p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Agent: Remove ScoutSuite system info collector

This commit is contained in:
Mike Salvatore 2022-02-01 14:00:08 -05:00 committed by Shreya Malviya
parent ee0c98a435
commit 16bb13fc10
2 changed files with 0 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
monkey/infection_monkey/system_info/collectors/aws_collector.py
View File

@ -1,12 +1,7 @@
import logging import logging
from common.cloud.aws.aws_instance import AwsInstance from common.cloud.aws.aws_instance import AwsInstance
from common.cloud.scoutsuite_consts import CloudProviders
from common.common_consts.system_info_collectors_names import AWS_COLLECTOR from common.common_consts.system_info_collectors_names import AWS_COLLECTOR
from infection_monkey.network.tools import is_running_on_island
from infection_monkey.system_info.collectors.scoutsuite_collector.scoutsuite_collector import (
scan_cloud_security,
)
from infection_monkey.system_info.system_info_collector import SystemInfoCollector from infection_monkey.system_info.system_info_collector import SystemInfoCollector
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -22,11 +17,6 @@ class AwsCollector(SystemInfoCollector):
def collect(self) -> dict: def collect(self) -> dict:
logger.info("Collecting AWS info") logger.info("Collecting AWS info")
if is_running_on_island():
logger.info("Attempting to scan AWS security with ScoutSuite.")
scan_cloud_security(cloud_type=CloudProviders.AWS)
else:
logger.info("Didn't scan AWS security with ScoutSuite, because not on island.")
aws = AwsInstance() aws = AwsInstance()
info = {} info = {}
if aws.is_instance(): if aws.is_instance():

35
monkey/infection_monkey/system_info/collectors/scoutsuite_collector/scoutsuite_collector.py
View File

@ -1,35 +0,0 @@
import logging
from typing import Union
import ScoutSuite.api_run
from ScoutSuite.providers.base.provider import BaseProvider
from common.cloud.scoutsuite_consts import CloudProviders
from common.utils.exceptions import ScoutSuiteScanError
from infection_monkey.config import WormConfiguration
from infection_monkey.telemetry.scoutsuite_telem import ScoutSuiteTelem
logger = logging.getLogger(__name__)
def scan_cloud_security(cloud_type: CloudProviders):
try:
results = run_scoutsuite(cloud_type.value)
if isinstance(results, dict) and "error" in results and results["error"]:
raise ScoutSuiteScanError(results["error"])
send_scoutsuite_run_results(results)
except (Exception, ScoutSuiteScanError) as e:
logger.error(f"ScoutSuite didn't scan {cloud_type.value} security because: {e}")
def run_scoutsuite(cloud_type: str) -> Union[BaseProvider, dict]:
return ScoutSuite.api_run.run(
provider=cloud_type,
aws_access_key_id=WormConfiguration.aws_access_key_id,
aws_secret_access_key=WormConfiguration.aws_secret_access_key,
aws_session_token=WormConfiguration.aws_session_token,
)
def send_scoutsuite_run_results(run_results: BaseProvider):
ScoutSuiteTelem(run_results).send()