p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Merge pull request #2073 from guardicore/1965-credential-endpoints 

1965 credential endpoints
This commit is contained in:
Mike Salvatore 2022-07-12 06:45:39 -04:00 committed by GitHub
parent 69d513b136 d2e4fe6136
commit 774b2c0116
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 231 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/monkey_island/cc/app.py
View File

@ -13,6 +13,7 @@ from monkey_island.cc.database import database, mongo
from monkey_island.cc.resources import ( from monkey_island.cc.resources import (
AgentBinaries, AgentBinaries,
ClearSimulationData, ClearSimulationData,
PropagationCredentials,
RemoteRun, RemoteRun,
ResetAgentConfiguration, ResetAgentConfiguration,
) )
@ -42,7 +43,6 @@ from monkey_island.cc.resources.node import Node
from monkey_island.cc.resources.node_states import NodeStates from monkey_island.cc.resources.node_states import NodeStates
from monkey_island.cc.resources.pba_file_download import PBAFileDownload from monkey_island.cc.resources.pba_file_download import PBAFileDownload
from monkey_island.cc.resources.pba_file_upload import FileUpload from monkey_island.cc.resources.pba_file_upload import FileUpload
from monkey_island.cc.resources.propagation_credentials import PropagationCredentials
from monkey_island.cc.resources.ransomware_report import RansomwareReport from monkey_island.cc.resources.ransomware_report import RansomwareReport
from monkey_island.cc.resources.root import Root from monkey_island.cc.resources.root import Root
from monkey_island.cc.resources.security_report import SecurityReport from monkey_island.cc.resources.security_report import SecurityReport

1
monkey/monkey_island/cc/resources/__init__.py
View File

@ -2,3 +2,4 @@ from .remote_run import RemoteRun
from .agent_binaries import AgentBinaries from .agent_binaries import AgentBinaries
from .clear_simulation_data import ClearSimulationData from .clear_simulation_data import ClearSimulationData
from .reset_agent_configuration import ResetAgentConfiguration from .reset_agent_configuration import ResetAgentConfiguration
from .propagation_credentials import PropagationCredentials

48
monkey/monkey_island/cc/resources/propagation_credentials.py
View File

@ -1,17 +1,55 @@
from flask import make_response from http import HTTPStatus
from flask import make_response, request
from common.credentials import Credentials from common.credentials import Credentials
from monkey_island.cc.repository import ICredentialsRepository from monkey_island.cc.repository import ICredentialsRepository
from monkey_island.cc.resources.AbstractResource import AbstractResource from monkey_island.cc.resources.AbstractResource import AbstractResource
_configured_collection = "configured-credentials"
_stolen_collection = "stolen-credentials"
class PropagationCredentials(AbstractResource): class PropagationCredentials(AbstractResource):
urls = ["/api/propagation-credentials"] urls = ["/api/propagation-credentials/", "/api/propagation-credentials/<string:collection>"]
def __init__(self, credentials_repository: ICredentialsRepository): def __init__(self, credentials_repository: ICredentialsRepository):
self._credentials_repository = credentials_repository self._credentials_repository = credentials_repository
def get(self): def get(self, collection=None):
propagation_credentials = self._credentials_repository.get_all_credentials() if collection == _configured_collection:
propagation_credentials = self._credentials_repository.get_configured_credentials()
elif collection == _stolen_collection:
propagation_credentials = self._credentials_repository.get_stolen_credentials()
elif collection is None:
propagation_credentials = self._credentials_repository.get_all_credentials()
else:
return {}, HTTPStatus.NOT_FOUND
return make_response(Credentials.to_json_array(propagation_credentials), 200) return make_response(Credentials.to_json_array(propagation_credentials), HTTPStatus.OK)
def post(self, collection=None):
credentials = [Credentials.from_json(c) for c in request.json]
if collection == _configured_collection:
self._credentials_repository.save_configured_credentials(credentials)
elif collection == _stolen_collection:
self._credentials_repository.save_stolen_credentials(credentials)
elif collection is None:
return {}, HTTPStatus.METHOD_NOT_ALLOWED
else:
return {}, HTTPStatus.NOT_FOUND
return {}, HTTPStatus.NO_CONTENT
def delete(self, collection=None):
if collection == _configured_collection:
self._credentials_repository.remove_configured_credentials()
elif collection == _stolen_collection:
self._credentials_repository.remove_stolen_credentials()
elif collection is None:
self._credentials_repository.remove_all_credentials()
else:
return {}, HTTPStatus.NOT_FOUND
return {}, HTTPStatus.NO_CONTENT

26
monkey/tests/data_for_tests/propagation_credentials.py Normal file
View File

@ -0,0 +1,26 @@
from common.credentials import Credentials, LMHash, NTHash, Password, Username
username = "m0nk3y_user"
special_username = "m0nk3y.user"
nt_hash = "C1C58F96CDF212B50837BC11A00BE47C"
lm_hash = "299BD128C1101FD6299BD128C1101FD6"
password_1 = "trytostealthis"
password_2 = "password"
password_3 = "12345678"
PROPAGATION_CREDENTIALS_1 = Credentials(
identities=(Username(username),),
secrets=(NTHash(nt_hash), LMHash(lm_hash), Password(password_1)),
)
PROPAGATION_CREDENTIALS_2 = Credentials(
identities=(Username(username), Username(special_username)),
secrets=(Password(password_1), Password(password_2), Password(password_3)),
)
PROPAGATION_CREDENTIALS_3 = Credentials(
identities=(Username(username),),
secrets=(Password(password_1),),
)
PROPAGATION_CREDENTIALS_4 = Credentials(
identities=(Username(username),),
secrets=(Password(password_2),),
)

6
monkey/tests/monkey_island/__init__.py
View File

@ -3,8 +3,4 @@ from .mock_file_repository import MockFileRepository, FILE_CONTENTS, FILE_NAME
from .open_error_file_repository import OpenErrorFileRepository from .open_error_file_repository import OpenErrorFileRepository
from .in_memory_agent_configuration_repository import InMemoryAgentConfigurationRepository from .in_memory_agent_configuration_repository import InMemoryAgentConfigurationRepository
from .in_memory_simulation_configuration import InMemorySimulationRepository from .in_memory_simulation_configuration import InMemorySimulationRepository
from .stub_propagation_credentials_repository import StubPropagationCredentialsRepository from .in_memory_credentials_repository import InMemoryCredentialsRepository
from .stub_propagation_credentials_repository import (
PROPAGATION_CREDENTIALS_1,
PROPAGATION_CREDENTIALS_2,
)

35
monkey/tests/monkey_island/in_memory_credentials_repository.py Normal file
View File

@ -0,0 +1,35 @@
from typing import Sequence
from common.credentials import Credentials
from monkey_island.cc.repository import ICredentialsRepository
class InMemoryCredentialsRepository(ICredentialsRepository):
def __init__(self):
self._configured_credentials = []
self._stolen_credentials = []
def get_configured_credentials(self) -> Sequence[Credentials]:
return self._configured_credentials
def get_stolen_credentials(self) -> Sequence[Credentials]:
return self._stolen_credentials
def get_all_credentials(self) -> Sequence[Credentials]:
return [*self._configured_credentials, *self._stolen_credentials]
def save_configured_credentials(self, credentials: Sequence[Credentials]):
self._configured_credentials.extend(credentials)
def save_stolen_credentials(self, credentials: Sequence[Credentials]):
self._stolen_credentials.extend(credentials)
def remove_configured_credentials(self):
self._configured_credentials = []
def remove_stolen_credentials(self):
self._stolen_credentials = []
def remove_all_credentials(self):
self.remove_configured_credentials()
self.remove_stolen_credentials()

47
monkey/tests/monkey_island/stub_propagation_credentials_repository.py
View File

@ -1,47 +0,0 @@
from typing import Sequence
from common.credentials import Credentials, LMHash, NTHash, Password, Username
from monkey_island.cc.repository import ICredentialsRepository
fake_username = "m0nk3y_user"
fake_special_username = "m0nk3y.user"
fake_nt_hash = "C1C58F96CDF212B50837BC11A00BE47C"
fake_lm_hash = "299BD128C1101FD6299BD128C1101FD6"
fake_password_1 = "trytostealthis"
fake_password_2 = "password"
fake_password_3 = "12345678"
PROPAGATION_CREDENTIALS_1 = Credentials(
identities=(Username(fake_username),),
secrets=(NTHash(fake_nt_hash), LMHash(fake_lm_hash), Password(fake_password_1)),
)
PROPAGATION_CREDENTIALS_2 = Credentials(
identities=(Username(fake_username), Username(fake_special_username)),
secrets=(Password(fake_password_1), Password(fake_password_2), Password(fake_password_3)),
)
class StubPropagationCredentialsRepository(ICredentialsRepository):
def get_configured_credentials(self) -> Sequence[Credentials]:
pass
def get_stolen_credentials(self) -> Sequence[Credentials]:
pass
def get_all_credentials(self) -> Sequence[Credentials]:
return [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2]
def save_configured_credentials(self, credentials: Sequence[Credentials]):
pass
def save_stolen_credentials(self, credentials: Sequence[Credentials]):
pass
def remove_configured_credentials(self):
pass
def remove_stolen_credentials(self):
pass
def remove_all_credentials(self):
pass

134
monkey/tests/unit_tests/monkey_island/cc/resources/test_propagation_credentials.py
View File

@ -1,34 +1,148 @@
import json
from http import HTTPStatus
from typing import Sequence
from urllib.parse import urljoin
import pytest import pytest
from tests.common import StubDIContainer from tests.common import StubDIContainer
from tests.monkey_island import ( from tests.data_for_tests.propagation_credentials import (
PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_1,
PROPAGATION_CREDENTIALS_2, PROPAGATION_CREDENTIALS_2,
StubPropagationCredentialsRepository, PROPAGATION_CREDENTIALS_3,
PROPAGATION_CREDENTIALS_4,
) )
from tests.unit_tests.monkey_island.conftest import get_url_for_resource from tests.monkey_island import InMemoryCredentialsRepository
from common.credentials import Credentials from common.credentials import Credentials
from monkey_island.cc.repository import ICredentialsRepository from monkey_island.cc.repository import ICredentialsRepository
from monkey_island.cc.resources.propagation_credentials import PropagationCredentials from monkey_island.cc.resources import PropagationCredentials
from monkey_island.cc.resources.propagation_credentials import (
_configured_collection,
_stolen_collection,
)
ALL_CREDENTIALS_URL = PropagationCredentials.urls[0]
CONFIGURED_CREDENTIALS_URL = urljoin(ALL_CREDENTIALS_URL, _configured_collection)
STOLEN_CREDENTIALS_URL = urljoin(ALL_CREDENTIALS_URL, _stolen_collection)
@pytest.fixture @pytest.fixture
def flask_client(build_flask_client): def credentials_repository():
return InMemoryCredentialsRepository()
@pytest.fixture
def flask_client(build_flask_client, credentials_repository):
container = StubDIContainer() container = StubDIContainer()
container.register(ICredentialsRepository, StubPropagationCredentialsRepository) container.register_instance(ICredentialsRepository, credentials_repository)
with build_flask_client(container) as flask_client: with build_flask_client(container) as flask_client:
yield flask_client yield flask_client
def test_propagation_credentials_endpoint_get(flask_client): def test_propagation_credentials_endpoint_get(flask_client, credentials_repository):
propagation_credentials_url = get_url_for_resource(PropagationCredentials) credentials_repository.save_configured_credentials(
[PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_3]
)
credentials_repository.save_stolen_credentials(
[PROPAGATION_CREDENTIALS_2, PROPAGATION_CREDENTIALS_4]
)
resp = flask_client.get(propagation_credentials_url) resp = flask_client.get(ALL_CREDENTIALS_URL)
actual_propagation_credentials = Credentials.from_json_array(resp.text) actual_propagation_credentials = Credentials.from_json_array(resp.text)
assert resp.status_code == 200 assert resp.status_code == HTTPStatus.OK
assert len(actual_propagation_credentials) == 4
assert PROPAGATION_CREDENTIALS_1 in actual_propagation_credentials
assert PROPAGATION_CREDENTIALS_2 in actual_propagation_credentials
assert PROPAGATION_CREDENTIALS_3 in actual_propagation_credentials
assert PROPAGATION_CREDENTIALS_4 in actual_propagation_credentials
def pre_populate_repository(
url: str, credentials_repository: ICredentialsRepository, credentials: Sequence[Credentials]
):
if "configured" in url:
credentials_repository.save_configured_credentials(credentials)
else:
credentials_repository.save_stolen_credentials(credentials)
@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL])
def test_propagation_credentials_endpoint__get_stolen(flask_client, credentials_repository, url):
pre_populate_repository(
url, credentials_repository, [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2]
)
resp = flask_client.get(url)
actual_propagation_credentials = Credentials.from_json_array(resp.text)
assert resp.status_code == HTTPStatus.OK
assert len(actual_propagation_credentials) == 2 assert len(actual_propagation_credentials) == 2
assert actual_propagation_credentials[0] == PROPAGATION_CREDENTIALS_1 assert actual_propagation_credentials[0] == PROPAGATION_CREDENTIALS_1
assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2 assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2
@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL])
def test_propagation_credentials_endpoint__post_stolen(flask_client, credentials_repository, url):
pre_populate_repository(url, credentials_repository, [PROPAGATION_CREDENTIALS_1])
resp = flask_client.post(
url,
json=[
Credentials.to_json(PROPAGATION_CREDENTIALS_2),
Credentials.to_json(PROPAGATION_CREDENTIALS_3),
],
)
assert resp.status_code == HTTPStatus.NO_CONTENT
resp = flask_client.get(url)
retrieved_propagation_credentials = Credentials.from_json_array(resp.text)
assert resp.status_code == HTTPStatus.OK
assert len(retrieved_propagation_credentials) == 3
assert PROPAGATION_CREDENTIALS_1 in retrieved_propagation_credentials
assert PROPAGATION_CREDENTIALS_2 in retrieved_propagation_credentials
assert PROPAGATION_CREDENTIALS_3 in retrieved_propagation_credentials
@pytest.mark.parametrize("url", [CONFIGURED_CREDENTIALS_URL, STOLEN_CREDENTIALS_URL])
def test_stolen_propagation_credentials_endpoint_delete(flask_client, credentials_repository, url):
pre_populate_repository(
url, credentials_repository, [PROPAGATION_CREDENTIALS_1, PROPAGATION_CREDENTIALS_2]
)
resp = flask_client.delete(url)
assert resp.status_code == HTTPStatus.NO_CONTENT
resp = flask_client.get(url)
assert len(json.loads(resp.text)) == 0
def test_propagation_credentials_endpoint__propagation_credentials_post_not_allowed(flask_client):
resp = flask_client.post(ALL_CREDENTIALS_URL, json=[])
assert resp.status_code == HTTPStatus.METHOD_NOT_ALLOWED
NON_EXISTENT_COLLECTION_URL = urljoin(ALL_CREDENTIALS_URL, "bogus-credentials")
def test_propagation_credentials_endpoint__get_not_found(flask_client):
resp = flask_client.get(NON_EXISTENT_COLLECTION_URL)
assert resp.status_code == HTTPStatus.NOT_FOUND
def test_propagation_credentials_endpoint__post_not_found(flask_client):
resp = flask_client.post(
NON_EXISTENT_COLLECTION_URL,
json=[
Credentials.to_json(PROPAGATION_CREDENTIALS_2),
Credentials.to_json(PROPAGATION_CREDENTIALS_3),
],
)
assert resp.status_code == HTTPStatus.NOT_FOUND
def test_propagation_credentials_endpoint__delete_not_found(flask_client):
resp = flask_client.delete(NON_EXISTENT_COLLECTION_URL)
assert resp.status_code == HTTPStatus.NOT_FOUND