From 707b40608ae2af53dfd93d147a81a0e16cd7d9b0 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Wed, 23 Jun 2021 09:08:36 -0400 Subject: [PATCH] tests: Extract ransomware target files to ransomware_target_files.py --- .../ransomware/ransomware_target_files.py | 23 +++++++++++ .../ransomware/test_ransomware_payload.py | 41 ++++++++----------- 2 files changed, 40 insertions(+), 24 deletions(-) create mode 100644 monkey/tests/unit_tests/infection_monkey/ransomware/ransomware_target_files.py diff --git a/monkey/tests/unit_tests/infection_monkey/ransomware/ransomware_target_files.py b/monkey/tests/unit_tests/infection_monkey/ransomware/ransomware_target_files.py new file mode 100644 index 000000000..d9940af5c --- /dev/null +++ b/monkey/tests/unit_tests/infection_monkey/ransomware/ransomware_target_files.py @@ -0,0 +1,23 @@ +SUBDIR = "subdir" +ALL_ZEROS_PDF = "all_zeros.pdf" +ALREADY_ENCRYPTED_TXT_M0NK3Y = "already_encrypted.txt.m0nk3y" +HELLO_TXT = "hello.txt" +SHORTCUT_LNK = "shortcut.lnk" +TEST_KEYBOARD_TXT = "test_keyboard.txt" +TEST_LIB_DLL = "test_lib.dll" + +ALL_ZEROS_PDF_CLEARTEXT_SHA256 = "ab3df617aaa3140f04dc53f65b5446f34a6b2bdbb1f7b78db8db4d067ba14db9" +ALREADY_ENCRYPTED_TXT_M0NK3Y_CLEARTEXT_SHA256 = ( + "ff5e58498962ab8bd619d3a9cd24b9298e7efc25b4967b1ce3f03b0e6de2aa7a" +) +HELLO_TXT_CLEARTEXT_SHA256 = "0ba904eae8773b70c75333db4de2f3ac45a8ad4ddba1b242f0b3cfc199391dd8" +SHORTCUT_LNK_CLEARTEXT_SHA256 = "5069c8b7c3c70fad55bf0f0790de787080b1b4397c4749affcd3e570ff53aad9" +TEST_KEYBOARD_TXT_CLEARTEXT_SHA256 = ( + "9d1a38784b7eefef6384bfc4b89048017db840adace11504a947016072750b2b" +) +TEST_LIB_DLL_CLEARTEXT_SHA256 = "0922d3132f2378edf313b8c2b6609a2548879911686994ca45fc5c895a7e91b1" + +ALL_ZEROS_PDF_ENCRYPTED_SHA256 = "779c176e820dbdaf643419232cb4d2760360c8633d6fe209cf706707db799b4d" +TEST_KEYBOARD_TXT_ENCRYPTED_SHA256 = ( + "80701f3694abdd25ef3df7166b3fc5189b2afb4df32f7d5adbfed61ad07b9cd5" +) diff --git a/monkey/tests/unit_tests/infection_monkey/ransomware/test_ransomware_payload.py b/monkey/tests/unit_tests/infection_monkey/ransomware/test_ransomware_payload.py index 705b10ed5..5fb4a00d4 100644 --- a/monkey/tests/unit_tests/infection_monkey/ransomware/test_ransomware_payload.py +++ b/monkey/tests/unit_tests/infection_monkey/ransomware/test_ransomware_payload.py @@ -1,34 +1,27 @@ import os import pytest +from tests.unit_tests.infection_monkey.ransomware.ransomware_target_files import ( + ALL_ZEROS_PDF, + ALL_ZEROS_PDF_CLEARTEXT_SHA256, + ALL_ZEROS_PDF_ENCRYPTED_SHA256, + ALREADY_ENCRYPTED_TXT_M0NK3Y, + ALREADY_ENCRYPTED_TXT_M0NK3Y_CLEARTEXT_SHA256, + HELLO_TXT, + HELLO_TXT_CLEARTEXT_SHA256, + SHORTCUT_LNK, + SHORTCUT_LNK_CLEARTEXT_SHA256, + SUBDIR, + TEST_KEYBOARD_TXT, + TEST_KEYBOARD_TXT_CLEARTEXT_SHA256, + TEST_KEYBOARD_TXT_ENCRYPTED_SHA256, + TEST_LIB_DLL, + TEST_LIB_DLL_CLEARTEXT_SHA256, +) from tests.utils import hash_file, is_user_admin from infection_monkey.ransomware.ransomware_payload import EXTENSION, RansomewarePayload -SUBDIR = "subdir" -ALL_ZEROS_PDF = "all_zeros.pdf" -ALREADY_ENCRYPTED_TXT_M0NK3Y = "already_encrypted.txt.m0nk3y" -HELLO_TXT = "hello.txt" -SHORTCUT_LNK = "shortcut.lnk" -TEST_KEYBOARD_TXT = "test_keyboard.txt" -TEST_LIB_DLL = "test_lib.dll" - -ALL_ZEROS_PDF_CLEARTEXT_SHA256 = "ab3df617aaa3140f04dc53f65b5446f34a6b2bdbb1f7b78db8db4d067ba14db9" -ALREADY_ENCRYPTED_TXT_M0NK3Y_CLEARTEXT_SHA256 = ( - "ff5e58498962ab8bd619d3a9cd24b9298e7efc25b4967b1ce3f03b0e6de2aa7a" -) -HELLO_TXT_CLEARTEXT_SHA256 = "0ba904eae8773b70c75333db4de2f3ac45a8ad4ddba1b242f0b3cfc199391dd8" -SHORTCUT_LNK_CLEARTEXT_SHA256 = "5069c8b7c3c70fad55bf0f0790de787080b1b4397c4749affcd3e570ff53aad9" -TEST_KEYBOARD_TXT_CLEARTEXT_SHA256 = ( - "9d1a38784b7eefef6384bfc4b89048017db840adace11504a947016072750b2b" -) -TEST_LIB_DLL_CLEARTEXT_SHA256 = "0922d3132f2378edf313b8c2b6609a2548879911686994ca45fc5c895a7e91b1" - -ALL_ZEROS_PDF_ENCRYPTED_SHA256 = "779c176e820dbdaf643419232cb4d2760360c8633d6fe209cf706707db799b4d" -TEST_KEYBOARD_TXT_ENCRYPTED_SHA256 = ( - "80701f3694abdd25ef3df7166b3fc5189b2afb4df32f7d5adbfed61ad07b9cd5" -) - def with_extension(filename): return f"{filename}{EXTENSION}"