Island, Agent: Remove per-agent configuration from agent document

Each agent doesn't need to have a separate configuration since the configuration is global and unique agent parameters are not and should not be stored in configuration
This commit is contained in:
vakarisz 2022-06-08 10:55:29 +03:00
parent 1b2ca74b9f
commit 35b4fae326
5 changed files with 9 additions and 33 deletions
monkey
infection_monkey
monkey_island/cc
models
resources
services

View File

@ -41,7 +41,6 @@ class ControlClient(object):
"ip_addresses": local_ips(),
"networks": get_host_subnets(),
"description": " ".join(platform.uname()),
"config": WormConfiguration.as_dict(),
"parent": parent,
"launch_time": agent_process.get_start_time(),
}
@ -50,7 +49,7 @@ class ControlClient(object):
monkey["tunnel"] = ControlClient.proxies.get("https")
requests.post( # noqa: DUO123
"https://%s/api/agent" % (WormConfiguration.current_server,),
f"https://{WormConfiguration.current_server}/api/agent",
data=json.dumps(monkey),
headers={"content-type": "application/json"},
verify=False,
@ -173,7 +172,7 @@ class ControlClient(object):
return
try:
reply = requests.get( # noqa: DUO123
"https://%s/api/agent/%s/legacy" % (WormConfiguration.current_server, GUID),
f"https://{WormConfiguration.current_server}/api/agent/",
verify=False,
proxies=ControlClient.proxies,
timeout=MEDIUM_REQUEST_TIMEOUT,
@ -210,7 +209,7 @@ class ControlClient(object):
return
try:
requests.patch( # noqa: DUO123
"https://%s/api/agent/%s" % (WormConfiguration.current_server, GUID),
f"https://{WormConfiguration.current_server}/api/agent/{GUID}",
data=json.dumps({"config_error": True}),
headers={"content-type": "application/json"},
verify=False,

View File

@ -49,7 +49,7 @@ class ControlChannel(IControlChannel):
def get_config(self) -> dict:
try:
response = requests.get( # noqa: DUO123
f"https://{self._control_channel_server}/api/agent/{self._agent_id}",
f"https://{self._control_channel_server}/api/agent",
verify=False,
proxies=ControlClient.proxies,
timeout=SHORT_REQUEST_TIMEOUT,

View File

@ -37,7 +37,6 @@ class Monkey(Document):
# SCHEMA
guid = StringField(required=True)
config = EmbeddedDocumentField("Config")
should_stop = BooleanField()
dead = BooleanField()
description = StringField()

View File

@ -21,28 +21,11 @@ class Monkey(AbstractResource):
urls = [
"/api/agent",
"/api/agent/<string:guid>",
# API Spec: Resource names should alternate with IDs (/api/agents/123/config-format/xyz)
"/api/agent/<string:guid>/<string:config_format>",
]
# Used by monkey. can't secure.
def get(self, guid=None, config_format=None, **kw):
if not guid:
guid = request.args.get("guid")
if guid:
monkey_json = mongo.db.monkey.find_one_or_404({"guid": guid})
# TODO: When the "legacy" format is no longer needed, update this logic and remove the
# "/api/agent/<string:guid>/<string:config_format>" route. Also considering not
# flattening the config in the first place.
if config_format == "legacy":
ConfigService.decrypt_flat_config(monkey_json["config"])
else:
ConfigService.format_flat_config_for_agent(monkey_json["config"])
return monkey_json
return {}
def get(self):
return {"config": ConfigService.format_flat_config_for_agent()}
# Used by monkey. can't secure.
@TestTelemStore.store_exported_telem
@ -54,8 +37,6 @@ class Monkey(AbstractResource):
monkey_json = json.loads(request.data)
update = {"$set": {"modifytime": datetime.now()}}
monkey = NodeService.get_monkey_by_guid(guid)
if "config" in monkey_json:
update["$set"]["config"] = monkey_json["config"]
if "config_error" in monkey_json:
update["$set"]["config_error"] = monkey_json["config_error"]
@ -89,11 +70,6 @@ class Monkey(AbstractResource):
# if new monkey telem, change config according to "new monkeys" config.
db_monkey = mongo.db.monkey.find_one({"guid": monkey_json["guid"]})
# Update monkey configuration
new_config = ConfigService.get_flat_config(False, False)
monkey_json["config"] = monkey_json.get("config", {})
monkey_json["config"].update(new_config)
# try to find new monkey parent
parent = monkey_json.get("parent")
parent_to_add = (monkey_json.get("guid"), None) # default values in case of manual run

View File

@ -427,11 +427,13 @@ class ConfigService:
}
@staticmethod
def format_flat_config_for_agent(config: Dict):
def format_flat_config_for_agent():
config = ConfigService.get_flat_config()
ConfigService._remove_credentials_from_flat_config(config)
ConfigService._format_payloads_from_flat_config(config)
ConfigService._format_pbas_from_flat_config(config)
ConfigService._format_propagation_from_flat_config(config)
return config
@staticmethod
def _remove_credentials_from_flat_config(config: Dict):