[socal-piggies] Mocking sockets
Jathan McCollum
jathan at gmail.com
Tue Jul 31 16:17:51 PDT 2012
Ok, a little background...
On the heels of BlackHat and DefCon I discovered a new tool called FakeNet (
http://practicalmalwareanalysis.com/fakenet/) that is intended to run on
Windows XP. It allows you to hijack all socket connections received by the
system, and has an embedded Python 2.7.3 interpreter. I want to try using
this for a single-system dummy test network.
The catch is, because of the custom socket I/O, the _socket.so module was
intentionally excluded. In order to do socket calls you must import
FakeNet. Here is a simple example:
def FN_NewConnection(context):
"""Simple echo server that prints Python version upon connection"""
import sys
FakeNet.sendData(context, sys.version)
while True:
bytes = FakeNet.recvData(context, 4096)
if bytes == "":
break
else:
FakeNet.sendData(context, bytes)
It's a greatly simplified interface. It handles the buildup/teardown of the
session, and all you have to do is worry about send/recv.
The device allows for custom modules. I am trying to mock an SSH server and
actually negotiate with the client. I want to use this for... You guessed
it... testing interaction with SSH endpoints without actually having to
connect to anything.
For this I want to use Paramiko, but the problem is that Paramiko imports
the socket module all over the place, so I wanted to see if I could force
it (somehow) to use FakeNet's send/recv calls, and just mock the rest.
Steve, thanks for the reminder of dependency inversion. :)
On Mon, Jul 30, 2012 at 6:18 PM, Andrew Kou <andrew.kou at gmail.com> wrote:
> Jathan,
>
> What requirements do you have of the mocked object?
>
> - Andrew
>
>
>
> On Mon, Jul 30, 2012 at 4:38 PM, Jathan McCollum <jathan at gmail.com> wrote:
>
>> I have a need to mock the socket module, but without actually importing
>> it first. I know some pretty sophisticated mocking can be done with Mox,
>> but it requires that you import the real module into the namespace first.
>>
>> I am doing some work on an embedded system that doesn't have _socket.so,
>> which means I can't actually import the socket module, but I need to do
>> some mocking of connections.
>>
>> Anyone have any pointers? Thanks in advance!
>>
>> --
>> Jathan.
>> --
>>
>> _______________________________________________
>> socal-piggies mailing list
>> socal-piggies at lists.idyll.org
>> http://lists.idyll.org/listinfo/socal-piggies
>>
>>
>
> _______________________________________________
> socal-piggies mailing list
> socal-piggies at lists.idyll.org
> http://lists.idyll.org/listinfo/socal-piggies
>
>
--
Jathan.
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.idyll.org/pipermail/socal-piggies/attachments/20120731/55e217da/attachment.htm>
More information about the socal-piggies
mailing list