def demux_sample_and_add_to_db(self, file_path, timeout=0, package="", options="", priority=1, custom="", machine="", platform="", tags=None, memory=False, enforce_timeout=False, clock=None,shrike_url=None, shrike_msg=None, shrike_sid = None, shrike_refer=None, parent_id=None): """ Handles ZIP file submissions, submitting each extracted file to the database Returns a list of added task IDs """ task_ids = [] # extract files from the (potential) ZIP extracted_files = demux_sample(file_path, package, options) # create tasks for each file in the ZIP for file in extracted_files: task_id = self.add_path(file_path=file, timeout=timeout, priority=priority, options=options, package=package, machine=machine, platform=platform, memory=memory, custom=custom, enforce_timeout=enforce_timeout, tags=tags, clock=clock, shrike_url=shrike_url, shrike_msg=shrike_msg, shrike_sid=shrike_sid, shrike_refer=shrike_refer, parent_id=parent_id) if task_id: task_ids.append(task_id) return task_ids
def test_demux_package(self): empty_file = tempfile.NamedTemporaryFile() assert demux.demux_sample(filename=empty_file, package="Emotet", options="foo", use_sflock=False) == [empty_file] empty_file.close()
def test_demux_sample_microsoft_docx(self, grab_sample): # .docx file sample_hash = "c0c1c1c852a045eb3eb3b26dad2124aea866ea008449e0d7a84925c2ded7fddb" sample_location = grab_sample(sample_hash) assert demux.demux_sample( filename=sample_location, package=None, options="foobar") == [ pathlib.Path(__file__).absolute().parent.as_posix() + "/test_objects/" + sample_hash ]
def test_demux_sample_microsoft_docx(self, grab_sample): # .docx file sample_hash = "c0c1c1c852a045eb3eb3b26dad2124aea866ea008449e0d7a84925c2ded7fddb" sample_location = grab_sample(sample_hash) assert demux.demux_sample(filename=sample_location, package=None, options="foobar") == [ os.getcwd() + "/tests/test_objects/" + sample_hash ]
def test_demux_sample_java(self, grab_sample): # java class file for a simple hello world sample_hash = "27c428570256f0e5f8229d053f352aea4276e5c9c5a601c20e04535a8ba1e41d" sample_location = grab_sample(sample_hash) assert demux.demux_sample(filename=sample_location, package=None, options="foo", use_sflock=False) == [ os.getcwd() + "/tests/test_objects/" + sample_hash ]
def test_demux_sample_pe32(self, grab_sample): # pe32 from https://github.com/bootandy/dust/releases/download/v0.5.4/dust-v0.5.4-i686-pc-windows-msvc.zip sample_hash = "5dd87d3d6b9d8b4016e3c36b189234772661e690c21371f1eb8e018f0f0dec2b" sample_location = grab_sample(sample_hash) assert demux.demux_sample(filename=sample_location, package=None, options="foo", use_sflock=False) == [ os.getcwd() + "/tests/test_objects/" + sample_hash ]
def test_demux_sample_microsoft_outlook(self, grab_sample): # outlook message from https://github.com/HamiltonInsurance/outlook_msg/blob/e6c0293f098e8aee9cd4124aa6a5d409c798bc49/test_data/No%20attachment.msg sample_hash = "0e16568cc1e8ddda0f0856b27857d1d043d7b18909a566ae5fa2460fc8fd3614" sample_location = grab_sample(sample_hash) assert demux.demux_sample(filename=sample_location, package=None, options="foo", use_sflock=False) == [ os.getcwd() + "/tests/test_objects/" + sample_hash ]
def test_demux_sample_microsoft_password_no_sflock_doc(self, grab_sample): # password protected .doc file sample_hash = "d211ce5c36f630aa1e85d4f36291fee2a600216d823d23805fe41bb68ea99dbb" sample_location = grab_sample(sample_hash) assert demux.demux_sample(filename=sample_location, package=None, options="password=infected", use_sflock=False) == [ os.getcwd() + "/tests/test_objects/" + sample_hash ]
def test_demux_sample_java(self, grab_sample): # java class file for a simple hello world sample_hash = "27c428570256f0e5f8229d053f352aea4276e5c9c5a601c20e04535a8ba1e41d" sample_location = grab_sample(sample_hash) assert demux.demux_sample( filename=sample_location, package=None, options="foo", use_sflock=False) == [ pathlib.Path(__file__).absolute().parent.as_posix() + "/test_objects/" + sample_hash ]
def test_demux_sample_microsoft_no_password_no_sflock_doc( self, grab_sample): # no password .doc file sample_hash = "d211ce5c36f630aa1e85d4f36291fee2a600216d823d23805fe41bb68ea99dbb" sample_location = grab_sample(sample_hash) assert demux.demux_sample( filename=sample_location, package=None, options="foo", use_sflock=False) == [ pathlib.Path(__file__).absolute().parent.as_posix() + "/test_objects/" + sample_hash ]
def demux_sample_and_add_to_db(self, file_path, timeout=0, package="", options="", priority=1, custom="", machine="", platform="", tags=None, memory=False, enforce_timeout=False, clock=None): """ Handles ZIP file submissions, submitting each extracted file to the database Returns a list of added task IDs """ task_ids = [] # extract files from the (potential) ZIP extracted_files = demux_sample(file_path, package, options) # create tasks for each file in the ZIP for file in extracted_files: task_id = self.add_path(file_path=file, timeout=timeout, priority=priority, options=options, package=package, machine=machine, platform=platform, memory=memory, custom=custom, enforce_timeout=enforce_timeout, tags=tags, clock=clock) if task_id: task_ids.append(task_id) return task_ids