* Added aws region getter

* Moved productARN to server_config.json file
This commit is contained in:
maor.rayzin 2018-11-27 14:13:50 +02:00
parent a42d621340
commit 8e6ab5b9f5
4 changed files with 19 additions and 6 deletions

View File

@ -14,6 +14,10 @@ class AwsEnvironment(Environment):
def _get_instance_id():
return AWS.get_instance_id()
@staticmethod
def _get_region():
return urllib2.urlopen('http://169.254.169.254/latest/meta-data/placement/availability-zone').read()[:-1]
def is_auth_enabled(self):
return True

View File

@ -14,13 +14,16 @@ ENV_DICT = {
}
def load_env_from_file():
def load_server_configuration_from_file():
with open('monkey_island/cc/server_config.json', 'r') as f:
config_content = f.read()
config_json = json.loads(config_content)
return config_json['server_config']
return json.loads(config_content)
def load_env_from_file():
config_json = load_server_configuration_from_file()
return config_json['server_config']
try:
__env_type = load_env_from_file()
env = ENV_DICT[__env_type]()

View File

@ -5,6 +5,7 @@ import boto3
from cc.resources.exporter import Exporter
from cc.services.config import ConfigService
from cc.environment.environment import load_server_configuration_from_file
logger = logging.getLogger(__name__)
@ -57,10 +58,12 @@ class AWSExporter(Exporter):
'shared_passwords': AWSExporter._handle_shared_passwords_issue,
}
product_arn = load_server_configuration_from_file()['aws'].get('sec_hub_product_arn', '')
finding = {
"SchemaVersion": "2018-10-08",
"Id": uuid.uuid4().hex,
"ProductArn": "arn:aws:securityhub:us-west-2:324264561773:product/aws/guardduty",
"ProductArn": product_arn,
"GeneratorId": issue['type'],
"AwsAccountId": "324264561773",
"Types": [
@ -308,4 +311,4 @@ class AWSExporter(Exporter):
"Text": "The machine {0} ({1}) is vulnerable to a SMB attack. The Monkey authenticated over the SMB protocol with user {2} and its password.".format(issue['machine'], issue['ip_address'], issue['username'])
}
}
return finding
return finding

View File

@ -1,3 +1,6 @@
{
"server_config": "standard"
"server_config": "standard",
"aws": {
"sec_hub_product_arn": "arn:aws:securityhub:us-west-2:324264561773:product/aws/guardduty"
}
}