2016-10-22 23:13:20 +02:00
|
|
|
#!/usr/bin/env python3
|
2016-06-18 07:53:26 +02:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
|
|
|
|
|
import unittest
|
|
|
|
|
import requests
|
2016-08-12 13:16:49 +02:00
|
|
|
import base64
|
|
|
|
|
import json
|
2016-08-17 14:01:11 +02:00
|
|
|
import os
|
2016-10-22 23:13:20 +02:00
|
|
|
import urllib
|
|
|
|
|
|
2016-06-18 07:53:26 +02:00
|
|
|
|
|
|
|
|
class TestModules(unittest.TestCase):
|
|
|
|
|
|
|
|
|
|
def setUp(self):
|
|
|
|
|
self.maxDiff = None
|
|
|
|
|
self.headers = {'Content-Type': 'application/json'}
|
2016-08-12 13:16:49 +02:00
|
|
|
self.url = "http://127.0.0.1:6666/"
|
2016-06-18 07:53:26 +02:00
|
|
|
|
|
|
|
|
def test_introspection(self):
|
2016-08-12 13:16:49 +02:00
|
|
|
response = requests.get(self.url + "modules")
|
2016-06-18 07:53:26 +02:00
|
|
|
print(response.json())
|
2016-10-22 23:13:20 +02:00
|
|
|
response.connection.close()
|
2016-06-18 07:53:26 +02:00
|
|
|
|
|
|
|
|
def test_cve(self):
|
|
|
|
|
with open('tests/bodycve.json', 'r') as f:
|
2016-08-12 13:16:49 +02:00
|
|
|
response = requests.post(self.url + "query", data=f.read())
|
2016-06-18 07:53:26 +02:00
|
|
|
print(response.json())
|
2016-10-22 23:13:20 +02:00
|
|
|
response.connection.close()
|
2016-06-18 07:53:26 +02:00
|
|
|
|
|
|
|
|
def test_dns(self):
|
|
|
|
|
with open('tests/body.json', 'r') as f:
|
2016-08-12 13:16:49 +02:00
|
|
|
response = requests.post(self.url + "query", data=f.read())
|
|
|
|
|
print(response.json())
|
2016-10-22 23:13:20 +02:00
|
|
|
response.connection.close()
|
2016-08-25 17:36:28 +02:00
|
|
|
with open('tests/body_timeout.json', 'r') as f:
|
|
|
|
|
response = requests.post(self.url + "query", data=f.read())
|
|
|
|
|
print(response.json())
|
2016-10-22 23:13:20 +02:00
|
|
|
response.connection.close()
|
2016-08-12 13:16:49 +02:00
|
|
|
|
|
|
|
|
def test_stix(self):
|
|
|
|
|
with open("tests/stix.xml", "r") as f:
|
|
|
|
|
data = json.dumps({"module":"stiximport",
|
2016-10-22 23:13:20 +02:00
|
|
|
"data":str(base64.b64encode(bytes(f.read(), 'utf-8'))),
|
2016-08-12 14:53:23 +02:00
|
|
|
"config": {"max_size": "15000"},
|
2016-08-12 13:16:49 +02:00
|
|
|
})
|
2016-10-22 23:13:20 +02:00
|
|
|
|
|
|
|
|
response = requests.post(self.url + "query", data=data)
|
|
|
|
|
response.connection.close()
|
|
|
|
|
print(response.json())
|
|
|
|
|
|
|
|
|
|
def test_email_headers(self):
|
|
|
|
|
with open("tests/test_no_attach.eml", "r") as f:
|
|
|
|
|
data = json.dumps({"module":"email_import",
|
|
|
|
|
"data":str(base64.b64encode(bytes(f.read(), 'utf8')),
|
|
|
|
|
'utf8')}).encode('utf8')
|
2016-08-12 13:16:49 +02:00
|
|
|
response = requests.post(self.url + "query", data=data)
|
2016-10-22 23:13:20 +02:00
|
|
|
response.connection.close()
|
|
|
|
|
print(response.json())
|
|
|
|
|
|
|
|
|
|
def test_email_attachment(self):
|
|
|
|
|
with open("tests/test_attachment.eml", "r") as f:
|
|
|
|
|
data = json.dumps({"module":"email_import",
|
|
|
|
|
"data":str(base64.b64encode(bytes(f.read(), 'utf8')),
|
|
|
|
|
'utf8')}).encode('utf8')
|
|
|
|
|
response = requests.post(self.url + "query", data=data)
|
|
|
|
|
response.connection.close()
|
2016-06-18 07:53:26 +02:00
|
|
|
print(response.json())
|
2016-08-12 13:16:49 +02:00
|
|
|
|
2016-08-17 14:01:11 +02:00
|
|
|
def test_virustotal(self):
|
|
|
|
|
# This can't actually be tested without disclosing a private
|
|
|
|
|
# API key. This will attempt to run with a .gitignored keyfile
|
|
|
|
|
# and pass if it can't find one
|
|
|
|
|
|
|
|
|
|
if not os.path.exists("tests/bodyvirustotal.json"):
|
|
|
|
|
return
|
2016-10-22 23:13:20 +02:00
|
|
|
|
2016-08-17 14:01:11 +02:00
|
|
|
with open("tests/bodyvirustotal.json", "r") as f:
|
|
|
|
|
response = requests.post(self.url + "query", data=f.read()).json()
|
|
|
|
|
assert(response)
|
2016-10-22 23:13:20 +02:00
|
|
|
response.connection.close()
|
2016-08-17 14:01:11 +02:00
|
|
|
|
2016-08-12 13:16:49 +02:00
|
|
|
if __name__ == '__main__':
|
2016-10-22 23:13:20 +02:00
|
|
|
unittest.main()
|
