Add unit tests for config_encryption.py

2021-06-01 18:14:32 +05:30 · 2021-06-01 18:14:32 +05:30 · 295cacaffc
parent a94047d778
commit 295cacaffc
3 changed files with 235 additions and 0 deletions
--- a/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
+++ b/monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json
@ -0,0 +1,209 @@
+{
+    "basic": {
+      "exploiters": {
+        "exploiter_classes": [
+          "SmbExploiter",
+          "WmiExploiter",
+          "SSHExploiter",
+          "ShellShockExploiter",
+          "SambaCryExploiter",
+          "ElasticGroovyExploiter",
+          "Struts2Exploiter",
+          "WebLogicExploiter",
+          "HadoopExploiter",
+          "VSFTPDExploiter",
+          "MSSQLExploiter",
+          "DrupalExploiter"
+        ]
+      },
+      "credentials": {
+        "exploit_user_list": [
+          "Administrator",
+          "root",
+          "user"
+        ],
+        "exploit_password_list": [
+          "root",
+          "123456",
+          "password",
+          "123456789",
+          "qwerty",
+          "111111",
+          "iloveyou"
+        ]
+      }
+    },
+    "basic_network": {
+      "scope": {
+        "blocked_ips": [],
+        "local_network_scan": true,
+        "depth": 2,
+        "subnet_scan_list": []
+      },
+      "network_analysis": {
+        "inaccessible_subnets": []
+      }
+    },
+    "internal": {
+      "general": {
+        "singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
+        "keep_tunnel_open_time": 60,
+        "monkey_dir_name": "monkey_dir",
+        "started_on_island": false
+      },
+      "monkey": {
+        "victims_max_find": 100,
+        "victims_max_exploit": 100,
+        "internet_services": [
+          "monkey.guardicore.com",
+          "www.google.com"
+        ],
+        "self_delete_in_cleanup": true,
+        "use_file_logging": true,
+        "serialize_config": false,
+        "alive": true,
+        "aws_keys": {
+          "aws_access_key_id": "",
+          "aws_secret_access_key": "",
+          "aws_session_token": ""
+        }
+      },
+      "island_server": {
+        "command_servers": [
+          "192.168.1.37:5000",
+          "10.0.3.1:5000",
+          "172.17.0.1:5000"
+        ],
+        "current_server": "192.168.1.37:5000"
+      },
+      "network": {
+        "tcp_scanner": {
+          "HTTP_PORTS": [
+            80,
+            8080,
+            443,
+            8008,
+            7001,
+            9200
+          ],
+          "tcp_target_ports": [
+            22,
+            2222,
+            445,
+            135,
+            3389,
+            80,
+            8080,
+            443,
+            8008,
+            3306,
+            7001,
+            8088
+          ],
+          "tcp_scan_interval": 0,
+          "tcp_scan_timeout": 3000,
+          "tcp_scan_get_banner": true
+        },
+        "ping_scanner": {
+          "ping_scan_timeout": 1000
+        }
+      },
+      "classes": {
+        "finger_classes": [
+          "SMBFinger",
+          "SSHFinger",
+          "PingScanner",
+          "HTTPFinger",
+          "MySQLFinger",
+          "MSSQLFinger",
+          "ElasticFinger"
+        ]
+      },
+      "kill_file": {
+        "kill_file_path_windows": "%windir%\\monkey.not",
+        "kill_file_path_linux": "/var/run/monkey.not"
+      },
+      "dropper": {
+        "dropper_set_date": true,
+        "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
+        "dropper_date_reference_path_linux": "/bin/sh",
+        "dropper_target_path_linux": "/tmp/monkey",
+        "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe",
+        "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
+        "dropper_try_move_first": true
+      },
+      "logging": {
+        "dropper_log_path_linux": "/tmp/user-1562",
+        "dropper_log_path_windows": "%temp%\\~df1562.tmp",
+        "monkey_log_path_linux": "/tmp/user-1563",
+        "monkey_log_path_windows": "%temp%\\~df1563.tmp",
+        "send_log_to_server": true
+      },
+      "exploits": {
+        "exploit_lm_hash_list": [],
+        "exploit_ntlm_hash_list": [],
+        "exploit_ssh_keys": [],
+        "general": {
+          "skip_exploit_if_file_exist": false
+        },
+        "ms08_067": {
+          "ms08_067_exploit_attempts": 5,
+          "user_to_add": "Monkey_IUSER_SUPPORT"
+        },
+        "sambacry": {
+          "sambacry_trigger_timeout": 5,
+          "sambacry_folder_paths_to_guess": [
+            "/",
+            "/mnt",
+            "/tmp",
+            "/storage",
+            "/export",
+            "/share",
+            "/shares",
+            "/home"
+          ],
+          "sambacry_shares_not_to_check": [
+            "IPC$",
+            "print$"
+          ]
+        }
+      },
+      "testing": {
+        "export_monkey_telems": false
+      }
+    },
+    "monkey": {
+      "post_breach": {
+        "custom_PBA_linux_cmd": "",
+        "custom_PBA_windows_cmd": "",
+        "PBA_windows_filename": "",
+        "PBA_linux_filename": "",
+        "post_breach_actions": [
+          "BackdoorUser",
+          "CommunicateAsNewUser",
+          "ModifyShellStartupFiles",
+          "HiddenFiles",
+          "TrapCommand",
+          "ChangeSetuidSetgid",
+          "ScheduleJobs",
+          "Timestomping",
+          "AccountDiscovery"
+        ]
+      },
+      "system_info": {
+        "system_info_collector_classes": [
+          "EnvironmentCollector",
+          "AwsCollector",
+          "HostnameCollector",
+          "ProcessListCollector",
+          "MimikatzCollector",
+          "AzureCollector"
+        ]
+      },
+      "persistent_scanning": {
+        "max_iterations": 1,
+        "timeout_between_iterations": 100,
+        "retry_failed_explotation": true
+      }
+    }
+  }
--- a/monkey/tests/unit_tests/monkey_island/cc/services/utils/test_config_encryption.py
+++ b/monkey/tests/unit_tests/monkey_island/cc/services/utils/test_config_encryption.py
@ -0,0 +1,26 @@
+import json
+import os
+
+import pytest
+
+from monkey_island.cc.services.utils.config_encryption import decrypt_config, encrypt_config
+
+MONKEY_CONFIGS_DIR_PATH = "monkey_configs"
+STANDARD_PLAINTEXT_MONKEY_CONFIG_FILENAME = "monkey_config_standard.json"
+
+PASSWORD = "hello123"
+
+
+@pytest.fixture
+def plaintext_config(data_for_tests_dir):
+    plaintext_monkey_config_standard_path = os.path.join(
+        data_for_tests_dir, MONKEY_CONFIGS_DIR_PATH, STANDARD_PLAINTEXT_MONKEY_CONFIG_FILENAME
+    )
+    plaintext_config = json.loads(open(plaintext_monkey_config_standard_path, "r").read())
+    return plaintext_config
+
+
+def test_encrypt_decrypt_config(plaintext_config):
+    encrypted_config = encrypt_config(plaintext_config, PASSWORD)  # str of the form: `b'a1b2c3'`
+    encrypted_config = encrypted_config[2:-1]  # so we slice it here
+    assert decrypt_config(encrypted_config, PASSWORD) == plaintext_config
--- a/test_config_encryption.py
+++ b/test_config_encryption.py