Merge pull request #2013 from guardicore/1998-remove-export_monkey_telems

Remove `export_monkey_telems`
2022-06-13 10:46:26 +03:00 · 2022-06-13 10:46:26 +03:00 · 3598b0d302
parent 825f559370 4947e540f2
commit 3598b0d302
14 changed files with 1 additions and 140 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -76,6 +76,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
 - "/api/client-monkey" endpoint. #1889
 - "+dev" from version numbers. #1553
 - agent's "--config" argument. #906
+- Option to export monkey telemetries. #1998

 ### Fixed
 - A bug in network map page that caused delay of telemetry log loading. #1545
--- a/monkey/common/config_value_paths.py
+++ b/monkey/common/config_value_paths.py
@ -1,4 +1,3 @@
-EXPORT_MONKEY_TELEMS_PATH = ["internal", "testing", "export_monkey_telems"]
 CURRENT_SERVER_PATH = ["internal", "island_server", "current_server"]
 SSH_KEYS_PATH = ["internal", "exploits", "exploit_ssh_keys"]
 INACCESSIBLE_SUBNETS_PATH = ["basic_network", "network_analysis", "inaccessible_subnets"]
--- a/monkey/infection_monkey/config.py
+++ b/monkey/infection_monkey/config.py
@ -69,10 +69,5 @@ class Configuration(object):

    keep_tunnel_open_time = 30

-    ###########################
-    # testing configuration
-    ###########################
-    export_monkey_telems = False
-

 WormConfiguration = Configuration()
--- a/monkey/monkey_island/cc/models/exported_telem.py
+++ b/monkey/monkey_island/cc/models/exported_telem.py
@ -1,16 +0,0 @@
-"""
-Define a Document Schema for the TelemForExport document.
-"""
-from mongoengine import DateTimeField, Document, StringField
-
-
-# This document describes exported telemetry.
-# These telemetries are used to mock monkeys sending telemetries to the island.
-# This way we can replicate island state without running monkeys.
-class ExportedTelem(Document):
-    # SCHEMA
-    name = StringField(required=True)
-    time = DateTimeField(required=True)
-    method = StringField(required=True)
-    endpoint = StringField(required=True)
-    content = StringField(required=True)
--- a/monkey/monkey_island/cc/resources/blackbox/utils/telem_store.py
+++ b/monkey/monkey_island/cc/resources/blackbox/utils/telem_store.py
@ -1,84 +0,0 @@
-import logging
-import shutil
-from datetime import datetime
-from functools import wraps
-from os import mkdir, path
-
-from flask import request
-
-from monkey_island.cc.models.exported_telem import ExportedTelem
-from monkey_island.cc.services.config import ConfigService
-
-TELEM_SAMPLE_DIR = "./telem_sample"
-MAX_SAME_CATEGORY_TELEMS = 10000
-
-logging.basicConfig(level=logging.INFO)
-logger = logging.getLogger(__name__)
-
-
-# TODO this will break with the IRepository implementation. Remove it
-class TestTelemStore:
-    TELEMS_EXPORTED = False
-
-    @staticmethod
-    def store_exported_telem(f):
-        @wraps(f)
-        def decorated_function(*args, **kwargs):
-            if ConfigService.is_test_telem_export_enabled():
-                time = datetime.now()
-                method = request.method
-                content = request.data.decode()
-                endpoint = request.path
-                name = (
-                    str(request.url_rule)
-                    .replace("/", "_")
-                    .replace("<", "_")
-                    .replace(">", "_")
-                    .replace(":", "_")
-                )
-                ExportedTelem(
-                    name=name, method=method, endpoint=endpoint, content=content, time=time
-                ).save()
-            return f(*args, **kwargs)
-
-        return decorated_function
-
-    @staticmethod
-    def export_telems():
-        logger.info(f"Exporting all telemetries to {TELEM_SAMPLE_DIR}")
-        try:
-            mkdir(TELEM_SAMPLE_DIR)
-        except FileExistsError:
-            logger.info("Deleting all previous telemetries.")
-            shutil.rmtree(TELEM_SAMPLE_DIR)
-            mkdir(TELEM_SAMPLE_DIR)
-        for test_telem in ExportedTelem.objects():
-            with open(
-                TestTelemStore.get_unique_file_path_for_export_telem(TELEM_SAMPLE_DIR, test_telem),
-                "w",
-            ) as file:
-                file.write(test_telem.to_json(indent=2))
-        TestTelemStore.TELEMS_EXPORTED = True
-        logger.info("Telemetries exported!")
-
-    # Should be private
-    @staticmethod
-    def get_unique_file_path_for_export_telem(target_dir: str, test_telem: ExportedTelem):
-        telem_filename = TestTelemStore._get_filename_by_export_telem(test_telem)
-        for i in range(MAX_SAME_CATEGORY_TELEMS):
-            potential_filepath = path.join(target_dir, (telem_filename + str(i)))
-            if path.exists(potential_filepath):
-                continue
-            return potential_filepath
-        raise Exception(
-            f"Too many telemetries of the same category. Max amount {MAX_SAME_CATEGORY_TELEMS}"
-        )
-
-    @staticmethod
-    def _get_filename_by_export_telem(test_telem: ExportedTelem):
-        endpoint_part = test_telem.name
-        return endpoint_part + "_" + test_telem.method
-
-
-if __name__ == "__main__":
-    TestTelemStore.export_telems()
--- a/monkey/monkey_island/cc/resources/log.py
+++ b/monkey/monkey_island/cc/resources/log.py
@ -5,7 +5,6 @@ from flask import request

 from monkey_island.cc.database import mongo
 from monkey_island.cc.resources.AbstractResource import AbstractResource
-from monkey_island.cc.resources.blackbox.utils.telem_store import TestTelemStore
 from monkey_island.cc.resources.request_authentication import jwt_required
 from monkey_island.cc.services.log import LogService
 from monkey_island.cc.services.node import NodeService
@ -25,7 +24,6 @@ class Log(AbstractResource):
            return LogService.log_exists(ObjectId(exists_monkey_id))

    # Used by monkey. can't secure.
-    @TestTelemStore.store_exported_telem
    def post(self):
        telemetry_json = json.loads(request.data)

--- a/monkey/monkey_island/cc/resources/monkey.py
+++ b/monkey/monkey_island/cc/resources/monkey.py
@ -6,7 +6,6 @@ from flask import request
 from monkey_island.cc.database import mongo
 from monkey_island.cc.models.monkey_ttl import create_monkey_ttl_document
 from monkey_island.cc.resources.AbstractResource import AbstractResource
-from monkey_island.cc.resources.blackbox.utils.telem_store import TestTelemStore
 from monkey_island.cc.resources.utils.semaphores import agent_killing_mutex
 from monkey_island.cc.server_utils.consts import DEFAULT_MONKEY_TTL_EXPIRY_DURATION_IN_SECONDS
 from monkey_island.cc.services.config import ConfigService
@ -29,7 +28,6 @@ class Monkey(AbstractResource):

    # Used by monkey. can't secure.
    # Called on monkey wakeup to initialize local configuration
-    @TestTelemStore.store_exported_telem
    def post(self, **kw):

        # TODO: Why is it the registration of an agent coupled to exploit telemetry? It's hard to
--- a/monkey/monkey_island/cc/resources/telemetry.py
+++ b/monkey/monkey_island/cc/resources/telemetry.py
@ -9,7 +9,6 @@ from monkey_island.cc.database import mongo
 from monkey_island.cc.models.monkey import Monkey
 from monkey_island.cc.models.telemetries import get_telemetry_by_query
 from monkey_island.cc.resources.AbstractResource import AbstractResource
-from monkey_island.cc.resources.blackbox.utils.telem_store import TestTelemStore
 from monkey_island.cc.resources.request_authentication import jwt_required
 from monkey_island.cc.services.node import NodeService
 from monkey_island.cc.services.telemetry.processing.processing import process_telemetry
@ -45,7 +44,6 @@ class Telemetry(AbstractResource):
        return result

    # Used by monkey. can't secure.
-    @TestTelemStore.store_exported_telem
    def post(self):
        telemetry_json = json.loads(request.data)
        telemetry_json["data"] = json.loads(telemetry_json["data"])
--- a/monkey/monkey_island/cc/services/config.py
+++ b/monkey/monkey_island/cc/services/config.py
@ -9,7 +9,6 @@ from typing import Any, Dict, List
 from jsonschema import Draft4Validator, validators

 from common.config_value_paths import (
-    EXPORT_MONKEY_TELEMS_PATH,
    LM_HASH_LIST_PATH,
    NTLM_HASH_LIST_PATH,
    PASSWORD_LIST_PATH,
@ -355,10 +354,6 @@ class ConfigService:
                    else get_datastore_encryptor().encrypt(config_arr)
                )

-    @staticmethod
-    def is_test_telem_export_enabled():
-        return ConfigService.get_config_value(EXPORT_MONKEY_TELEMS_PATH)
-
    @staticmethod
    def get_config_propagation_credentials_from_flat_config(config) -> Dict[str, List[str]]:
        return {
--- a/monkey/monkey_island/cc/services/config_schema/internal.py
+++ b/monkey/monkey_island/cc/services/config_schema/internal.py
@ -153,19 +153,5 @@ INTERNAL = {
                },
            },
        },
-        "testing": {
-            "title": "Testing",
-            "type": "object",
-            "properties": {
-                "export_monkey_telems": {
-                    "title": "Export monkey telemetries",
-                    "type": "boolean",
-                    "default": False,
-                    "description": "Exports unencrypted telemetries that "
-                    "can be used for tests in development."
-                    " Do not turn on!",
-                }
-            },
-        },
    },
 }
--- a/monkey/monkey_island/cc/services/infection_lifecycle.py
+++ b/monkey/monkey_island/cc/services/infection_lifecycle.py
@ -2,8 +2,6 @@ import logging

 from monkey_island.cc.models import Monkey
 from monkey_island.cc.models.agent_controls import AgentControls
-from monkey_island.cc.resources.blackbox.utils.telem_store import TestTelemStore
-from monkey_island.cc.services.config import ConfigService
 from monkey_island.cc.services.node import NodeService
 from monkey_island.cc.services.reporting.report import ReportService
 from monkey_island.cc.services.reporting.report_generation_synchronisation import (
@ -73,5 +71,3 @@ def _on_finished_infection():
    # we want to skip and reply.
    if not is_report_being_generated() and not ReportService.is_latest_report_exists():
        safe_generate_reports()
-    if ConfigService.is_test_telem_export_enabled() and not TestTelemStore.TELEMS_EXPORTED:
-        TestTelemStore.export_telems()
--- a/monkey/tests/data_for_tests/monkey_configs/flat_config.json
+++ b/monkey/tests/data_for_tests/monkey_configs/flat_config.json
@ -47,7 +47,6 @@
        "PowerShellExploiter",
        "Log4ShellExploiter"
    ],
-    "export_monkey_telems": false,
    "finger_classes": [
        "SMBFinger",
        "SSHFinger",
--- a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
+++ b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
@ -92,9 +92,6 @@
        "exploit_lm_hash_list": [],
        "exploit_ntlm_hash_list": [],
        "exploit_ssh_keys": []
-      },
-      "testing": {
-        "export_monkey_telems": false
      }
    },
    "monkey": {
--- a/vulture_allowlist.py
+++ b/vulture_allowlist.py
@ -129,7 +129,6 @@ opnum  # unused variable (monkey/infection_monkey/exploit/zerologon.py:466)
 structure  # unused variable (monkey/infection_monkey/exploit/zerologon.py:467)
 structure  # unused variable (monkey/infection_monkey/exploit/zerologon.py:478)
 oid_set  # unused variable (monkey/infection_monkey/exploit/tools/wmi_tools.py:96)
-export_monkey_telems  # unused variable (monkey/infection_monkey/config.py:282)
 NoInternetError  # unused class (monkey/common/utils/exceptions.py:33)
 _.__isabstractmethod__  # unused attribute (monkey/common/utils/code_utils.py:11)
 MIMIKATZ  # unused variable (monkey/common/utils/attack_utils.py:21)