Skip to content

C
common_analysis_oms
Commit f5ea6bcb by Peter Weidenbach
Options

file analysis test added; meta data in result dict cleaned up

parent 80fcccc7
Showing with 17 additions and 10 deletions
common_analysis_oms/oms.py
...@@ -6,22 +6,27 @@ import hashlib ...@@ -6,22 +6,27 @@ import hashlib
import json import json
from re import findall from re import findall
from subprocess import Popen, PIPE from subprocess import Popen, PIPE
from time import time
from os import listdir, path from os import listdir, path
from distutils import spawn from distutils import spawn
import logging import logging
system_version = get_version_string_from_git(get_directory_for_filename(__file__)) plugin_version = get_version_string_from_git(get_directory_for_filename(__file__))
system_version = "OMS 0.2.1"
class CommonAnalysisOMS(AnalysisPluginFile): class CommonAnalysisOMS(AnalysisPluginFile):
"""
The OMS plugin scans a file with several malware scanners.
:iconst av_list: List of installed malware scanners
"""
av_list = [] av_list = []
BASE_DIR = path.dirname(path.abspath(__file__)) BASE_DIR = path.dirname(path.abspath(__file__))
PLUGIN_DIR = path.join(BASE_DIR, "plugins") PLUGIN_DIR = path.join(BASE_DIR, "plugins")
def __init__(self): def __init__(self):
super(CommonAnalysisOMS, self).__init__(system_version) super(CommonAnalysisOMS, self).__init__(plugin_version, system_version=system_version)
self.load_plugins() self.load_plugins()
self.result_dict = {} self.result_dict = {}
...@@ -97,10 +102,9 @@ class CommonAnalysisOMS(AnalysisPluginFile): ...@@ -97,10 +102,9 @@ class CommonAnalysisOMS(AnalysisPluginFile):
def scan_file(self, file_to_analyze): def scan_file(self, file_to_analyze):
self.result_dict self.result_dict
self.result_dict["positives"] = 0 self.result_dict["positives"] = 0
self.result_dict["scan_date"] = time()
self.result_dict["md5"] = self.get_md5(file_to_analyze) self.result_dict["md5"] = self.get_md5(file_to_analyze)
self.result_dict["scanners"] = [av["name"] for av in self.av_list] self.result_dict["scanners"] = [av["name"] for av in self.av_list]
self.result_dict["number_of_scanners"] = len(self.result_dict["scanners"]) self.result_dict["number_of_scanners"] = len(self.result_dict["scanners"])
self.result_dict["scans"] = self.execute_scans(file_to_analyze) self.result_dict["scans"] = self.execute_scans(file_to_analyze)
logging.debug(json.dumps(self.result_dict, indent=2)) logging.debug(self.result_dict)
return self.result_dict return self.result_dict
tests/test_oms.py
'''
Created on Mar 24, 2016
@author: weidenba
'''
import unittest import unittest
from os import path from os import path
from time import time
from common_analysis_oms.oms import CommonAnalysisOMS from common_analysis_oms.oms import CommonAnalysisOMS
...@@ -40,6 +36,13 @@ class Test(unittest.TestCase): ...@@ -40,6 +36,13 @@ class Test(unittest.TestCase):
self.assertEqual(result["positives"], result['number_of_scanners']) self.assertEqual(result["positives"], result['number_of_scanners'])
self.assertTrue(False not in [result["scans"][av]["detected"] for av in result["scans"]]) self.assertTrue(False not in [result["scans"][av]["detected"] for av in result["scans"]])
def test_analyze_file(self):
result = self.oms.analyze_file(MALICIOUS_FILE_PATH)
self.assertGreater(result['positives'], 0, "should be at least 1")
self.assertIn('scans', result, "scans not in result")
self.assertIn('plugin_version', result, "plugin_version not in results")
self.assertAlmostEqual(result['analysis_date'], time(), msg="Time not correct. This test might fail, if you installed many AVs", delta=120)
if __name__ == "__main__": if __name__ == "__main__":
unittest.main() unittest.main()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment