Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
malwaredllc
GitHub Repository: malwaredllc/byob
 Path: blob/master/web-gui/tests/unit/test_models.py
1292 views
1


2
import pytest

3
import json

4
from hashlib import md5

5
from random import getrandbits

6
from datetime import datetime

7
from buildyourownbotnet.models import db, bcrypt, User, Session, Task, Payload, ExfiltratedFile

8
from ..conftest import app_client, new_user, new_session

9


10


11
def test_new_user(app_client):

12
    """

13
    Given a new user,

14
    when a new user is created, 

15
    then check the username and hashed password are defined correctly.

16
    """

17
    test_username = 'test_user'

18
    hashed_password = bcrypt.generate_password_hash('test_password').decode('utf-8')

19
    new_user = User(id=1, username=test_username, password=hashed_password)

20
    assert new_user.username == 'test_user'

21
    assert new_user.password != 'test_password'

22


23
def test_new_session(app_client, new_user):

24
    """

25
    Given a new user,

26
    when a new session is created, 

27
    then check the session metadata is stored in the database correctly.

28
    """

29
    uid = md5(bytes(getrandbits(10))).hexdigest()

30
    session_dict = {

31
            "id": 1,

32
			"uid": uid,

33
			"online": True,

34
			"joined": datetime.utcnow(),

35
			"last_online": datetime.utcnow(),

36
			"public_ip": '1.2.3.4',

37
			"local_ip": '192.1.1.168',

38
			"mac_address": '00:0A:95:9D:68:16',

39
			"username": 'test_user',

40
			"administrator": True,

41
			"platform": 'linux2',

42
			"device": 'test_device',

43
			"architecture": 'x32',

44
			"latitude": 0.00,

45
			"longitude": 0.00,

46
			"owner": new_user.username

47
    }

48
    session = Session(**session_dict)

49
    assert isinstance(session, Session)

50
    assert session.id == 1

51
    assert session.uid == uid

52
    assert session.owner == new_user.username

53


54
def test_new_session_serialized(app_client, new_session):

55
    """

56
    Given a new session,

57
    when the serialize method is called,

58
    then check the output is a dictionary containing session attributes which can be represented as JSON string.

59
    """

60
    serialized = new_session.serialize()

61
    assert isinstance(serialized, dict)

62
    try:

63
        json.dumps(serialized)

64
    except:

65
        pytest.fail("Session serialization failed.")

66


67
def test_new_payload(app_client, new_user):

68
    """

69
    Given a new user,

70
    when a new payload is created, 

71
    then check the payload metadata is stored in the database correctly.

72
    """

73
    payload = Payload(id=1,

74
                      filename='test', 

75
                      operating_system='linux2',

76
                      architecture='x32',

77
                      owner=new_user.username)

78
    assert isinstance(payload, Payload)

79
    assert payload.id == 1

80
    assert payload.filename == 'test'

81
    assert payload.operating_system == 'linux2'

82
    assert payload.architecture == 'x32'

83
    assert payload.owner == new_user.username

84


85
def test_new_payload_serialized(app_client, new_user):

86
    """

87
    Given a new user,

88
    when a new payload is created for that user,

89
    then check the output is a dictionary containing payload attributes which can be represented as JSON string.

90
    """

91
    payload = Payload(id=1,

92
                      filename='test', 

93
                      operating_system='linux2',

94
                      architecture='x32',

95
                      owner=new_user.username)

96
    serialized = payload.serialize()

97
    assert isinstance(serialized, dict)

98
    try:

99
        json.dumps(serialized)

100
    except:

101
        pytest.fail("Payload serialization failed.")

102


103
def test_new_exfiltrated_file(app_client, new_session):

104
    """

105
    Given a session,

106
    when a new file is exfiltrated, 

107
    then check the exfiltrated file metadata is stored in the database correctly.

108
    """

109
    exfiltrated_file = ExfiltratedFile(id=1,

110
                                       filename='test.txt',

111
                                       session=new_session.uid,

112
                                       module='portscanner',

113
                                       owner=new_session.owner)

114
    assert isinstance(exfiltrated_file, ExfiltratedFile)

115
    assert exfiltrated_file.id == 1

116
    assert exfiltrated_file.filename == 'test.txt'

117
    assert exfiltrated_file.session == new_session.uid

118
    assert exfiltrated_file.module == 'portscanner'

119
    assert exfiltrated_file.owner == new_session.owner

120


121
def test_new_exfiltrated_file_serialized(app_client, new_session):

122
    """

123
    Given a new session,

124
    when a new exfiltrated file is created for that session,

125
    then check the output is a dictionary containing file attributes which can be represented as JSON string.

126
    """

127
    exfiltrated_file = ExfiltratedFile(id=1,

128
                                       filename='test.txt',

129
                                       session=new_session.uid,

130
                                       module='portscanner',

131
                                       owner=new_session.owner)

132
    serialized = exfiltrated_file.serialize()

133
    assert isinstance(serialized, dict)

134
    try:

135
        json.dumps(serialized)

136
    except:

137
        pytest.fail("ExfiltratedFile serialization failed.")

138


139
def test_new_task(app_client, new_session):

140
    """

141
    Given a session,

142
    when a new task is created for that session, 

143
    then check the task metadata is stored in the database correctly.

144
    """

145
    task = Task(id=1,

146
                session=new_session.uid, 

147
                task='whoami', 

148
                issued=datetime.utcnow())

149
    assert isinstance(task, Task)

150
    assert task.id == 1

151
    assert task.session == new_session.uid

152
    assert task.task == 'whoami'

153
    assert (datetime.utcnow() - task.issued).seconds <= 1

154
    assert task.result is None

155
    assert task.completed is None

156


157
def test_new_task_serialized(app_client, new_session):

158
    """

159
    Given a new session,

160
    when a new exfiltrated file is created for that session,

161
    then check the output is a dictionary containing task attributes which can be represented as JSON string.

162
    """

163
    task = Task(id=1,

164
                session=new_session.uid, 

165
                task='whoami', 

166
                issued=datetime.utcnow())

167
    serialized = task.serialize()

168
    assert isinstance(serialized, dict)

169
    try:

170
        json.dumps(serialized)

171
    except:

172
        pytest.fail("Task serialization failed.")

173


174