def test_pdf_metadata(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf-sample.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf-sample.pdf" obj = s.run()["pdf"] assert len(obj) == 2 assert obj[1] == { "author": "cdaily", "creation": "D:20000629102108+11'00'", "creator": "Microsoft Word 8.0", "javascript": [], "modification": "2013-10-28T15:24:13-04:00", "producer": "Acrobat Distiller 4.0 for Windows", "subject": "", "title": "This is a test PDF file", "urls": [], "version": 1, }
def test_phishing0_pdf(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "phishing0.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/phishing0.pdf" assert "googleattachmentsigned" in s.run()["pdf"][0]["urls"][0]
def test_pdf_stringjs(self): set_cwd(self.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf1-stringjs.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf1-stringjs.pdf" r = s.run()["pdf"][12] assert "app.alert({" in r["javascript"][0]["orig_code"]
def test_pdf(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf0.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf0.pdf" r = s.run()["pdf"][0] assert "var x = unescape" in r["javascript"][0]["orig_code"]
def test_pdf_stringjs(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf1-stringjs.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf1-stringjs.pdf" r = s.run()["pdf"][12] assert "app.alert({" in r["javascript"][0]["orig_code"]
def test_archive_pdf(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "archive", "package": "pdf", "options": { "filename": "files/pdf0.pdf", }, }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf0.zip" assert "%48%65" in s.run()["pdf"][0]["javascript"][0]["orig_code"]
def test_pdf_ignorefake(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "fakepdf.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/fakepdf.pdf" assert s.run() == { "pdf": [], }
def test_pdf_workercrash(self, md): set_cwd(self.mkdtemp()) md.return_value = None s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf0.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf0.pdf" r = s.run() assert r["pdf"] == []
def test_pdf_ignorefake(self): set_cwd(self.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "fakepdf.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/fakepdf.pdf" assert s.run() == { "pdf": [], }
def test_pdf_workercrash(self, md): set_cwd(tempfile.mkdtemp()) md.return_value = None s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf0.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf0.pdf" r = s.run() assert r["pdf"] == []
def test_summary_pdf_nometadata(self, p, request): s = Static() s.set_task({ "category": "file", "package": "pdf", "target": __file__, }) s.set_options({ "pdf_timeout": 10, }) s.file_path = __file__ p._get_report.return_value = { "static": s.run(), } r = AnalysisRoutes.detail(request, 1, "static").content assert "No PDF metadata could be extracted!" in r
def test_pdf_endian(self): s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf-endianerror.pdf" }) s.file_path = "tests/files/pdf-endianerror.pdf" s.set_options({ "pdf_timeout": 30, }) r = s.run() assert len(r["pdf"][0]["urls"]) == 63 assert r["pdf"][0]["urls"][54] == ( u"http://yourmirror.net/kali-security\u548c" u"http://yourmirror.net/kali-images" )
def test_pdf_mock(self, p): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf0.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf0.pdf" p.return_value = ["hello"] assert s.run()["pdf"] == ["hello"] p.assert_called_once_with(mock.ANY, ("tests/files/pdf0.pdf", ), timeout=30)
def test_pdf_endian(self): s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf-endianerror.pdf" }) s.file_path = "tests/files/pdf-endianerror.pdf" s.set_options({ "pdf_timeout": 30, }) r = s.run() assert len(r["pdf"][0]["urls"]) == 63 assert r["pdf"][0]["urls"][54] == ( u"http://yourmirror.net/kali-security\u548c" u"http://yourmirror.net/kali-images" )
def test_summary_pdf_nometadata(self, p, request): s = Static() s.set_task({ "category": "file", "package": "pdf", "target": __file__, }) s.set_options({ "pdf_timeout": 10, }) s.file_path = __file__ p._get_report.return_value = { "static": s.run(), } r = AnalysisRoutes.detail(request, 1, "static").content assert "No PDF metadata could be extracted!" in r
def test_summary_pdf_metadata(self, p, request): s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf-sample.pdf", }) s.set_options({ "pdf_timeout": 10, }) s.file_path = "tests/files/pdf-sample.pdf" p._get_report.return_value = { "static": s.run(), } r = AnalysisRoutes.detail(request, 1, "static").content assert "Microsoft Word 8.0" in r assert "This is a test PDF file" in r
def test_pdf_mock(self, p): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf0.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf0.pdf" p.return_value = ["hello"] assert s.run()["pdf"] == ["hello"] p.assert_called_once_with( mock.ANY, ("tests/files/pdf0.pdf",), timeout=30 )
def test_summary_pdf_metadata(self, p, request): s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf-sample.pdf", }) s.set_options({ "pdf_timeout": 10, }) s.file_path = "tests/files/pdf-sample.pdf" p._get_report.return_value = { "static": s.run(), } r = AnalysisRoutes.detail(request, 1, "static").content assert "Microsoft Word 8.0" in r assert "This is a test PDF file" in r
def test_pdf_attach(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf_attach.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf_attach.pdf" obj, = s.run()["pdf"] assert len(obj["javascript"]) == 1 assert "exportDataObject" in obj["javascript"][0]["orig_code"] assert len(obj["attachments"]) == 1 assert obj["attachments"][0]["filename"] == "789IVIIUXSF110.docm" assert "kkkllsslll" in obj["openaction"]
def test_pdf_attach(self): set_cwd(tempfile.mkdtemp()) s = Static() s.set_task({ "category": "file", "package": "pdf", "target": "pdf_attach.pdf", }) s.set_options({ "pdf_timeout": 30, }) s.file_path = "tests/files/pdf_attach.pdf" obj, = s.run()["pdf"] assert len(obj["javascript"]) == 1 assert "exportDataObject" in obj["javascript"][0]["orig_code"] assert len(obj["attachments"]) == 1 assert obj["attachments"][0]["filename"] == "789IVIIUXSF110.docm" assert "kkkllsslll" in obj["openaction"]