From 0a6fa1e7d70950aee820ac1678d4acac84c20f1d Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 5 Aug 2022 09:23:51 +0200 Subject: [PATCH 1/6] Island: Rename FileUpload resource to PBAFileUpload --- monkey/monkey_island/cc/app.py | 4 ++-- .../cc/resources/pba_file_upload.py | 2 +- .../cc/resources/test_pba_file_upload.py | 24 +++++++++++-------- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index e8274454a..786d92146 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -40,7 +40,7 @@ from monkey_island.cc.resources.netmap import NetMap from monkey_island.cc.resources.node import Node from monkey_island.cc.resources.node_states import NodeStates from monkey_island.cc.resources.pba_file_download import PBAFileDownload -from monkey_island.cc.resources.pba_file_upload import FileUpload +from monkey_island.cc.resources.pba_file_upload import PBAFileUpload from monkey_island.cc.resources.ransomware_report import RansomwareReport from monkey_island.cc.resources.root import Root from monkey_island.cc.resources.security_report import SecurityReport @@ -181,7 +181,7 @@ def init_restful_endpoints(api: FlaskDIWrapper): # API Spec: These two should be the same resource, GET for download and POST for upload api.add_resource(PBAFileDownload) - api.add_resource(FileUpload) + api.add_resource(PBAFileUpload) api.add_resource(PropagationCredentials) api.add_resource(RemoteRun) diff --git a/monkey/monkey_island/cc/resources/pba_file_upload.py b/monkey/monkey_island/cc/resources/pba_file_upload.py index 404d2ab8c..f30bdeeb2 100644 --- a/monkey/monkey_island/cc/resources/pba_file_upload.py +++ b/monkey/monkey_island/cc/resources/pba_file_upload.py @@ -18,7 +18,7 @@ WINDOWS_PBA_TYPE = "PBAwindows" # NOTE: This resource will be reworked when the Custom PBA feature is rebuilt as a payload plugin. -class FileUpload(AbstractResource): +class PBAFileUpload(AbstractResource): # API Spec: FileUpload -> PBAFileUpload. Change endpoint accordingly. """ File upload endpoint used to send/receive Custom PBA files diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py index a1f39aaf6..2c4f54df1 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py @@ -9,7 +9,11 @@ from tests.utils import raise_ from common import DIContainer from monkey_island.cc.repository import IAgentConfigurationRepository, IFileRepository -from monkey_island.cc.resources.pba_file_upload import LINUX_PBA_TYPE, WINDOWS_PBA_TYPE, FileUpload +from monkey_island.cc.resources.pba_file_upload import ( + LINUX_PBA_TYPE, + WINDOWS_PBA_TYPE, + PBAFileUpload, +) TEST_FILE_CONTENTS = b"m0nk3y" TEST_FILE = ( @@ -54,7 +58,7 @@ def flask_client( @pytest.mark.parametrize("pba_os", [LINUX_PBA_TYPE, WINDOWS_PBA_TYPE]) def test_pba_file_upload_post(flask_client: FlaskClient, pba_os: str): - url = get_url_for_resource(FileUpload, target_os=pba_os) + url = get_url_for_resource(PBAFileUpload, target_os=pba_os) resp = flask_client.post( url, data=TEST_FILE, @@ -65,7 +69,7 @@ def test_pba_file_upload_post(flask_client: FlaskClient, pba_os: str): def test_pba_file_upload_post__invalid(flask_client: FlaskClient): - url = get_url_for_resource(FileUpload, target_os="bogus") + url = get_url_for_resource(PBAFileUpload, target_os="bogus") resp = flask_client.post( url, data=TEST_FILE, @@ -80,7 +84,7 @@ def test_pba_file_upload_post__internal_server_error( flask_client: FlaskClient, pba_os: str, file_repository: IFileRepository ): file_repository.save_file = lambda x, y: raise_(Exception()) - url = get_url_for_resource(FileUpload, target_os=pba_os) + url = get_url_for_resource(PBAFileUpload, target_os=pba_os) resp = flask_client.post( url, @@ -93,14 +97,14 @@ def test_pba_file_upload_post__internal_server_error( @pytest.mark.parametrize("pba_os", [LINUX_PBA_TYPE, WINDOWS_PBA_TYPE]) def test_pba_file_upload_get__file_not_found(flask_client: FlaskClient, pba_os: str): - url = get_url_for_resource(FileUpload, target_os=pba_os, filename="bobug_mogus.py") + url = get_url_for_resource(PBAFileUpload, target_os=pba_os, filename="bobug_mogus.py") resp = flask_client.get(url) assert resp.status_code == 404 @pytest.mark.parametrize("pba_os", [LINUX_PBA_TYPE, WINDOWS_PBA_TYPE]) def test_file_download_endpoint_500(open_error_flask_client, pba_os: str): - url = get_url_for_resource(FileUpload, target_os=pba_os, filename="bobug_mogus.py") + url = get_url_for_resource(PBAFileUpload, target_os=pba_os, filename="bobug_mogus.py") resp = open_error_flask_client.get(url) @@ -110,7 +114,7 @@ def test_file_download_endpoint_500(open_error_flask_client, pba_os: str): @pytest.mark.parametrize("pba_os", [LINUX_PBA_TYPE, WINDOWS_PBA_TYPE]) def test_pba_file_upload_endpoint(flask_client: FlaskClient, pba_os: str): - url_with_os = get_url_for_resource(FileUpload, target_os=pba_os) + url_with_os = get_url_for_resource(PBAFileUpload, target_os=pba_os) resp_post = flask_client.post( url_with_os, data=TEST_FILE, @@ -118,7 +122,7 @@ def test_pba_file_upload_endpoint(flask_client: FlaskClient, pba_os: str): follow_redirects=True, ) - url_with_filename = get_url_for_resource(FileUpload, target_os=pba_os, filename="test.py") + url_with_filename = get_url_for_resource(PBAFileUpload, target_os=pba_os, filename="test.py") resp_get = flask_client.get(url_with_filename) assert resp_get.status_code == 200 assert resp_get.data == TEST_FILE_CONTENTS @@ -135,7 +139,7 @@ def test_pba_file_upload_endpoint(flask_client: FlaskClient, pba_os: str): def test_pba_file_upload_endpoint__invalid(flask_client: FlaskClient): - url_with_os = get_url_for_resource(FileUpload, target_os="bogus") + url_with_os = get_url_for_resource(PBAFileUpload, target_os="bogus") resp_post = flask_client.post( url_with_os, data=TEST_FILE, @@ -144,7 +148,7 @@ def test_pba_file_upload_endpoint__invalid(flask_client: FlaskClient): ) url_with_filename = get_url_for_resource( - FileUpload, target_os="bogus", filename="bobug_mogus.py" + PBAFileUpload, target_os="bogus", filename="bobug_mogus.py" ) resp_get = flask_client.get(url_with_filename) resp_delete = flask_client.delete(url_with_os, data="test.py", content_type="text/plain;") From 9acc2d8df528f7a39e4626986471a57cbc5ca02f Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 5 Aug 2022 09:42:38 +0200 Subject: [PATCH 2/6] Island: Rename 'api/file-upload' to 'api/pba/upload' --- monkey/monkey_island/cc/resources/pba_file_upload.py | 7 +++---- .../cc/ui/src/components/pages/ConfigurePage.js | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/monkey/monkey_island/cc/resources/pba_file_upload.py b/monkey/monkey_island/cc/resources/pba_file_upload.py index f30bdeeb2..c62272e7c 100644 --- a/monkey/monkey_island/cc/resources/pba_file_upload.py +++ b/monkey/monkey_island/cc/resources/pba_file_upload.py @@ -19,15 +19,14 @@ WINDOWS_PBA_TYPE = "PBAwindows" # NOTE: This resource will be reworked when the Custom PBA feature is rebuilt as a payload plugin. class PBAFileUpload(AbstractResource): - # API Spec: FileUpload -> PBAFileUpload. Change endpoint accordingly. """ File upload endpoint used to send/receive Custom PBA files """ urls = [ - "/api/file-upload/", - "/api/file-upload/?load=", - "/api/file-upload/?restore=", + "/api/pba/upload/", + "/api/pba/upload/?load=", + "/api/pba/upload/?restore=", ] def __init__( diff --git a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js index 473554da9..37473d66a 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js @@ -27,8 +27,8 @@ import { const CONFIG_URL = '/api/agent-configuration'; const RESET_URL = '/api/reset-agent-configuration'; const CONFIGURED_PROPAGATION_CREDENTIALS_URL = '/api/propagation-credentials/configured-credentials'; -export const API_PBA_LINUX = '/api/file-upload/PBAlinux'; -export const API_PBA_WINDOWS = '/api/file-upload/PBAwindows'; +export const API_PBA_LINUX = '/api/pba/upload/PBAlinux'; +export const API_PBA_WINDOWS = '/api/pba/upload/PBAwindows'; const configSubmitAction = 'config-submit'; const configExportAction = 'config-export'; From e4a284b172801920abb8aaa064971cc99fd1a91f Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 5 Aug 2022 09:45:12 +0200 Subject: [PATCH 3/6] Changelog: Add entry for renaming of `api/file-upload` --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4f88d9851..f78b06508 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -52,6 +52,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/). - `/api/log/island/download` endpoint to `/api/island/log`. #2107 - `/api/auth` endpoint to `/api/authenticate`. #2105 - `/api/registration` endpoint to `/api/register`. #2105 +- `/api/file-upload` endpoit to `/api/pba/upload`. #2154 ### Removed - VSFTPD exploiter. #1533 From b874b6a736b19487b76e0d78418541b18e32e410 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 5 Aug 2022 10:00:31 +0200 Subject: [PATCH 4/6] Island: Export PBAFileUpload from __init__ --- monkey/monkey_island/cc/app.py | 2 +- monkey/monkey_island/cc/resources/__init__.py | 1 + .../monkey_island/cc/resources/test_pba_file_upload.py | 7 ++----- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index 786d92146..397a035c9 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -16,6 +16,7 @@ from monkey_island.cc.resources import ( ClearSimulationData, IPAddresses, IslandLog, + PBAFileUpload, PropagationCredentials, RemoteRun, ResetAgentConfiguration, @@ -40,7 +41,6 @@ from monkey_island.cc.resources.netmap import NetMap from monkey_island.cc.resources.node import Node from monkey_island.cc.resources.node_states import NodeStates from monkey_island.cc.resources.pba_file_download import PBAFileDownload -from monkey_island.cc.resources.pba_file_upload import PBAFileUpload from monkey_island.cc.resources.ransomware_report import RansomwareReport from monkey_island.cc.resources.root import Root from monkey_island.cc.resources.security_report import SecurityReport diff --git a/monkey/monkey_island/cc/resources/__init__.py b/monkey/monkey_island/cc/resources/__init__.py index a345595a3..94fce4539 100644 --- a/monkey/monkey_island/cc/resources/__init__.py +++ b/monkey/monkey_island/cc/resources/__init__.py @@ -6,3 +6,4 @@ from .reset_agent_configuration import ResetAgentConfiguration from .propagation_credentials import PropagationCredentials from .ip_addresses import IPAddresses from .agent_configuration import AgentConfiguration +from .pba_file_upload import PBAFileUpload diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py index 2c4f54df1..397a5f6ab 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py @@ -9,11 +9,8 @@ from tests.utils import raise_ from common import DIContainer from monkey_island.cc.repository import IAgentConfigurationRepository, IFileRepository -from monkey_island.cc.resources.pba_file_upload import ( - LINUX_PBA_TYPE, - WINDOWS_PBA_TYPE, - PBAFileUpload, -) +from monkey_island.cc.resources import PBAFileUpload +from monkey_island.cc.resources.pba_file_upload import LINUX_PBA_TYPE, WINDOWS_PBA_TYPE TEST_FILE_CONTENTS = b"m0nk3y" TEST_FILE = ( From 51318f71897cd538452acef471114368ac5fec6c Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 5 Aug 2022 10:05:57 +0200 Subject: [PATCH 5/6] Island: Export PBAFileDownload from __init__ --- monkey/monkey_island/cc/app.py | 2 +- monkey/monkey_island/cc/resources/__init__.py | 1 + .../monkey_island/cc/resources/test_pba_file_download.py | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index 397a035c9..c837328fc 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -16,6 +16,7 @@ from monkey_island.cc.resources import ( ClearSimulationData, IPAddresses, IslandLog, + PBAFileDownload, PBAFileUpload, PropagationCredentials, RemoteRun, @@ -40,7 +41,6 @@ from monkey_island.cc.resources.monkey import Monkey from monkey_island.cc.resources.netmap import NetMap from monkey_island.cc.resources.node import Node from monkey_island.cc.resources.node_states import NodeStates -from monkey_island.cc.resources.pba_file_download import PBAFileDownload from monkey_island.cc.resources.ransomware_report import RansomwareReport from monkey_island.cc.resources.root import Root from monkey_island.cc.resources.security_report import SecurityReport diff --git a/monkey/monkey_island/cc/resources/__init__.py b/monkey/monkey_island/cc/resources/__init__.py index 94fce4539..3368869af 100644 --- a/monkey/monkey_island/cc/resources/__init__.py +++ b/monkey/monkey_island/cc/resources/__init__.py @@ -7,3 +7,4 @@ from .propagation_credentials import PropagationCredentials from .ip_addresses import IPAddresses from .agent_configuration import AgentConfiguration from .pba_file_upload import PBAFileUpload +from .pba_file_download import PBAFileDownload diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_download.py b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_download.py index 31ae0309a..cae3dccf1 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_download.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_download.py @@ -4,7 +4,7 @@ from tests.monkey_island import FILE_CONTENTS, FILE_NAME, MockFileRepository from tests.unit_tests.monkey_island.conftest import get_url_for_resource from monkey_island.cc.repository import IFileRepository -from monkey_island.cc.resources.pba_file_download import PBAFileDownload +from monkey_island.cc.resources import PBAFileDownload @pytest.fixture From 1991669402bdeaee563182ec6052c09f688fbde0 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 5 Aug 2022 11:04:58 +0200 Subject: [PATCH 6/6] Island: Export {LINUX, WINDOWS}_PBA_TYPE from __init__ --- monkey/monkey_island/cc/resources/__init__.py | 2 +- .../monkey_island/cc/resources/test_pba_file_upload.py | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/monkey/monkey_island/cc/resources/__init__.py b/monkey/monkey_island/cc/resources/__init__.py index 3368869af..d04190b7c 100644 --- a/monkey/monkey_island/cc/resources/__init__.py +++ b/monkey/monkey_island/cc/resources/__init__.py @@ -6,5 +6,5 @@ from .reset_agent_configuration import ResetAgentConfiguration from .propagation_credentials import PropagationCredentials from .ip_addresses import IPAddresses from .agent_configuration import AgentConfiguration -from .pba_file_upload import PBAFileUpload +from .pba_file_upload import PBAFileUpload, LINUX_PBA_TYPE, WINDOWS_PBA_TYPE from .pba_file_download import PBAFileDownload diff --git a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py index 397a5f6ab..a40eb60f8 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py +++ b/monkey/tests/unit_tests/monkey_island/cc/resources/test_pba_file_upload.py @@ -9,8 +9,7 @@ from tests.utils import raise_ from common import DIContainer from monkey_island.cc.repository import IAgentConfigurationRepository, IFileRepository -from monkey_island.cc.resources import PBAFileUpload -from monkey_island.cc.resources.pba_file_upload import LINUX_PBA_TYPE, WINDOWS_PBA_TYPE +from monkey_island.cc.resources import LINUX_PBA_TYPE, WINDOWS_PBA_TYPE, PBAFileUpload TEST_FILE_CONTENTS = b"m0nk3y" TEST_FILE = (