p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Tests: Improve telemetry_dal tests 

* Reduce unnecessary mocking
* Remove defunct "mimikatz" field from mock telemetry
* Test encryption/decryption of all secret types for all users
This commit is contained in:
Mike Salvatore 2021-10-05 12:10:46 -04:00
parent 8f9289517f
commit 849ced2334
1 changed files with 20 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
monkey/tests/unit_tests/monkey_island/cc/models/telemetries/test_telemetry_dal.py
View File

@ -6,13 +6,9 @@ import pytest
from monkey_island.cc.models.telemetries import get_telemetry_by_query, save_telemetry from monkey_island.cc.models.telemetries import get_telemetry_by_query, save_telemetry
from monkey_island.cc.models.telemetries.telemetry import Telemetry from monkey_island.cc.models.telemetries.telemetry import Telemetry
from monkey_island.cc.server_utils.encryption import SensitiveField
from monkey_island.cc.server_utils.encryption.dict_encryption.field_encryptors import (
MimikatzResultsEncryptor,
)
MOCK_CREDENTIALS = { MOCK_CREDENTIALS = {
"Vakaris": { "M0nk3y": {
"username": "M0nk3y", "username": "M0nk3y",
"password": "", "password": "",
"ntlm_hash": "e87f2f73e353f1d95e42ce618601b61f", "ntlm_hash": "e87f2f73e353f1d95e42ce618601b61f",
@ -24,7 +20,6 @@ MOCK_CREDENTIALS = {
MOCK_DATA_DICT = { MOCK_DATA_DICT = {
"network_info": {}, "network_info": {},
"credentials": deepcopy(MOCK_CREDENTIALS), "credentials": deepcopy(MOCK_CREDENTIALS),
"mimikatz": deepcopy(MOCK_CREDENTIALS),
} }
MOCK_TELEMETRY = { MOCK_TELEMETRY = {
@ -49,19 +44,6 @@ MOCK_NO_ENCRYPTION_NEEDED_TELEMETRY = {
"data": {"done": False}, "data": {"done": False},
} }
MOCK_SENSITIVE_FIELDS = [
SensitiveField("data.credentials", MimikatzResultsEncryptor),
SensitiveField("data.mimikatz", MimikatzResultsEncryptor),
]
@pytest.fixture(autouse=True)
def patch_sensitive_fields(monkeypatch):
monkeypatch.setattr(
"monkey_island.cc.models.telemetries.telemetry_dal.sensitive_fields",
MOCK_SENSITIVE_FIELDS,
)
@pytest.fixture(autouse=True) @pytest.fixture(autouse=True)
def fake_mongo(monkeypatch): def fake_mongo(monkeypatch):
@ -71,24 +53,27 @@ def fake_mongo(monkeypatch):
@pytest.mark.usefixtures("uses_database", "uses_encryptor") @pytest.mark.usefixtures("uses_database", "uses_encryptor")
def test_telemetry_encryption(): def test_telemetry_encryption():
secret_keys = ["password", "lm_hash", "ntlm_hash"]
save_telemetry(MOCK_TELEMETRY) save_telemetry(MOCK_TELEMETRY)
assert (
not Telemetry.objects.first()["data"]["credentials"]["user"]["password"] encrypted_telemetry = Telemetry.objects.first()
== MOCK_CREDENTIALS["user"]["password"] for user in MOCK_CREDENTIALS.keys():
) assert encrypted_telemetry["data"]["credentials"][user]["username"] == user
assert (
not Telemetry.objects.first()["data"]["mimikatz"]["Vakaris"]["ntlm_hash"] for s in secret_keys:
== MOCK_CREDENTIALS["Vakaris"]["ntlm_hash"] assert (
) encrypted_telemetry["data"]["credentials"][user][s] != MOCK_CREDENTIALS[user][s]
assert ( )
get_telemetry_by_query({})[0]["data"]["credentials"]["user"]["password"]
== MOCK_CREDENTIALS["user"]["password"] decrypted_telemetry = get_telemetry_by_query({})[0]
) for user in MOCK_CREDENTIALS.keys():
assert ( assert decrypted_telemetry["data"]["credentials"][user]["username"] == user
get_telemetry_by_query({})[0]["data"]["mimikatz"]["Vakaris"]["ntlm_hash"]
== MOCK_CREDENTIALS["Vakaris"]["ntlm_hash"] for s in secret_keys:
) assert (
decrypted_telemetry["data"]["credentials"][user][s] == MOCK_CREDENTIALS[user][s]
)
@pytest.mark.usefixtures("uses_database", "uses_encryptor") @pytest.mark.usefixtures("uses_database", "uses_encryptor")