mirror of
https://github.com/mariocandela/beelzebub.git
synced 2025-07-01 18:47:26 -04:00
0794736bc5
* refactor tracer, introduce worker to avoid un-blocker trace strategy * fixed unit test and refactor dockerFile * buffered events chan * refactor yaml API core, initial web hook tracing implementations * added banner * changed license from GPL 3 to MIT * Edit readme
164 lines
4.3 KiB
Go
164 lines
4.3 KiB
Go
package integration
|
|
|
|
import (
|
|
"beelzebub/builder"
|
|
"beelzebub/parser"
|
|
"beelzebub/tracer"
|
|
"encoding/json"
|
|
"net"
|
|
"net/http"
|
|
"os"
|
|
"testing"
|
|
|
|
"github.com/go-resty/resty/v2"
|
|
"github.com/melbahja/goph"
|
|
amqp "github.com/rabbitmq/amqp091-go"
|
|
"github.com/stretchr/testify/suite"
|
|
"golang.org/x/crypto/ssh"
|
|
)
|
|
|
|
type IntegrationTestSuite struct {
|
|
suite.Suite
|
|
beelzebubBuilder *builder.Builder
|
|
prometheusHost string
|
|
httpHoneypotHost string
|
|
tcpHoneypotHost string
|
|
sshHoneypotHost string
|
|
rabbitMQURI string
|
|
}
|
|
|
|
func TestIntegrationTestSuite(t *testing.T) {
|
|
suite.Run(t, new(IntegrationTestSuite))
|
|
}
|
|
|
|
func (suite *IntegrationTestSuite) SetupSuite() {
|
|
suite.T().Helper()
|
|
if os.Getenv("INTEGRATION") == "" {
|
|
suite.T().Skip("skipping integration tests, set environment variable INTEGRATION")
|
|
}
|
|
suite.httpHoneypotHost = "http://localhost:8080"
|
|
suite.tcpHoneypotHost = "localhost:3306"
|
|
suite.sshHoneypotHost = "localhost"
|
|
suite.prometheusHost = "http://localhost:2112/metrics"
|
|
|
|
beelzebubConfigPath := "./configurations/beelzebub.yaml"
|
|
servicesConfigDirectory := "./configurations/services/"
|
|
|
|
parser := parser.Init(beelzebubConfigPath, servicesConfigDirectory)
|
|
|
|
coreConfigurations, err := parser.ReadConfigurationsCore()
|
|
suite.Require().NoError(err)
|
|
suite.rabbitMQURI = coreConfigurations.Core.Tracings.RabbitMQ.URI
|
|
|
|
beelzebubServicesConfiguration, err := parser.ReadConfigurationsServices()
|
|
suite.Require().NoError(err)
|
|
|
|
suite.beelzebubBuilder = builder.NewBuilder()
|
|
|
|
director := builder.NewDirector(suite.beelzebubBuilder)
|
|
|
|
suite.beelzebubBuilder, err = director.BuildBeelzebub(coreConfigurations, beelzebubServicesConfiguration)
|
|
suite.Require().NoError(err)
|
|
|
|
suite.Require().NoError(suite.beelzebubBuilder.Run())
|
|
}
|
|
|
|
func (suite *IntegrationTestSuite) TestInvokeHTTPHoneypot() {
|
|
response, err := resty.New().R().
|
|
Get(suite.httpHoneypotHost + "/index.php")
|
|
|
|
suite.Require().NoError(err)
|
|
suite.Equal(http.StatusOK, response.StatusCode())
|
|
suite.Equal("mocked response", string(response.Body()))
|
|
|
|
response, err = resty.New().R().
|
|
Get(suite.httpHoneypotHost + "/wp-admin")
|
|
|
|
suite.Require().NoError(err)
|
|
suite.Equal(http.StatusBadRequest, response.StatusCode())
|
|
suite.Equal("mocked response", string(response.Body()))
|
|
}
|
|
|
|
func (suite *IntegrationTestSuite) TestInvokeTCPHoneypot() {
|
|
tcpAddr, err := net.ResolveTCPAddr("tcp", suite.tcpHoneypotHost)
|
|
suite.Require().NoError(err)
|
|
|
|
conn, err := net.DialTCP("tcp", nil, tcpAddr)
|
|
suite.Require().NoError(err)
|
|
defer conn.Close()
|
|
|
|
_, err = conn.Write([]byte("hello!"))
|
|
suite.Require().NoError(err)
|
|
|
|
reply := make([]byte, 1024)
|
|
|
|
n, err := conn.Read(reply)
|
|
suite.Require().NoError(err)
|
|
|
|
suite.Equal("8.0.29\n", string(reply[:n]))
|
|
}
|
|
|
|
func (suite *IntegrationTestSuite) TestInvokeSSHHoneypot() {
|
|
client, err := goph.NewConn(
|
|
&goph.Config{
|
|
User: "root",
|
|
Addr: suite.sshHoneypotHost,
|
|
Port: 2222,
|
|
Auth: goph.Password("root"),
|
|
Callback: ssh.InsecureIgnoreHostKey(),
|
|
})
|
|
suite.Require().NoError(err)
|
|
defer client.Close()
|
|
|
|
out, err := client.Run("")
|
|
suite.Require().NoError(err)
|
|
|
|
suite.Equal("root@ubuntu:~$ ", string(out))
|
|
}
|
|
|
|
func (suite *IntegrationTestSuite) TestRabbitMQ() {
|
|
conn, err := amqp.Dial(suite.rabbitMQURI)
|
|
suite.Require().NoError(err)
|
|
defer conn.Close()
|
|
|
|
ch, err := conn.Channel()
|
|
suite.Require().NoError(err)
|
|
defer ch.Close()
|
|
|
|
msgs, err := ch.Consume("event", "", true, false, false, false, nil)
|
|
suite.Require().NoError(err)
|
|
|
|
//Invoke HTTP Honeypot
|
|
response, err := resty.New().R().Get(suite.httpHoneypotHost + "/index.php")
|
|
|
|
suite.Require().NoError(err)
|
|
suite.Equal(http.StatusOK, response.StatusCode())
|
|
|
|
for msg := range msgs {
|
|
var event tracer.Event
|
|
err := json.Unmarshal(msg.Body, &event)
|
|
suite.Require().NoError(err)
|
|
|
|
suite.Equal("GET", event.HTTPMethod)
|
|
suite.Equal("/index.php", event.RequestURI)
|
|
break
|
|
}
|
|
|
|
}
|
|
func (suite *IntegrationTestSuite) TestPrometheus() {
|
|
//Invoke HTTP Honeypot
|
|
response, err := resty.New().R().Get(suite.httpHoneypotHost + "/index.php")
|
|
|
|
suite.Require().NoError(err)
|
|
suite.Equal(http.StatusOK, response.StatusCode())
|
|
|
|
response, err = resty.New().R().Get(suite.prometheusHost)
|
|
|
|
suite.Require().NoError(err)
|
|
suite.Equal(http.StatusOK, response.StatusCode())
|
|
}
|
|
|
|
func (suite *IntegrationTestSuite) TestShutdownBeelzebub() {
|
|
suite.Require().NoError(suite.beelzebubBuilder.Close())
|
|
}
|