- Added exporters list population
- some pep8 - Added a report json cleanup for mongo insertion, sometimes machine names are used as keys and these names might contain '.' which mongodb doesn't allow. - Fixed a typo and aws sec hub protocol requirements
This commit is contained in:
maor.rayzin
parent
4b06c1e3f4
commit
985f45d8de
|
|
@ -4,6 +4,7 @@ from cc.resources.aws_exporter import AWSExporter
|
||||||
|
|
||||||
__author__ = 'maor.rayzin'
|
__author__ = 'maor.rayzin'
|
||||||
|
|
||||||
|
|
||||||
def populate_exporter_list():
|
def populate_exporter_list():
|
||||||
|
|
||||||
manager = ReportExporterManager()
|
manager = ReportExporterManager()
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ json_setup_logging(default_path=os.path.join(BASE_PATH, 'cc', 'island_logger_def
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
from cc.app import init_app
|
from cc.app import init_app
|
||||||
|
from cc.exporter_init import populate_exporter_list
|
||||||
from cc.utils import local_ip_addresses
|
from cc.utils import local_ip_addresses
|
||||||
from cc.environment.environment import env
|
from cc.environment.environment import env
|
||||||
from cc.database import is_db_server_up
|
from cc.database import is_db_server_up
|
||||||
|
|
@ -34,8 +35,7 @@ def main():
|
||||||
logger.info('Waiting for MongoDB server')
|
logger.info('Waiting for MongoDB server')
|
||||||
time.sleep(1)
|
time.sleep(1)
|
||||||
|
|
||||||
|
populate_exporter_list()
|
||||||
|
|
||||||
app = init_app(mongo_url)
|
app = init_app(mongo_url)
|
||||||
if env.is_debug():
|
if env.is_debug():
|
||||||
app.run(host='0.0.0.0', debug=True, ssl_context=('monkey_island/cc/server.crt', 'monkey_island/cc/server.key'))
|
app.run(host='0.0.0.0', debug=True, ssl_context=('monkey_island/cc/server.crt', 'monkey_island/cc/server.key'))
|
||||||
|
|
|
||||||
|
|
@ -131,7 +131,7 @@ class AWSExporter(Exporter):
|
||||||
"Id": instance_arn.format(instance_id=instance_id)
|
"Id": instance_arn.format(instance_id=instance_id)
|
||||||
}]
|
}]
|
||||||
else:
|
else:
|
||||||
return [{'Type': 'Other'}]
|
return [{'Type': 'Other', 'Id': 'None'}]
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _build_generic_finding(severity, title, description, recommendation, instance_arn, instance_id=None):
|
def _build_generic_finding(severity, title, description, recommendation, instance_arn, instance_id=None):
|
||||||
|
|
@ -140,7 +140,7 @@ class AWSExporter(Exporter):
|
||||||
"Product": severity,
|
"Product": severity,
|
||||||
"Normalized": 100
|
"Normalized": 100
|
||||||
},
|
},
|
||||||
'Resource': AWSExporter._get_finding_resource(instance_id, instance_arn),
|
'Resources': AWSExporter._get_finding_resource(instance_id, instance_arn),
|
||||||
"Title": title,
|
"Title": title,
|
||||||
"Description": description,
|
"Description": description,
|
||||||
"Remediation": {
|
"Remediation": {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,5 @@
|
||||||
WARNING_SIGN = u" \u26A0"
|
WARNING_SIGN = u" \u26A0"
|
||||||
|
|
||||||
|
|
||||||
SCHEMA = {
|
SCHEMA = {
|
||||||
"title": "Monkey",
|
"title": "Monkey",
|
||||||
"type": "object",
|
"type": "object",
|
||||||
|
|
@ -624,6 +623,31 @@ SCHEMA = {
|
||||||
"description": "The current command server the monkey is communicating with"
|
"description": "The current command server the monkey is communicating with"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
'aws_config': {
|
||||||
|
'title': 'AWS Configuration',
|
||||||
|
'type': 'object',
|
||||||
|
'description': 'These credentials will be used in order to export the monkey\'s findings to the AWS Security Hub.',
|
||||||
|
'properties': {
|
||||||
|
'aws_account_id': {
|
||||||
|
'title': 'AWS account ID',
|
||||||
|
'type': 'string',
|
||||||
|
'description': 'Your AWS account ID that is subscribed to security hub feeds',
|
||||||
|
'default': ''
|
||||||
|
},
|
||||||
|
'aws_access_key_id': {
|
||||||
|
'title': 'AWS access key ID',
|
||||||
|
'type': 'string',
|
||||||
|
'description': 'Your AWS public access key ID, can be found in the IAM user interface in the AWS console.',
|
||||||
|
'default': ''
|
||||||
|
},
|
||||||
|
'aws_secret_access_key': {
|
||||||
|
'title': 'AWS secret access key',
|
||||||
|
'type': 'string',
|
||||||
|
'description': 'Your AWS secret access key id, you can get this after creating a public access key in the console.',
|
||||||
|
'default': ''
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,8 @@ import functools
|
||||||
|
|
||||||
import ipaddress
|
import ipaddress
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
from bson import json_util
|
||||||
from enum import Enum
|
from enum import Enum
|
||||||
|
|
||||||
from six import text_type
|
from six import text_type
|
||||||
|
|
@ -725,10 +727,22 @@ class ReportService:
|
||||||
}
|
}
|
||||||
ReportExporterManager().export(report)
|
ReportExporterManager().export(report)
|
||||||
mongo.db.report.drop()
|
mongo.db.report.drop()
|
||||||
mongo.db.report.insert_one(report)
|
mongo.db.report.insert_one(ReportService.clean_report_before_mongo_insert(report))
|
||||||
|
|
||||||
return report
|
return report
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def clean_report_before_mongo_insert(report_dict):
|
||||||
|
"""
|
||||||
|
mongodb doesn't allow for '.' and '$' in a key's name, this function replaces the '.' char with the unicode
|
||||||
|
\u002E char instead.
|
||||||
|
:return:
|
||||||
|
"""
|
||||||
|
report_as_json = json_util.dumps(report_dict)
|
||||||
|
report_as_json.replace('.', '\u002E')
|
||||||
|
return json_util.loads(report_as_json)
|
||||||
|
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def is_latest_report_exists():
|
def is_latest_report_exists():
|
||||||
"""
|
"""
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue