Commit Graph

5546 Commits

Author SHA1 Message Date
Mike Salvatore 832704dd1c
Merge pull request #1298 from guardicore/gevent-ssl-traceback
Gevent ssl traceback
2021-07-06 09:19:44 -04:00
Mike Salvatore 96fc33025e Island: Redirect gevent tracebacks to file and log exceptions
By default, gevent prints exceptions and tracebacks to stderr. This is
obnoxious as it results in large tracebacks intermixed with the output
that the logger prints to the console. This commit redirects this data
to {DATA_DIR}/gevent_exceptions.log. Unfortunately, this would mean that
the user might be left without any indication these exceptions had
occurred, unless they take the time to inspect the
gevent_exceptions.log. Therefore, when an excepion occurs, a message
with just the exception (not the traceback) is logged to WARNING.

Fixes #859
2021-07-06 08:39:30 -04:00
Mike Salvatore 524fd0f55e
Merge pull request #1248 from guardicore/string-templating-dropper-upgrader
Added string templating functions for infection monkey dropper.
2021-07-05 19:27:11 -04:00
Mike Salvatore ebbdbc8dcb Island: Add GeventHubErrorHandler to log gevent exceptions 2021-07-05 12:26:40 -04:00
Mike Salvatore f86ff4fbd7 Island: Set log and error_log parameters on WSGIServer constructor
Provides WSGIServer with a logger for INFO log messages and ERROR log
messages.

https://www.gevent.org/api/gevent.pywsgi.html#gevent.pywsgi.WSGIServer
2021-07-05 12:26:37 -04:00
Mike Salvatore 19e9fe5fb9 appimage: Upgrade python version to 3.7.11 2021-07-05 08:29:01 -04:00
Mike Salvatore b4b690491e Update changelog 2021-07-05 08:18:14 -04:00
Mike Salvatore 94bf91c447
Merge pull request #1286 from guardicore/ransomware-config-ui-description
Ransomware config UI description
2021-07-05 07:30:47 -04:00
Mike Salvatore 01b9c41c6e Remove mock_home_env() from vulture_allowlist.py 2021-07-02 18:59:24 -04:00
Mike Salvatore f4102aaa3a Remove unused mock_home_env() pytest fixture
This was replaced with patched_home_env() but never removed.
2021-07-02 09:31:45 -04:00
Mike Salvatore e1263ec753 Island: Add a ransomware description to the ransomware config_schema 2021-06-30 14:10:15 -04:00
Mike Salvatore 938022fc52 Island: Allow HTML in config_schema descriptions to be renedered 2021-06-30 14:09:26 -04:00
Mike Salvatore f698c889e3 Docs: Move ransomware from References to Use Cases 2021-06-30 11:40:06 -04:00
Mike Salvatore b19044e4e8 Docs: Fix "The Infection Monkey" consistency in ransomware.md 2021-06-30 11:37:32 -04:00
Mike Salvatore f023399a36
Merge pull request #1285 from guardicore/ransomware_dir_hide_ui
Ransomware: hide directory fields if encryption is disabled
2021-06-30 10:46:13 -04:00
Mike Salvatore 8735724c90
Merge pull request #1283 from guardicore/config-log-formatting
Agent: Format config log messages so they are readable
2021-06-30 10:19:05 -04:00
Mike Salvatore bfa6bcaeb2 Island: Reword descriptions in ransomware config schema 2021-06-30 10:10:44 -04:00
Mike Salvatore adc7996ab8 Docs: Rework ransomware documentation 2021-06-30 10:10:04 -04:00
Mike Salvatore dcffe2a850
Merge pull request #1284 from guardicore/ransomware-targeted-files
Ransomware targeted files
2021-06-30 09:51:43 -04:00
VakarisZ 16f97f2811 Hide the input fields for directories to be encrypted if "Should encrypt" option is disabled
This change will enhance the UX by hiding the irrelevant inputs. This also allows us to add further logic to dynamically hide/show or otherwise modify uiSchema
2021-06-30 16:05:32 +03:00
VakarisZ 889df554ae Refactor form data in ConfigurePage.js to be held in state
This change will allow dynamically modifying other state parameters and re-rendering on form data change
2021-06-30 15:58:30 +03:00
VakarisZ a82850cb64 Add ransomware directories property to UISchema object
This addition is required to manipulate the UI components in ransomware configuration UI without the need to create object's properties. Otherwise we'd have to create ransomware.encryption.directories in UI schema using code.
2021-06-30 15:58:30 +03:00
Mike Salvatore ebab7be32b Docs: Improve language regarding ransomware targeted file extensions 2021-06-30 08:41:26 -04:00
Mike Salvatore 2427393e4a Agent: Rename VALID_FILE_EXTENSIONS_FOR_ENCRYPTION 2021-06-30 08:41:00 -04:00
Mike Salvatore f3e797694b Agent: Format config log messages so they are readable 2021-06-30 08:07:11 -04:00
Mike Salvatore 3fb8c06102
Merge pull request #1280 from guardicore/ransomware-encryption-bool
Add encryption checkbox to ransomware config page
2021-06-30 07:46:22 -04:00
Mike Salvatore 169bb34106 Agent: Simplify and improve logging in RansomwarePayload 2021-06-30 07:43:18 -04:00
Mike Salvatore 946641f9a2 Rename {windows,linux}_dir to *_target_dir for consistency 2021-06-30 07:29:53 -04:00
Mike Salvatore 9a58d5bc7a Island: Reword ransomware target directory descriptions 2021-06-30 07:24:37 -04:00
Mike Salvatore 771aa747a8 Agent: encryption_enabled renamed using "private" naming convention 2021-06-30 06:53:27 -04:00
Mike Salvatore 0f6a712c4c
Merge pull request #1278 from guardicore/ransomware-readme-docs
Ransomware documentation modifications for README.txt
2021-06-30 06:49:40 -04:00
Mike Salvatore 0d0d268a64 Docs: Fix formatting of ransomware documentation 2021-06-30 06:49:01 -04:00
Mike Salvatore af5fd8ac9d Docs: Minor wording change to ransomware description 2021-06-30 06:47:09 -04:00
Shreya aecb80566b cc: Reword ransomware configuration fields' descriptions 2021-06-30 13:43:06 +05:30
Shreya 619695d5bc agent: Rename `self.should_encrypt` to `self.encryption_enabled` in ransomware payload 2021-06-30 13:34:38 +05:30
Shreya 560cfb5948 docs: Do slight rewording in ransomware's README section 2021-06-30 12:36:35 +05:30
Shreya Malviya 8a902cd2b6
docs: Modify README portion of ransomware docs
Give more context. Explain how a ransomware attack usually does this.

Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2021-06-30 12:26:55 +05:30
Shreya 392ece29a0 tests: Modify/add tests for ransomware payload as per ransomware config schema changes 2021-06-29 14:02:02 -04:00
Shreya a1efd915b1 cc: Fix grammar in ransomware config schema 2021-06-29 13:52:37 -04:00
Shreya 4035d9d213 agent: Modify ransomware payload to work with modified ransomware config schema 2021-06-29 13:52:26 -04:00
Shreya 13a94804b4 cc: Add checkbox for ransomware encryption 2021-06-29 13:51:29 -04:00
Mike Salvatore 6301ec9d14 agent: Add a log message when ransomware leaves a README.txt 2021-06-29 13:39:00 -04:00
Ilija Lazoroski 96cf8fc052 agent: Add missing space in build_monkey_commandline 2021-06-29 18:03:23 +02:00
Mike Salvatore d87b8ae4a7 agent: Fix typo RansomewarePayload -> RansomwarePayload 2021-06-29 12:00:49 -04:00
Mike Salvatore 32a0a41c21 Agent: Add content to ransomware README.txt file 2021-06-29 11:51:23 -04:00
Mike Salvatore f027ad6d1b Agg ransomware simulation to CHANGELOG 2021-06-29 11:48:07 -04:00
Mike Salvatore 355136ae35 Merge branch 'add-fields-to-file-encryption-telemetry' into develop 2021-06-29 11:44:09 -04:00
Mike Salvatore 8ad822397c Merge branch 'rename-ransomware-telem' into develop 2021-06-29 11:40:19 -04:00
Mike Salvatore 6a67626bc3 Merge branch 'ransomware-readme-behavior' into develop 2021-06-29 11:31:57 -04:00
Mike Salvatore 92be6e72c2 Island: Fix casing on README.TXT 2021-06-29 11:03:55 -04:00