forked from p15670423/monkey
* Added another configuration endpoint for the island specific fields
This commit is contained in:
parent
90554f63cb
commit
a42d621340
|
@ -18,6 +18,7 @@ from cc.resources.log import Log
|
|||
from cc.resources.island_logs import IslandLog
|
||||
from cc.resources.monkey import Monkey
|
||||
from cc.resources.monkey_configuration import MonkeyConfiguration
|
||||
from cc.resources.island_configuration import IslandConfiguration
|
||||
from cc.resources.monkey_download import MonkeyDownload
|
||||
from cc.resources.netmap import NetMap
|
||||
from cc.resources.node import Node
|
||||
|
@ -104,6 +105,7 @@ def init_app(mongo_url):
|
|||
api.add_resource(ClientRun, '/api/client-monkey', '/api/client-monkey/')
|
||||
api.add_resource(Telemetry, '/api/telemetry', '/api/telemetry/', '/api/telemetry/<string:monkey_guid>')
|
||||
api.add_resource(MonkeyConfiguration, '/api/configuration', '/api/configuration/')
|
||||
api.add_resource(IslandConfiguration, '/api/configuration/island', '/api/configuration/island/')
|
||||
api.add_resource(MonkeyDownload, '/api/monkey/download', '/api/monkey/download/',
|
||||
'/api/monkey/download/<string:path>')
|
||||
api.add_resource(NetMap, '/api/netmap', '/api/netmap/')
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
import json
|
||||
|
||||
import flask_restful
|
||||
from flask import request, jsonify, abort
|
||||
|
||||
from cc.auth import jwt_required
|
||||
from cc.services.config import ConfigService
|
||||
|
||||
|
||||
class IslandConfiguration(flask_restful.Resource):
|
||||
@jwt_required()
|
||||
def get(self):
|
||||
return jsonify(schema=ConfigService.get_config_schema(),
|
||||
configuration=ConfigService.get_config(False, True, True))
|
||||
|
||||
@jwt_required()
|
||||
def post(self):
|
||||
config_json = json.loads(request.data)
|
||||
if 'reset' in config_json:
|
||||
ConfigService.reset_config()
|
||||
else:
|
||||
if not ConfigService.update_config(config_json, should_encrypt=True):
|
||||
abort(400)
|
||||
return self.get()
|
|
@ -648,17 +648,20 @@ SCHEMA = {
|
|||
'aws_account_id': {
|
||||
'title': 'AWS account ID',
|
||||
'type': 'string',
|
||||
'description': 'Your AWS account ID that is subscribed to security hub feeds'
|
||||
'description': 'Your AWS account ID that is subscribed to security hub feeds',
|
||||
'default': " "
|
||||
},
|
||||
'aws_access_key_id': {
|
||||
'title': 'AWS access key ID',
|
||||
'type': 'string',
|
||||
'description': 'Your AWS public access key ID, can be found in the IAM user interface in the AWS console.'
|
||||
'description': 'Your AWS public access key ID, can be found in the IAM user interface in the AWS console.',
|
||||
'default': " "
|
||||
},
|
||||
'aws_secret_access_key': {
|
||||
'title': 'AWS secret access key',
|
||||
'type': 'string',
|
||||
'description': 'Your AWS secret access key id, you can get this after creating a public access key in the console.'
|
||||
'description': 'Your AWS secret access key id, you can get this after creating a public access key in the console.',
|
||||
'default': " "
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -897,16 +900,14 @@ ENCRYPTED_CONFIG_ARRAYS = \
|
|||
['basic', 'credentials', 'exploit_password_list'],
|
||||
['internal', 'exploits', 'exploit_lm_hash_list'],
|
||||
['internal', 'exploits', 'exploit_ntlm_hash_list'],
|
||||
['internal', 'exploits', 'exploit_ssh_keys'],
|
||||
# ['cnc', 'aws_config', 'iam_role_id'],
|
||||
# ['cnc', 'aws_config', 'aws_access_key_id'],
|
||||
# ['cnc', 'aws_config', 'aws_secret_access_key'],
|
||||
['internal', 'exploits', 'exploit_ssh_keys']
|
||||
]
|
||||
|
||||
# This should be used for config values of string type
|
||||
ENCRYPTED_CONFIG_STRINGS = \
|
||||
[
|
||||
|
||||
['cnc', 'aws_config', 'aws_access_key_id'],
|
||||
['cnc', 'aws_config', 'aws_secret_access_key']
|
||||
]
|
||||
|
||||
|
||||
|
@ -931,7 +932,7 @@ class ConfigService:
|
|||
if should_decrypt and len(config) > 0:
|
||||
ConfigService.decrypt_config(config)
|
||||
if not is_island:
|
||||
config['cnc'].pop('aws_config', None)
|
||||
config.get('cnc', {}).pop('aws_config', None)
|
||||
return config
|
||||
|
||||
@staticmethod
|
||||
|
|
|
@ -24,7 +24,7 @@ class ConfigurePageComponent extends AuthComponent {
|
|||
}
|
||||
|
||||
componentDidMount() {
|
||||
this.authFetch('/api/configuration')
|
||||
this.authFetch('/api/configuration/island')
|
||||
.then(res => res.json())
|
||||
.then(res => {
|
||||
let sections = [];
|
||||
|
|
Loading…
Reference in New Issue