def test_get_specific_fields_for_multiple_entries(self): test_fw_1 = create_test_firmware(device_name='fw_one', vendor='test_vendor_one') self.db_backend_interface.add_firmware(test_fw_1) test_fw_2 = create_test_firmware(device_name='fw_two', vendor='test_vendor_two', bin_path='container/test.7z') self.db_backend_interface.add_firmware(test_fw_2) test_fo = create_test_file_object() self.db_backend_interface.add_file_object(test_fo) test_uid_list = [test_fw_1.uid, test_fw_2.uid] result = list(self.db_frontend_interface.get_specific_fields_for_multiple_entries( uid_list=test_uid_list, field_dict={'vendor': 1, 'device_name': 1} )) assert len(result) == 2 assert all(set(entry.keys()) == {'_id', 'vendor', 'device_name'} for entry in result) result_uids = [entry['_id'] for entry in result] assert all(uid in result_uids for uid in test_uid_list) test_uid_list = [test_fw_1.uid, test_fo.uid] result = list(self.db_frontend_interface.get_specific_fields_for_multiple_entries( uid_list=test_uid_list, field_dict={'virtual_file_path': 1} )) assert len(result) == 2 assert all(set(entry.keys()) == {'_id', 'virtual_file_path'} for entry in result) result_uids = [entry['_id'] for entry in result] assert all(uid in result_uids for uid in test_uid_list)
def test_get_other_versions_of_firmware(self): parent_fw1 = create_test_firmware(version='1') self.db_backend_interface.add_object(parent_fw1) parent_fw2 = create_test_firmware(version='2', bin_path='container/test.7z') self.db_backend_interface.add_object(parent_fw2) parent_fw3 = create_test_firmware(version='3', bin_path='container/test.cab') self.db_backend_interface.add_object(parent_fw3) other_versions = self.db_frontend_interface.get_other_versions_of_firmware( parent_fw1) self.assertEqual(len(other_versions), 2, 'wrong number of other versions') self.assertIn({ '_id': parent_fw2.get_uid(), 'version': '2' }, other_versions) self.assertIn({ '_id': parent_fw3.get_uid(), 'version': '3' }, other_versions) other_versions = self.db_frontend_interface.get_other_versions_of_firmware( parent_fw2) self.assertIn({ '_id': parent_fw3.get_uid(), 'version': '3' }, other_versions)
def setUp(self): self.config = get_config_for_testing() self.fw_one = create_test_firmware(device_name='dev_1', all_files_included_set=True) self.fw_one.processed_analysis['file_hashes'] = {'ssdeep': get_ssdeep(self.fw_one.binary)} self.fw_two = create_test_firmware(device_name='dev_2', bin_path='container/test.7z', all_files_included_set=True) self.fw_two.processed_analysis['file_hashes'] = {'ssdeep': get_ssdeep(self.fw_two.binary)} self.compare_system = Compare(db_interface=MockDbInterface(), config=self.config)
def setup_test_fw(self): self.fw_one = create_test_firmware(device_name='dev_1', all_files_included_set=True) self.fw_two = create_test_firmware(device_name='dev_2', bin_path='container/test.7z', all_files_included_set=True) self.fw_three = create_test_firmware(device_name='dev_3', bin_path='container/test.cab', all_files_included_set=True)
def setUp(self): self.db_interface = MongoInterfaceCommon(config=self._config) self.db_interface_backend = BackEndDbInterface(config=self._config) self.db_interface_compare = CompareDbInterface(config=self._config) self.db_interface_admin = AdminDbInterface(config=self._config) self.fw_one = create_test_firmware() self.fw_two = create_test_firmware() self.fw_two.set_binary(b'another firmware') self.compare_dict = self._create_compare_dict()
def get_object(self, uid: str): if uid == TEST_TEXT_FILE.uid: return TEST_TEXT_FILE elif uid == TEST_TEXT_FILE2.uid: return TEST_TEXT_FILE2 elif uid == 'file_1_root_uid': return create_test_firmware(device_name='fw1') elif uid == 'file_2_root_uid': return create_test_firmware(device_name='fw2') else: assert False
def test_get_x_last_added_firmwares(self): self.assertEqual(self.db_frontend_interface.get_last_added_firmwares(), [], 'empty db should result in empty list') test_fw_one = create_test_firmware(device_name='fw_one') self.db_backend_interface.add_firmware(test_fw_one) test_fw_two = create_test_firmware(device_name='fw_two', bin_path='container/test.7z') self.db_backend_interface.add_firmware(test_fw_two) test_fw_three = create_test_firmware(device_name='fw_three', bin_path='container/test.cab') self.db_backend_interface.add_firmware(test_fw_three) result = self.db_frontend_interface.get_last_added_firmwares(limit_x=2) self.assertEqual(len(result), 2, 'Number of results should be 2') self.assertEqual(result[0][0], test_fw_three.uid, 'last firmware is not first entry') self.assertEqual(result[1][0], test_fw_two.uid, 'second last firmware is not the second entry')
def test_rest_get_compare_valid_not_in_db(self): test_firmware_1 = create_test_firmware(device_class="test class", device_name="test device", vendor="test vendor") test_firmware_2 = create_test_firmware(device_class="test class", device_name="test device", vendor="test vendor", bin_path="container/test.7z") self.db_backend.add_firmware(test_firmware_1) self.db_backend.add_firmware(test_firmware_2) rv = self.test_client.get('/rest/compare/{};{}'.format( test_firmware_1.uid, test_firmware_2.uid), follow_redirects=True) assert b"Compare not found in database." in rv.data
def test_rest_get_compare_valid_not_in_db(self): test_firmware_1 = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') test_firmware_2 = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor', bin_path='container/test.7z') self.db_backend.add_firmware(test_firmware_1) self.db_backend.add_firmware(test_firmware_2) rv = self.test_client.get( f'/rest/compare/{test_firmware_1.uid};{test_firmware_2.uid}', follow_redirects=True) assert b'Compare not found in database.' in rv.data
def test_get_results_from_parent_fos__multiple_vfps_in_one_fw(self): fw = create_test_firmware() fo = create_test_file_object() file_names = ['file_a', 'file_b', 'file_c'] fw.processed_analysis[AnalysisPlugin.NAME] = { 'files': {b64_encode(f): { 'result': 'value' } for f in file_names} } vfp = fo.virtual_file_path['some_uid'] = [] for f in file_names: vfp.append('some_uid|{}|/{}'.format(fw.uid, f)) results = {} routes.FsMetadataRoutesDbInterface.get_results_from_parent_fos( fw, fo, results) assert results is not None assert results != {}, 'result should not be empty' assert len(results) == 3, 'wrong number of results' assert all(f in results for f in file_names), 'files missing from result' assert 'result' in results[file_names[0]], 'analysis result is missing' assert results[file_names[0]][ 'result'] == 'value', 'wrong value of analysis result'
def test_get_results_from_parent_fos(self): fw = create_test_firmware() fo = create_test_file_object() file_name = 'folder/file' encoded_name = b64_encode(file_name) fw.processed_analysis[AnalysisPlugin.NAME] = { 'files': { encoded_name: { 'result': 'value' } } } fo.virtual_file_path['some_uid'] = [ 'some_uid|{}|/{}'.format(fw.uid, file_name) ] results = {} routes.FsMetadataRoutesDbInterface.get_results_from_parent_fos( fw, fo, results) assert results != {}, 'result should not be empty' assert file_name in results, 'files missing from result' assert 'parent_uid' in results[ file_name], 'parent uid missing in result' assert 'result' in results[file_name], 'analysis result is missing' assert results[file_name][ 'result'] == 'value', 'wrong value of analysis result'
def test_generate_file_tree_level(self): parent_fw = create_test_firmware() child_fo = create_test_file_object() child_fo.processed_analysis['file_type'] = {'mime': 'sometype'} uid = parent_fw.uid child_fo.virtual_file_path = { uid: ['|{}|/folder/{}'.format(uid, child_fo.file_name)] } parent_fw.files_included = {child_fo.uid} self.db_backend_interface.add_object(parent_fw) self.db_backend_interface.add_object(child_fo) for node in self.db_frontend_interface.generate_file_tree_level( uid, uid): assert isinstance(node, FileTreeNode) assert node.name == parent_fw.file_name assert node.has_children for node in self.db_frontend_interface.generate_file_tree_level( child_fo.uid, uid): assert isinstance(node, FileTreeNode) assert node.name == 'folder' assert node.has_children virtual_grand_child = node.get_list_of_child_nodes()[0] assert virtual_grand_child.type == 'sometype' assert not virtual_grand_child.has_children assert virtual_grand_child.name == child_fo.file_name
def test_offset_to_empty_response(self): test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') self.db_backend.add_firmware(test_firmware) rv = self.test_client.get('/rest/firmware?offset=1', follow_redirects=True) assert b'uids' in rv.data assert b'418a54d78550e8584291c96e5d6168133621f352bfc1d43cf84e81187fef4962_787' not in rv.data
def test_rest_update_bad_query(self): test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') self.db_backend.add_firmware(test_firmware) rv = self.test_client.put('/rest/firmware/{}?update=not_a_list'.format(test_firmware.uid), follow_redirects=True) assert b'"status": 1' in rv.data assert b'has to be a list' in rv.data
def test_rest_update_analysis_success(self): test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') self.db_backend.add_firmware(test_firmware) rv = self.test_client.put('/rest/firmware/{}?update={}'.format(test_firmware.uid, urllib.parse.quote('["printable_strings"]')), follow_redirects=True) assert test_firmware.uid.encode() in rv.data assert b'"status": 0' in rv.data
def test_get_results_from_parent_fo(self): parent = create_test_firmware() analysis_result = {'executable': False} parent.processed_analysis[AnalysisPlugin.NAME] = {'files': {'foo': analysis_result}} result = routes._get_results_from_parent_fo(parent, 'foo') assert result == analysis_result
def test_process_object__no_files(self): test_fw = create_test_firmware() test_fw.files_included = [] self.analysis_plugin.process_object(test_fw) assert self.analysis_plugin.NAME in test_fw.processed_analysis assert test_fw.processed_analysis[self.analysis_plugin.NAME] == {'summary': []}
def test_rest_download_valid(self): backend_binding = InterComBackEndBinding( config=self.config, analysis_service=test_backend_scheduler.AnalysisServiceMock(), compare_service=test_backend_scheduler.ServiceMock( self.test_queue), unpacking_service=test_backend_scheduler.ServiceMock( self.test_queue)) test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') store_binary_on_file_system(self.tmp_dir.name, test_firmware) self.db_interface.add_firmware(test_firmware) try: rv = self.test_client.get('/rest/binary/{}'.format( test_firmware.uid), follow_redirects=True) finally: backend_binding.shutdown() assert standard_b64encode(test_firmware.binary) in rv.data assert '"file_name": "{}"'.format( test_firmware.file_name).encode() in rv.data assert '"SHA256": "{}"'.format( test_firmware.sha256).encode() in rv.data
def test_rest_download_invalid_uid(self): test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') self.db_backend.add_firmware(test_firmware) rv = self.test_client.get('/rest/firmware/invalid%20uid', follow_redirects=True) assert b'No firmware with UID invalid uid' in rv.data
def setUp(self): super().setUp() self._start_backend() self.db_backend_interface = BackEndDbInterface(self.config) self.test_fw = create_test_firmware(device_name='test_fw') self.test_fw.release_date = '2001-02-03' self.db_backend_interface.add_firmware(self.test_fw)
def test_rest_search_existing(self): test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') self.db_backend.add_firmware(test_firmware) rv = self.test_client.get('/rest/firmware?query={}'.format(urllib.parse.quote('{"device_class": "test class"}')), follow_redirects=True) assert b'uids' in rv.data assert b'418a54d78550e8584291c96e5d6168133621f352bfc1d43cf84e81187fef4962_787' in rv.data
def test_generate_file_tree_node(self): parent_fw = create_test_firmware() child_fo = create_test_file_object() child_fo.processed_analysis['file_type'] = {'mime': 'sometype'} uid = parent_fw.get_uid() child_fo.virtual_file_path = { uid: ['|{}|/folder/{}'.format(uid, child_fo.file_name)] } parent_fw.files_included = {child_fo.get_uid()} self.db_backend_interface.add_object(parent_fw) self.db_backend_interface.add_object(child_fo) for node in self.db_frontend_interface.generate_file_tree_node( uid, uid): self.assertIsInstance(node, FileTreeNode) self.assertEqual(node.name, parent_fw.file_name) self.assertTrue(node.has_children) for node in self.db_frontend_interface.generate_file_tree_node( child_fo.get_uid(), uid): self.assertIsInstance(node, FileTreeNode) self.assertEqual(node.name, 'folder') self.assertTrue(node.has_children) virtual_grand_child = node.get_list_of_child_nodes()[0] self.assertEqual(virtual_grand_child.type, 'sometype') self.assertFalse(virtual_grand_child.has_children) self.assertEqual(virtual_grand_child.name, child_fo.file_name)
def setUp(self): self._config = get_config_for_testing(TMP_DIR) self._config.set('data_storage', 'report_threshold', '32') self._config.set('data_storage', 'sanitize_database', 'tmp_sanitize') self.mongo_server = MongoMgr(config=self._config) self.db_interface = MongoInterfaceCommon(config=self._config) self.db_interface_backend = BackEndDbInterface(config=self._config) self.test_firmware = create_test_firmware() self.test_yara_match = { 'rule': 'OpenSSH', 'tags': [], 'namespace': 'default', 'strings': [(0, '$a', b'OpenSSH')], 'meta': { 'description': 'SSH library', 'website': 'http://www.openssh.com', 'open_source': True, 'software_name': 'OpenSSH' }, 'matches': True } self.test_fo = create_test_file_object()
def test_unpack_fo__binary_not_found(self): test_fw = create_test_firmware() test_fw.uid = 'foo' test_fw.file_path = None tmp_dir = self.unpacker.unpack_fo(test_fw) assert tmp_dir is None
def test_process_object__included_binary(self): test_fw = create_test_firmware() test_fw.processed_analysis['file_type']['mime'] = self.analysis_plugin.FILE_TYPES[0] self.analysis_plugin.process_object(test_fw) assert self.analysis_plugin.NAME in test_fw.processed_analysis assert 'parent_flag' in test_fw.processed_analysis[self.analysis_plugin.NAME] assert test_fw.processed_analysis[self.analysis_plugin.NAME]['parent_flag'] is True
def test_rest_get_compare_invalid_data(self): test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') self.db_backend.add_firmware(test_firmware) rv = self.test_client.get('/rest/compare', follow_redirects=True) assert b'The method is not allowed for the requested URL' in rv.data
def test_unpack_fo__path_not_found(self): test_fw = create_test_firmware() test_fw.file_path = 'foo/bar' tmp_dir = self.unpacker.unpack_fo(test_fw) assert tmp_dir is None with suppress(AttributeError): tmp_dir.cleanup()
def test_add_file_object_to_firmware(): root = create_test_firmware() child_fo = create_test_file_object() root.add_included_file(child_fo) assert root.uid in child_fo.virtual_file_path.keys( ), 'no virtual file path for root available' assert child_fo.virtual_file_path[root.uid][0] == join_virtual_path( root.uid, child_fo.file_path), 'virtual file path not correct'
def test_rest_download_invalid_data(self): test_firmware = create_test_firmware(device_class='test class', device_name='test device', vendor='test vendor') self.db_backend.add_firmware(test_firmware) rv = self.test_client.get('/rest/firmware/', follow_redirects=True) assert b'404 Not Found' in rv.data
def test_rest_get_compare_invalid_data(self): test_firmware = create_test_firmware(device_class="test class", device_name="test device", vendor="test vendor") self.db_backend.add_firmware(test_firmware) rv = self.test_client.get('/rest/compare', follow_redirects=True) assert b"Compare ID must be of the form" in rv.data