration()
with file(test_filename, 'w') as f:
yaml.dump({self.key: self.value}, f)
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
remove(test_filename)
def test_config_parsers(self):
"""Test the update from a file."""
test_filename = mkstemp()[1]
# Test using invalid filenames
config = Configuration()
with self.assertRaises(ValueError):
config.update("invalid_filename", from_file=True)
with self.assertRaises(ValueError):
config.update({}, from_file=True)
# Test using a file with random content
config = Configuration()
with file(test_filename, 'w') as f:
f.write("junk: %lalala%")
with self.assertRaises(ConfigurationParserNotFound):
config.update(test_filename, from_file=True)
# Test using valid json
config = Configuration()
with file(test_filename, 'w') as f:
json.dump({self.key: self.value}, f)
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
# Test using json with comments
config = Configuration()
with file(test_filename, 'w') as f:
f.write("""{
# Some one-line comment
%s: %s,
/* Other multi-line
comment */
}""" % (self.key, self.value))
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
# Test using valid yaml
config = Configuration()
with file(test_filename, 'w') as f:
yaml.dump({self.key: self.value}, f)
config.update(test_filename, from_file=True)
self.assertEqual(self.value, config.get(self.key))
remove(test_filename)
