Move all tests for monkey_island/cc/services/reporting/report.py to one file

This commit is contained in:
Shreya 2021-04-16 13:19:39 +05:30
parent c08dbf9376
commit f8936f61bb
2 changed files with 116 additions and 117 deletions

View File

@ -1,8 +1,81 @@
import datetime import datetime
from copy import deepcopy from copy import deepcopy
import mongomock
import pytest
from bson import ObjectId
from monkey_island.cc.services.reporting.report import ReportService from monkey_island.cc.services.reporting.report import ReportService
TELEM_ID = {
"exploit_creds": ObjectId(b"123456789000"),
"system_info_creds": ObjectId(b"987654321000"),
"no_creds": ObjectId(b"112233445566"),
"monkey": ObjectId(b"665544332211"),
}
MONKEY_GUID = "67890"
USER = "user-name"
PWD = "password123"
LM_HASH = "e52cac67419a9a22664345140a852f61"
NT_HASH = "a9fdfa038c4b75ebc76dc855dd74f0da"
VICTIM_IP = "0.0.0.0"
VICTIM_DOMAIN_NAME = "domain-name"
HOSTNAME = "name-of-host"
EXPLOITER_CLASS_NAME = "exploiter-name"
# Below telem constants only contain fields relevant to current tests
EXPLOIT_TELEMETRY_TELEM = {
"_id": TELEM_ID["exploit_creds"],
"monkey_guid": MONKEY_GUID,
"telem_category": "exploit",
"data": {
"machine": {
"ip_addr": VICTIM_IP,
"domain_name": VICTIM_DOMAIN_NAME,
},
"info": {
"credentials": {
USER: {
"username": USER,
"lm_hash": LM_HASH,
"ntlm_hash": NT_HASH,
}
}
},
},
}
SYSTEM_INFO_TELEMETRY_TELEM = {
"_id": TELEM_ID["system_info_creds"],
"monkey_guid": MONKEY_GUID,
"telem_category": "system_info",
"data": {
"credentials": {
USER: {
"password": PWD,
"lm_hash": LM_HASH,
"ntlm_hash": NT_HASH,
}
}
},
}
NO_CREDS_TELEMETRY_TELEM = {
"_id": TELEM_ID["no_creds"],
"monkey_guid": MONKEY_GUID,
"telem_category": "exploit",
"data": {
"machine": {
"ip_addr": VICTIM_IP,
"domain_name": VICTIM_DOMAIN_NAME,
},
"info": {"credentials": {}},
},
}
MONKEY_TELEM = {"_id": TELEM_ID["monkey"], "guid": MONKEY_GUID, "hostname": HOSTNAME}
NODE_DICT = { NODE_DICT = {
"id": "602f62118e30cf35830ff8e4", "id": "602f62118e30cf35830ff8e4",
"label": "WinDev2010Eval.mshome.net", "label": "WinDev2010Eval.mshome.net",
@ -51,6 +124,49 @@ NODE_DICT_FAILED_EXPLOITS["exploits"][0]["result"] = False
NODE_DICT_FAILED_EXPLOITS["exploits"][1]["result"] = False NODE_DICT_FAILED_EXPLOITS["exploits"][1]["result"] = False
@pytest.fixture
def fake_mongo(monkeypatch):
mongo = mongomock.MongoClient()
monkeypatch.setattr("monkey_island.cc.services.reporting.report.mongo", mongo)
monkeypatch.setattr("monkey_island.cc.services.node.mongo", mongo)
return mongo
def test_get_stolen_creds_exploit(fake_mongo):
fake_mongo.db.telemetry.insert_one(EXPLOIT_TELEMETRY_TELEM)
stolen_creds_exploit = ReportService.get_stolen_creds()
expected_stolen_creds_exploit = [
{"origin": VICTIM_DOMAIN_NAME, "type": "LM hash", "username": USER},
{"origin": VICTIM_DOMAIN_NAME, "type": "NTLM hash", "username": USER},
]
assert expected_stolen_creds_exploit == stolen_creds_exploit
def test_get_stolen_creds_system_info(fake_mongo):
fake_mongo.db.monkey.insert_one(MONKEY_TELEM)
fake_mongo.db.telemetry.insert_one(SYSTEM_INFO_TELEMETRY_TELEM)
stolen_creds_system_info = ReportService.get_stolen_creds()
expected_stolen_creds_system_info = [
{"origin": HOSTNAME, "type": "Clear Password", "username": USER},
{"origin": HOSTNAME, "type": "LM hash", "username": USER},
{"origin": HOSTNAME, "type": "NTLM hash", "username": USER},
]
assert expected_stolen_creds_system_info == stolen_creds_system_info
def test_get_stolen_creds_no_creds(fake_mongo):
fake_mongo.db.telemetry.insert_one(NO_CREDS_TELEMETRY_TELEM)
stolen_creds_no_creds = ReportService.get_stolen_creds()
expected_stolen_creds_no_creds = []
assert expected_stolen_creds_no_creds == stolen_creds_no_creds
def test_get_exploits_used_on_node(): def test_get_exploits_used_on_node():
exploits = ReportService.get_exploits_used_on_node(NODE_DICT) exploits = ReportService.get_exploits_used_on_node(NODE_DICT)
assert sorted(exploits) == sorted(["Elastic Groovy Exploiter", "Drupal Server Exploiter"]) assert sorted(exploits) == sorted(["Elastic Groovy Exploiter", "Drupal Server Exploiter"])

View File

@ -1,117 +0,0 @@
import mongomock
import pytest
from bson import ObjectId
from monkey_island.cc.services.reporting.report import ReportService
TELEM_ID = {
"exploit_creds": ObjectId(b"123456789000"),
"system_info_creds": ObjectId(b"987654321000"),
"no_creds": ObjectId(b"112233445566"),
"monkey": ObjectId(b"665544332211"),
}
MONKEY_GUID = "67890"
USER = "user-name"
PWD = "password123"
LM_HASH = "e52cac67419a9a22664345140a852f61"
NT_HASH = "a9fdfa038c4b75ebc76dc855dd74f0da"
VICTIM_IP = "0.0.0.0"
VICTIM_DOMAIN_NAME = "domain-name"
HOSTNAME = "name-of-host"
EXPLOITER_CLASS_NAME = "exploiter-name"
# Below telem constants only contain fields relevant to current tests
EXPLOIT_TELEMETRY_TELEM = {
"_id": TELEM_ID["exploit_creds"],
"monkey_guid": MONKEY_GUID,
"telem_category": "exploit",
"data": {
"machine": {
"ip_addr": VICTIM_IP,
"domain_name": VICTIM_DOMAIN_NAME,
},
"info": {
"credentials": {
USER: {
"username": USER,
"lm_hash": LM_HASH,
"ntlm_hash": NT_HASH,
}
}
},
},
}
SYSTEM_INFO_TELEMETRY_TELEM = {
"_id": TELEM_ID["system_info_creds"],
"monkey_guid": MONKEY_GUID,
"telem_category": "system_info",
"data": {
"credentials": {
USER: {
"password": PWD,
"lm_hash": LM_HASH,
"ntlm_hash": NT_HASH,
}
}
},
}
NO_CREDS_TELEMETRY_TELEM = {
"_id": TELEM_ID["no_creds"],
"monkey_guid": MONKEY_GUID,
"telem_category": "exploit",
"data": {
"machine": {
"ip_addr": VICTIM_IP,
"domain_name": VICTIM_DOMAIN_NAME,
},
"info": {"credentials": {}},
},
}
MONKEY_TELEM = {"_id": TELEM_ID["monkey"], "guid": MONKEY_GUID, "hostname": HOSTNAME}
@pytest.fixture
def fake_mongo(monkeypatch):
mongo = mongomock.MongoClient()
monkeypatch.setattr("monkey_island.cc.services.reporting.report.mongo", mongo)
monkeypatch.setattr("monkey_island.cc.services.node.mongo", mongo)
return mongo
def test_get_stolen_creds_exploit(fake_mongo):
fake_mongo.db.telemetry.insert_one(EXPLOIT_TELEMETRY_TELEM)
stolen_creds_exploit = ReportService.get_stolen_creds()
expected_stolen_creds_exploit = [
{"origin": VICTIM_DOMAIN_NAME, "type": "LM hash", "username": USER},
{"origin": VICTIM_DOMAIN_NAME, "type": "NTLM hash", "username": USER},
]
assert expected_stolen_creds_exploit == stolen_creds_exploit
def test_get_stolen_creds_system_info(fake_mongo):
fake_mongo.db.monkey.insert_one(MONKEY_TELEM)
fake_mongo.db.telemetry.insert_one(SYSTEM_INFO_TELEMETRY_TELEM)
stolen_creds_system_info = ReportService.get_stolen_creds()
expected_stolen_creds_system_info = [
{"origin": HOSTNAME, "type": "Clear Password", "username": USER},
{"origin": HOSTNAME, "type": "LM hash", "username": USER},
{"origin": HOSTNAME, "type": "NTLM hash", "username": USER},
]
assert expected_stolen_creds_system_info == stolen_creds_system_info
def test_get_stolen_creds_no_creds(fake_mongo):
fake_mongo.db.telemetry.insert_one(NO_CREDS_TELEMETRY_TELEM)
stolen_creds_no_creds = ReportService.get_stolen_creds()
expected_stolen_creds_no_creds = []
assert expected_stolen_creds_no_creds == stolen_creds_no_creds