p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

UI: Remove Scoutsuite option from Run Monkey page

This commit is contained in:
Shreya Malviya 2022-02-03 14:30:07 +05:30
parent c2c609aa3a
commit c357ee410e
6 changed files with 1 additions and 365 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/RunOptions.js
View File

@ -8,7 +8,6 @@ import {cloneDeep} from 'lodash';
import {faCloud, faExpandArrowsAlt} from '@fortawesome/free-solid-svg-icons'; import {faCloud, faExpandArrowsAlt} from '@fortawesome/free-solid-svg-icons';
import RunOnIslandButton from './RunOnIslandButton'; import RunOnIslandButton from './RunOnIslandButton';
import AWSRunButton from './RunOnAWS/AWSRunButton'; import AWSRunButton from './RunOnAWS/AWSRunButton';
import CloudOptions from './scoutsuite-setup/CloudOptions';
const CONFIG_URL = '/api/configuration/island'; const CONFIG_URL = '/api/configuration/island';
@ -56,6 +55,7 @@ function RunOptions(props) {
return InlineSelection(defaultContents, newProps); return InlineSelection(defaultContents, newProps);
} }
// TODO: Change function name
function shouldShowScoutsuite(islandMode){ function shouldShowScoutsuite(islandMode){
return islandMode !== 'ransomware'; return islandMode !== 'ransomware';
} }
@ -74,14 +74,6 @@ function RunOptions(props) {
{ips: ips, setComponent: setComponent}) {ips: ips, setComponent: setComponent})
}}/> }}/>
{shouldShowScoutsuite(props.islandMode) && <AWSRunButton setComponent={setComponent}/> } {shouldShowScoutsuite(props.islandMode) && <AWSRunButton setComponent={setComponent}/> }
{shouldShowScoutsuite(props.islandMode) && <NextSelectionButton title={'Cloud security scan'}
description={'Explains how to enable cloud security scan.'}
icon={faCloud}
onButtonClick={() => {
setComponent(CloudOptions,
{ips: ips, setComponent: setComponent})
}}/>
}
</> </>
); );
} }

63
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/AWSConfiguration/AWSCLISetup.js
View File

@ -1,63 +0,0 @@
import {Button} from 'react-bootstrap';
import React from 'react';
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
import {COLUMN_SIZES} from '../../../../ui-components/inline-selection/utils';
import '../../../../../styles/components/scoutsuite/AWSSetup.scss';
import AWSSetupOptions from './AWSSetupOptions';
export default function AWSCLISetup(props) {
return InlineSelection(getContents, {
...props,
collumnSize: COLUMN_SIZES.LARGE,
onBackButtonClick: () => {
props.setComponent(AWSSetupOptions, props);
}
})
}
const getContents = (props) => {
return (
<div className={'aws-scoutsuite-configuration'}>
<h2>AWS CLI configuration for scan</h2>
<p>To assess your AWS infrastructure's security do the following:</p>
<ol>
<li>
1. Configure AWS CLI on Monkey Island Server (if you already have a configured CLI you can skip this step).
<ol className={'nested-ol'}>
<li>
a. Download <Button href={'https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html'}
target={'_blank'} variant={'link'}>AWS CLI</Button> and
install it on the Monkey Island server (machine running this page).
</li>
<li>
b. Run <code>aws configure</code>. It's important to configure credentials as it
allows ScoutSuite to get information about your cloud configuration. The simplest way to do so is to
provide&nbsp;
<Button
href={'https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html#cli-configure-quickstart-creds'}
variant={'link'}
className={'cli-link'}
target={'_blank'}>
Access key ID and secret access key
</Button>.
</li>
</ol>
</li>
<li>
2. If you change the configuration, make sure not to disable AWS system info collector.
</li>
<li>
3. Go <Button onClick={() => props.setComponent()}
variant={'link'}
className={'cli-link'}>back</Button>
&nbsp;and run Monkey on the Island server.
</li>
<li>
4. Assess results in Zero Trust report.
</li>
</ol>
</div>
);
}

179
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/AWSConfiguration/AWSKeySetup.js
View File

@ -1,179 +0,0 @@
import React, {useEffect, useState} from 'react';
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
import {COLUMN_SIZES} from '../../../../ui-components/inline-selection/utils';
import AWSSetupOptions from './AWSSetupOptions';
import {Button, Col, Form, Row} from 'react-bootstrap';
import AuthComponent from '../../../../AuthComponent';
import '../../../../../styles/components/scoutsuite/AWSSetup.scss';
import {PROVIDERS} from '../ProvidersEnum';
import classNames from 'classnames';
import {FontAwesomeIcon} from '@fortawesome/react-fontawesome';
import {faChevronDown} from '@fortawesome/free-solid-svg-icons/faChevronDown';
import {faChevronUp} from '@fortawesome/free-solid-svg-icons/faChevronUp';
import {faQuestion} from '@fortawesome/free-solid-svg-icons';
import Collapse from '@kunukn/react-collapse/dist/Collapse.umd';
import keySetupForAnyUserImage from '../../../../../images/aws_keys_tutorial-any-user.png';
import keySetupForCurrentUserImage from '../../../../../images/aws_keys_tutorial-current-user.png';
import ImageModal from '../../../../ui-components/ImageModal';
export default function AWSCLISetup(props) {
return InlineSelection(getContents, {
...props,
collumnSize: COLUMN_SIZES.LARGE,
onBackButtonClick: () => {
props.setComponent(AWSSetupOptions, props);
}
})
}
const authComponent = new AuthComponent({})
const getContents = (props) => {
const [accessKeyId, setAccessKeyId] = useState('');
const [secretAccessKey, setSecretAccessKey] = useState('');
const [sessionToken, setSessionToken] = useState('');
const [errorMessage, setErrorMessage] = useState('');
const [successMessage, setSuccessMessage] = useState('');
const [docCollapseOpen, setDocCollapseOpen] = useState(false);
function submitKeys(event) {
event.preventDefault();
setSuccessMessage('');
setErrorMessage('');
authComponent.authFetch(
'/api/scoutsuite_auth/' + PROVIDERS.AWS,
{
'method': 'POST',
'body': JSON.stringify({
'accessKeyId': accessKeyId,
'secretAccessKey': secretAccessKey,
'sessionToken': sessionToken
})
})
.then(res => res.json())
.then(res => {
if (res['error_msg'] === '') {
setSuccessMessage('AWS keys saved!');
} else if (res['message'] === 'Internal Server Error') {
setErrorMessage('Something went wrong, double check keys and contact support if problem persists.');
} else {
setErrorMessage(res['error_msg']);
}
});
}
useEffect(() => {
authComponent.authFetch('/api/aws_keys')
.then(res => res.json())
.then(res => {
setAccessKeyId(res['access_key_id']);
setSecretAccessKey(res['secret_access_key']);
setSessionToken(res['session_token']);
});
}, [props]);
// TODO separate into standalone component
function getKeyCreationDocsContent() {
return (
<div className={'key-creation-tutorial'}>
<h5>Tips</h5>
<p>Consider creating a new user account just for this activity. Assign only <b>ReadOnlyAccess</b> and&nbsp;
<b>SecurityAudit</b> policies.</p>
<h5>Keys for custom user</h5>
<p>1. Open the IAM console at <a href={'https://console.aws.amazon.com/iam/'}
target={'_blank'}
rel="noopener noreferrer">https://console.aws.amazon.com/iam/</a>.</p>
<p>2. In the navigation pane, choose Users.</p>
<p>3. Choose the name of the user whose access keys you want to create, and then choose the Security credentials
tab.</p>
<p>4. In the Access keys section, choose Create Access key.</p>
<p>To view the new access key pair, choose Show. Your credentials will look something like this:</p>
<p>Access key ID: AKIAIOSFODNN7EXAMPLE</p>
<p>Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</p>
<Row>
<Col lg={3} md={3} sm={5} xs={12}>
<ImageModal image={keySetupForAnyUserImage}/>
</Col>
</Row>
<h5>Keys for current user</h5>
<p>1. Click on your username in the upper right corner.</p>
<p>2. Click on "My security credentials".</p>
<p>3. In the Access keys section, choose Create Access key.</p>
<p>To view the new Access key pair, choose Show. Your credentials will look something like this:</p>
<p>Access key ID: AKIAIOSFODNN7EXAMPLE</p>
<p>Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</p>
<Row>
<Col lg={3} md={3} sm={5} xs={12}>
<ImageModal image={keySetupForCurrentUserImage}/>
</Col>
</Row>
</div>);
}
function getKeyCreationDocs() {
return (
<div className={classNames('collapse-item', {'item--active': docCollapseOpen})}>
<button className={'btn-collapse'}
onClick={() => setDocCollapseOpen(!docCollapseOpen)}>
<span>
<FontAwesomeIcon icon={faQuestion} className={'question-icon'}/>
<p>How to generate keys</p>
</span>
<span>
<FontAwesomeIcon icon={docCollapseOpen ? faChevronDown : faChevronUp}/>
</span>
</button>
<Collapse
className='collapse-comp'
isOpen={docCollapseOpen}
render={getKeyCreationDocsContent}/>
</div>);
}
return (
<div className={'aws-scoutsuite-key-configuration'}>
{getKeyCreationDocs()}
<Form className={'auth-form'} onSubmit={submitKeys}>
<Form.Control onChange={evt => setAccessKeyId(evt.target.value)}
type='text'
placeholder='Access key ID'
value={accessKeyId}/>
<Form.Control onChange={evt => setSecretAccessKey(evt.target.value)}
type='password'
placeholder='Secret access key'
value={secretAccessKey}/>
<Form.Control onChange={evt => setSessionToken(evt.target.value)}
type='text'
placeholder='Session token (optional, only for temp. keys)'
value={sessionToken}/>
{
errorMessage ?
<div className="alert alert-danger" role="alert">{errorMessage}</div>
:
''
}
{
successMessage ?
<div className="alert alert-success" role="alert">{successMessage}&nbsp;
Go back and&nbsp;
<Button variant={'link'} onClick={() => props.setComponent()} className={'link-in-success-message'}>
run Monkey from the Island server </Button> to start AWS scan!</div>
:
''
}
<Row className={'justify-content-center'}>
<Col lg={4} md={6} sm={8} xs={12}>
<Button className={'monkey-submit-button'} type={'submit'}>
Submit
</Button>
</Col>
</Row>
</Form>
</div>
);
}

40
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/AWSConfiguration/AWSSetupOptions.js
View File

@ -1,40 +0,0 @@
import React from 'react';
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
import NextSelectionButton from '../../../../ui-components/inline-selection/NextSelectionButton';
import {faKey, faTerminal} from '@fortawesome/free-solid-svg-icons';
import AWSCLISetup from './AWSCLISetup';
import CloudOptions from '../CloudOptions';
import AWSKeySetup from './AWSKeySetup';
const AWSSetupOptions = (props) => {
return InlineSelection(getContents, {
...props,
onBackButtonClick: () => {
props.setComponent(CloudOptions, props);
}
})
}
const getContents = (props) => {
return (
<>
<NextSelectionButton title={'Security keys'}
description={'Provide security keys for monkey to authenticate.'}
icon={faKey}
onButtonClick={() => {
props.setComponent(AWSKeySetup,
{setComponent: props.setComponent})
}}/>
<NextSelectionButton title={'AWS CLI'}
description={'Manually configure AWS CLI yourself.'}
icon={faTerminal}
onButtonClick={() => {
props.setComponent(AWSCLISetup,
{setComponent: props.setComponent})
}}/>
</>
)
}
export default AWSSetupOptions;

65
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/CloudOptions.js
View File

@ -1,65 +0,0 @@
import React, {useEffect, useState} from 'react';
import InlineSelection from '../../../ui-components/inline-selection/InlineSelection';
import NextSelectionButton from '../../../ui-components/inline-selection/NextSelectionButton';
import {faCheck, faCloud, faSync} from '@fortawesome/free-solid-svg-icons';
import AWSSetupOptions from './AWSConfiguration/AWSSetupOptions';
import {PROVIDERS} from './ProvidersEnum';
import AuthComponent from '../../../AuthComponent';
const CloudOptions = (props) => {
return InlineSelection(getContents, {
...props,
onBackButtonClick: () => {
props.setComponent()
}
})
}
const authComponent = new AuthComponent({})
const getContents = (props) => {
const [description, setDescription] = useState('Loading...');
const [iconType, setIconType] = useState('spinning-icon');
const [icon, setIcon] = useState(faSync);
useEffect(() => {
authComponent.authFetch('/api/scoutsuite_auth/' + PROVIDERS.AWS)
.then(res => res.json())
.then(res => {
if(res.is_setup){
setDescription(getDescription(res.message));
setIconType('icon-success');
setIcon(faCheck);
} else {
setDescription('Setup Amazon Web Services infrastructure scan.');
setIconType('')
setIcon(faCloud);
}
});
}, [props]);
function getDescription(message){
return (
<>
{message} Run <b>from the Island</b> to start the scan. Click next to change the configuration.
</>
)
}
return (
<>
<NextSelectionButton title={'AWS'}
description={description}
icon={icon}
iconType={iconType}
onButtonClick={() => {
props.setComponent(AWSSetupOptions,
{setComponent: props.setComponent})
}}/>
</>
)
}
export default CloudOptions;

9
monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/scoutsuite-setup/ProvidersEnum.js
View File

@ -1,9 +0,0 @@
// Should match enum in monkey/common/cloud/scoutsuite_consts.py
export const PROVIDERS = {
AWS : 'aws',
AZURE : 'azure',
GCP : 'gcp',
ALIBABA : 'aliyun',
ORACLE : 'oci'
}