p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Added basic framework for running scoutsuite

This commit is contained in:
Shay Nehmad 2020-01-27 14:46:39 +02:00
parent a26b9114ef
commit f49089aed3
5 changed files with 32 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.travis.yml
View File

@ -16,6 +16,7 @@ install:
- pip install -r monkey/monkey_island/requirements.txt # for unit tests - pip install -r monkey/monkey_island/requirements.txt # for unit tests
- pip install flake8 pytest dlint # for next stages - pip install flake8 pytest dlint # for next stages
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests - pip install -r monkey/infection_monkey/requirements.txt # for unit tests
- pip install -r monkey/infection_monkey/system_info/collectors/scoutsuite/requirements.txt
before_script: before_script:
# Set the server config to `testing`. This is required for for the UTs to pass. # Set the server config to `testing`. This is required for for the UTs to pass.

8
monkey/infection_monkey/system_info/collectors/scoutsuite_collector.py
View File

@ -17,7 +17,11 @@ class ScoutSuiteCollector(SystemInfoCollector):
env = get_monkey_environment() env = get_monkey_environment()
if env == Environment.ON_PREMISE.value: if env == Environment.ON_PREMISE.value:
logger.info("Monkey is not on cloud; not running ScoutSuite") logger.info("Monkey is not on cloud; not running ScoutSuite")
return {}
else: else:
logger.info(f"Attempting to execute ScoutSuite with {env.lower()}") logger.info(f"Attempting to execute ScoutSuite with {env.lower()}")
run(env.lower(), debug=True, quiet=False) scout_suite_results = run(env.lower(), debug=True, quiet=False)
return {} return {
"Environment": env,
"Results": scout_suite_results
}

15
monkey/monkey_island/cc/services/config_schema.py
View File

@ -1,5 +1,5 @@
from common.data.system_info_collectors_names \ from common.data.system_info_collectors_names \
import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR, SCOUTSUITE_COLLECTOR
WARNING_SIGN = " \u26A0" WARNING_SIGN = " \u26A0"
@ -130,7 +130,7 @@ SCHEMA = {
"title": "Collect the machine's hostname", "title": "Collect the machine's hostname",
"attack_techniques": [] "attack_techniques": []
}, },
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
PROCESS_LIST_COLLECTOR PROCESS_LIST_COLLECTOR
@ -138,6 +138,14 @@ SCHEMA = {
"title": "Collect running processes on the machine", "title": "Collect running processes on the machine",
"attack_techniques": [] "attack_techniques": []
}, },
{
"type": "string",
"enum": [
SCOUTSUITE_COLLECTOR
],
"title": "If on cloud, execute ScoutSuite and collect its results",
"attack_techniques": []
},
], ],
}, },
"post_breach_acts": { "post_breach_acts": {
@ -485,7 +493,8 @@ SCHEMA = {
ENVIRONMENT_COLLECTOR, ENVIRONMENT_COLLECTOR,
AWS_COLLECTOR, AWS_COLLECTOR,
HOSTNAME_COLLECTOR, HOSTNAME_COLLECTOR,
PROCESS_LIST_COLLECTOR PROCESS_LIST_COLLECTOR,
SCOUTSUITE_COLLECTOR
], ],
"description": "Determines which system information collectors will collect information." "description": "Determines which system information collectors will collect information."
}, },

9
monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/scoutsuite.py Normal file
View File

@ -0,0 +1,9 @@
import logging
import json
logger = logging.getLogger(__name__)
def process_scout_suite_telemetry(collector_results, monkey_guid):
# Monkey.get_single_monkey_by_guid(monkey_guid).set_hostname(collector_results["hostname"])
logger.info(f"\n\n{json.dumps(collector_results, indent=2)}\n{monkey_guid}")

6
monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py
View File

@ -2,10 +2,11 @@ import logging
import typing import typing
from common.data.system_info_collectors_names \ from common.data.system_info_collectors_names \
import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR, SCOUTSUITE_COLLECTOR
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry
from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import process_environment_telemetry from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import process_environment_telemetry
from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import process_hostname_telemetry from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import process_hostname_telemetry
from monkey_island.cc.services.telemetry.processing.system_info_collectors.scoutsuite import process_scout_suite_telemetry
from monkey_island.cc.services.telemetry.zero_trust_tests.antivirus_existence import test_antivirus_existence from monkey_island.cc.services.telemetry.zero_trust_tests.antivirus_existence import test_antivirus_existence
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -14,7 +15,8 @@ SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
AWS_COLLECTOR: [process_aws_telemetry], AWS_COLLECTOR: [process_aws_telemetry],
ENVIRONMENT_COLLECTOR: [process_environment_telemetry], ENVIRONMENT_COLLECTOR: [process_environment_telemetry],
HOSTNAME_COLLECTOR: [process_hostname_telemetry], HOSTNAME_COLLECTOR: [process_hostname_telemetry],
PROCESS_LIST_COLLECTOR: [test_antivirus_existence] PROCESS_LIST_COLLECTOR: [test_antivirus_existence],
SCOUTSUITE_COLLECTOR: [process_scout_suite_telemetry]
} }