-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsmoke_test.sh
More file actions
executable file
·74 lines (57 loc) · 2.39 KB
/
smoke_test.sh
File metadata and controls
executable file
·74 lines (57 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/bin/bash
set -e
# Create a clean test directory
TEST_DIR="smoke_test_output"
rm -rf "$TEST_DIR"
mkdir -p "$TEST_DIR"
echo "=== 1. Version Check ==="
fext --version
echo "=== 2. Config List ==="
fext config show
echo "=== 3. Download Extension (Chrome) ==="
# Using Postman Interceptor ID: aicmkgpgakddgnaphhhpliifpcfhicfo
# We use --save-metadata to test that too
fext download chrome aicmkgpgakddgnaphhhpliifpcfhicfo -o "$TEST_DIR" --save-metadata
FILE="$TEST_DIR/aicmkgpgakddgnaphhhpliifpcfhicfo.crx"
if [ ! -f "$FILE" ]; then
echo "Error: Download failed, file not found: $FILE"
exit 1
fi
echo "=== 4. Inspect Extension ==="
fext inspect "$FILE"
echo "=== 5. Preview Extension ==="
fext preview "$FILE"
echo "=== 6. Extract Extension ==="
fext extract "$FILE" -o "$TEST_DIR/extracted"
echo "=== 7. Report Generation ==="
fext report "$FILE"
echo "=== 8. Analysis: Complexity ==="
# Analyze the extracted directory or the CRX? The command usually takes a file or directory.
# Let's try the extracted directory for complexity as it needs to read JS files.
# Wait, the help says `fext analyze --complexity <file>`. It probably handles CRX by mounting/reading it or expects a JS file?
# Let's check the help or code.
# core.py: analyze_complexity(file_path)
# It seems it can handle the archive.
fext analyze --complexity "$FILE"
echo "=== 9. Analysis: Entropy ==="
fext analyze --entropy "$FILE"
echo "=== 10. Analysis: Domains ==="
fext analyze --domains "$FILE"
echo "=== 11. Dependency Scan ==="
fext scan "$FILE"
echo "=== 12. Verify Hash (Integrity) ==="
# We need the hash first. Let's calculate it.
HASH=$(sha256sum "$FILE" | awk '{print $1}')
echo "Calculated Hash: $HASH"
# Now verify it (re-downloading effectively, or just verifying existing? The command is `download --verify-hash`)
# But we can't verify an existing file with `download` command easily without downloading again.
# Is there a `verify` command?
# Yes, `fext verify <file>` but that's for CRX signature.
# The integrity check is part of download.
# Let's try downloading again with the hash.
fext download chrome aicmkgpgakddgnaphhhpliifpcfhicfo -o "$TEST_DIR" --verify-hash "$HASH"
echo "=== 13. Filename Sanitization Test ==="
# We can't easily force a bad filename from the CLI without a mock server,
# but we can check if the previous download produced a clean filename.
ls -l "$TEST_DIR"
echo "=== Smoke Test Completed Successfully ==="