From 54963b0b597e814154b218e4d07eaa5a8875887b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Donncha=20=C3=93=20Cearbhaill?= Date: Fri, 7 Jan 2022 17:03:53 +0100 Subject: [PATCH] Update test PR to work with latest code, fix flake8 --- mvt/common/indicators.py | 5 +++-- tests/artifacts/generate_stix.py | 5 +++-- tests/common/test_indicators.py | 13 ++++++++----- tests/ios/test_backup_info.py | 7 +++---- tests/ios/test_datausage.py | 8 +++----- tests/ios/test_manifest.py | 8 +++----- tests/ios/test_tcc.py | 7 +++---- tests/utils.py | 3 +++ 8 files changed, 29 insertions(+), 27 deletions(-) diff --git a/mvt/common/indicators.py b/mvt/common/indicators.py index d554b4d..c19ff2f 100644 --- a/mvt/common/indicators.py +++ b/mvt/common/indicators.py @@ -56,7 +56,7 @@ class Indicators: else: self.log.info("Invalid STIX2 path %s in MVT_STIX2 environment variable", path) - def load_indicators_files(self, files): + def load_indicators_files(self, files, load_default=True): """ Load a list of indicators files """ @@ -67,7 +67,8 @@ class Indicators: self.log.warning("This indicators file %s does not exist", file_path) # Load downloaded indicators and any indicators from env variable - self._load_downloaded_indicators() + if load_default: + self._load_downloaded_indicators() self._check_stix2_env_variable() self.log.info("Loaded a total of %d unique indicators", self.ioc_count) diff --git a/tests/artifacts/generate_stix.py b/tests/artifacts/generate_stix.py index 9f35d6a..677c300 100644 --- a/tests/artifacts/generate_stix.py +++ b/tests/artifacts/generate_stix.py @@ -1,6 +1,6 @@ -import sys import os -from stix2.v21 import (Indicator, Malware, Relationship, Bundle, DomainName) + +from stix2.v21 import (Indicator, Malware, Relationship, Bundle) if __name__ == "__main__": @@ -38,4 +38,5 @@ if __name__ == "__main__": bundle = Bundle(objects=res) with open("test.stix2", "w+") as f: f.write(bundle.serialize(pretty=True)) + print("test.stix2 file created") diff --git a/tests/common/test_indicators.py b/tests/common/test_indicators.py index c69e740..8456a06 100644 --- a/tests/common/test_indicators.py +++ b/tests/common/test_indicators.py @@ -1,8 +1,10 @@ import pytest import logging import os + +from mvt.common.indicators import Indicators + from ..utils import get_artifact, init_setup -from mvt.common.indicators import Indicators, IndicatorsFileBadFormat class TestIndicators: @@ -13,7 +15,7 @@ class TestIndicators: def test_parse_stix2(self): stix_path = get_artifact("test.stix2") ind = Indicators(log=logging) - ind.parse_stix2(stix_path) + ind.load_indicators_files([stix_path], load_default=False) assert ind.ioc_count == 4 assert len(ind.ioc_domains) == 1 assert len(ind.ioc_emails) == 1 @@ -23,12 +25,13 @@ class TestIndicators: def test_check_domain(self): ind = Indicators(log=logging) stix_path = get_artifact("test.stix2") - ind.parse_stix2(stix_path) - assert ind.check_domain("https://www.example.org/foobar") == True - assert ind.check_domain("http://example.org:8080/toto") == True + ind.load_indicators_files([stix_path], load_default=False) + assert ind.check_domain("https://www.example.org/foobar") + assert ind.check_domain("http://example.org:8080/toto") def test_env_stix(self): stix_path = get_artifact("test.stix2") os.environ["MVT_STIX2"] = stix_path ind = Indicators(log=logging) + ind.load_indicators_files([stix_path], load_default=False) assert ind.ioc_count == 4 diff --git a/tests/ios/test_backup_info.py b/tests/ios/test_backup_info.py index 539c787..4f83a87 100644 --- a/tests/ios/test_backup_info.py +++ b/tests/ios/test_backup_info.py @@ -1,11 +1,11 @@ import pytest import logging -import os -from ..utils import get_artifact, get_artifact_folder, init_setup -from mvt.common.indicators import Indicators, IndicatorsFileBadFormat + from mvt.ios.modules.backup.backup_info import BackupInfo from mvt.common.module import run_module +from ..utils import get_artifact_folder, init_setup + class TestBackupInfoModule: @pytest.fixture(scope="session", autouse=True) @@ -17,4 +17,3 @@ class TestBackupInfoModule: run_module(m) assert m.results["Build Version"] == "18C66" assert m.results["IMEI"] == '42' - diff --git a/tests/ios/test_datausage.py b/tests/ios/test_datausage.py index 88e2592..b773564 100644 --- a/tests/ios/test_datausage.py +++ b/tests/ios/test_datausage.py @@ -1,11 +1,11 @@ import pytest import logging -import os -from ..utils import get_artifact, get_artifact_folder, init_setup -from mvt.common.indicators import Indicators, IndicatorsFileBadFormat + +from mvt.common.indicators import Indicators from mvt.ios.modules.mixed.net_datausage import Datausage from mvt.common.module import run_module +from ..utils import get_artifact, get_artifact_folder, init_setup class TestDatausageModule: @pytest.fixture(scope="session", autouse=True) @@ -28,5 +28,3 @@ class TestDatausageModule: m.indicators = ind run_module(m) assert len(m.detected) == 4 - - diff --git a/tests/ios/test_manifest.py b/tests/ios/test_manifest.py index e02efbc..c1ae811 100644 --- a/tests/ios/test_manifest.py +++ b/tests/ios/test_manifest.py @@ -1,11 +1,11 @@ import pytest import logging -import os -from ..utils import get_artifact, get_artifact_folder, init_setup -from mvt.common.indicators import Indicators, IndicatorsFileBadFormat + +from mvt.common.indicators import Indicators from mvt.ios.modules.backup.manifest import Manifest from mvt.common.module import run_module +from ..utils import get_artifact, get_artifact_folder, init_setup class TestManifestModule: @pytest.fixture(scope="session", autouse=True) @@ -28,5 +28,3 @@ class TestManifestModule: m.indicators = ind run_module(m) assert len(m.detected) == 2 - - diff --git a/tests/ios/test_tcc.py b/tests/ios/test_tcc.py index 432cb4c..600acc5 100644 --- a/tests/ios/test_tcc.py +++ b/tests/ios/test_tcc.py @@ -1,10 +1,10 @@ import pytest import logging -import os -from ..utils import get_artifact_folder, init_setup + from mvt.ios.modules.mixed.tcc import TCC from mvt.common.module import run_module +from ..utils import get_artifact_folder, init_setup class TestManifestModule: @pytest.fixture(scope="session", autouse=True) @@ -16,8 +16,7 @@ class TestManifestModule: run_module(m) assert len(m.results) == 11 # FIXME: TCC should suport timeline - assert len(m.timeline) == 0 + assert len(m.timeline) == 11 assert len(m.detected) == 0 assert m.results[0]["service"] == "kTCCServiceUbiquity" assert m.results[0]["auth_value"] == "allowed" - diff --git a/tests/utils.py b/tests/utils.py index d31023c..c1c13b6 100644 --- a/tests/utils.py +++ b/tests/utils.py @@ -1,5 +1,6 @@ import os + def get_artifact(fname): """ Return the artifact path in the artifact folder @@ -10,9 +11,11 @@ def get_artifact(fname): return fpath return + def get_artifact_folder(): return os.path.join(os.path.dirname(__file__), "artifacts") + def init_setup(): """ init data to have a clean state before testing