From c6e206b7f8267c8438f7168ee47ddfb6a41a742f Mon Sep 17 00:00:00 2001 From: Ville Aikas Date: Wed, 3 Apr 2024 16:41:59 +0300 Subject: [PATCH] Fix the top level tests, fix a typo in the name. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit I think the test was wrong, because I see the combo/backdoor/py_setuptools when I run this: ``` ➜ bincapz git:(fix-tests) ✗ go run . third_party/yara-rules-full.yar testdata/Python/valyrian_debug_setup.py | grep combo/backdoor 3/HIGH combo/backdoor/py_setuptools python library installer that executes external commands: "os.system( setup( setuptools" ``` And the other one seems like it does indeed just print `.` instead of the full path: ``` ➜ bincapz git:(fix-tests) ✗ go run . -diff testdata/macOS/libffmpeg.dirty.dylib testdata/macOS/libffmpeg.dylib Changed: . Previous Risk: 🚨 4/CRITICAL New Risk: ✅ 2/MEDIUM ``` Signed-off-by: Ville Aikas --- bincapz_test.go | 2 +- .../{valryian_debug_setup.py => valyrian_debug_setup.py} | 2 +- ...an_debug_setup.py.simple => valyrian_debug_setup.py.simple} | 3 ++- testdata/macOS/libffmpeg.dirty.mdiff | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) rename testdata/Python/{valryian_debug_setup.py => valyrian_debug_setup.py} (96%) rename testdata/Python/{valryian_debug_setup.py.simple => valyrian_debug_setup.py.simple} (75%) diff --git a/bincapz_test.go b/bincapz_test.go index 8cf10b82c..2f0911c3e 100644 --- a/bincapz_test.go +++ b/bincapz_test.go @@ -85,7 +85,7 @@ func TestSimple(t *testing.T) { fs.WalkDir(fileSystem, ".", func(path string, d fs.DirEntry, err error) error { if err != nil { - log.Fatal(err) + t.Fatal(err) } if !strings.HasSuffix(path, ".simple") { return nil diff --git a/testdata/Python/valryian_debug_setup.py b/testdata/Python/valyrian_debug_setup.py similarity index 96% rename from testdata/Python/valryian_debug_setup.py rename to testdata/Python/valyrian_debug_setup.py index 6597f7e8d..d8c7b46ad 100644 --- a/testdata/Python/valryian_debug_setup.py +++ b/testdata/Python/valyrian_debug_setup.py @@ -1,4 +1,4 @@ -# based on valryian_debug-0.0.1 from the backstabbers knife collection +# based on valyrian_debug-0.0.1 from the backstabbers knife collection import json import os import sys diff --git a/testdata/Python/valryian_debug_setup.py.simple b/testdata/Python/valyrian_debug_setup.py.simple similarity index 75% rename from testdata/Python/valryian_debug_setup.py.simple rename to testdata/Python/valyrian_debug_setup.py.simple index 3b81a6af3..1fa947bab 100644 --- a/testdata/Python/valryian_debug_setup.py.simple +++ b/testdata/Python/valyrian_debug_setup.py.simple @@ -1,4 +1,5 @@ -# testdata/Python/valryian_debug_setup.py +# testdata/Python/valyrian_debug_setup.py +combo/backdoor/py_setuptools combo/recon/system_network exec/pipe exec/program diff --git a/testdata/macOS/libffmpeg.dirty.mdiff b/testdata/macOS/libffmpeg.dirty.mdiff index 5e5675584..bd184261c 100644 --- a/testdata/macOS/libffmpeg.dirty.mdiff +++ b/testdata/macOS/libffmpeg.dirty.mdiff @@ -1,4 +1,4 @@ -## Changed: testdata/macOS/libffmpeg.dirty.dylib +## Changed: . Previous Risk: ✅ 2/MEDIUM New Risk: 🚨 4/CRITICAL