Python Command示例

示例#1

    def testFilterRequestedArtifactResults(self, registry):
        """Test that only artifacts requested by the user are sent to the server."""

        filesystem_test_lib.Command("/usr/bin/dpkg",
                                    args=["--list"],
                                    system="Linux")

        registry.AddFileSource(self.test_artifacts_file)
        artifact = registry.GetArtifact("TestCmdArtifact")
        ext_src = rdf_artifact.ExpandedSource(base_source=artifact.sources[0])
        ext_art = rdf_artifact.ExpandedArtifact(name=artifact.name,
                                                sources=[ext_src])
        request = rdf_artifact.ClientArtifactCollectorArgs(artifacts=[ext_art],
                                                           apply_parsers=False)
        ext_art = rdf_artifact.ExpandedArtifact(name=artifact.name,
                                                sources=[ext_src],
                                                requested_by_user=False)
        request.artifacts.append(ext_art)
        result = self.RunAction(artifact_collector.ArtifactCollector,
                                request)[0]
        collected_artifacts = list(result.collected_artifacts)
        self.assertLen(collected_artifacts, 1)
        self.assertEqual(collected_artifacts[0].name, "TestCmdArtifact")
        execute_response = collected_artifacts[0].action_results[0].value
        self.assertGreater(execute_response.time_used, 0)

示例#2

    def testCmdArtifactAction(self):
        """Test the actual client action with parsers."""
        parsers.SINGLE_RESPONSE_PARSER_FACTORY.Register(
            "Cmd", TestEchoCmdParser)

        filesystem_test_lib.Command("/bin/echo", args=["1"])

        source = rdf_artifact.ArtifactSource(
            type=rdf_artifact.ArtifactSource.SourceType.COMMAND,
            attributes={
                "cmd": "/bin/echo",
                "args": ["1"]
            })
        ext_src = rdf_artifact.ExpandedSource(base_source=source)
        ext_art = rdf_artifact.ExpandedArtifact(name="TestEchoCmdArtifact",
                                                sources=[ext_src])
        request = rdf_artifact.ClientArtifactCollectorArgs(
            artifacts=[ext_art],
            knowledge_base=None,
            ignore_interpolation_errors=True,
            apply_parsers=True)
        result = self.RunAction(artifact_collector.ArtifactCollector,
                                request)[0]
        self.assertIsInstance(result,
                              rdf_artifact.ClientArtifactCollectorResult)
        self.assertLen(result.collected_artifacts, 1)
        res = result.collected_artifacts[0].action_results[0].value
        self.assertIsInstance(res, rdf_client.SoftwarePackages)
        self.assertEqual(res.packages[0].description, "1\n")

示例#3

    def testMultipleArtifacts(self, registry):
        """Test collecting multiple artifacts."""

        filesystem_test_lib.Command("/usr/bin/dpkg",
                                    args=["--list"],
                                    system="Linux")

        registry.AddFileSource(self.test_artifacts_file)
        artifact = registry.GetArtifact("TestCmdArtifact")
        ext_src = rdf_artifact.ExpandedSource(base_source=artifact.sources[0])
        ext_art = rdf_artifact.ExpandedArtifact(name=artifact.name,
                                                sources=[ext_src])
        request = rdf_artifact.ClientArtifactCollectorArgs(artifacts=[ext_art],
                                                           apply_parsers=False)
        request.artifacts.append(ext_art)
        result = self.RunAction(artifact_collector.ArtifactCollector,
                                request)[0]
        collected_artifacts = list(result.collected_artifacts)
        self.assertLen(collected_artifacts, 2)
        self.assertEqual(collected_artifacts[0].name, "TestCmdArtifact")
        self.assertEqual(collected_artifacts[1].name, "TestCmdArtifact")
        execute_response_1 = collected_artifacts[0].action_results[0].value
        execute_response_2 = collected_artifacts[1].action_results[0].value
        self.assertGreater(execute_response_1.time_used, 0)
        self.assertGreater(execute_response_2.time_used, 0)

示例#4

  def testCmdArtifactWithParser(self):
    """Test a command artifact and parsing the response."""

    filesystem_test_lib.Command("/bin/echo", args=["1"])

    parsers.SINGLE_RESPONSE_PARSER_FACTORY.Register("TestCmd", TestCmdParser)
    try:
      artifact_list = ["TestEchoArtifact"]

      # Run the ArtifactCollector to get the expected result.
      expected = self._RunFlow(
          aff4_flows.ArtifactCollectorFlow,
          standard.ExecuteCommand,
          artifact_list,
          apply_parsers=True)
      self.assertTrue(expected)
      expected = expected[0]
      self.assertIsInstance(expected, rdf_client.SoftwarePackages)

      # Run the ClientArtifactCollector to get the actual result.
      results = self._RunFlow(
          aff4_flows.ClientArtifactCollector,
          artifact_collector.ArtifactCollector,
          artifact_list,
          apply_parsers=True)
      self.assertLen(results, 1)
      artifact_response = results[0]
      self.assertIsInstance(artifact_response, rdf_client.SoftwarePackages)

      self.assertEqual(artifact_response, expected)
    finally:
      parsers.SINGLE_RESPONSE_PARSER_FACTORY.Unregister("TestCmd")

示例#5

文件： artifact_collector_test.py 项目： suraj-testing2/Plants_Book

  def testCommandArtifact(self, registry):
    """Test the basic ExecuteCommand action."""
    filesystem_test_lib.Command(
        "/usr/bin/dpkg", args=["--list"], system="Linux")

    registry.AddFileSource(self.test_artifacts_file)
    artifact = registry.GetArtifact("TestCmdArtifact")
    request = GetRequest(artifact.sources[0], artifact.name)
    collected_artifact = self.RunArtifactCollector(request)
    execute_response = collected_artifact.action_results[0].value

    self.assertEqual(collected_artifact.name, "TestCmdArtifact")
    self.assertGreater(execute_response.time_used, 0)

示例#6

  def testClientArtifactCollector(self):
    """Test artifact collector flow with a single artifact."""

    filesystem_test_lib.Command(
        "/usr/bin/dpkg", args=["--list"], system="Linux")

    artifact_list = ["TestCmdArtifact"]

    results = self._RunFlow(
        aff4_flows.ClientArtifactCollector,
        artifact_collector.ArtifactCollector,
        artifact_list,
        apply_parsers=False)
    self.assertLen(results, 1)

    artifact_response = results[0]
    self.assertIsInstance(artifact_response, rdf_client_action.ExecuteResponse)
    self.assertGreater(artifact_response.time_used, 0)

示例#7

  def testAggregatedArtifact(self):
    """Test we can collect an ARTIFACT_GROUP."""
    filesystem_test_lib.Command("/bin/echo", args=["1"])

    artifact_list = ["TestArtifactGroup"]

    self.InitializeTestFileArtifact()

    results = self._RunFlow(
        aff4_flows.ClientArtifactCollector,
        artifact_collector.ArtifactCollector,
        artifact_list,
        apply_parsers=False)
    self.assertLen(results, 2)

    artifact_response = results[0]
    self.assertIsInstance(artifact_response, rdf_client_fs.StatEntry)

    artifact_response = results[1]
    self.assertIsInstance(artifact_response, rdf_client_action.ExecuteResponse)
    self.assertEqual(artifact_response.stdout, "1\n")