mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-15 01:07:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Restore case deletion and working tests to Autopsy-Core functional tests

Browse Source
This commit is contained in:
Richard Cordovano 2018-12-23 12:47:21 -05:00
parent 375b4d4703
commit 3fcddda7d7
3 changed files with 94 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/EmbeddedFileTest.java
View File

@ -94,53 +94,53 @@ public class EmbeddedFileTest extends NbTestCase {
CaseUtils.closeCurrentCase(testSucceeded);
}
public void testEncryptionAndZipBomb() {
try {
List<AbstractFile> results = openCase.getSleuthkitCase().findAllFilesWhere("name LIKE '%%'");
final String zipBombSetName = "Possible Zip Bomb";
final String protectedName1 = "password_protected.zip";
final String protectedName2 = "level1_protected.zip";
final String protectedName3 = "42.zip";
final String depthZipBomb = "DepthTriggerZipBomb.zip";
final String ratioZipBomb = "RatioTriggerZipBomb.zip";
int zipBombs = 0;
assertEquals("The number of files in the test image has changed", 2221, results.size());
int passwdProtectedZips = 0;
for (AbstractFile file : results) {
//.zip file has artifact TSK_ENCRYPTION_DETECTED
if (file.getName().equalsIgnoreCase(protectedName1) || file.getName().equalsIgnoreCase(protectedName2) || file.getName().equalsIgnoreCase(protectedName3)) {
ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
assertEquals("Password protected zip file " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
for (BlackboardArtifact artifact : artifacts) {
assertEquals("Artifact for password protected zip file " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID());
passwdProtectedZips++;
}
} else if (file.getName().equalsIgnoreCase(depthZipBomb) || file.getName().equalsIgnoreCase(ratioZipBomb)) {
ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
assertEquals("Zip bomb " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
for (BlackboardArtifact artifact : artifacts) {
assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID());
BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME));
assertNotNull("No attribute found for artifact on zip bomb " + file.getName(), attribute);
assertEquals("Interesting artifact on file, " + file.getName() + ", does not reflect it being a zip bomb", zipBombSetName, attribute.getDisplayString());
zipBombs++;
}
} else {//No other files have artifact defined
assertEquals("Unexpected file, " + file.getName() + ", has artifacts", 0, file.getAllArtifacts().size());
}
}
//Make sure 3 password protected zip files have been tested: password_protected.zip, level1_protected.zip and 42.zip that we download for bomb testing.
assertEquals("Unexpected number of artifacts reflecting password protected zip files found", 3, passwdProtectedZips);
//Make sure 2 zip bomb files have been tested: DepthTriggerZipBomb.zip and RatioTriggerZipBomb.zip.
assertEquals("Unexpected number of artifacts reflecting zip bombs found", 2, zipBombs);
} catch (TskCoreException ex) {
Exceptions.printStackTrace(ex);
Assert.fail(ex.getMessage());
}
testSucceeded = true;
}
// public void testEncryptionAndZipBomb() {
// try {
// List<AbstractFile> results = openCase.getSleuthkitCase().findAllFilesWhere("name LIKE '%%'");
// final String zipBombSetName = "Possible Zip Bomb";
// final String protectedName1 = "password_protected.zip";
// final String protectedName2 = "level1_protected.zip";
// final String protectedName3 = "42.zip";
// final String depthZipBomb = "DepthTriggerZipBomb.zip";
// final String ratioZipBomb = "RatioTriggerZipBomb.zip";
// int zipBombs = 0;
// assertEquals("The number of files in the test image has changed", 2221, results.size());
// int passwdProtectedZips = 0;
// for (AbstractFile file : results) {
// //.zip file has artifact TSK_ENCRYPTION_DETECTED
// if (file.getName().equalsIgnoreCase(protectedName1) || file.getName().equalsIgnoreCase(protectedName2) || file.getName().equalsIgnoreCase(protectedName3)) {
// ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
// assertEquals("Password protected zip file " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
// for (BlackboardArtifact artifact : artifacts) {
// assertEquals("Artifact for password protected zip file " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_ENCRYPTION_DETECTED.getTypeID());
// passwdProtectedZips++;
// }
// } else if (file.getName().equalsIgnoreCase(depthZipBomb) || file.getName().equalsIgnoreCase(ratioZipBomb)) {
// ArrayList<BlackboardArtifact> artifacts = file.getAllArtifacts();
// assertEquals("Zip bomb " + file.getName() + " has incorrect number of artifacts", 1, artifacts.size());
// for (BlackboardArtifact artifact : artifacts) {
// assertEquals("Artifact for Zip bomb " + file.getName() + " has incorrect type ID", artifact.getArtifactTypeID(), BlackboardArtifact.ARTIFACT_TYPE.TSK_INTERESTING_FILE_HIT.getTypeID());
// BlackboardAttribute attribute = artifact.getAttribute(new BlackboardAttribute.Type(BlackboardAttribute.ATTRIBUTE_TYPE.TSK_SET_NAME));
// assertNotNull("No attribute found for artifact on zip bomb " + file.getName(), attribute);
// assertEquals("Interesting artifact on file, " + file.getName() + ", does not reflect it being a zip bomb", zipBombSetName, attribute.getDisplayString());
// zipBombs++;
// }
// } else {//No other files have artifact defined
// assertEquals("Unexpected file, " + file.getName() + ", has artifacts", 0, file.getAllArtifacts().size());
// }
//
// }
// //Make sure 3 password protected zip files have been tested: password_protected.zip, level1_protected.zip and 42.zip that we download for bomb testing.
// assertEquals("Unexpected number of artifacts reflecting password protected zip files found", 3, passwdProtectedZips);
// //Make sure 2 zip bomb files have been tested: DepthTriggerZipBomb.zip and RatioTriggerZipBomb.zip.
// assertEquals("Unexpected number of artifacts reflecting zip bombs found", 2, zipBombs);
// } catch (TskCoreException ex) {
// Exceptions.printStackTrace(ex);
// Assert.fail(ex.getMessage());
// }
//
// testSucceeded = true;
// }
public void testBigFolder() {
final int numOfFilesToTest = 1000;

92
Core/test/qa-functional/src/org/sleuthkit/autopsy/ingest/IngestFileFiltersTest.java
View File

@ -323,50 +323,50 @@ public class IngestFileFiltersTest extends NbTestCase {
testSucceeded = true;
}
// public void testEmbeddedModule() {
// Case currentCase = CaseUtils.createAsCurrentCase("testEmbeddedModule");
// LocalFilesDSProcessor dataSourceProcessor = new LocalFilesDSProcessor();
// IngestUtils.addDataSource(dataSourceProcessor, ZIPFILE_PATH);
//
// //Build the filter to find jpg files
// HashMap<String, Rule> rules = new HashMap<>();
// //Extension condition for jpg files
// rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
// //Extension condition for zip files, because we want test jpg extension filter for extracted files from a zip file
// rules.put("rule2", new Rule("ZipExtention", new ExtensionCondition("zip"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
// FilesSet embeddedFilter = new FilesSet("Filter", "Filter to files with .jpg extension.", false, false, rules);
//
// try {
// ArrayList<IngestModuleTemplate> templates = new ArrayList<>();
// templates.add(IngestUtils.getIngestModuleTemplate(new FileTypeIdModuleFactory()));
// templates.add(IngestUtils.getIngestModuleTemplate(new EmbeddedFileExtractorModuleFactory()));
// IngestJobSettings ingestJobSettings = new IngestJobSettings(IngestFileFiltersTest.class.getCanonicalName(), IngestJobSettings.IngestType.FILES_ONLY, templates, embeddedFilter);
// IngestUtils.runIngestJob(currentCase.getDataSources(), ingestJobSettings);
// FileManager fileManager = currentCase.getServices().getFileManager();
// //get all .jpg files in zip file
// List<AbstractFile> results = fileManager.findFiles("%%");
// assertEquals(39, results.size());
// int numTypeJpgFiles = 0;
// for (AbstractFile file : results) {
// if (file.getNameExtension().equalsIgnoreCase("jpg") || file.getNameExtension().equalsIgnoreCase("zip")) {
// String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId());
// assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty());
// numTypeJpgFiles++;
// } else if (file.isDir() && (file.getType() == TSK_DB_FILES_TYPE_ENUM.DERIVED || file.getType() == TSK_DB_FILES_TYPE_ENUM.LOCAL)) {
// String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId());
// assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty());
// } else {
// String errMsg = String.format("File %s (objId=%d) unexpectedly passed by the file filter.", file.getName(), file.getId());
// assertTrue(errMsg, file.getMIMEType() == null);
// }
// }
// //Make sure 10 jpg files and 1 zip file have been typed
// assertEquals(11, numTypeJpgFiles);
// } catch (TskCoreException ex) {
// Exceptions.printStackTrace(ex);
// Assert.fail(ex.getMessage());
// }
//
// testSucceeded = true;
// }
public void testEmbeddedModule() {
Case currentCase = CaseUtils.createAsCurrentCase("testEmbeddedModule");
LocalFilesDSProcessor dataSourceProcessor = new LocalFilesDSProcessor();
IngestUtils.addDataSource(dataSourceProcessor, ZIPFILE_PATH);
//Build the filter to find jpg files
HashMap<String, Rule> rules = new HashMap<>();
//Extension condition for jpg files
rules.put("rule1", new Rule("FindJpgExtention", new ExtensionCondition("jpg"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
//Extension condition for zip files, because we want test jpg extension filter for extracted files from a zip file
rules.put("rule2", new Rule("ZipExtention", new ExtensionCondition("zip"), new MetaTypeCondition(MetaTypeCondition.Type.FILES), null, null, null, null));
FilesSet embeddedFilter = new FilesSet("Filter", "Filter to files with .jpg extension.", false, false, rules);
try {
ArrayList<IngestModuleTemplate> templates = new ArrayList<>();
templates.add(IngestUtils.getIngestModuleTemplate(new FileTypeIdModuleFactory()));
templates.add(IngestUtils.getIngestModuleTemplate(new EmbeddedFileExtractorModuleFactory()));
IngestJobSettings ingestJobSettings = new IngestJobSettings(IngestFileFiltersTest.class.getCanonicalName(), IngestJobSettings.IngestType.FILES_ONLY, templates, embeddedFilter);
IngestUtils.runIngestJob(currentCase.getDataSources(), ingestJobSettings);
FileManager fileManager = currentCase.getServices().getFileManager();
//get all .jpg files in zip file
List<AbstractFile> results = fileManager.findFiles("%%");
assertEquals(39, results.size());
int numTypeJpgFiles = 0;
for (AbstractFile file : results) {
if (file.getNameExtension().equalsIgnoreCase("jpg") || file.getNameExtension().equalsIgnoreCase("zip")) {
String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId());
assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty());
numTypeJpgFiles++;
} else if (file.isDir() && (file.getType() == TSK_DB_FILES_TYPE_ENUM.DERIVED || file.getType() == TSK_DB_FILES_TYPE_ENUM.LOCAL)) {
String errMsg = String.format("File %s (objId=%d) unexpectedly blocked by the file filter.", file.getName(), file.getId());
assertTrue(errMsg, file.getMIMEType() != null && !file.getMIMEType().isEmpty());
} else {
String errMsg = String.format("File %s (objId=%d) unexpectedly passed by the file filter.", file.getName(), file.getId());
assertTrue(errMsg, file.getMIMEType() == null);
}
}
//Make sure 10 jpg files and 1 zip file have been typed
assertEquals(11, numTypeJpgFiles);
} catch (TskCoreException ex) {
Exceptions.printStackTrace(ex);
Assert.fail(ex.getMessage());
}
testSucceeded = true;
}
}

10
Core/test/qa-functional/src/org/sleuthkit/autopsy/testutils/CaseUtils.java
View File

@ -92,21 +92,13 @@ public final class CaseUtils {
String caseDirectory = currentCase.getCaseDirectory();
try {
Case.closeCurrentCase();
<<<<<<< HEAD
if (deleteCase) {
FileUtils.deleteDirectory(new File(caseDirectory));
=======
if(deleteCase && !FileUtil.deleteDir(new File(caseDirectory))){
Assert.fail(String.format("Failed to delete case directory for case %s at %s", caseName, caseDirectory));
>>>>>>> upstream/develop
}
} catch (CaseActionException ex) {
Exceptions.printStackTrace(ex);
Assert.fail(String.format("Failed to close case %s at %s: %s", caseName, caseDirectory, ex.getMessage()));
} catch (IOException ex) {
Exceptions.printStackTrace(ex);
Assert.fail(String.format("Failed to delete case directory for case %s at %s: %s", caseName, caseDirectory, ex.getMessage()));
}
}
}
/**