AVMaster/conf/procedures/tests.yaml
# ---------------- TEST --------------- #
TEST_VM:
#- VM: [360cn,adaware,ahnlab,avg,avast,avira,bitdef,comodo,drweb,emsisoft]
#- VM: [360cn,adaware,ahnlab,avast,avast32,avg,avg32,avira,bitdef,comodo,drweb,eset,fsecure,gdata,kis,kis14,kis32,mbytes,mcafee,msessential,norman,norton,panda,risint,trendm,zoneal]
# removed VM: [pctools,sophos,emsisoft]
- VM: [fsecure]
- EXECUTE_VM:
- c:\\python27\\scripts\\easy_install.exe
- [Pillow]
- PUSH: [ AVAgent/assets/exec_admin.lnk, AVAgent/assets/execution.bat ]
- EXECUTE_VM:
- c:\\Avtest\\AVAgent\\assets\\exec_admin.lnk
- []
TEST_REFRESH:
- REFRESH_SNAPSHOT
TEST_STOP:
- STOP_VM
TEST_EVIDENCE:
- VM: ['funvm']
#- CALL: INIT_DISPATCH
- CALL: VM_PUSH_AGENT
- START_AGENT: 172.20.20.168
#- CALL: SET_SERVERS
- CHECK_EVIDENCES: [device]
- CHECK_EVIDENCES: [chat,program,facebook]
- STOP_AGENT
- CALL: VM_GET_LOG
TEST_CLEAN:
- VM: ['noav','kis']
#- CALL: INIT_DISPATCH
- START_AGENT
#- CALL: SET_SERVERS
- CLEAN_EVIDENCES
- STOP_AGENT
#- CALL: END_DISPATCH
TEST_LOG:
- VM: ['noav']
#- STOP_VM
- START_VM
#- RELOG
- CALL: VM_GET_LOG
TEST_CROP:
- VM: [ noav ]
#- CALL: INIT_DISPATCH
- CALL: VM_PUSH_AGENT
- START_AGENT
#- CALL: SET_DEFAULTS
- CROP: True
- PUSH: [ AVAgent/assets/facebook.bat ]
- EXECUTE_VM:
- C:/AVTest/AVAgent/assets/facebook.bat
- []
- 10
- True
- True
- SLEEP: 10
- CROP: False
- STOP_AGENT
TEST_INFECTION:
- VM: [noav]
- ON_ERROR: STOP
#- CALL: INIT_DISPATCH
#- CALL: VM_PUSH_AGENT
- START_AGENT
#- CALL: SET_DEFAULTS
- BUILD: [ scout, windows, silent ]
- ON_ERROR: CONTINUE
- CHECK_INFECTION: STOP_IF_CLEAN
- UNINSTALL
- CHECK_INFECTION
TEST_UNINSTALL:
- VM: [noav]
- UNINSTALL
- CHECK_INFECTION
TEST_INSTALL:
- VM: [noav]
- ON_ERROR: STOP
- CALL: VM_PUSH_AGENT
- INSTALL_AGENT
- RELOG
TEST_ELITE_FAST:
- VM: [noav]
#- CALL: INIT_DISPATCH
- CALL: VM_PUSH_AGENT
- INSTALL_AGENT
- START_AGENT
#- RELOG
- CALL: SET_MAIL
- BUILD: [ scout, windows, silent ]
- SLEEP: 30
- RELOG
- ON_ERROR: CONTINUE
- CROP: True
- BUILD: [ elite_fast, windows, silent ]
- CROP: False
- ON_ERROR: SKIP
- UNINSTALL
- CALL: VM_GET_LOG
- CALL: END_DISPATCH
TEST_ELITE:
- VM: [noav]
#- INTERNET: False
#- REVERT
#- START_VM
- CALL: VM_PUSH_AGENT
- INSTALL_AGENT
#- START_AGENT
- RELOG
- CLEAN_EVIDENCES
- BUILD: [ scout, windows, silent ]
- SLEEP: 60
- RELOG
#- CROP: True
- BUILD: [ elite_fast, windows, silent ]
#- CROP: False
- CHECK_INFECTION
#- UNINSTALL
#- RELOG
#- UNINSTALL
- CALL: VM_GET_LOG
TEST_RELOG:
- VM: [noav]
- RELOG
TEST_UPDATE:
- VM: [trendm,gdata,drweb]
- ON_ERROR: STOP
- REVERT
- START_VM
- CHECK_INFECTION # questo non e' necessario, ma e' meglio assicurarsene
- CALL: VM_PUSH_AGENT
- INSTALL_AGENT
- EXECUTE_VM: /AVTest/assets/update_system.bat # scarica gli aggiornamenti windows
- STOP_VM: 300
- WAIT_SHUTDOWN
- START_VM
#- CALL: SET_DEFAULTS
- UNINSTALL
- SLEEP: 6 # attesa per gli update degli av
- SCREENSHOT
- STOP_VM: 300 # cerca di spegnere con shutdown, se non ci riesce, spegne secco
- WAIT_SHUTDOWN
- START_VM: AV_AGENT
- STOP_VM
- WAIT_SHUTDOWN
- REFRESH_SNAPSHOT
TEST_SLEEP:
- VM_ALL
- SLEEP: [10,100]
TEST_MELT:
- VM: [funvm]
#- CALL: SET_DEFAULTS
#- CLEAN_EVIDENCES
- BUILD: [ scout, windows, melt ]
- UNINSTALL
- RELOG
TEST_STATIC:
- CALL: BUILD_DESKTOP
- CALL: BUILD_MOBILE
- CALL: BUILD_EXPLOIT
TEST_SOLDIER:
- BUILD: [ scout, windows, silent ]
- SLEEP: 30
- RELOG
- BUILD: [ soldier_fast, windows, silent ]
- SLEEP: 60
#- UNINSTALL
- RELOG
# ----------------------
TST_ERROR:
- STOP_VM
- STOP_VM
TST_GOOD:
- SLEEP: 1
TST_GOOD_2:
- SLEEP: 2
TST_GOOD_3:
- SLEEP: 3
TEST_REPORT:
- VM_ALL: IMPORTANT
- SET_SERVER:
mail_recipients: [zeno@hackingteam.it, seppia@hackingteam.it]
- REPORT:
- TST_GOOD: ['AV Invisibility Static', 'Static check on builds']
- TST_ERROR: ['AV Invisibility', 'Elite']
- TST_GOOD_2: ['AV Invisibility', 'Melt']
- TST_GOOD_3: ['AVM Update', 'Update AV', INVERT]
TEST_EXPLOIT:
- VM: [avast]
- START_VM
- CALL: VM_PUSH_AGENT
- INSTALL_AGENT
- RELOG
#- CALL: SET_DEFAULTS
#- CLEAN_EVIDENCES
- SET_SERVER:
mail_recipients: [zeno@hackingteam.it]
- REPORT:
- VM_EXPLOIT
TEST_WINPHONE:
- VM: [noav]
#- START_VM
#- CALL: VM_PUSH_AGENT
#- INSTALL_AGENT
#- RELOG
#- CALL: SET_DEFAULTS
- BUILD: [ pull, winphone, silent ]
UPDATE_MANUAL_PART:
- SLEEP: [10, 60]
- CALL: VM_PUSH_AGENT
- PUSH: [assets/update_system_manual.bat]
- INSTALL_AGENT
- EXECUTE_VM: /AVTest/assets/update_system_manual.bat # scarica gli aggiornamenti windows
- WAIT_SHUTDOWN
- START_VM: AV_AGENT
- STOP_VM: 300
- WAIT_SHUTDOWN
- REFRESH_SNAPSHOT
TEST_SAMPLE:
- ON_ERROR: CONTINUE
- PUSH: [ AVAgent/assets/vira/clean.exe ]
- PUSH: [ AVAgent/assets/vira/TOTEST_signed.exe ]
- PUSH: [ AVAgent/assets/vira/TOTEST_unsigned.exe ]
- CHECK_STATIC: [ assets/vira/clean.exe ]
- CHECK_STATIC: [ assets/vira/TOTEST_signed.exe ]
- CHECK_STATIC: [ assets/vira/TOTEST_unsigned.exe ]
- ON_ERROR: SKIP
TEST_PDF:
- ON_ERROR: CONTINUE
- PUSH: [ AVAgent/assets/vira/clean.exe ]
- PUSH: [ AVAgent/assets/vira/TOTEST_pdf.exe ]
- CHECK_STATIC: [ assets/vira/TOTEST_pdf.exe ]
- CHECK_STATIC: [ assets/vira/clean.exe ]
- ON_ERROR: SKIP
TEST_STATIC_WINDOWS:
- BUILD: [ pull, windows, silent ]
TEST_AVG:
- VM: [avg]
#- ON_ERROR: SKIP
#- CALL: VM_PUSH_AGENT
#- INSTALL_AGENT
#- RELOG
- SET:
nointernetcheck: [avg, win7avg]
- BUILD: [ scout, windows, silent ]
TEST_INSA:
#- VM: [avast,drweb,gdata,kis,panda,trendm,emsisoft,norman]
- VM_ALL
- ON_ERROR: SKIP
- SLEEP: [1, 600]
- CALL: INIT_DISPATCH
#- CALL: VM_CLEAN_EVIDENCES
#- CALL: SET_MAIL
- REPORT:
- TEST_PDF
#- TEST_STATIC_WINDOWS
- UNINSTALL
#- CALL: END_DISPATCH
TEST_UPD:
- VM_ALL
- INTERNET: False
- ON_ERROR: STOP
- SLEEP: [10,60]
- REVERT
- START_VM
- STOP_AGENT
- CALL: VM_PUSH_AGENT
- INSTALL_AGENT
- START_AGENT
- CALL: VM_CLEAN_EVIDENCES
#- UNINSTALL
#- RELOG
- REPORT:
- TEST_STATIC
#- TEST_ELITE_FAST
#- TEST_MELT
- SLEEP: 120
- CALL: VM_GET_LOG
#- CALL: END_DISPATCH
TEST_PUSH_VIRUS:
- CALL: UPDATE_AGENT_FAST
- SLEEP: 10
- CROP: True
- PUSH: [ AVAgent/assets/vira/conficker.dll, AVAgent/assets/vira/eicar.com ]
- SLEEP: 90
- CHECK_STATIC: [ AVAgent/assets/vira/conficker.dll, AVAgent/assets/vira/eicar.com ]
- SLEEP: 30
- CROP: False, False
TEST_RELOG:
- REVERT
- START_VM
- RELOG
- RELOG
- RELOG
- RELOG
- RELOG
- RELOG
- RELOG
- RELOG
- RELOG
- RELOG
- STOP_VM
TEST_THEME:
- EXECUTE_VM: [ /avtest/assets/update_theme.bat, [], 40, True, True ]
TEST_STARTUP:
#- CALL: UPDATE_AGENT_FAST
- LIST_DIR: STARTUP
- PUSH: [assets/update_reg.bat]
- EXECUTE_VM: c:/avtest/assets/update_reg.bat
VM_SOLDIER_ACHILLE_NOCROP:
- BUILD: [ scout, windows, silent ]
- SLEEP: [60, 90]
- LIST_DIR: STARTUP_EXE
- RELOG
- ON_ERROR: CONTINUE
#- CROP: True
- BUILD: [ soldier_fast, windows, silent ]
- LIST_DIR: STARTUP_EXE
- SLEEP: 600
- SCREENSHOT
#- CROP: False
- ON_ERROR: SKIP
TEST_ACHILLE_SOLDIER:
- CALL: INIT_DISPATCH
- CALL: VM_SOLDIER_ACHILLE_NOCROP
TEST_ACHILLE_AVG:
- VM: [ avg, avg32 ]
#- REVERT
#- CALL: UPDATE_AGENT_FAST
- CALL: INIT_DISPATCH
- LIST_DIR: STARTUP_EXE
- SET:
backend: 172.20.20.119
frontend: 172.20.20.119
- SET_SERVER:
mail_recipients: [zeno@hackingteam.com, seppia@hackingteam.com, m.losito@hackingteam.com]
- REPORT:
- TEST_ACHILLE_SOLDIER
- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
#- TEST_ACHILLE_SOLDIER
- CALL: END_DISPATCH
PUSH_AGENT_EXE:
- PUSH: [ /tmp/agent_fcccaea6b99b.exe ]
TEST_ENABLE_1:
- ENABLE: YES
- SLEEP: 10
TEST_ENABLE_2:
- ENABLE: NO
- SCREENSHOT
TEST_ENABLE:
- ENABLE: [ monday, tuesday, thursday ]
- CALL: TEST_ENABLE_1
- CALL: TEST_ENABLE_2
- SLEEP: 20