fc82b2a9dc
Replace "remote_user_pwd" with "random_password"
2021-05-17 22:51:14 +05:30
636a201d19
Set default password length to 32 in `get_random_password()`
2021-05-17 22:48:01 +05:30
51b996ce18
Generate password randomly when creating a new user for Create User PBA and exploit MS08_67 using https://docs.python.org/3.7/library/secrets.html#secrets.token_urlsafe
2021-05-17 19:10:40 +05:30
3205d8344c
Merge branch 'environment-config-section' into develop
2021-05-13 08:02:55 -04:00
f0bd6e10d3
island: Remove duplicate deployment from server_config.json.develop
2021-05-13 07:59:32 -04:00
c40465d6fd
Merge pull request #1160 from guardicore/no-global-data-dir
...
No global data dir
2021-05-13 13:02:54 +03:00
b8d4452e70
island: Rename RunLocalMonkeyService -> LocalMonkeyRunService
2021-05-12 12:09:46 -04:00
79eb7442ae
island: Move the specifics of saving pba files to pba service
2021-05-12 11:53:10 -04:00
253588b3ac
island: Move PBA filename paths to config_value_paths.py
2021-05-12 11:53:07 -04:00
2485c85d59
island: Don't use `shell=True` when running local monkey
2021-05-12 08:42:12 -04:00
f86bc7f943
island: Move run_local_monkey() to its own service
2021-05-12 08:35:46 -04:00
db14285934
island: Add `dir_is_empty()` to clarify intent of `test_remove_pba_files()`
2021-05-12 08:10:01 -04:00
e3449d17c7
Remove file that was accidentally added
2021-05-12 08:07:04 -04:00
2d422f157e
island: Add `umask 377` to create_certificate.sh
...
By setting the umask to 377 in create_certificate.sh, we ensure that the
TLS key file that is created is readable only by the user that created
it, and not world readable (as is the default on some linux distros).
2021-05-11 19:22:43 -04:00
b4dfba294b
island: Pass data_dir to main()
2021-05-11 14:56:50 -04:00
c832738a8a
island: Remove all references to data_dir in EnvironmentConfig
2021-05-11 14:41:00 -04:00
fb3e66f75e
island: Add "environment" section to server_config.json
...
Put the environment config inside its own "environment" object in the
server_config.json to provide a logical separation between the
environment config, logger config, data directory, etc.
2021-05-11 14:41:00 -04:00
9476441526
island: Remove circular dep btw ConfigService and PostBreachFilesService
2021-05-11 14:40:53 -04:00
ea82e86df5
island: Add tests for PostBreachFilesService
2021-05-11 14:40:53 -04:00
4364a48561
island: Simplify remove_PBA_files()
2021-05-11 14:40:53 -04:00
5742e85ff5
island: Consolidate duplicate delete post breach file functionality
2021-05-11 14:40:53 -04:00
71029cb7f9
island: Decouple FileUpload resource from environment_singleton
2021-05-11 14:40:53 -04:00
ca65330e86
island: Create custom PBA directory on PostBreachFilesService init
2021-05-11 14:40:53 -04:00
be0f7ac881
island: Decouple PBAFileDownload from environment_singleton
2021-05-11 14:40:53 -04:00
4190797ca2
island: Add PostBreachFilesService.get_custom_pba_directory()
2021-05-11 14:40:53 -04:00
ee19eed596
island: Decouple PostBreachFilesService from environment_singleton
2021-05-11 14:40:53 -04:00
a7f2e023b8
island: Wrap services/post_breach_files.py functions in a static class
2021-05-11 14:40:53 -04:00
ba86ba0395
island: Decouple Database service from services.post_breach_files
...
Since Database.reset_db() calls ConfigService.init_config() which calls
ConfigService.reset_config() which calls
services.post_breach_files.remove_PBA_files(), it is redundant to call
remove_PBA_files() from Database.reset_db(). Removing this call has the
added benefit of reducing the coupling between the Database service and
services.post_breach_files
2021-05-11 14:40:53 -04:00
f048cf313c
island: Pass data_dir to LocalRun instead of using global singleton
2021-05-11 14:40:53 -04:00
0b21dac261
Merge branch 'untangle-logger-config' into develop
2021-05-11 14:40:39 -04:00
b13839d7ba
island: Add debug log level to server_config.json.develop
2021-05-11 14:01:43 -04:00
08668f3eae
island: Handle lower case log levels in server config
2021-05-11 13:40:58 -04:00
5ea241f120
island: Simplify logic in add_default_values_to_config()
2021-05-11 13:29:53 -04:00
de7865aa21
island: Add tests for default server config values
2021-05-11 13:25:22 -04:00
990244c3ac
island: Return config dict from load_server_config()
...
As the number of configuration items will increase in the future, return
the config dict instead of individual config properties.
2021-05-11 13:18:24 -04:00
5847674d92
island: Add unit test for load_server_config()
2021-05-11 13:14:07 -04:00
f7bef76f39
island: Move load_server_config() to config_loader.py
...
Because `monkey_island.py` has the same name as the `monkey_island`
module, pytest can't import monkey_island.py and run any tests against
its code.
2021-05-11 13:00:44 -04:00
83a235bb5d
Rename unit test functions in test_island_logger.py
2021-05-11 19:08:28 +05:30
5f8145e3d1
Add tests for console logging (test_island_logger.py)
2021-05-11 19:06:38 +05:30
c5ba48db53
Modify/add unit tests (test_island_logger.py)
2021-05-11 18:57:24 +05:30
e8c1c81edf
Move `DEFAULT_LOG_LEVEL` and add function `load_server_config` to monkey_island.py
2021-05-11 18:16:45 +05:30
3c7687a405
Catch and print errors instead of creating a default server config
2021-05-11 18:08:07 +05:30
805ab989b9
Remove "__author__" field
2021-05-11 17:58:07 +05:30
8dc84ee0f7
Assume configured data directory exists when configuring the logger
2021-05-11 17:56:49 +05:30
b5c9828ddc
island: Remove errant space in manual run windows command
...
Fixes #1153
2021-05-10 11:52:31 -04:00
6d04e7cbb4
Fix unit tests and modify code based on failed tests (tests/monkey_island/cc/server_utils/test_island_logger.py)
2021-05-10 14:52:07 +05:30
f84e4aed2c
Set log filename in config before expanding its paths
2021-05-10 14:04:07 +05:30
785f2ef77d
Replace `json_setup_logging()` with `setup_logging()` to configure logger
2021-05-10 13:49:33 +05:30
ab89590389
Remove `--logger-config` command-line argument, add "log_level" to server_config.json
2021-05-10 13:05:06 +05:30
69af8a8662
island: Remove MongoClient() call from BootloaderHttpServer
2021-05-07 08:12:09 -04:00
e1ef807c2c
Remove unused import in infection_monkey/network/info.py
2021-05-06 22:42:28 +05:30
060b7fd921
Remove unused `TEST_SALT` from `tests/monkey_island/cc/environment/test_user_creds.py`
2021-05-06 22:27:52 +05:30
6c80335509
Remove unused `get_regions`, `get_session`, and `test_client` in `common/cloud/aws/aws_service.py`
2021-05-06 22:25:23 +05:30
897a92b961
Remove unused `run_command` in `common/cmd/cmd_runner.py`
2021-05-06 17:25:08 +05:30
9b6ecd508c
Remove unused `SCOUTSUITE_COLLECTOR` in `common/common_consts/system_info_collectors_names.py`
2021-05-06 17:05:24 +05:30
df8f9c81e6
Remove unused `format_time()` in `common/utils/attack_utils.py`
2021-05-06 17:03:17 +05:30
81f785ea74
Remove unused `OTHER` in `common/utils/exploit_enum.py`
2021-05-06 16:58:03 +05:30
aed9c4ae56
Remove unused `should_exploit` in `infection_monkey/config.py` and `infection_monkey/example.conf`
2021-05-06 16:54:11 +05:30
67d7ad8834
Remove unused `SAMBACRY_MONKEY_COPY_FILENAME_32` and `SAMBACRY_MONKEY_COPY_FILENAME_64` in `infection_monkey/exploit/sambacry.py`
2021-05-06 16:51:40 +05:30
e30c37f3ca
Remove unused `DceRpcException` in `infection_monkey/exploit/tools/wmi_tools.py`
2021-05-06 16:49:54 +05:30
0c3e385c86
Remove unused `check_if_port_open` in `infection_monkey/exploit/web_rce.py`
2021-05-06 16:46:23 +05:30
5f8547a7ee
Remove unused `set_vulnerable_port_from_url()` from `infection_monkey/exploit/web_rce.py`
2021-05-06 16:33:37 +05:30
1cd746ce76
Remove unused `_dropper_path` and `_depth` in `infection_monkey/monkey.py`
2021-05-06 16:20:58 +05:30
adb90d14af
Remove unused `_mode` in `infection_monkey/monkeyfs.py`
2021-05-06 16:16:20 +05:30
dd1eaab6f8
Remove unused `IP_ADDR_RE`, and `IP_ADDR_PARENTHESES_RE` from `infection_monkey/network/tools.py`
2021-05-06 15:54:58 +05:30
3a8591ee00
Remove unused `_get_traceroute_bin_path`, and `_parse_traceroute` in `infection_monkey/network/tools.py`
2021-05-06 14:24:22 +05:30
e59f7a587e
Remove unused const `WMI_LDAP_CLASSES` in `infection_monkey/system_info/wmi_consts.py`
2021-05-06 14:13:55 +05:30
e33288a05b
Remove unused property `locked` in `infection_monkey/system_singleton.py`
2021-05-06 14:09:28 +05:30
962e785134
Remove unused `proxy_via` in `infection_monkey/transport/http.py`
2021-05-06 14:02:32 +05:30
3a346b5112
Remove unused `NoInheritance` in `infection_monkey/utils/plugins/pluginTests/ComboFile.py`
2021-05-06 13:30:45 +05:30
635418b8f5
Remove unused `get_logon_handle()` from `infection_monkey/utils/windows/users.py`
2021-05-06 13:28:02 +05:30
b59213fb8b
Delete unused file `monkey_island/scripts/island_password_hasher.py`
2021-05-05 19:34:15 +05:30
c848581115
Remove unused `hash_secret()` from `monkey_island/cc/environment/__init__.py`
2021-05-05 19:25:34 +05:30
edff2c5c08
Remove unused `set_deployment()` in `monkey_island/cc/environment/__init__.py`
2021-05-05 19:20:05 +05:30
8c97f32fbc
Remove unused `_instance_id`, `region`, `_get_instance_id()`, and `_get_region()` from `monkey_island/cc/environment/aws.py`
2021-05-05 19:20:05 +05:30
380afa675a
Remove unused `report_generating_lock` in `monkey_island/cc/resources/root.py`
2021-05-05 19:20:05 +05:30
536d0bc75c
Remove unused `mongo_client` in `monkey_island/cc/server_utils/bootloader_server.py`
2021-05-05 19:20:05 +05:30
0dc6005114
Remove unused variable `os_is_linux` in `infection_monkey/post_breach/post_breach_handler.py`
2021-05-05 19:20:05 +05:30
35f4515d6e
Remove unused `get_pba()` in `infection_monkey/post_breach/pba.py`
2021-05-05 19:20:05 +05:30
8391df9114
Remove unused `check_udp_port`, `traceroute()`, `_traceroute_windows()`, and `_traceroute_linux` from `infection_monkey/network/tools.py`
2021-05-05 19:20:05 +05:30
2f5d33844c
Remove unused variable `PATH_TO_ACTIONS` from `infection_monkey/post_breach/post_breach_handler.py`
2021-05-05 19:20:05 +05:30
6cc22afd9b
Remove unused `get_ip_for_connection()` in `infection_monkey/network/info.py`
2021-05-05 19:20:05 +05:30
b7535dccb0
Remove unused variables `GENERAL_CMDLINE_LINUX` and `MONKEY_CMDLINE_HTTP` in `infection_monkey/model/__init__.py`
2021-05-05 19:20:05 +05:30
b1ce5d3e2e
Remove unused variable `MAX_MONKEYS_AMOUNT_TO_CACHE` in `monkey_island/cc/models/monkey.py`
2021-05-05 19:20:05 +05:30
eeaafc9a3b
Remove ununsed variable `user_id_table` in `monkey_island/cc/resources/auth/user_store.py`
2021-05-05 19:20:05 +05:30
a5481c15f8
Remove unused `get_latest_attack_telem_time()` from `monkey_island/cc/services/attack/attack_report.py`
2021-05-05 19:20:05 +05:30
e4c45153ea
Remove unused `get_monkey_critical_services()` and `get_monkey_label_by_id()` in `monkey_island/cc/services/node.py`
2021-05-05 19:20:05 +05:30
9c629f964c
Remove unused variable `UPLOADS_DIR_NAME` in `monkey_island/cc/services/post_breach_files.py`
2021-05-05 19:20:05 +05:30
f32e1e0a0f
Remove unused variable `is_auth` in `monkey_island/cc/services/remote_run_aws.py`
2021-05-05 19:20:05 +05:30
9bcaa2ef8e
Remove unused `did_exploit_type_succeed()` from `monkey_island/cc/services/reporting/report.py`
2021-05-05 19:20:05 +05:30
df7759e332
Remove unused variable `DETAILS_DTO` from `monkey_island/cc/services/zero_trust/test_common/monkey_finding_data.py`
2021-05-05 19:20:05 +05:30
638e70e978
Remove unused code in unit tests
2021-05-05 19:20:05 +05:30
33e74b1f3e
agent: Use consistent naming for parameters to __exit__()
...
Using these specific names prevents Vulture from identifying these
parameters as unused.
2021-05-05 19:20:05 +05:30
9649f90cff
agent: Remove unused parameter securityFlags from create_smb()
2021-05-05 19:20:05 +05:30
b41a2f2366
travis: Fail build if vulture finds dead code
2021-05-05 19:19:59 +05:30
e609094a59
Merge branch 'pwd-hash' into develop
2021-05-05 08:05:15 -04:00
7772ea6e4e
island: Add FULL_USER_CREDENTIALS to test_environment.py
2021-05-05 07:45:59 -04:00
9024a512b0
island: Move all bcrypt dependencies to password_utils
2021-05-05 07:45:41 -04:00
0f49a2c96a
island: Remove UserCreds.from_cleartext()
2021-05-04 18:53:43 -04:00
f73b048169
island: Remove parameter names from UserCreds() init in tests
2021-05-04 17:21:05 -04:00
e4dec5501e
island: Add constants for user and hash to UserCreds tests
2021-05-04 17:20:03 -04:00
c4c0b7217d
island: Add test for members of UserCreds
2021-05-04 17:17:54 -04:00
e223126c16
island: Add tests for UserCreds.__bool__()
2021-05-04 17:14:54 -04:00
d56cb5cd75
island: Simplify UserCreds constructor by removing defaults
...
The default values were only really used by the test code. We can
simplify the Usercreds's interface and test code by removing
functionality (read: complication) we don't really need.
2021-05-04 17:07:42 -04:00
1aed5f37d1
monkey: Remove coupling between Registration and UserCreds
2021-05-04 17:07:31 -04:00
4b3b7af3d2
island: Remove coupling between EnvironmentConfig and UserCreds
2021-05-04 16:58:30 -04:00
5fa08f0447
island: Add UserCreds.from_cleartext()
2021-05-04 15:14:41 -04:00
1be07a4828
monkey: Rename `get_from...()` methods in UserCreds to be more readable
2021-05-04 14:43:11 -04:00
f28cd5305c
Refactored test_user_creds.py to pytest from unittests
2021-05-04 14:26:22 -04:00
502bc3b296
island: Enable standard mode with bcrypted passwords
2021-05-04 14:24:49 -04:00
060c4b0c40
island: Minor formatting fix
2021-05-04 12:32:07 -04:00
904e51a365
island: Replace private static functions in Authenticator with functions
...
In python, private static methods serve no purpose. Python has
first-class functions; let's use them.
2021-05-04 12:28:17 -04:00
c7d47fee9c
island: Extract method _create_access_token() from _get_credentials_from_request()
2021-05-04 12:14:25 -04:00
a8646fc056
island: Give _authenticate() more descriptive name and remove comment
2021-05-04 12:09:04 -04:00
39c274c4d9
island: Extract method get_credentials_from_request() from post()
2021-05-04 12:04:36 -04:00
83f7f04929
island: Change order of methods in Authenticate to follow stepdown rule
2021-05-04 12:00:10 -04:00
7684a2dcf8
island: Make return values of Authenticate._authenticate() explicit
2021-05-04 11:58:58 -04:00
85b079c1ab
agent: Create a temporary directory for zerologon artifacts
...
Not all users are guaranteed to have a $HOME. Use a temporary directory
instead.
2021-05-04 08:12:35 -04:00
02f3b15c64
Split `get_from_dict()` into 2 functions as per usage
2021-05-03 23:28:55 +05:30
d2083149dd
Convert hashed pwd to string before storing in server_config.json
2021-05-03 20:23:54 +05:30
b5d05a1a78
Add bcrypt to monkey_island/Pipfile and monkey_island/Pipfile.lock
2021-05-03 20:23:54 +05:30
09a37292b5
Remove unused import and repeated code in monkey_island/cc/ui/src/services/AuthService.js
2021-05-03 20:23:54 +05:30
b5236d14c9
Use bcrypt for password hashing for authentication
2021-05-03 20:23:52 +05:30
2ee6315bb8
Changes
2021-05-03 20:16:50 +05:30
9363cadb09
Add functionality to hash passwords on server side
2021-05-03 20:15:24 +05:30
c67ed63cc9
Merge pull request #1124 from guardicore/dlint
...
Add dlint to flake8
2021-04-28 13:24:41 -04:00
78ca2c25b1
deploy: Remove unnecessary recursive chmod
2021-04-28 12:18:26 -04:00
e5935e43c1
agent: Add TODOs regarding string templates.
2021-04-28 11:00:53 -04:00
d4e277c70b
Modify what commands are passed to `subprocess.Popen` in the dropper and windows_upgrader
2021-04-28 10:47:47 -04:00
9602a67d28
Modify unit tests: tests/infection_monkey/utils/linux/test_users.py
2021-04-28 10:47:28 -04:00
410cbadbb3
Fix DUO116 warnings for:
...
- monkey/infection_monkey/dropper.py
- monkey/infection_monkey/system_info/windows_info_collector.py
- monkey/infection_monkey/utils/windows/users.py
- monkey/infection_monkey/windows_upgrader.py
2021-04-28 10:47:28 -04:00
4d88efdd84
Fix DUO116 warnings in post breach actions
...
by ignoring them
2021-04-28 10:47:28 -04:00
6b467fd20b
Fix DUO116 warnings in monkey/infection_monkey/utils/linux/users.py
2021-04-28 10:47:28 -04:00
c0fdc9561f
Fix DUO123 warnings
2021-04-28 10:46:41 -04:00
b0be14193d
Fix DUO122 warnings
2021-04-28 10:46:41 -04:00
af381e062f
Fix DUO106 warnings
...
(Introduces a DUO116 warning)
2021-04-28 10:46:19 -04:00
a3fa4663cb
Fix DUO102 warnings
...
Added comments to ignore some because:
"Python uses the Mersenne Twister as the core generator. However, being completely
deterministic, it is not suitable for all purposes, and is completely unsuitable for
cryptographic purposes. Because the generator is deterministic this means attackers
can predict future values given a sufficient amount of previous values.
Normal random use is acceptable if the relevant code is not used for security or
cryptographic purposes."
2021-04-28 10:46:14 -04:00
d8c1bf5cbe
Add dlint to Pipfile
2021-04-28 10:45:13 -04:00
9ad694fddf
Merge pull request #1106 from guardicore/pipenv
...
Requirement migration to pipenv
2021-04-26 11:37:05 -04:00
afa412ca47
agent: Add note to readme to run build_linux.sh with `pipenv run`
2021-04-26 10:47:00 -04:00
9b38303346
Rearrange functions' order in `monkey_island/cc/resources/pba_file_upload.py` to follow stepdown rule
2021-04-26 16:07:53 +05:30
4f94e9de74
Break PBA file deletion into functions: attempt to delete PBA file in another function
2021-04-24 13:18:00 +05:30
4854c9cfc9
Attempt to remove custom PBA file when resetting config only if filename exists in DB
2021-04-24 13:18:00 +05:30
df67ba554e
agent: Add pyinstaller-hooks-contrib and importlib-metadata to Pipfile
...
Pipenv fails to install these dependencies in the
cdrx/pyinstaller:python3 container when pyinstaller is installed from
our fork. Adding them to the Pipfile ensures they get installed and
resolves the issue.
2021-04-23 11:20:13 -04:00
fd8ef7f39e
Refactored test_telems to exported_telems and moved them from the test folder, because they are generated in production
2021-04-23 08:39:19 -04:00
8121f08aa9
Refactored test_telems to exported_telems and moved them from the test folder, because they are generated in production
2021-04-23 11:12:14 +03:00
3b32ef2f4a
Remove PostgreSQL fingerprinter
...
Issue #1077
2021-04-22 10:33:06 -04:00
6a54c1e85a
agent: Add sys_platform == win32 to Pipfile
2021-04-22 09:50:30 -04:00
6412391ff8
docs: Add pipenv instructions to manual monkey setup guide for Windows
2021-04-22 09:50:30 -04:00
57d6552433
docs: Add pipenv instructions to manual monkey setup guide for Linux
2021-04-22 09:50:30 -04:00
Shreya
Mike Salvatore
VakarisZ
VakarisZ
PrajwalM2212