github.com/iDigitalFlame/xmt@v0.5.4/man/man_test.go

github.com/iDigitalFlame/xmt@v0.5.4/man/man_test.go (about)

     1  // Copyright (C) 2020 - 2023 iDigitalFlame
     2  //
     3  // This program is free software: you can redistribute it and/or modify
     4  // it under the terms of the GNU General Public License as published by
     5  // the Free Software Foundation, either version 3 of the License, or
     6  // any later version.
     7  //
     8  // This program is distributed in the hope that it will be useful,
     9  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    10  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    11  // GNU General Public License for more details.
    12  //
    13  // You should have received a copy of the GNU General Public License
    14  // along with this program.  If not, see <https://www.gnu.org/licenses/>.
    15  //
    16  
    17  package man
    18  
    19  import (
    20  	"bytes"
    21  	"testing"
    22  
    23  	"github.com/iDigitalFlame/xmt/cmd/filter"
    24  	"github.com/iDigitalFlame/xmt/data/crypto"
    25  )
    26  
    27  func TestRawParse(t *testing.T) {
    28  	if _, err := rawParse("google.com"); err != nil {
    29  		t.Fatalf(`TestRawParse(): Raw URL Parse "google.com" failed with error: %s!`, err.Error())
    30  	}
    31  	if _, err := rawParse("https://google.com"); err != nil {
    32  		t.Fatalf(`TestRawParse(): Raw URL Parse "https://google.com" failed with error: %s!`, err.Error())
    33  	}
    34  	if _, err := rawParse("/google.com"); err != nil {
    35  		t.Fatalf(`TestRawParse(): Raw URL Parse "/google.com" failed with error: %s!`, err.Error())
    36  	}
    37  	if _, err := rawParse("\\\\google.com"); err == nil {
    38  		t.Fatalf(`TestRawParse(): Raw URL Parse "\\google.com" should have failed!`)
    39  	}
    40  	if _, err := rawParse("\\google.com"); err == nil {
    41  		t.Fatalf(`TestRawParse(): Raw URL Parse "\google.com" should have failed!`)
    42  	}
    43  	if _, err := rawParse("derp:google.com"); err == nil {
    44  		t.Fatalf(`TestRawParse(): Raw URL Parse "\google.com" should have failed!`)
    45  	}
    46  }
    47  func TestParseHeaders(t *testing.T) {
    48  	// DLL parsers can be 1 or 2 dependent on the build constant 'cmd.LoaderEnabled'
    49  	// So we test them separately.
    50  	if r := ParseDownloadHeader(map[string][]string{"Content-Type": {"app/dll"}}); r != 1 && r != 2 {
    51  		t.Fatalf(`TestParseHeaders(): ParseDownloadHeader "app/dll" returned "%d", expected 1 or 2!`, r)
    52  	}
    53  	if r := ParseDownloadHeader(map[string][]string{"Content-Type": {"x-application/dynamic"}}); r != 1 && r != 2 {
    54  		t.Fatalf(`TestParseHeaders(): ParseDownloadHeader "x-application/dynamic" returned "%d", expected 1 or 2!`, r)
    55  	}
    56  	if r := ParseDownloadHeader(map[string][]string{"Content-Type": {"x-application/derp"}}); r != 1 && r != 2 {
    57  		t.Fatalf(`TestParseHeaders(): ParseDownloadHeader "x-application/derp" returned "%d", expected 1 or 2!`, r)
    58  	}
    59  	v := [...]struct {
    60  		Type   string
    61  		Result uint8
    62  	}{
    63  		{"abcdef/asm", 2},
    64  		{"derp123/bin", 2},
    65  		{"ahdfkjahs/shell", 3},
    66  		{"ahdfkjahs/shell", 3},
    67  		{"hello/cmd", 3},
    68  		{"testing-123/xexec", 3},
    69  		{"text/com", 3},
    70  		{"application/pwsh", 4},
    71  		{"text/pwn", 4},
    72  		{"x-icon/po", 4},
    73  		{"y-app/shellcode", 2},
    74  		{"testing/code", 2},
    75  		{"application/javascript", 0},
    76  		{"text/html", 0},
    77  		{"invalid", 0},
    78  	}
    79  	for i := range v {
    80  		if r := ParseDownloadHeader(map[string][]string{"Content-Type": {v[i].Type}}); r != v[i].Result {
    81  			t.Fatalf(`TestParseHeaders(): ParseDownloadHeader "%s" returned %d, expected %d!`, v[i].Type, r, v[i].Result)
    82  		}
    83  	}
    84  }
    85  func TestLoadSaveSentinel(t *testing.T) {
    86  	var s Sentinel
    87  	s.AddDownload("google.com/1", "")
    88  	s.AddDownload("google.com/2", "agent1")
    89  	s.AddDownload("google.com/3", "")
    90  	s.AddDownload("google.com/4", "agent2")
    91  	s.AddDownload("google.com/5", "")
    92  	s.AddExecute("cmd.exe")
    93  	s.AddExecute("explorer.exe")
    94  	s.Include = []string{"svchost.exe", "rundll32.exe"}
    95  	s.Elevated = filter.True
    96  	c, err := crypto.NewAes([]byte("0123456789ABCDEF"))
    97  	if err != nil {
    98  		t.Fatalf("TestLoadSaveSentinel(): Generating AWS cipher failed: %s!", err)
    99  	}
   100  	var b bytes.Buffer
   101  	if err = s.Write(c, &b); err != nil {
   102  		t.Fatalf("TestLoadSaveSentinel(): Writing Sentinel failed: %s!", err)
   103  	}
   104  	var n Sentinel
   105  	if err = n.Read(c, bytes.NewReader(b.Bytes())); err != nil {
   106  		t.Fatalf("TestLoadSaveSentinel(): Reading Sentinel failed: %s!", err)
   107  	}
   108  	if len(s.paths) != len(n.paths) {
   109  		t.Fatalf(`TestLoadSaveSentinel(): New Sentinel path count "%d" does not match the original count "%d"!`, len(n.paths), len(s.paths))
   110  	}
   111  	if s.Elevated != n.Elevated {
   112  		t.Fatalf(`TestLoadSaveSentinel(): New Sentinel 'filter.Elevated' "%d" does not match the original 'filter.Elevated' "%d"!`, n.Elevated, s.Elevated)
   113  	}
   114  	if len(s.Include) != len(n.Include) || s.Include[0] != n.Include[0] || s.Include[1] != n.Include[1] {
   115  		t.Fatalf(`TestLoadSaveSentinel(): New Sentinel 'filter.Include' "%s" does not match the original 'filter.Include' "%s"!`, n.Include, s.Include)
   116  	}
   117  }