CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove control characters

Browse Source
This commit is contained in:
Wes
2023-12-15 14:27:27 +00:00
parent f05eb742dd
commit e32de6893b
1 changed files with 69 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

138
salt/sensoroni/files/analyzers/malwarebazaar/malwarebazaar_test.py
View File

@@ -1,69 +1,69 @@
from io import StringIO from io import StringIO
import sys import sys
from unittest.mock import patch, MagicMock from unittest.mock import patch, MagicMock
import malwarebazaar import malwarebazaar
import unittest import unittest
class TestMalwarebazaarMethods(unittest.TestCase): class TestMalwarebazaarMethods(unittest.TestCase):
def test_main_missing_input(self): def test_main_missing_input(self):
with patch('sys.stdout', new=StringIO()) as mock_cmd: with patch('sys.stdout', new=StringIO()) as mock_cmd:
sys.argv = ["cmd"] sys.argv = ["cmd"]
malwarebazaar.main() malwarebazaar.main()
self.assertEqual(mock_cmd.getvalue(), self.assertEqual(mock_cmd.getvalue(),
'ERROR: Input is not in proper JSON format\n') 'ERROR: Input is not in proper JSON format\n')
def test_main_success(self): def test_main_success(self):
with patch('sys.stdout', new=StringIO()) as mock_cmd: with patch('sys.stdout', new=StringIO()) as mock_cmd:
with patch('malwarebazaar.malwarebazaar.analyze', new=MagicMock(return_value={'test': 'val'})) as mock: with patch('malwarebazaar.malwarebazaar.analyze', new=MagicMock(return_value={'test': 'val'})) as mock:
sys.argv = ["cmd", "input"] sys.argv = ["cmd", "input"]
malwarebazaar.main() malwarebazaar.main()
expected = '{"test": "val"}\n' expected = '{"test": "val"}\n'
self.assertEqual(mock_cmd.getvalue(), expected) self.assertEqual(mock_cmd.getvalue(), expected)
mock.assert_called_once() mock.assert_called_once()
def test_analyze(self): def test_analyze(self):
"""simulated sendReq and prepareResults with 2 mock objects and variables sendReqOutput and prepareResultOutput, """simulated sendReq and prepareResults with 2 mock objects and variables sendReqOutput and prepareResultOutput,
input created for analyze method call and then we compared results['summary'] with 'no result' """ input created for analyze method call and then we compared results['summary'] with 'no result' """
sendReqOutput = {'threat': 'no_result', "query_status": "ok", 'data': [{'sha256_hash': 'notavalidhash'}]} sendReqOutput = {'threat': 'no_result', "query_status": "ok", 'data': [{'sha256_hash': 'notavalidhash'}]}
input = '{"artifactType": "hash", "value": "1234"}' input = '{"artifactType": "hash", "value": "1234"}'
input2 = '{"artifactType": "tlsh", "value": "1234"}' input2 = '{"artifactType": "tlsh", "value": "1234"}'
input3 = '{"artifactType": "gimphash", "value": "1234"}' input3 = '{"artifactType": "gimphash", "value": "1234"}'
prepareResultOutput = {'response': '', prepareResultOutput = {'response': '',
'summary': 'no result', 'status': 'info'} 'summary': 'no result', 'status': 'info'}
with patch('malwarebazaar.malwarebazaar.sendReq', new=MagicMock(return_value=sendReqOutput)) as mock: with patch('malwarebazaar.malwarebazaar.sendReq', new=MagicMock(return_value=sendReqOutput)) as mock:
with patch('malwarebazaar.malwarebazaar.prepareResults', new=MagicMock(return_value=prepareResultOutput)) as mock2: with patch('malwarebazaar.malwarebazaar.prepareResults', new=MagicMock(return_value=prepareResultOutput)) as mock2:
results = malwarebazaar.analyze(input) results = malwarebazaar.analyze(input)
results2 = malwarebazaar.analyze(input2) results2 = malwarebazaar.analyze(input2)
results3 = malwarebazaar.analyze(input3) results3 = malwarebazaar.analyze(input3)
self.assertEqual(results["summary"], prepareResultOutput['summary']) self.assertEqual(results["summary"], prepareResultOutput['summary'])
self.assertEqual(results2["summary"], prepareResultOutput['summary']) self.assertEqual(results2["summary"], prepareResultOutput['summary'])
self.assertEqual(results3["summary"], prepareResultOutput['summary']) self.assertEqual(results3["summary"], prepareResultOutput['summary'])
self.assertEqual(results["status"], "info") self.assertEqual(results["status"], "info")
self.assertEqual(results2["status"], "info") self.assertEqual(results2["status"], "info")
self.assertEqual(results3["status"], "info") self.assertEqual(results3["status"], "info")
mock2.assert_called() mock2.assert_called()
mock.assert_called() mock.assert_called()
def test_prepareResults_illegal_search_term(self): def test_prepareResults_illegal_search_term(self):
# illegal search term # illegal search term
raw = {'query_status': 'illegal_search_term'} raw = {'query_status': 'illegal_search_term'}
expected = {'response': raw, 'status': 'info', 'summary': 'no result'} expected = {'response': raw, 'status': 'info', 'summary': 'no result'}
results = malwarebazaar.prepareResults(raw) results = malwarebazaar.prepareResults(raw)
self.assertEqual(results, expected) self.assertEqual(results, expected)
def test_buildReqGimqhash(self): def test_buildReqGimqhash(self):
result = malwarebazaar.buildReq('gimphash', '') result = malwarebazaar.buildReq('gimphash', '')
self.assertEqual( self.assertEqual(
result, {'query': 'get_gimphash', 'gimphash': ''}) result, {'query': 'get_gimphash', 'gimphash': ''})
def test_buildReqHash(self): def test_buildReqHash(self):
result = malwarebazaar.buildReq('hash', '') result = malwarebazaar.buildReq('hash', '')
self.assertEqual( self.assertEqual(
result, {'query': 'get_info', 'hash': ''}) result, {'query': 'get_info', 'hash': ''})
def test_buildReqtlshhash(self): def test_buildReqtlshhash(self):
result = malwarebazaar.buildReq('tlsh', '') result = malwarebazaar.buildReq('tlsh', '')
self.assertEqual( self.assertEqual(
result, {'query': 'get_tlsh', 'tlsh': ''}) result, {'query': 'get_tlsh', 'tlsh': ''})