Commit Graph

6601 Commits

Author SHA1 Message Date
VakarisZ da169dddc9 Refactor DataStoreEncryptor by splitting up initialization related methods into EncryptorFactory
This makes encryptor initialization workflow more straight-forward and the files become smaller, easier to read
2021-10-01 15:24:48 +03:00
Mike Salvatore 9436f5f5e1 Island: Remove stix2 dependency 2021-10-01 07:55:33 -04:00
VakarisZ b2bbb62bdd Add CHANGELOG.md entry for #1463 (Encrypt the database key with user's credentials.) 2021-10-01 12:48:08 +03:00
VakarisZ ddae09278e Refactor test_data_store_encryptor.py to use (path / to / file).isfile() syntax to check for presence of files 2021-10-01 12:44:05 +03:00
VakarisZ 4cbed6dce9 Fix typos and rename files/classes related to data store encryptor. Change PasswordBasedBytesEncryptor interface to use bytes instead of io.BytesIO 2021-10-01 12:34:21 +03:00
VakarisZ e280c4fb5a Move data store encryptor secret generation into the data store encryptor from credential_utils.py 2021-10-01 11:58:32 +03:00
VakarisZ f97ec4e9ed Implement data store encryptor key removal on registration and unit tests for data store encryptor
Data store key needs to be deleted upon registration to create a new one.
2021-10-01 11:26:43 +03:00
Mike Salvatore 2f88de6f08 Build: Fix AppImage package version 2021-09-30 15:41:37 -04:00
Mike Salvatore 2d701e45df Build: Set PYTHONNOUSERSITE in AppRun
Fixes #1500
2021-09-30 15:39:17 -04:00
Mike Salvatore c30d5721f2 Island: Fix formatting of database_initializer.py 2021-09-30 14:08:29 -04:00
Mike Salvatore fef6350871 Tests: Reduced code duplication in database initializer tests 2021-09-30 13:13:26 -04:00
Mike Salvatore f0c25b4b5e Docs: Add steps to attack mitigations dump script documentation 2021-09-30 18:03:28 +02:00
Mike Salvatore 0a3488b680 Deployment: Add requirements.txt for attack mitigations dump script 2021-09-30 18:03:28 +02:00
Mike Salvatore 6e92c84f89 Docs: Move attack mitigations from reference -> development 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 43471c6553 Island: Fix typing error in island spec 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 77c51497d0 docs: Add attack mitigations documentation 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 1ed6fed164 Island: Remove attack_data submodule 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 9ea5a56abd UT: Fix database_initializer test 2021-09-30 18:03:23 +02:00
Mike Salvatore 1748955213 Island: Handle metadata in attack mitigations json 2021-09-30 18:00:32 +02:00
Mike Salvatore 45c66fe309 Deployment: Include metadata in attack mitigations json dump 2021-09-30 18:00:32 +02:00
Ilija Lazoroski 8c1afcc2b4 Island: Add import attack mitigations
Also UTs for reset_database from setup mongo.
2021-09-30 18:00:15 +02:00
Mike Salvatore c93d5037b2 Island: Remove unused attack mitigations import code 2021-09-30 10:52:43 -04:00
Mike Salvatore 2a9d9938cd Deployment: Move dump_attack_mitigations into a subdirectory 2021-09-30 10:52:43 -04:00
Ilija Lazoroski 36b13d0db9 Island: Remove attack-data submodule
Removed submodule with its fork.
Remove usage of the submodule.
Fixed monkey_island.spec
Added attack_mitigations dump.
Added hook for above file.
2021-09-30 10:52:41 -04:00
Mike Salvatore 6de33bfd57 Deployment: Import ATT&CK data into mongo 2021-09-30 10:50:52 -04:00
Mike Salvatore 82c8385863 Deployment: Reorder functions in dump_attack_mitigations.py 2021-09-30 10:50:52 -04:00
Mike Salvatore 38f50641a5 Deployment: Wrap argument parsing in function 2021-09-30 10:50:52 -04:00
Mike Salvatore 7bcfc6d27a Deployment: Make dump_attack_mitigations.py executable 2021-09-30 10:50:52 -04:00
Ilija Lazoroski 29f9384b6a Deployment: Initial commit for mongo export utility 2021-09-30 10:50:52 -04:00
VakarisZ 4f176939bb Split up the initialization of mongo_key into 2 parts: directory of mongo key initialization that happens during launch and initialization of key which happens after login or registration 2021-09-30 17:16:06 +03:00
VakarisZ fd1cb9d36d Add a secret to datastore encryptor
This change enables the encryption/decryption of mongo key with a custom secret
2021-09-30 17:16:05 +03:00
VakarisZ 191fbea665 Refactor password based encryptor into PasswordBasedStringEncryptor and PasswordBasedByteEncryptor
This change allows to encrypt strings and bytes without any additional conversion done on the caller
2021-09-30 17:16:04 +03:00
VakarisZ f387595104
Merge pull request #1495 from guardicore/delay-mongo-init
Delay mongo init to after registration
2021-09-29 17:03:12 +03:00
VakarisZ 7939ed4739 Alter the log message talking about storing the mitigations: remove the part saying that it will take a while 2021-09-29 17:02:34 +03:00
VakarisZ 579ebf4a0f Alter registration page to show loading icon while registration request is being processed 2021-09-29 16:45:28 +03:00
VakarisZ c211d51d8c Move database reset to happen during the registration 2021-09-29 16:45:28 +03:00
VakarisZ b73958dd55 Rename the CHANGELOG.md entry about resetting login credentials to "Resetting login credentials also cleans the contents of the database. #1495" 2021-09-29 16:45:26 +03:00
Shreya Malviya ab7872d103 CHANGELOG: Add entry for delaying mongo init 2021-09-29 16:44:42 +03:00
Shreya Malviya 2cbaf954e1 docs: Fix spelling mistake 2021-09-29 16:44:16 +03:00
Shreya Malviya 1e02ab6d2b docs: Add warning that DB will be cleared if creds are reset 2021-09-29 16:44:16 +03:00
Shreya Malviya 6fe4d6cb31 island: Drop mongo db when registartion requirement is realised instead
of when registration request is sent

The issue with this whole change is that there's a long gap where
nothing happens after you click on the log in or register button on the
UI.

But we don't need to worry about this because we plan on shipping
Island's mongodb with attack mitigations already present.
2021-09-29 16:44:16 +03:00
Shreya Malviya 340dd1f94b island: Drop mongo db if registration is required 2021-09-29 16:44:16 +03:00
Shreya Malviya 194e244080 island: On login, check if collection 'attack_mitigations' is present in DB,
add if not
2021-09-29 16:44:16 +03:00
Shreya Malviya 3cbeb3dbf7 island: Add attack mitigations to mongo upon registration 2021-09-29 16:44:15 +03:00
Mike Salvatore 51f179c145
Merge pull request #1494 from guardicore/1415/add-ransomware-report-links
1415/add ransomware report links
2021-09-29 08:51:08 -04:00
VakarisZ b791ee16e1
Merge pull request #1501 from guardicore/tunneling-revert-schema
Changed proxy schema for the agent
2021-09-29 10:54:03 +03:00
ilija-lazoroski a5587cd4ad
Merge pull request #1489 from guardicore/1462/powershell-re-use
PowerShell re-use credentials and second hop
2021-09-28 17:57:52 +02:00
Ilija Lazoroski a438f3afb0 Zoo: Replace --os with --skip-powershell-reuse
With this logic the powershell cached will run
if we don't provide the cli param --skip-powershell-reuse.
2021-09-28 17:31:20 +02:00
Ilija Lazoroski 449fe7517e Agent: Changed proxy schema 2021-09-28 16:21:19 +02:00
Mike Salvatore 0839f04b1d
Merge pull request #1483 from guardicore/incorrect-attack-report-msgs
Fix incorrect ATT&CK report messages
2021-09-28 07:24:17 -04:00