示例#1
0
def test_emails(emails: List[bytes]):
    for email in emails:
        try:
            eml = EmlFactory.from_bytes(email)
            assert eml is not None
        except Exception as e:
            print(e)
            print(email.decode())
示例#2
0
def test_sample(sample_eml):
    eml = EmlFactory.from_bytes(sample_eml)
    assert eml.header.message_id is None
    assert eml.header.subject == "Winter promotions"
    assert eml.header.to == ["*****@*****.**"]
    assert eml.header.from_ == "*****@*****.**"

    assert len(eml.bodies) == 2
示例#3
0
def test_multipart(multipart_eml):
    eml = EmlFactory.from_bytes(multipart_eml)
    assert eml.attachments is not None
    assert len(eml.attachments) == 1

    first = eml.attachments[0]
    assert first.filename == "tired_boot.FJ010019.jpeg"
    assert first.hash_.md5 == "f561388f7446cedd5b8b480311744b3c"
示例#4
0
def test_encrypted_docx(encrypted_docx_eml):
    eml = EmlFactory.from_bytes(encrypted_docx_eml)
    assert eml.attachments is not None
    assert len(eml.attachments) == 1

    first = eml.attachments[0]
    assert (first.hash_.sha256 ==
            "28df2d6dfa10dc85c8ebb5defffcb15c196dca7b26d4fd6859b9ec75ac60cf9e")
示例#5
0
    async def to_model(self) -> Response:
        eml = EmlFactory.from_bytes(self.eml_file)

        verdicts: List[Verdict] = []
        verdicts.append(await
                        SpamAssassinVerdictFactory.from_bytes(self.eml_file))
        verdicts.append(OleIDVerdictFactory.from_attachments(eml.attachments))

        return Response(eml=eml, verdicts=verdicts)
示例#6
0
def test_cc(cc_eml):
    eml = EmlFactory.from_bytes(cc_eml)
    assert eml.header.message_id == "<*****@*****.**>"
    assert eml.header.subject == "To and Cc headers"
    assert eml.header.to == ["*****@*****.**", "*****@*****.**"]

    assert eml.header.cc == ["*****@*****.**", "*****@*****.**"]

    assert len(eml.bodies) == 1
    assert eml.bodies[0].content == ""

    assert eml.attachments == []
示例#7
0
    async def to_model(self) -> Response:
        eml = EmlFactory.from_bytes(self.eml_file)
        urls = aggregate_urls_from_bodies(eml.bodies)
        sha256s = aggregate_sha256s_from_attachments(eml.attachments)

        verdicts: List[Verdict] = []

        async_tasks = [
            partial(SpamAssassinVerdictFactory.from_bytes, self.eml_file),
        ]
        if has_urlscan_api_key():
            async_tasks.append(partial(UrlscanVerdictFactory.from_urls, urls))
        if has_virustotal_api_key():
            async_tasks.append(partial(VirusTotalVerdictFactory.from_sha256s, sha256s))
        if has_inquest_api_key():
            async_tasks.append(partial(InQuestVerdictFactory.from_sha256s, sha256s))

        # Add SpamAsassin, urlscan, virustotal verdicts
        verdicts = await aiometer.run_all(async_tasks)
        # Add OleID verdict
        verdicts.append(OleIDVerdictFactory.from_attachments(eml.attachments))
        # Add VT verdict

        return Response(eml=eml, verdicts=verdicts)
示例#8
0
def get_attachments(eml_file: bytes) -> List[Attachment]:
    eml = EmlFactory.from_bytes(eml_file)
    return eml.attachments
示例#9
0
def test_complete_msg(complete_msg):
    eml = EmlFactory.from_bytes(complete_msg)

    assert eml.header.subject == "Test Multiple attachments complete email!!"
示例#10
0
def docx_attachment(encrypted_docx_eml: bytes) -> Attachment:
    eml = EmlFactory.from_bytes(encrypted_docx_eml)
    return eml.attachments[0]