root/honeyclient/branches/exp/stephenson-stealth/t/honeyclient_agent_integrity_registry_parser.t

Revision 131, 17.9 kB (checked in by kindlund, 2 years ago)

sc: merging branch using tags svn+ssh://kindlund@www.honeyclient.org/home/svn/honeyclient/honeyclient/tags/bug/PRE-42 and svn+ssh://kindlund@www.honeyclient.org/home/svn/honeyclient/honeyclient/tags/bug/POST-42

Line 
1 #!/usr/bin/perl -w
2
3 use strict;
4 use Test::More 'no_plan';
5 $| = 1;
6
7
8
9 # =begin testing
10 {
11 # Make sure Log::Log4perl loads
12 BEGIN { use_ok('Log::Log4perl', qw(:nowarn))
13         or diag("Can't load Log::Log4perl package. Check to make sure the package library is correctly listed within the path.");
14        
15         # Suppress all logging messages, since we need clean output for unit testing.
16         Log::Log4perl->init({
17             "log4perl.rootLogger"                               => "DEBUG, Buffer",
18             "log4perl.appender.Buffer"                          => "Log::Log4perl::Appender::TestBuffer",
19             "log4perl.appender.Buffer.min_level"                => "fatal",
20             "log4perl.appender.Buffer.layout"                   => "Log::Log4perl::Layout::PatternLayout",
21             "log4perl.appender.Buffer.layout.ConversionPattern" => "%d{yyyy-MM-dd HH:mm:ss} %5p [%M] (%F:%L) - %m%n",
22         });
23 }
24 require_ok('Log::Log4perl');
25 use Log::Log4perl qw(:easy);
26
27 # Make sure the module loads properly, with the exportable
28 # functions shared.
29 BEGIN { use_ok('HoneyClient::Util::Config', qw(getVar setVar))
30         or diag("Can't load HoneyClient::Util::Config package.  Check to make sure the package library is correctly listed within the path."); }
31 require_ok('HoneyClient::Util::Config');
32 can_ok('HoneyClient::Util::Config', 'getVar');
33 can_ok('HoneyClient::Util::Config', 'setVar');
34 use HoneyClient::Util::Config qw(getVar setVar);
35
36 # Suppress all logging messages, since we need clean output for unit testing.
37 Log::Log4perl->init({
38     "log4perl.rootLogger"                               => "DEBUG, Buffer",
39     "log4perl.appender.Buffer"                          => "Log::Log4perl::Appender::TestBuffer",
40     "log4perl.appender.Buffer.min_level"                => "fatal",
41     "log4perl.appender.Buffer.layout"                   => "Log::Log4perl::Layout::PatternLayout",
42     "log4perl.appender.Buffer.layout.ConversionPattern" => "%d{yyyy-MM-dd HH:mm:ss} %5p [%M] (%F:%L) - %m%n",
43 });
44
45 # Make sure Data::Dumper loads
46 BEGIN { use_ok('Data::Dumper')
47         or diag("Can't load Data::Dumper package. Check to make sure the package library is correctly listed within the path."); }
48 require_ok('Data::Dumper');
49 use Data::Dumper;
50
51 # Make sure IO::File loads
52 BEGIN { use_ok('IO::File')
53         or diag("Can't load IO::File package. Check to make sure the package library is correctly listed within the path."); }
54 require_ok('IO::File');
55 use IO::File;
56
57 # Make sure Fcntl loads
58 BEGIN { use_ok('Fcntl')
59         or diag("Can't load Fcntl package. Check to make sure the package library is correctly listed within the path."); }
60 require_ok('Fcntl');
61 use Fcntl qw(:seek);
62
63 # Make sure Search::Binary loads
64 BEGIN { use_ok('Search::Binary')
65         or diag("Can't load Search::Binary package. Check to make sure the package library is correctly listed within the path."); }
66 require_ok('Search::Binary');
67 can_ok('Search::Binary', 'binary_search');
68 use Search::Binary;
69
70 # Make sure Term::ProgressBar loads
71 BEGIN { use_ok('Term::ProgressBar')
72         or diag("Can't load Term::ProgressBar package. Check to make sure the package library is correctly listed within the path."); }
73 require_ok('Term::ProgressBar');
74 use Term::ProgressBar;
75
76 # Make sure HoneyClient::Agent::Integrity::Registry::Parser loads
77 BEGIN { use_ok('HoneyClient::Agent::Integrity::Registry::Parser')
78         or diag("Can't load HoneyClient::Agent::Integrity::Registry::Parser package. Check to make sure the package library is correctly listed within the path."); }
79 require_ok('HoneyClient::Agent::Integrity::Registry::Parser');
80 use HoneyClient::Agent::Integrity::Registry::Parser;
81 }
82
83
84
85 # =begin testing
86 {
87 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
88                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
89
90 # Create a generic Parser object, with test state data.
91 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file);
92 isa_ok($parser, 'HoneyClient::Agent::Integrity::Registry::Parser', "init(input_file => $test_registry_file)") or diag("The init() call failed.");
93 }
94
95
96
97 # =begin testing
98 {
99 my ($nextGroup, $expectedGroup);
100 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
101                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
102
103 # Create a generic Parser object, with test state data.
104 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file, index_groups => 1);
105
106 # Verify Test Group #1
107 $nextGroup = $parser->nextGroup();
108 $expectedGroup = {
109     key     => 'HKEY_CURRENT_USER\]Testing Group 1[',
110     entries => [ {
111         name  => '@',
112         value => 'Default',
113     }, {
114         name  => 'Foo',
115         value => 'Bar',
116     }, ],
117 };
118 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 1") or diag("The nextGroup() call failed.");
119
120 # Verify Test Group #2
121 $nextGroup = $parser->nextGroup();
122 $expectedGroup = {
123     key     => 'HKEY_CURRENT_USER\Testing Group 2',
124     entries => [ {
125         name  => '@',
126         value => '\\"Annoying=Value\\"',
127     }, {
128         name  => '\\"Annoying=Key\\"',
129         value => 'Bar',
130     }, {
131         name  => 'Multiline',
132         value => 'This
133 value spans
134 multiple lines
135 ',
136     }, {
137         name  => 'Sane_Key',
138         value => '\\"Wierd=\\"Value',
139     }, ],
140 };
141 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 2") or diag("The nextGroup() call failed.");
142
143 # Verify Test Group #3
144 $nextGroup = $parser->nextGroup();
145 $expectedGroup = {
146     key     => 'HKEY_CURRENT_USER\Testing Group 3',
147     entries => [ {
148         name  => 'Test_Bin_1',
149         value => 'hex:f4,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,bc,02,00,00,00,\
150   00,00,00,00,00,00,00,54,00,61,00,68,00,6f,00,6d,00,61,00,00,00,f0,77,3f,00,\
151   3f,00,3f,00,3f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,78,00,1c,10,fc,\
152   7f,22,14,fc,7f,b0,fe,12,00,00,00,00,00,00,00,00,00,98,23,eb,77'
153     }, {
154         name  => 'Test_Bin_2',
155         value => 'hex:f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,90,01,00,00,00,\
156   00,00,00,00,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,\
157   20,00,53,00,61,00,6e,00,73,00,20,00,53,00,65,00,72,00,69,00,66,00,00,00,f0,\
158   77,00,20,14,00,00,00,00,10,80,05,14,00,f0,1f,14,00,00,00,14,00'
159     }, ],
160 };
161 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 3") or diag("The nextGroup() call failed.");
162
163 # Verify Test Group #4
164 $nextGroup = $parser->nextGroup();
165 $expectedGroup = {
166     key     => 'HKEY_CURRENT_USER\Testing Group 4',
167     entries => [],
168 };
169 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 4") or diag("The nextGroup() call failed.");
170
171 # Verify Test Group #5
172 $nextGroup = $parser->nextGroup();
173 $expectedGroup = {
174     key     => 'HKEY_CURRENT_USER\Testing Group 5',
175     entries => [ {
176         name  => '@',
177         value => '',
178     }, ],
179 };
180 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 5") or diag("The nextGroup() call failed.");
181
182 # Verify Test Group #6
183 $nextGroup = $parser->nextGroup();
184 $expectedGroup = {
185     key     => 'HKEY_CURRENT_USER\Testing Group 6\With\Really\Deep\Nested\Directory\Structure',
186     entries => [ {
187         name  => 'InstallerLocation',
188         value => 'C:\\\\WINDOWS\\\\system32\\\\',
189     }, ],
190 };
191 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 6") or diag("The nextGroup() call failed.");
192
193 # Verify Test Group #7
194 $nextGroup = $parser->nextGroup();
195 $expectedGroup = {
196     key     => 'HKEY_CURRENT_USER\Testing Group 7',
197     entries => [ {
198         name  => 'C:\\\\Program Files\\\\Common Files\\\\Microsoft Shared\\\\Web Folders\\\\',
199         value => '',
200     }, {
201         name  => 'C:\\\\WINDOWS\\\\Installer\\\\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\\\\',
202         value => '',
203     }, {
204         name  => 'C:\\\\Program Files\\\\Support Tools\\\\',
205         value => '',
206     }, {
207         name  => 'C:\\\\Documents and Settings\\\\All Users\\\\Start Menu\\\\Programs\\\\Windows Support Tools\\\\',
208         value => '',
209     }, {
210         name  => 'C:\\\\WINDOWS\\\\Installer\\\\{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}\\\\',
211         value => '',
212     }, {
213         name  => 'C:\\\\WINDOWS\\\\Installer\\\\{F251B999-08A9-4704-999C-9962F0DFD88E}\\\\',
214         value => '',
215     }, {
216         name  => 'C:\\\\WINDOWS\\\\Installer\\\\{1CB92574-96F2-467B-B793-5CEB35C40C29}\\\\',
217         value => '',
218     }, {
219         name  => 'C:\\\\WINDOWS\\\\Installer\\\\{B37C842A-B624-46B8-A727-654E72F1C91A}\\\\',
220         value => '',
221     }, ],
222 };
223 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 7") or diag("The nextGroup() call failed.");
224
225 # Verify Test Group #8
226 $nextGroup = $parser->nextGroup();
227 $expectedGroup = {
228     key     => 'HKEY_CURRENT_USER\Testing Group 8\{00021492-0000-0000-C000-000000000046}',
229     entries => [ {
230         name  => '000',
231         value => 'String Value',
232     }, ],
233 };
234 is_deeply($nextGroup, $expectedGroup, "nextGroup() - 8") or diag("The nextGroup() call failed.");
235
236 # Verify Test Group #9
237 $nextGroup = $parser->nextGroup();
238 is_deeply($nextGroup, { }, "nextGroup() - 9") or diag("The nextGroup() call failed.");
239 }
240
241
242
243 # =begin testing
244 {
245 my ($nextGroup);
246 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
247                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
248
249 # Create a generic Parser object, with test state data.
250 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file);
251
252 $nextGroup = $parser->nextGroup();
253 while(scalar(keys(%{$nextGroup}))) {
254     $nextGroup = $parser->nextGroup();
255 }
256
257 is($parser->dirsParsed(), 8, "dirsParsed()") or diag("The dirsParsed() call failed.");
258 }
259
260
261
262 # =begin testing
263 {
264 my ($nextGroup);
265 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
266                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
267
268 # Create a generic Parser object, with test state data.
269 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file);
270
271 $nextGroup = $parser->nextGroup();
272 while(scalar(keys(%{$nextGroup}))) {
273     $nextGroup = $parser->nextGroup();
274 }
275
276 is($parser->entriesParsed(), 19, "entriesParsed()") or diag("The entriesParsed() call failed.");
277 }
278
279
280
281 # =begin testing
282 {
283 my ($handle);
284 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
285                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
286
287 # Create a generic Parser object, with test state data.
288 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file);
289
290 $handle = $parser->getFileHandle();
291
292 isa_ok($handle, 'IO::File', "getFileHandle()") or diag("The getFileHandle() call failed.");
293 }
294
295
296
297 # =begin testing
298 {
299 my ($filename);
300 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
301                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
302
303 # Create a generic Parser object, with test state data.
304 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file);
305
306 $filename = $parser->getFilename();
307
308 is($filename, $test_registry_file, "getFilename()") or diag("The getFilename() call failed.");
309 }
310
311
312
313 # =begin testing
314 {
315 my ($handle);
316 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
317                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
318
319 # Create a generic Parser object, with test state data.
320 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file);
321 $parser->closeFileHandle();
322
323 # Verify Test Group #1
324 my $nextGroup = $parser->nextGroup();
325 my $expectedGroup = {
326     key     => 'HKEY_CURRENT_USER\]Testing Group 1[',
327     entries => [ {
328         name  => '@',
329         value => 'Default',
330     }, {
331         name  => 'Foo',
332         value => 'Bar',
333     }, ],
334 };
335 is_deeply($nextGroup, $expectedGroup, "closeFileHandle()") or diag("The closeFileHandle() call failed.");
336 }
337
338
339
340 # =begin testing
341 {
342 my ($handle);
343 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
344                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
345
346 # Create a generic Parser object, with test state data.
347 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file, index_groups => 1);
348
349 $parser->seekToNearestGroup(absolute_offset => 84);
350 my $nextGroup = $parser->nextGroup();
351
352 is($parser->getCurrentLineCount(), 9, "getCurrentLineCount()") or diag("The getCurrentLineCount() call failed.");
353 }
354
355
356
357 # =begin testing
358 {
359 my ($nextGroup, $expectedGroup);
360 my $test_registry_file = $ENV{PWD} . "/" . getVar(name      => "registry_file",
361                                                   namespace => "HoneyClient::Agent::Integrity::Registry::Parser::Test");
362
363 # Create a generic Parser object, with test state data.
364 my $parser = HoneyClient::Agent::Integrity::Registry::Parser->init(input_file => $test_registry_file, index_groups => 1);
365
366 # Verify Test Group #2
367 $expectedGroup = {
368     key     => 'HKEY_CURRENT_USER\Testing Group 2',
369     entries => [ {
370         name  => '@',
371         value => '\\"Annoying=Value\\"',
372     }, {
373         name  => '\\"Annoying=Key\\"',
374         value => 'Bar',
375     }, {
376         name  => 'Multiline',
377         value => 'This
378 value spans
379 multiple lines
380 ',
381     }, {
382         name  => 'Sane_Key',
383         value => '\\"Wierd=\\"Value',
384     }, ],
385 };
386 is($parser->seekToNearestGroup(absolute_offset => 84), 73, "seekToNearestGroup(absolute_offset => 84)") or diag("The seekToNearestGroup() call failed.");
387 $nextGroup = $parser->nextGroup();
388 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_offset => 84)") or diag("The seekToNearestGroup() call failed.");
389
390 is($parser->seekToNearestGroup(absolute_linenum => 7), 6, "seekToNearestGroup(absolute_linenum => 7)") or diag("The seekToNearestGroup() call failed.");
391 $nextGroup = $parser->nextGroup();
392 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_linenum => 7)") or diag("The seekToNearestGroup() call failed.");
393
394 # Verify Test Group #3
395 $expectedGroup = {
396     key     => 'HKEY_CURRENT_USER\Testing Group 3',
397     entries => [ {
398         name  => 'Test_Bin_1',
399         value => 'hex:f4,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,bc,02,00,00,00,\
400   00,00,00,00,00,00,00,54,00,61,00,68,00,6f,00,6d,00,61,00,00,00,f0,77,3f,00,\
401   3f,00,3f,00,3f,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,78,00,1c,10,fc,\
402   7f,22,14,fc,7f,b0,fe,12,00,00,00,00,00,00,00,00,00,98,23,eb,77'
403     }, {
404         name  => 'Test_Bin_2',
405         value => 'hex:f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,90,01,00,00,00,\
406   00,00,00,00,00,00,00,4d,00,69,00,63,00,72,00,6f,00,73,00,6f,00,66,00,74,00,\
407   20,00,53,00,61,00,6e,00,73,00,20,00,53,00,65,00,72,00,69,00,66,00,00,00,f0,\
408   77,00,20,14,00,00,00,00,10,80,05,14,00,f0,1f,14,00,00,00,14,00'
409     }, ],
410 };
411
412 is($parser->seekToNearestGroup(absolute_offset => 301), 234, "seekToNearestGroup(absolute_offset => 301)") or diag("The seekToNearestGroup() call failed.");
413 $nextGroup = $parser->nextGroup();
414 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_offset => 301)") or diag("The seekToNearestGroup() call failed.");
415
416 is($parser->seekToNearestGroup(absolute_linenum => 16), 15, "seekToNearestGroup(absolute_linenum => 16)") or diag("The seekToNearestGroup() call failed.");
417 $nextGroup = $parser->nextGroup();
418 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_linenum => 16)") or diag("The seekToNearestGroup() call failed.");
419
420 is($parser->seekToNearestGroup(absolute_linenum => 26, adjust_index => -1), 15, "seekToNearestGroup(absolute_linenum => 26, adjust_index => -1)") or diag("The seekToNearestGroup() call failed.");
421 $nextGroup = $parser->nextGroup();
422 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_linenum => 26, adjust_index => -1)") or diag("The seekToNearestGroup() call failed.");
423
424 # Verify Test Group #4
425 $expectedGroup = {
426     key     => 'HKEY_CURRENT_USER\Testing Group 4',
427     entries => [],
428 };
429
430 is($parser->seekToNearestGroup(absolute_offset => 898), 881, "seekToNearestGroup(absolute_offset => 898)") or diag("The seekToNearestGroup() call failed.");
431 $nextGroup = $parser->nextGroup();
432 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_offset => 898)") or diag("The seekToNearestGroup() call failed.");
433
434 is($parser->seekToNearestGroup(absolute_linenum => 26), 25, "seekToNearestGroup(absolute_linenum => 26)") or diag("The seekToNearestGroup() call failed.");
435 $nextGroup = $parser->nextGroup();
436 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_linenum => 26)") or diag("The seekToNearestGroup() call failed.");
437
438 # Verify Test Group #8
439 $expectedGroup = {
440     key     => 'HKEY_CURRENT_USER\Testing Group 8\{00021492-0000-0000-C000-000000000046}',
441     entries => [ {
442         name  => '000',
443         value => 'String Value',
444     }, ],
445 };
446 is($parser->seekToNearestGroup(absolute_offset => 898, adjust_index => 99), 1674, "seekToNearestGroup(absolute_offset => 898, adjust_index => 99)") or diag("The seekToNearestGroup() call failed.");
447 $nextGroup = $parser->nextGroup();
448 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_offset => 898, adjust_index => 99)") or diag("The seekToNearestGroup() call failed.");
449
450 # Verify Test Group #1
451 $expectedGroup = {
452     key     => 'HKEY_CURRENT_USER\]Testing Group 1[',
453     entries => [ {
454         name  => '@',
455         value => 'Default',
456     }, {
457         name  => 'Foo',
458         value => 'Bar',
459     }, ],
460 };
461 is($parser->seekToNearestGroup(absolute_offset => 898, adjust_index => -99), 0, "seekToNearestGroup(absolute_offset => 898, adjust_index => -99)") or diag("The seekToNearestGroup() call failed.");
462 $nextGroup = $parser->nextGroup();
463 is_deeply($nextGroup, $expectedGroup, "seekToNearestGroup(absolute_offset => 898, adjust_index => -99)") or diag("The seekToNearestGroup() call failed.");
464 }
465
466
467
468
469 1;
Note: See TracBrowser for help on using the browser.