agent: Remove dirs_exist_ok from shutil.copytree() call

The dirs_exist_ok parameter of shutil.copytree() was introduced in
Python 3.8. Since the agent uses python3.7 in order to be more
compatible with older systems, we can't use this parameter.
This commit is contained in:
Mike Salvatore 2021-06-23 08:14:34 -04:00
parent 6307606010
commit 7149e112b0
1 changed files with 36 additions and 30 deletions

View File

@ -48,10 +48,11 @@ def with_extension(filename):
@pytest.fixture @pytest.fixture
def ransomware_target(tmp_path, data_for_tests_dir): def ransomware_target(tmp_path, data_for_tests_dir):
ransomware_target_data = Path(data_for_tests_dir) / "ransomware_targets" ransomware_test_data = Path(data_for_tests_dir) / "ransomware_targets"
shutil.copytree(ransomware_target_data, tmp_path, dirs_exist_ok=True) ransomware_target = tmp_path / "ransomware_target"
shutil.copytree(ransomware_test_data, ransomware_target)
return tmp_path return ransomware_target
@pytest.fixture @pytest.fixture
@ -64,66 +65,71 @@ def ransomware_payload(ransomware_payload_config):
return RansomewarePayload(ransomware_payload_config) return RansomewarePayload(ransomware_payload_config)
def test_file_with_excluded_extension_not_encrypted(tmp_path, ransomware_payload): def test_file_with_excluded_extension_not_encrypted(ransomware_target, ransomware_payload):
ransomware_payload.run_payload() ransomware_payload.run_payload()
assert hash_file(tmp_path / TEST_LIB_DLL) == TEST_LIB_DLL_CLEARTEXT_SHA256 assert hash_file(ransomware_target / TEST_LIB_DLL) == TEST_LIB_DLL_CLEARTEXT_SHA256
def test_shortcut_not_encrypted(tmp_path, ransomware_payload): def test_shortcut_not_encrypted(ransomware_target, ransomware_payload):
ransomware_payload.run_payload() ransomware_payload.run_payload()
assert hash_file(tmp_path / SHORTCUT_LNK) == SHORTCUT_LNK_CLEARTEXT_SHA256 assert hash_file(ransomware_target / SHORTCUT_LNK) == SHORTCUT_LNK_CLEARTEXT_SHA256
@pytest.mark.skipif( @pytest.mark.skipif(
os.name == "nt" and not is_user_admin(), reason="Test requires admin rights on Windows" os.name == "nt" and not is_user_admin(), reason="Test requires admin rights on Windows"
) )
def test_symlink_not_encrypted(tmp_path, ransomware_payload): def test_symlink_not_encrypted(ransomware_target, ransomware_payload):
SYMLINK = "symlink.pdf" SYMLINK = "symlink.pdf"
link_path = tmp_path / SYMLINK link_path = ransomware_target / SYMLINK
link_path.symlink_to(tmp_path / TEST_LIB_DLL) link_path.symlink_to(ransomware_target / TEST_LIB_DLL)
ransomware_payload.run_payload() ransomware_payload.run_payload()
assert hash_file(tmp_path / SYMLINK) == TEST_LIB_DLL_CLEARTEXT_SHA256 assert hash_file(ransomware_target / SYMLINK) == TEST_LIB_DLL_CLEARTEXT_SHA256
def test_encryption_not_recursive(tmp_path, ransomware_payload): def test_encryption_not_recursive(ransomware_target, ransomware_payload):
ransomware_payload.run_payload() ransomware_payload.run_payload()
assert hash_file(tmp_path / SUBDIR / HELLO_TXT) == HELLO_TXT_CLEARTEXT_SHA256 assert hash_file(ransomware_target / SUBDIR / HELLO_TXT) == HELLO_TXT_CLEARTEXT_SHA256
def test_file_with_included_extension_encrypted(tmp_path, ransomware_payload): def test_file_with_included_extension_encrypted(ransomware_target, ransomware_payload):
assert hash_file(tmp_path / ALL_ZEROS_PDF) == ALL_ZEROS_PDF_CLEARTEXT_SHA256 assert hash_file(ransomware_target / ALL_ZEROS_PDF) == ALL_ZEROS_PDF_CLEARTEXT_SHA256
assert hash_file(tmp_path / TEST_KEYBOARD_TXT) == TEST_KEYBOARD_TXT_CLEARTEXT_SHA256 assert hash_file(ransomware_target / TEST_KEYBOARD_TXT) == TEST_KEYBOARD_TXT_CLEARTEXT_SHA256
ransomware_payload.run_payload() ransomware_payload.run_payload()
assert hash_file(tmp_path / with_extension(ALL_ZEROS_PDF)) == ALL_ZEROS_PDF_ENCRYPTED_SHA256
assert ( assert (
hash_file(tmp_path / with_extension(TEST_KEYBOARD_TXT)) hash_file(ransomware_target / with_extension(ALL_ZEROS_PDF))
== ALL_ZEROS_PDF_ENCRYPTED_SHA256
)
assert (
hash_file(ransomware_target / with_extension(TEST_KEYBOARD_TXT))
== TEST_KEYBOARD_TXT_ENCRYPTED_SHA256 == TEST_KEYBOARD_TXT_ENCRYPTED_SHA256
) )
def test_file_encrypted_in_place(tmp_path, ransomware_payload): def test_file_encrypted_in_place(ransomware_target, ransomware_payload):
expected_all_zeros_inode = os.stat(tmp_path / ALL_ZEROS_PDF).st_ino expected_all_zeros_inode = os.stat(ransomware_target / ALL_ZEROS_PDF).st_ino
expected_test_keyboard_inode = os.stat(tmp_path / TEST_KEYBOARD_TXT).st_ino expected_test_keyboard_inode = os.stat(ransomware_target / TEST_KEYBOARD_TXT).st_ino
ransomware_payload.run_payload() ransomware_payload.run_payload()
actual_all_zeros_inode = os.stat(tmp_path / with_extension(ALL_ZEROS_PDF)).st_ino actual_all_zeros_inode = os.stat(ransomware_target / with_extension(ALL_ZEROS_PDF)).st_ino
actual_test_keyboard_inode = os.stat(tmp_path / with_extension(TEST_KEYBOARD_TXT)).st_ino actual_test_keyboard_inode = os.stat(
ransomware_target / with_extension(TEST_KEYBOARD_TXT)
).st_ino
assert expected_all_zeros_inode == actual_all_zeros_inode assert expected_all_zeros_inode == actual_all_zeros_inode
assert expected_test_keyboard_inode == actual_test_keyboard_inode assert expected_test_keyboard_inode == actual_test_keyboard_inode
def test_encryption_reversible(tmp_path, ransomware_payload): def test_encryption_reversible(ransomware_target, ransomware_payload):
orig_path = tmp_path / TEST_KEYBOARD_TXT orig_path = ransomware_target / TEST_KEYBOARD_TXT
new_path = tmp_path / with_extension(TEST_KEYBOARD_TXT) new_path = ransomware_target / with_extension(TEST_KEYBOARD_TXT)
assert hash_file(orig_path) == TEST_KEYBOARD_TXT_CLEARTEXT_SHA256 assert hash_file(orig_path) == TEST_KEYBOARD_TXT_CLEARTEXT_SHA256
ransomware_payload.run_payload() ransomware_payload.run_payload()
@ -132,16 +138,16 @@ def test_encryption_reversible(tmp_path, ransomware_payload):
new_path.rename(orig_path) new_path.rename(orig_path)
ransomware_payload.run_payload() ransomware_payload.run_payload()
assert ( assert (
hash_file(tmp_path / with_extension(TEST_KEYBOARD_TXT)) hash_file(ransomware_target / with_extension(TEST_KEYBOARD_TXT))
== TEST_KEYBOARD_TXT_CLEARTEXT_SHA256 == TEST_KEYBOARD_TXT_CLEARTEXT_SHA256
) )
def test_skip_already_encrypted_file(tmp_path, ransomware_payload): def test_skip_already_encrypted_file(ransomware_target, ransomware_payload):
ransomware_payload.run_payload() ransomware_payload.run_payload()
assert not (tmp_path / with_extension(ALREADY_ENCRYPTED_TXT_M0NK3Y)).exists() assert not (ransomware_target / with_extension(ALREADY_ENCRYPTED_TXT_M0NK3Y)).exists()
assert ( assert (
hash_file(tmp_path / ALREADY_ENCRYPTED_TXT_M0NK3Y) hash_file(ransomware_target / ALREADY_ENCRYPTED_TXT_M0NK3Y)
== ALREADY_ENCRYPTED_TXT_M0NK3Y_CLEARTEXT_SHA256 == ALREADY_ENCRYPTED_TXT_M0NK3Y_CLEARTEXT_SHA256
) )