p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Pass tests

This commit is contained in:
Shreya 2021-03-31 15:23:04 +05:30
parent 9e3c3c13e4
commit edb669d00e
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/common/common_consts/zero_trust_consts.py
View File

@ -174,7 +174,7 @@ TESTS_MAP = {
STATUS_PASSED: "Monkey didn't find open PostgreSQL servers. If you have such servers, look for alerts that " STATUS_PASSED: "Monkey didn't find open PostgreSQL servers. If you have such servers, look for alerts that "
"indicate attempts to access them. " "indicate attempts to access them. "
}, },
PRINCIPLE_KEY: PRINCIPLE_DATA_TRANSIT, PRINCIPLE_KEY: PRINCIPLE_DATA_CONFIDENTIALITY,
PILLARS_KEY: [DATA], PILLARS_KEY: [DATA],
POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED] POSSIBLE_STATUSES_KEY: [STATUS_UNEXECUTED, STATUS_FAILED, STATUS_PASSED]
}, },

2
monkey/infection_monkey/network/postgresql_finger.py
View File

@ -52,7 +52,7 @@ class PostgreSQLFinger(HostFinger):
host.services, self._SCANNED_SERVICE, self.POSTGRESQL_DEFAULT_PORT host.services, self._SCANNED_SERVICE, self.POSTGRESQL_DEFAULT_PORT
) )
host.services[self._SCANNED_SERVICE]["communication_encryption_details"] = ( host.services[self._SCANNED_SERVICE]["communication_encryption_details"] = (
f"The PostgreSQL server was unexpectedly accessible with the credentials - " "The PostgreSQL server was unexpectedly accessible with the credentials - "
+ f"user: '{self.CREDS['username']}' and password: '{self.CREDS['password']}'. Is this a honeypot?" + f"user: '{self.CREDS['username']}' and password: '{self.CREDS['password']}'. Is this a honeypot?"
) )
return True return True

12
monkey/infection_monkey/network/test_postgresql_finger.py
View File

@ -119,7 +119,7 @@ def test_exception_ssl_not_configured_all_non_ssl_allowed(mock_PostgreSQLFinger,
exception = _RELEVANT_EXCEPTION_STRINGS["pwd_auth_failed"] exception = _RELEVANT_EXCEPTION_STRINGS["pwd_auth_failed"]
assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True
result = mock_PostgreSQLFinger.analyze_operational_error(host, exception) mock_PostgreSQLFinger.analyze_operational_error(host, exception)
assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][ assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][
"communication_encryption_details" "communication_encryption_details"
] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception]) ] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception])
@ -131,7 +131,7 @@ def test_exception_ssl_not_configured_selected_non_ssl_allowed(
exception = _RELEVANT_EXCEPTION_STRINGS["ssl_off_entry_not_found"] exception = _RELEVANT_EXCEPTION_STRINGS["ssl_off_entry_not_found"]
assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True
result = mock_PostgreSQLFinger.analyze_operational_error(host, exception) mock_PostgreSQLFinger.analyze_operational_error(host, exception)
assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][ assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][
"communication_encryption_details" "communication_encryption_details"
] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception]) ] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception])
@ -141,7 +141,7 @@ def test_exception_all_ssl_allowed_all_non_ssl_allowed(mock_PostgreSQLFinger, ho
exception = _RELEVANT_EXCEPTION_STRINGS["pwd_auth_failed_pwd_auth_failed"] exception = _RELEVANT_EXCEPTION_STRINGS["pwd_auth_failed_pwd_auth_failed"]
assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True
result = mock_PostgreSQLFinger.analyze_operational_error(host, exception) mock_PostgreSQLFinger.analyze_operational_error(host, exception)
assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][ assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][
"communication_encryption_details" "communication_encryption_details"
] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception]) ] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception])
@ -153,7 +153,7 @@ def test_exception_all_ssl_allowed_selected_non_ssl_allowed(
exception = _RELEVANT_EXCEPTION_STRINGS["pwd_auth_failed_ssl_off_entry_not_found"] exception = _RELEVANT_EXCEPTION_STRINGS["pwd_auth_failed_ssl_off_entry_not_found"]
assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True
result = mock_PostgreSQLFinger.analyze_operational_error(host, exception) mock_PostgreSQLFinger.analyze_operational_error(host, exception)
assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][ assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][
"communication_encryption_details" "communication_encryption_details"
] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception]) ] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception])
@ -165,7 +165,7 @@ def test_exception_selected_ssl_allowed_all_non_ssl_allowed(
exception = _RELEVANT_EXCEPTION_STRINGS["ssl_on_entry_not_found_pwd_auth_failed"] exception = _RELEVANT_EXCEPTION_STRINGS["ssl_on_entry_not_found_pwd_auth_failed"]
assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True
result = mock_PostgreSQLFinger.analyze_operational_error(host, exception) mock_PostgreSQLFinger.analyze_operational_error(host, exception)
assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][ assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][
"communication_encryption_details" "communication_encryption_details"
] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception]) ] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception])
@ -179,7 +179,7 @@ def test_exception_selected_ssl_allowed_selected_non_ssl_allowed(
] ]
assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True assert mock_PostgreSQLFinger._is_relevant_exception(exception) is True
result = mock_PostgreSQLFinger.analyze_operational_error(host, exception) mock_PostgreSQLFinger.analyze_operational_error(host, exception)
assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][ assert host.services[mock_PostgreSQLFinger._SCANNED_SERVICE][
"communication_encryption_details" "communication_encryption_details"
] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception]) ] == "".join(RELEVANT_EXCEPTIONS_WITH_EXPECTED_RESULTS[exception])