honeyclient_manager_db.t

Revision 627, 5.6 kB (checked in by kindlund, 1 year ago)
Merged trunk changes back into filesystem branch.

Line
1	#!/usr/bin/perl -w
2
3	use strict;
4	use Test::More 'no_plan';
5	$\| = 1;
6
7
8
9	# =begin testing
10	{
11	use HoneyClient::Manager::DB;
12
13	my $h_server = {
14	dsn=>'DBI:mysql:mysql;host=localhost',
15	username=>'root',
16	password=>''
17	};
18	my $hcdb = new HoneyClient::Manager::DB($h_server);
19
20	is($hcdb->deploy(), 1, "deploy()") or diag("Unable to deploy Honey Client Database. Ensure the database service is running.");
21
22	}
23
24
25
26	# =begin testing
27	{
28	use HoneyClient::Manager::DB;
29
30	print "Test 2\n";
31
32	my $h_server = {
33	dsn=>'DBI:mysql:database=HoneyClient;host=localhost',
34	username=>'root',
35	password=>''
36	};
37
38	my $hcdb = new HoneyClient::Manager::DB ($h_server);
39
40	my (@Files, @RegKeys, @Procs);
41
42	push @Files, {
43	path => 'c:\windows\system32',
44	name => 'calc.exe',
45	content => {
46	md5 => '82da9a561687f841a61e752e401471d2',
47	sha1 => '7552ad083713e6d6b79539b64d598d4dcadfba35',
48	size => 114688,
49	type => 'MS-DOS executable (EXE), OS/2 or MS Windows'
50	}
51	};
52	push @Files, {
53	path => 'c:\windows\system32',
54	name => 'msgina.dll',
55	content => {
56	md5 => 'bab513fc028515389eb6b2ad16e35ad2',
57	sha1 => 'c5597928b22d2c49a41510d6ab11d8f19bfab0af',
58	size => 994304,
59	type => 'MS-DOS executable (EXE), OS/2 or MS Windows'
60	}
61	};
62	push @Files, {
63	path => 'c:\windows\system32',
64	name => 'drwatson.exe',
65	content => {
66	md5 => '37564f065866fa7215453e72f1264f4b',
67	sha1 => '7144ee8b57f3fcae6870f452b140365f75b5265c',
68	size => 28112,
69	type => 'MS-DOS executable (EXE), OS/2 or MS Windows'
70	}
71	};
72	push @RegKeys, {
73	key_name => 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run',
74	status => 1,
75	entries => [
76	{
77	name => 'QuickTime Task',
78	new_value => '"C:\Program Files\QuickTime\qttask.exe" -atboottime'
79	}
80	]
81	};
82	push @Procs, {
83	name => 'calc'
84	};
85	push @Procs, {
86	name => 'drwatson'
87	};
88
89	my $exploit1 = {
90	Files => \@Files,
91	RegKeys => \@RegKeys,
92	Procs => \@Procs
93	};
94	$exploit1->{vmid} = 'VMTest1';
95	my $exploit2 = {
96	Files => [ $Files[0],$Files[1] ],
97	RegKeys => \@RegKeys,
98	Procs => [ $Procs[0] ]
99	};
100	$exploit2->{vmid} = 'VMTest2';
101	my $exploit3 = {
102	RegKeys => \@RegKeys
103	};
104	$exploit3->{vmid} = 'VMTest3';
105	my $exploit4 = {
106	Files => [ {md5=>'FailureTestMD5'} ]
107	};
108	$exploit4->{vmid} = 'VMTest4';
109
110	cmp_ok($hcdb->Insert($exploit1,'Fingerprints'),'>',0,"Fingerprint1 Insert()");
111	cmp_ok($hcdb->Insert($exploit2,'Fingerprints'),'>',0,"Fingerprint2 Insert()");
112	cmp_ok($hcdb->Insert($exploit3,'Fingerprints'),'>',0,"Fingerprint3 Insert()");
113	is($hcdb->Insert($exploit4,'Fingerprints'),undef,"Fingerprint4 Insert() Failure");
114	}
115
116
117
118	# =begin testing
119	{
120	use HoneyClient::Manager::DB;
121
122	my $h_server = {
123	dsn=>'DBI:mysql:database=HoneyClient;host=localhost',
124	username=>'root',
125	password=>''
126	};
127
128	my $hcdb = new HoneyClient::Manager::DB ($h_server);
129
130	my (@Files, @RegKeys, @Procs);
131
132	push @Files, {
133	path => 'c:\windows\system32',
134	name => 'calc.exe',
135	content => {
136	md5 => '82da9a561687f841a61e752e401471d2',
137	sha1 => '7552ad083713e6d6b79539b64d598d4dcadfba35',
138	size => 114688,
139	type => 'MS-DOS executable (EXE), OS/2 or MS Windows'
140	}
141	};
142	push @Files, {
143	path => 'c:\windows\system32',
144	name => 'msgina.dll',
145	content => {
146	md5 => 'bab513fc028515389eb6b2ad16e35ad2',
147	sha1 => 'c5597928b22d2c49a41510d6ab11d8f19bfab0af',
148	size => 994304,
149	type => 'MS-DOS executable (EXE), OS/2 or MS Windows'
150	}
151	};
152	push @Files, {
153	path => 'c:\windows\system32',
154	name => 'drwatson.exe',
155	content => {
156	md5 => '37564f065866fa7215453e72f1264f4b',
157	sha1 => '7144ee8b57f3fcae6870f452b140365f75b5265c',
158	size => 28112,
159	type => 'MS-DOS executable (EXE), OS/2 or MS Windows'
160	}
161	};
162	push @RegKeys, {
163	key_name => 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run',
164	status => 1,
165	entries => [
166	{
167	name => 'QuickTime Task',
168	new_value => '"C:\Program Files\QuickTime\qttask.exe" -atboottime'
169	}
170	]
171	};
172	push @Procs, {
173	name => 'calc'
174	};
175
176	my $exploit5 = {
177	Files => [ $Files[0],$Files[1] ],
178	RegKeys => \@RegKeys,
179	Procs => [ $Procs[0] ]
180	};
181	$exploit5->{vmid} = 'VMTest5';
182	my $exploit6 = {
183	Files => [ $Files[2] ]
184	};
185	$exploit6->{vmid} = 'VMTest6';
186
187	my $scores = {};
188	cmp_ok($hcdb->CheckFingerprint($exploit5,$scores),'>',0,"CheckFingerprint() Success");
189	use Data::Dumper; $Data::Dumper::Indent = 1;
190	#print 'Scores Debug: '.Dumper($scores)."\n";
191
192	is($hcdb->CheckFingerprint($exploit6,$scores),0,"CheckFingerprint() Fail");
193	use Data::Dumper; $Data::Dumper::Indent = 1;
194	#print 'Scores Debug: '.Dumper($scores)."\n";
195	}
196
197
198
199	# =begin testing
200	{
201	use HoneyClient::Manager::DB;
202	#use Relations::Abstract;
203
204	my $h_server = {
205	dsn=>'DBI:mysql:mysql;host=localhost',
206	username=>'root',
207	password=>''
208	};
209	my $hcdb = new HoneyClient::Manager::DB($h_server);
210
211	my $abstract = new Relations::Abstract($hcdb->{dbh});
212
213	#is($abstract->run_query("DROP DATABASE HoneyClient"), 1, "DB Cleanup") or diag("Unable to drop Honey Client Database. Ensure the database service is running.");
214	}
215
216
217
218
219	1;

Note: See TracBrowser for help on using the browser.

root/honeyclient/branches/exp/kindlund-filesystem/t/honeyclient_manager_db.t

Download in other formats: