Remove username/password lists from code. get/set from global config
This commit is contained in:
parent
ba291b577b
commit
be1b6879f7
|
@ -1,8 +1,4 @@
|
|||
__author__ = 'itay.mizeretz'
|
||||
|
||||
ISLAND_PORT = 5000
|
||||
DEFAULT_MONGO_URL = "mongodb://localhost:27017/monkeyisland"
|
||||
|
||||
# TODO: remove this, and get from global config`
|
||||
INITIAL_USERNAMES = ['Administrator', 'root', 'user']
|
||||
INITIAL_PASSWORDS = ["Password1!", "1234", "password", "12345678"]
|
||||
DEFAULT_MONGO_URL = "mongodb://localhost:27017/monkeyisland"
|
|
@ -8,8 +8,8 @@ if BASE_PATH not in sys.path:
|
|||
sys.path.insert(0, BASE_PATH)
|
||||
|
||||
from cc.app import init_app
|
||||
from cc.utils import init_collections, local_ip_addresses
|
||||
from cc.island_config import DEFAULT_MONGO_URL, ISLAND_PORT, INITIAL_USERNAMES, INITIAL_PASSWORDS
|
||||
from cc.utils import local_ip_addresses
|
||||
from cc.island_config import DEFAULT_MONGO_URL, ISLAND_PORT
|
||||
|
||||
if __name__ == '__main__':
|
||||
from tornado.wsgi import WSGIContainer
|
||||
|
@ -17,8 +17,6 @@ if __name__ == '__main__':
|
|||
from tornado.ioloop import IOLoop
|
||||
|
||||
app = init_app(os.environ.get('MONGO_URL', DEFAULT_MONGO_URL))
|
||||
with app.app_context():
|
||||
init_collections(INITIAL_USERNAMES, INITIAL_PASSWORDS)
|
||||
http_server = HTTPServer(WSGIContainer(app),
|
||||
ssl_options={'certfile': os.environ.get('SERVER_CRT', 'server.crt'),
|
||||
'keyfile': os.environ.get('SERVER_KEY', 'server.key')})
|
||||
|
|
|
@ -33,10 +33,6 @@ class Monkey(flask_restful.Resource):
|
|||
|
||||
if guid:
|
||||
monkey_json = mongo.db.monkey.find_one_or_404({"guid": guid})
|
||||
monkey_json['config']['exploit_user_list'] = \
|
||||
map(lambda x: x['username'], mongo.db.usernames.find({}, {'_id': 0, 'username': 1}).sort([('count', -1)]))
|
||||
monkey_json['config']['exploit_password_list'] = \
|
||||
map(lambda x: x['password'], mongo.db.passwords.find({}, {'_id': 0, 'password': 1}).sort([('count', -1)]))
|
||||
return monkey_json
|
||||
else:
|
||||
result = {'timestamp': datetime.now().isoformat()}
|
||||
|
|
|
@ -5,7 +5,7 @@ import flask_restful
|
|||
|
||||
from cc.database import mongo
|
||||
|
||||
from cc.utils import init_collections, local_ip_addresses
|
||||
from cc.utils import local_ip_addresses
|
||||
|
||||
__author__ = 'Barak'
|
||||
|
||||
|
@ -22,11 +22,8 @@ class Root(flask_restful.Resource):
|
|||
mongo.db.config.drop()
|
||||
mongo.db.monkey.drop()
|
||||
mongo.db.telemetry.drop()
|
||||
mongo.db.usernames.drop()
|
||||
mongo.db.passwords.drop()
|
||||
mongo.db.node.drop()
|
||||
mongo.db.edge.drop()
|
||||
init_collections()
|
||||
return jsonify(status='OK')
|
||||
elif action == "killall":
|
||||
mongo.db.monkey.update({}, {'$set': {'config.alive': False, 'modifytime': datetime.now()}}, upsert=False,
|
||||
|
|
|
@ -9,8 +9,7 @@ import flask_restful
|
|||
from cc.database import mongo
|
||||
from cc.services.edge import EdgeService
|
||||
from cc.services.node import NodeService
|
||||
|
||||
from cc.utils import creds_add_username, creds_add_password
|
||||
from cc.services.config import ConfigService
|
||||
|
||||
__author__ = 'Barak'
|
||||
|
||||
|
@ -93,10 +92,9 @@ class Telemetry(flask_restful.Resource):
|
|||
if 'credentials' in telemetry_json['data']:
|
||||
creds = telemetry_json['data']['credentials']
|
||||
for user in creds:
|
||||
creds_add_username(user)
|
||||
|
||||
ConfigService.creds_add_username(user)
|
||||
if 'password' in creds[user]:
|
||||
creds_add_password(creds[user]['password'])
|
||||
ConfigService.creds_add_password(creds[user]['password'])
|
||||
|
||||
def add_scan_to_edge(self, edge, telemetry_json):
|
||||
data = telemetry_json['data']['machine']
|
||||
|
@ -125,9 +123,6 @@ class Telemetry(flask_restful.Resource):
|
|||
{"$set": {"os.version": scan_os["version"]}},
|
||||
upsert=False)
|
||||
|
||||
|
||||
|
||||
|
||||
def add_exploit_to_edge(self, edge, telemetry_json):
|
||||
data = telemetry_json['data']
|
||||
data["machine"].pop("ip_addr")
|
||||
|
|
|
@ -749,6 +749,7 @@ SCHEMA = {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
class ConfigService:
|
||||
def __init__(self):
|
||||
pass
|
||||
|
@ -775,6 +776,22 @@ class ConfigService:
|
|||
def get_config_schema():
|
||||
return SCHEMA
|
||||
|
||||
@staticmethod
|
||||
def creds_add_username(username):
|
||||
mongo.db.config.update(
|
||||
{'name': 'newconfig'},
|
||||
{'$addToSet': {'exploits.credentials.exploit_user_list': username}},
|
||||
upsert=False
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def creds_add_password(password):
|
||||
mongo.db.config.update(
|
||||
{'name': 'newconfig'},
|
||||
{'$addToSet': {'exploits.credentials.exploit_password_list': password}},
|
||||
upsert=False
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def update_config():
|
||||
pass
|
||||
|
|
|
@ -11,36 +11,6 @@ from cc.database import mongo
|
|||
__author__ = 'Barak'
|
||||
|
||||
|
||||
# data structures
|
||||
|
||||
def creds_add_username(username):
|
||||
mongo.db.usernames.update(
|
||||
{'username': username},
|
||||
{'$inc': {'count': 1}},
|
||||
upsert=True
|
||||
)
|
||||
|
||||
|
||||
def creds_add_password(password):
|
||||
mongo.db.passwords.update(
|
||||
{'password': password},
|
||||
{'$inc': {'count': 1}},
|
||||
upsert=True
|
||||
)
|
||||
|
||||
|
||||
def init_collections(usernames, passwords):
|
||||
if "usernames" not in mongo.db.collection_names():
|
||||
mongo.db.usernames.create_index([("username", 1)], unique=True)
|
||||
for username in usernames:
|
||||
creds_add_username(username)
|
||||
|
||||
if "passwords" not in mongo.db.collection_names():
|
||||
mongo.db.passwords.create_index([("password", 1)], unique=True)
|
||||
for password in passwords:
|
||||
creds_add_password(password)
|
||||
|
||||
|
||||
# Local ips function
|
||||
if sys.platform == "win32":
|
||||
def local_ips():
|
||||
|
|
Loading…
Reference in New Issue