cc: rename encryptor() -> get_encryptor()

monkey/monkey_island/cc/main.py

@@ -23,7 +23,7 @@ from monkey_island.cc.app import init_app  # noqa: E402
 from monkey_island.cc.server_utils.bootloader_server import BootloaderHttpServer  # noqa: E402
 from monkey_island.cc.database import get_db_version  # noqa: E402
 from monkey_island.cc.database import is_db_server_up  # noqa: E402
-from monkey_island.cc.encryptor import initialize_encryptor  # noqa: E402
+from monkey_island.cc.server_utils.encryptor import initialize_encryptor  # noqa: E402
 from monkey_island.cc.services.utils.network_utils import local_ip_addresses  # noqa: E402
 from monkey_island.cc.resources.monkey_download import MonkeyDownload  # noqa: E402
 from monkey_island.cc.services.reporting.exporter_init import populate_exporter_list  # noqa: E402

monkey/monkey_island/cc/server_utils/encryptor.py

@@ -62,5 +62,5 @@ def initialize_encryptor(data_dir):
     _encryptor = Encryptor(data_dir)
 
 
-def encryptor():
+def get_encryptor():
     return _encryptor

monkey/monkey_island/cc/services/attack/technique_reports/technique_report_tools.py

@@ -1,4 +1,4 @@
-from monkey_island.cc.server_utils.encryptor import encryptor
+from monkey_island.cc.server_utils.encryptor import get_encryptor
 
 
 def parse_creds(attempt):
@@ -29,7 +29,7 @@ def censor_password(password, plain_chars=3, secret_chars=5):
     """
     if not password:
         return ""
-    password = encryptor().dec(password)
+    password = get_encryptor().dec(password)
     return password[0:plain_chars] + '*' * secret_chars
 
 
@@ -42,5 +42,5 @@ def censor_hash(hash_, plain_chars=5):
     """
     if not hash_:
         return ""
-    hash_ = encryptor().dec(hash_)
+    hash_ = get_encryptor().dec(hash_)
     return hash_[0: plain_chars] + ' ...'

monkey/monkey_island/cc/services/config.py

@@ -8,7 +8,7 @@ from jsonschema import Draft4Validator, validators
 import monkey_island.cc.environment.environment_singleton as env_singleton
 import monkey_island.cc.services.post_breach_files
 from monkey_island.cc.database import mongo
-from monkey_island.cc.server_utils.encryptor import encryptor
+from monkey_island.cc.server_utils.encryptor import get_encryptor
 from monkey_island.cc.services.utils.network_utils import local_ip_addresses
 from monkey_island.cc.services.config_schema.config_schema import SCHEMA
 
@@ -75,9 +75,9 @@ class ConfigService:
         if should_decrypt:
             if config_key_as_arr in ENCRYPTED_CONFIG_VALUES:
                 if isinstance(config, str):
-                    config = encryptor().dec(config)
+                    config = get_encryptor().dec(config)
                 elif isinstance(config, list):
-                    config = [encryptor().dec(x) for x in config]
+                    config = [get_encryptor().dec(x) for x in config]
         return config
 
     @staticmethod
@@ -112,7 +112,7 @@ class ConfigService:
         if item_value in items_from_config:
             return
         if should_encrypt:
-            item_value = encryptor().enc(item_value)
+            item_value = get_encryptor().enc(item_value)
         mongo.db.config.update(
             {'name': 'newconfig'},
             {'$addToSet': {item_key: item_value}},
@@ -297,9 +297,9 @@ class ConfigService:
                 if flat_config[key] and isinstance(flat_config[key][0], dict) and 'public_key' in flat_config[key][0]:
                     flat_config[key] = [ConfigService.decrypt_ssh_key_pair(item) for item in flat_config[key]]
                 else:
-                    flat_config[key] = [encryptor().dec(item) for item in flat_config[key]]
+                    flat_config[key] = [get_encryptor().dec(item) for item in flat_config[key]]
             else:
-                flat_config[key] = encryptor().dec(flat_config[key])
+                flat_config[key] = get_encryptor().dec(flat_config[key])
         return flat_config
 
     @staticmethod
@@ -320,19 +320,19 @@ class ConfigService:
                         config_arr[i] = ConfigService.decrypt_ssh_key_pair(config_arr[i]) if is_decrypt else \
                             ConfigService.decrypt_ssh_key_pair(config_arr[i], True)
                     else:
-                        config_arr[i] = encryptor().dec(config_arr[i]) if is_decrypt else encryptor().enc(config_arr[i])
+                        config_arr[i] = get_encryptor().dec(config_arr[i]) if is_decrypt else get_encryptor().enc(config_arr[i])
             else:
                 parent_config_arr[config_arr_as_array[-1]] = \
-                    encryptor().dec(config_arr) if is_decrypt else encryptor().enc(config_arr)
+                    get_encryptor().dec(config_arr) if is_decrypt else get_encryptor().enc(config_arr)
 
     @staticmethod
     def decrypt_ssh_key_pair(pair, encrypt=False):
         if encrypt:
-            pair['public_key'] = encryptor().enc(pair['public_key'])
+            pair['public_key'] = get_encryptor().enc(pair['public_key'])
-            pair['private_key'] = encryptor().enc(pair['private_key'])
+            pair['private_key'] = get_encryptor().enc(pair['private_key'])
         else:
-            pair['public_key'] = encryptor().dec(pair['public_key'])
+            pair['public_key'] = get_encryptor().dec(pair['public_key'])
-            pair['private_key'] = encryptor().dec(pair['private_key'])
+            pair['private_key'] = get_encryptor().dec(pair['private_key'])
         return pair
 
     @staticmethod

monkey/monkey_island/cc/services/telemetry/processing/exploit.py

@@ -2,7 +2,7 @@ import copy
 
 import dateutil
 
-from monkey_island.cc.server_utils.encryptor import encryptor
+from monkey_island.cc.server_utils.encryptor import get_encryptor
 from monkey_island.cc.models import Monkey
 from monkey_island.cc.services.config import ConfigService
 from monkey_island.cc.services.edge.displayed_edge import EdgeService
@@ -66,4 +66,4 @@ def encrypt_exploit_creds(telemetry_json):
         for field in ['password', 'lm_hash', 'ntlm_hash']:
             credential = attempts[i][field]
             if len(credential) > 0:
-                attempts[i][field] = encryptor().enc(credential)
+                attempts[i][field] = get_encryptor().enc(credential)

monkey/monkey_island/cc/services/telemetry/processing/system_info.py

@@ -1,6 +1,6 @@
 import logging
 
-from monkey_island.cc.server_utils.encryptor import encryptor
+from monkey_island.cc.server_utils.encryptor import get_encryptor
 from monkey_island.cc.services.config import ConfigService
 from monkey_island.cc.services.node import NodeService
 from monkey_island.cc.services.telemetry.processing.system_info_collectors.system_info_telemetry_dispatcher import \
@@ -63,7 +63,7 @@ def encrypt_system_info_ssh_keys(ssh_info):
     for idx, user in enumerate(ssh_info):
         for field in ['public_key', 'private_key', 'known_hosts']:
             if ssh_info[idx][field]:
-                ssh_info[idx][field] = encryptor().enc(ssh_info[idx][field])
+                ssh_info[idx][field] = get_encryptor().enc(ssh_info[idx][field])
 
 
 def process_credential_info(telemetry_json):

monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_auth_service.py

@@ -4,7 +4,7 @@ from ScoutSuite.providers.base.authentication_strategy import AuthenticationExce
 
 from common.cloud.scoutsuite_consts import CloudProviders
 from common.utils.exceptions import InvalidAWSKeys
-from monkey_island.cc.server_utils.encryptor import encryptor
+from monkey_island.cc.server_utils.encryptor import get_encryptor
 from monkey_island.cc.services.config import ConfigService
 from common.config_value_paths import AWS_KEYS_PATH
 
@@ -37,7 +37,7 @@ def set_aws_keys(access_key_id: str, secret_access_key: str, session_token: str)
 
 def _set_aws_key(key_type: str, key_value: str):
     path_to_keys = AWS_KEYS_PATH
-    encrypted_key = encryptor().enc(key_value)
+    encrypted_key = get_encryptor().enc(key_value)
     ConfigService.set_config_value(path_to_keys + [key_type], encrypted_key)
 
 

monkey/monkey_island/cc/services/zero_trust/scoutsuite/test_scoutsuite_auth_service.py

@@ -4,7 +4,7 @@ import pytest
 import dpath.util
 
 from monkey_island.cc.database import mongo
-from monkey_island.cc.server_utils.encryptor import initialize_encryptor, encryptor
+from monkey_island.cc.server_utils.encryptor import initialize_encryptor, get_encryptor
 from monkey_island.cc.services.config import ConfigService
 from common.config_value_paths import AWS_KEYS_PATH
 from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_auth_service import is_aws_keys_setup
@@ -27,7 +27,7 @@ def test_is_aws_keys_setup(tmp_path):
 
     # Make sure noone changed config path and broke this function
     initialize_encryptor(tmp_path)
-    bogus_key_value = encryptor().enc('bogus_aws_key')
+    bogus_key_value = get_encryptor().enc('bogus_aws_key')
     dpath.util.set(ConfigService.default_config, AWS_KEYS_PATH+['aws_secret_access_key'], bogus_key_value)
     dpath.util.set(ConfigService.default_config, AWS_KEYS_PATH+['aws_access_key_id'], bogus_key_value)
 

monkey/monkey_island/cc/test_encryptor.py

@@ -1,7 +1,7 @@
 import os
 
 from monkey_island.cc.server_utils.consts import MONKEY_ISLAND_ABS_PATH
-from monkey_island.cc.server_utils.encryptor import initialize_encryptor, encryptor
+from monkey_island.cc.server_utils.encryptor import initialize_encryptor, get_encryptor
 
 
 TEST_DATA_DIR = os.path.join(MONKEY_ISLAND_ABS_PATH, "cc", "testing")
@@ -14,13 +14,13 @@ CYPHERTEXT = "vKgvD6SjRyIh1dh2AM/rnTa0NI/vjfwnbZLbMocWtE4e42WJmSUz2ordtbQrH1Fq"
 def test_aes_cbc_encryption():
     initialize_encryptor(TEST_DATA_DIR)
 
-    assert encryptor().enc(PLAINTEXT) != PLAINTEXT
+    assert get_encryptor().enc(PLAINTEXT) != PLAINTEXT
 
 
 def test_aes_cbc_decryption():
     initialize_encryptor(TEST_DATA_DIR)
 
-    assert encryptor().dec(CYPHERTEXT) == PLAINTEXT
+    assert get_encryptor().dec(CYPHERTEXT) == PLAINTEXT
 
 
 def test_create_new_password_file(tmpdir):