Tests/Exfiltration.tests.ps1


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54

Set-StrictMode -Version Latest

$TestScriptRoot = Split-Path $MyInvocation.MyCommand.Path -Parent
$ModuleRoot = Resolve-Path "$TestScriptRoot\.."
$ModuleManifest = "$ModuleRoot\Exfiltration\Exfiltration.psd1"

Remove-Module [E]xfiltration
Import-Module $ModuleManifest -Force -ErrorAction Stop

Describe 'Get-Keystrokes' {
    
    if (Test-Path "$($env:TEMP)\key.log") { Remove-Item -Force "$($env:TEMP)\key.log" }
    $WindowTitle = (Get-Process -Id $PID).MainWindowTitle
    
    $Shell = New-Object -ComObject wscript.shell
    $Shell.AppActivate($WindowTitle)
    
    $KeyLogger = Get-Keystrokes -PassThru
    Start-Sleep -Seconds 1

    $Shell.SendKeys("Pester`b`b`b`b`b`b")
    $KeyLogger.Dispose()

    It 'Should output to file' { Test-Path "$($env:TEMP)\key.log" | Should Be $true }
    
    $KeyObjects = Get-Content -Path "$($env:TEMP)\key.log" | ConvertFrom-Csv

    It 'Should log keystrokes' {
        $FileLength = (Get-Item "$($env:TEMP)\key.log").Length
        $FileLength | Should BeGreaterThan 14
    }

    It 'Should get foreground window title' {
        $KeyObjects[0].WindowTitle | Should Be $WindowTitle
    }

    It 'Should log time of key press' {
        $KeyTime = [DateTime]::Parse($KeyObjects[0].Time)
        $KeyTime.GetType().Name | Should Be 'DateTime'
    }

    It 'Should stop logging after timeout' {
        
        $Timeout = 0.05
        $KeyLogger = Get-Keystrokes -Timeout $Timeout -PassThru
        
        Start-Sleep -Seconds 4

        $KeyLogger.Runspace.RunspaceAvailability | Should Be 'Available'
        $KeyLogger.Dispose()
    }

    Remove-Item -Force "$($env:TEMP)\key.log"
}