Ilija Lazoroski
9fd27141f2
Resolved string templating in dropper and windows_upgrader.
2021-06-23 11:22:38 +02:00
Ilija Lazoroski
0517f3e06f
Added string templating functions for infection monkey dropper.
2021-06-23 11:22:38 +02:00
VakarisZ
f5ebd2d39a
Fix a bug of incorrect access to ransomware config options in ransomware_payload.py
2021-06-23 11:48:24 +03:00
Mike Salvatore
2549f088d1
agent: Do not encrypt Windows shortcuts in ransomware simulation
...
In order to keep Infection Monkey safe for production environments, the
ransomware payload will explicitly ignore Windows shortcuts to prevent
important files from accidentally getting encrypted.
2021-06-22 15:27:48 -04:00
Mike Salvatore
41bf137ee4
agent: Add is_not_shortcut_filter()
...
Adds a filter that can be used with filter_files() to return only files
that are not Windows shortcuts.
2021-06-22 15:27:48 -04:00
Mike Salvatore
4eaa568479
agent: Do not encrypt symlinks in ransomware simulation
...
In order to keep Infection Monkey safe for production environments, the
ransomware payload will explicitly ignore symlinks to prevent important
files from accidentally getting encrypted.
2021-06-22 15:27:39 -04:00
Mike Salvatore
14845c659a
agent: Add is_not_symlink_filter()
...
Adds a filter that can be used with filter_files() to return only files
that are not symlinks.
2021-06-22 15:27:33 -04:00
Mike Salvatore
bfa640444e
agent: Test filter_files() with multiple filters
2021-06-22 15:11:32 -04:00
Mike Salvatore
30f88ca319
agent: Refactor add_subdirs_to_dir in test_dir_utils.py
2021-06-22 14:07:31 -04:00
Mike Salvatore
b643cd1edd
agent: Reimplement get_all_regular_files_in_directory using filter_files
2021-06-22 13:49:17 -04:00
Mike Salvatore
f33772060f
agent: Rename get_all_files_in_directory()
...
Rename get_all_files_in_directory() ->
get_all_regular_files_in_directory(), as this name is more explicit
about exactly which files will be included in the function's output.
2021-06-22 13:46:03 -04:00
Mike Salvatore
db8dfd9f17
agent: Refactor filter_files to accept a list of filters
2021-06-22 13:43:27 -04:00
Mike Salvatore
a8ebe6ae76
agent: Replace self.config with self.target_dir in RansomewarePayload
2021-06-22 13:31:20 -04:00
Mike Salvatore
0b953c8cff
agent: Remove ransomware/utils.py
...
The code for getting files to encrypt has become so trivial that it no
longer warrants a separate function outside of _find_files().
2021-06-22 13:23:14 -04:00
Mike Salvatore
5c1902ca73
agent: Add file_extension_filter to dir_utils
2021-06-22 13:17:11 -04:00
Mike Salvatore
cf2cdc4ab8
agent: Add filter_files() function to dir_utils
2021-06-22 13:16:53 -04:00
Mike Salvatore
bfc86041ab
agent: Switch get_all_files_in_directory from str to Path
...
Path and PurePath objects provide a lot of syntactic sugar to file
handling that makes the code clearer and more concise.
2021-06-22 12:58:03 -04:00
Mike Salvatore
e2dfd6a5e3
agent: Simplify get_all_files_in_directory() with list comprehension
2021-06-22 12:15:03 -04:00
Shreya
efef40edf9
tests: Fix ransomware tests and move tests for get_all_files_in_directory from ransomware/test_utils.py to utils/test_dir_utils.py
2021-06-22 20:07:38 +05:30
Shreya
a2ebe3386f
agent: Rename utils/file_utils.py to utils/dir_utils.py
2021-06-22 20:02:59 +05:30
Shreya
5f714e0d98
agent: Move get_all_files_in_directory() from ransomware/utils.py to utils/file_utils.py
2021-06-22 19:45:50 +05:30
Shreya
c6da73ad79
agent: ransomware: Incorporate changes into stub
2021-06-22 19:42:50 +05:30
Shreya
48967a2e5b
tests: Modify unit tests for ransomware utils to test for a file like file.jpg.zip
2021-06-22 19:30:44 +05:30
Shreya
8abb9d95ce
agent: ransomware: Move VALID_FILE_EXTENSIONS_FOR_ENCRYPTION to separate file
2021-06-22 19:30:44 +05:30
Shreya
f8c1886977
tests: Add unit tests for ransomware utils - get_files_to_encrypt(), get_all_files_in_directory()
2021-06-22 19:30:44 +05:30
Shreya
3192355f5a
agent: ransomware: Return list instead of filter object when getting files in directory
2021-06-22 19:30:44 +05:30
Shreya
5b64ea5151
agent: ransomware: Iterate through files in directory and get list of files to encrypt
2021-06-22 19:30:44 +05:30
Mike Salvatore
901485c9e4
Disable codecov annotations in pull requests
2021-06-22 10:00:23 -04:00
Mike Salvatore
ccc3557021
Merge pull request #1255 from guardicore/ransomware_stub
...
Adds ransomware stub
2021-06-22 09:59:14 -04:00
VakarisZ
947a03c9a1
Refactor ransomware configuration option from flattened to a dict that encompasses any ransomware options
2021-06-22 16:42:09 +03:00
VakarisZ
63901bcd26
Refactor ransomware payload __init__.py into ransomware_payload.py with a stubbed ransomware payload class
2021-06-22 16:37:44 +03:00
VakarisZ
d7f4035884
Adds ransomware entrypoint in monkey and logs values provided in ransomware configuration options
2021-06-22 10:39:02 +03:00
VakarisZ
00edb17b86
Adds ransomware page to the configuration UI
2021-06-22 10:35:21 +03:00
VakarisZ
9ef4ce8bac
Fixes formatting and naming for ransomware configuration options
2021-06-22 09:47:11 +03:00
VakarisZ
1ede7ebaec
Adds ransomware configuration options to monkey configuration
2021-06-22 09:14:29 +03:00
Mike Salvatore
a715894220
Merge pull request #1256 from guardicore/secure-file-permissions-contextmanager
...
Secure file permissions contextmanager
2021-06-21 14:04:07 -04:00
Mike Salvatore
02ed22bab7
island: Remove FILE_SHARE_WRITE from windows permissions
...
Granting FILE_SHARE_WRITE on mongo_key.bin is unnecessary. Since
mongo_key.bin is the only file that is created using
_get_file_descriptor_for_new_secure_file_windows() at the moment, we
won't grant FILE_SHARE_WRITE.
2021-06-21 14:00:30 -04:00
Mike Salvatore
4d4dbc1dff
Merge pull request #1257 from guardicore/swimm-verify-system-info-collector
...
Swimm: update exercise Add a new System Info Collector (id: OwcKMnALpn7tuBaJY1US)
2021-06-21 13:28:29 -04:00
Shreya
d908b183f5
Swimm: update exercise Add a new System Info Collector (id: OwcKMnALpn7tuBaJY1US).
...
Modify snippet in monkey_island/cc/services/config_schema/monkey.py to only hide HOSTNAME_COLLECTOR instead of the whole import statement block
2021-06-21 22:40:37 +05:30
Mike Salvatore
3b3ce2f86e
Swimm: update exercise Add a new System Info Collector (id: OwcKMnALpn7tuBaJY1US).
2021-06-21 11:19:43 -04:00
Mike Salvatore
2d18a68787
island: Fix return type hint for _get_null_value_for_win32()
...
The _get_null_value_for_win32() function does not return None, it
returns a PyHANDLE object. For the moment, I'm unable to determine the
correct way to import PyHANDLE so that it can be specified in the type
hint. Since type hints aren't actually enforced, it's not worth the
effort to fully solve this at the present time, so the type hint has
just been removed.
2021-06-21 10:40:09 -04:00
Mike Salvatore
51aa0d1564
island: Refactor get_file_descriptor_for_new_secure_file as contextmgr
...
get_file_descriptor_for_new_secure_file() has been refactored as a
contextmanager. Additionally, it has been renamed to
open_new_securely_permissioned_file(). The function can now be used
similarly to open().
Example:
with open_new_securely_permissioned_file(file_path, "wb") as f:
f.write(data)
2021-06-21 10:40:08 -04:00
Mike Salvatore
b39440e871
island: Return a fd instead of PyHandle during windows file creation
...
Fixes #1252
2021-06-21 09:20:58 -04:00
Mike Salvatore
d3d34fe2d6
Merge pull request #1254 from guardicore/windows-data-dir-inheritance
...
island: Add inheritance when setting Windows file or dir permissions
2021-06-21 09:07:28 -04:00
shreyamalviya
ec2fb182de
tests: Modify test_file_utils.py to check for inheritance when creating secure file/dir on Windows
2021-06-21 14:02:40 +05:30
VakarisZ
84868b29ef
Adds ransomware section to island's configuration schema
2021-06-21 10:56:44 +03:00
Mike Salvatore
1d22de41a8
Remove training whitespace from README.md
2021-06-20 09:15:57 -04:00
Mike Salvatore
9d323c194c
Remove job post from README.md
2021-06-20 09:14:34 -04:00
shreyamalviya
0ded39bb62
island: Add inheritance when setting Windows file or dir permissions
...
Add container and object inheritance to the ACE's security descriptor
when setting Windows permissions
2021-06-18 20:11:33 +05:30
VakarisZ
cfdf1183f5
Fix invalid handle for mongo key file error by using the filename instead
2021-06-18 12:30:46 +03:00