Changeset 1477
- Timestamp:
- 04/08/08 12:13:54 (5 months ago)
- Files:
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
hive/trunk/data_webapp/test/functional/bee_controller_test.rb
r1440 r1477 13 13 @response = ActionController::TestResponse.new 14 14 15 # Raw data as if pulled from the BeeJob 15 # Raw data as if pulled from the BeeJob and cleaned 16 16 @client_data = {"status"=>"running", "os"=>{"name"=>"Default Windows XP SP2", "shortname"=>"Microsoft Windows", "version"=>"XP Professional", "os_applications"=>[{"shortname"=>"Internet Explorer", "manufacturer"=>"Microsoft", "version"=>6}]}, "start"=>"2008-03-25T11:25:00", "host"=>{"org"=>"MITRE", "ip"=>"172.16.164.108", "hostname"=>"honeyclient8.mitre.org"}, "cid"=>"2df4455a3b0aa690ef4f7da84b"} 17 17 @finger_data = {"os_processes"=>[{"name"=>"C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe", "pid"=>1256, "process_files"=>[{"name"=>"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl", "event"=>"Write", "file_content"=>{"size"=>-1, "mime_type"=>"UNKNOWN", "sha1"=>"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl2008-03-25 11:58:05.13", "md5"=>"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl2008-03-25 11:58:05.13"}, "time_at"=>"2008-03-25 11:58:05.13"}, {"name"=>"C:\\Documents and Settings", "event"=>"Write", "file_content"=>{"size"=>-1, "mime_type"=>"UNKNOWN", "sha1"=>"C:\\Documents and Settings2008-03-25 11:58:05.13", "md5"=>"C:\\Documents and Settings2008-03-25 11:58:05.13"}, "time_at"=>"2008-03-25 11:58:05.13"}, {"name"=>"C:\\Documents and Settings\\Default User", "event"=>"Write", "file_content"=>{"size"=>-1, "mime_type"=>"UNKNOWN", "sha1"=>"C:\\Documents and Settings\\Default User2008-03-25 11:58:05.13", "md5"=>"C:\\Documents and Settings\\Default User2008-03-25 11:58:05.13"}, "time_at"=>"2008-03-25 11:58:05.13"}, {"name"=>"C:\\Documents and Settings\\ALL USERS", "event"=>"Write", "file_content"=>{"size"=>-1, "mime_type"=>"UNKNOWN", "sha1"=>"C:\\Documents and Settings\\ALL USERS2008-03-25 11:58:05.13", "md5"=>"C:\\Documents and Settings\\ALL USERS2008-03-25 11:58:05.13"}, "time_at"=>"2008-03-25 11:58:05.13"}, {"name"=>"C:\\Documents and Settings\\Default User\\Start Menu\\Programs", "event"=>"Write", "file_content"=>{"size"=>-1, "mime_type"=>"UNKNOWN", "sha1"=>"C:\\Documents and Settings\\Default User\\Start Menu\\Programs2008-03-25 11:58:05.13", "md5"=>"C:\\Documents and Settings\\Default User\\Start Menu\\Programs2008-03-25 11:58:05.13"}, "time_at"=>"2008-03-25 11:58:05.13"}, {"name"=>"C:\\WINDOWS\\system32\\config\\systemprofile", "event"=>"Write", "file_content"=>{"size"=>-1, "mime_type"=>"UNKNOWN", "sha1"=>"C:\\WINDOWS\\system32\\config\\systemprofile2008-03-25 11:58:05.13", "md5"=>"C:\\WINDOWS\\system32\\config\\systemprofile2008-03-25 11:58:05.13"}, "time_at"=>"2008-03-25 11:58:05.13"}], "regkeys"=>[]}], "cid"=>"2df4455a3b0aa690ef4f7da84b"} … … 58 58 @request.env['HTTP_AUTHORIZATION'] = '1234' 59 59 post(:client, :data => encoded) 60 assert_response 20 060 assert_response 201 61 61 assert Client.find(:all).size == 1 62 62 end … … 71 71 72 72 post(:fingerprint, :data => encoded) 73 assert_response 20 073 assert_response 201 74 74 nc = Client.find(c.id) 75 75 assert nc.fingerprint … … 86 86 assert c.save 87 87 post(:history, :data => encoded) 88 assert_response 20 088 assert_response 201 89 89 nc = Client.find(c.id) 90 90 assert nc.history_urls.size > 0 91 91 end 92 92 93 end hive/trunk/data_webapp/test/unit/bee_job_test.rb
r1372 r1477 3 3 class BeeJobTest < ActiveSupport::TestCase 4 4 5 # THIS TEST HAS BEEN MOVED TO HC FUNCTIONAL TESTS 5 6 def setup 6 @client = YAML.load("---\ncid: 2df4455a3b0aa690ef4f7da84b\nhost:\n hostname: honeyclient8.mitre.org\n ip: 172.16.164.108\n org: MITRE\nos:\n name: Default Windows XP SP2\n os_applications:\n - manufacturer: Microsoft\n shortname: Internet Explorer\n version: 6\n shortname: Microsoft Windows\n version: XP Professional\nstart: 2008-03-25T11:25:00\nstatus: running\n")7 @fingerprint = YAML.load("---\nclient_id: 504\nos_processes:\n- name: C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe\n pid: 1256\n process_files:\n - event: Write\n file_content:\n md5: C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl2008-03-25 11:58:05.13\n size: -1\n name: C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings\\Default User2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings\\Default User2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\\Default User\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings\\ALL USERS2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings\\ALL USERS2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\\ALL USERS\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings\\Default User\\Start Menu\\Programs2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings\\Default User\\Start Menu\\Programs2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\\Default User\\Start Menu\\Programs\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\WINDOWS\\system32\\config\\systemprofile2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\WINDOWS\\system32\\config\\systemprofile2008-03-25 11:58:05.13\n size: -1\n name: C:\\WINDOWS\\system32\\config\\systemprofile\n time_at: 2008-03-25 11:58:05.13\n regkeys: []\ntime_at: 2008-03-25 11:58:05.13\n")8 @history = YAML.load("---\n_remaining_number_of_relative_links_to_visit: 4\nclient_id: 504\nignore_links_timed_out: 1\nlimit_spidering: 1\nlinks_ignored:\n ftp://qupdate.commvault.com//CVUpdates/6.1.0/Unix/ServicePacks//darwin/: 2008-03-24\n 11:10:01.765027999\n ftp://qupdate.commvault.com//CVUpdates/6.1.0/Unix/ServicePacks//osf/: 2008-03-24\n 11:17:31.759776115\n ftp://qupdate.commvault.com//CVUpdates/6.1.0/Windows/ServicePacks/: 2008-03-24 06:51:03.492007970\n http://24091972@ftp.mucpro01.netfirms.com/www/pro/scriptpro.asp: 2008-03-19 01:03:00.234250068\n http://Administrator:password@195.14.96.149/sp5a/UJKSRNC.251: 2008-03-19 02:10:53.570013046\n http://localhost/: 2008-03-22 22:08:09.603230953\n http://mucpro01:24091972@ftp.mucpro01.netfirms.com/www/pro/scriptpro.asp: 2008-03-19\n 22:15:39.109452962\nlinks_timed_out: {}\nlinks_to_visit: {}\nlinks_visited:\n http://www.softcashier.com/members/link.php?wmid=1020&l=9&it=2&s=2: 2008-03-25 13:02:23.419874906\nmax_relative_links_to_visit: 5\nnegative_words:\n- archive\n- privacy\n- legal\n- disclaim\n- about\n- contact\n- copyright\n- jobs\n- careers\n- term\nnext_link_to_visit: ~\nparse_active_content: 0\npositive_words:\n- news\n- new\n- big\n- latest\n- main\n- update\n- sell\n- free\n- buy\n- science\nrelative_links_to_visit: {}\ntimeout: 20\n")7 #@client = YAML.load("---\ncid: 2df4455a3b0aa690ef4f7da84b\nhost:\n hostname: honeyclient8.mitre.org\n ip: 172.16.164.108\n org: MITRE\nos:\n name: Default Windows XP SP2\n os_applications:\n - manufacturer: Microsoft\n shortname: Internet Explorer\n version: 6\n shortname: Microsoft Windows\n version: XP Professional\nstart: 2008-03-25T11:25:00\nstatus: running\n") 8 #@fingerprint = YAML.load("---\nclient_id: 504\nos_processes:\n- name: C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe\n pid: 1256\n process_files:\n - event: Write\n file_content:\n md5: C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl2008-03-25 11:58:05.13\n size: -1\n name: C:\\WINDOWS\\PCHEALTH\\HELPCTR\\DataColl\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings\\Default User2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings\\Default User2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\\Default User\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings\\ALL USERS2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings\\ALL USERS2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\\ALL USERS\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\Documents and Settings\\Default User\\Start Menu\\Programs2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\Documents and Settings\\Default User\\Start Menu\\Programs2008-03-25 11:58:05.13\n size: -1\n name: C:\\Documents and Settings\\Default User\\Start Menu\\Programs\n time_at: 2008-03-25 11:58:05.13\n - event: Write\n file_content:\n md5: C:\\WINDOWS\\system32\\config\\systemprofile2008-03-25 11:58:05.13\n mime_type: UNKNOWN\n sha1: C:\\WINDOWS\\system32\\config\\systemprofile2008-03-25 11:58:05.13\n size: -1\n name: C:\\WINDOWS\\system32\\config\\systemprofile\n time_at: 2008-03-25 11:58:05.13\n regkeys: []\ntime_at: 2008-03-25 11:58:05.13\n") 9 #@history = YAML.load("---\n_remaining_number_of_relative_links_to_visit: 4\nclient_id: 504\nignore_links_timed_out: 1\nlimit_spidering: 1\nlinks_ignored:\n ftp://qupdate.commvault.com//CVUpdates/6.1.0/Unix/ServicePacks//darwin/: 2008-03-24\n 11:10:01.765027999\n ftp://qupdate.commvault.com//CVUpdates/6.1.0/Unix/ServicePacks//osf/: 2008-03-24\n 11:17:31.759776115\n ftp://qupdate.commvault.com//CVUpdates/6.1.0/Windows/ServicePacks/: 2008-03-24 06:51:03.492007970\n http://24091972@ftp.mucpro01.netfirms.com/www/pro/scriptpro.asp: 2008-03-19 01:03:00.234250068\n http://Administrator:password@195.14.96.149/sp5a/UJKSRNC.251: 2008-03-19 02:10:53.570013046\n http://localhost/: 2008-03-22 22:08:09.603230953\n http://mucpro01:24091972@ftp.mucpro01.netfirms.com/www/pro/scriptpro.asp: 2008-03-19\n 22:15:39.109452962\nlinks_timed_out: {}\nlinks_to_visit: {}\nlinks_visited:\n http://www.softcashier.com/members/link.php?wmid=1020&l=9&it=2&s=2: 2008-03-25 13:02:23.419874906\nmax_relative_links_to_visit: 5\nnegative_words:\n- archive\n- privacy\n- legal\n- disclaim\n- about\n- contact\n- copyright\n- jobs\n- careers\n- term\nnext_link_to_visit: ~\nparse_active_content: 0\npositive_words:\n- news\n- new\n- big\n- latest\n- main\n- update\n- sell\n- free\n- buy\n- science\nrelative_links_to_visit: {}\ntimeout: 20\n") 9 10 end 10 11 11 def test_bee_to_hive12 BeeJob.add_job("client",@client)13 j = BeeJob.get_job14 assert_not_nil j15 assert_equal "client", j.job_type16 data = j.job_data17 assert_equal "honeyclient8.mitre.org", data["host"]["hostname"]18 19 indata = ActiveSupport::JSON.encode(data)20 assert_not_nil indata21 outdata = ActiveSupport::JSON.decode(indata)22 23 c = Client.new_from_hash(outdata)24 assert c.save25 assert_equal "2df4455a3b0aa690ef4f7da84b", c.cid26 assert_equal "honeyclient8.mitre.org", c.host.hostname27 end28 29 def test_fingerprint_to_hive30 @fingerprint.delete("time_at")31 BeeJob.add_job("fingerprint",@fingerprint)32 j = BeeJob.get_job33 assert_not_nil j34 assert_equal "fingerprint", j.job_type35 data = j.job_data36 assert_equal 504, data["client_id"]37 38 indata = ActiveSupport::JSON.encode(data)39 assert_not_nil indata40 outdata = ActiveSupport::JSON.decode(indata)41 42 f = Fingerprint.new_from_hash(outdata)43 assert f.save44 assert f.os_processes.size > 045 end46 47 def history_to_hive48 end49 50 12 end
