diff --git a/.travis.yml b/.travis.yml index 59a97f60c..fcd9fc36b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -72,7 +72,7 @@ script: ## Display the linter issues - cat flake8_warnings.txt ## Make sure that we haven't increased the amount of warnings. -- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120 +- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=90 - if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi ## Check import order @@ -89,7 +89,7 @@ script: - cd monkey_island/cc/ui - npm ci # See https://docs.npmjs.com/cli/ci.html - eslint ./src --quiet # Test for errors -- JS_WARNINGS_AMOUNT_UPPER_LIMIT=28 +- JS_WARNINGS_AMOUNT_UPPER_LIMIT=4 - eslint ./src --max-warnings $JS_WARNINGS_AMOUNT_UPPER_LIMIT # Test for max warnings # Build documentation diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index 7e2418d6f..9a98c1e06 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -91,16 +91,14 @@ class MonkeyIslandRequests(object): return requests.patch(self.addr + url, # noqa: DUO123 data=data, headers=self.get_jwt_header(), - verify=False - ) + verify=False) @_Decorators.refresh_jwt_token def delete(self, url): return requests.delete( # noqa: DOU123 self.addr + url, headers=self.get_jwt_header(), - verify=False - ) + verify=False) @_Decorators.refresh_jwt_token def get_jwt_header(self): diff --git a/monkey/common/data/post_breach_consts.py b/monkey/common/data/post_breach_consts.py index ec9f4a823..25e6679cb 100644 --- a/monkey/common/data/post_breach_consts.py +++ b/monkey/common/data/post_breach_consts.py @@ -6,6 +6,7 @@ POST_BREACH_HIDDEN_FILES = "Hide files and directories" POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received" POST_BREACH_SETUID_SETGID = "Setuid and Setgid" POST_BREACH_JOB_SCHEDULING = "Schedule jobs" +POST_BREACH_TIMESTOMPING = "Modify files' timestamps" POST_BREACH_SIGNED_SCRIPT_PROXY_EXEC = "Signed script proxy execution" POST_BREACH_ACCOUNT_DISCOVERY = "Account discovery" POST_BREACH_CLEAR_CMD_HISTORY = "Clear command history" diff --git a/monkey/common/network/network_range.py b/monkey/common/network/network_range.py index b778bb5f9..7eb082c8f 100644 --- a/monkey/common/network/network_range.py +++ b/monkey/common/network/network_range.py @@ -28,7 +28,7 @@ class NetworkRange(object, metaclass=ABCMeta): """ base_range = self.get_range() if self._shuffle: - random.shuffle(base_range) + random.shuffle(base_range) # noqa: DUO102 for x in base_range: yield self._number_to_ip(x) diff --git a/monkey/infection_monkey/main.py b/monkey/infection_monkey/main.py index cad4a00c0..e4698a462 100644 --- a/monkey/infection_monkey/main.py +++ b/monkey/infection_monkey/main.py @@ -7,8 +7,9 @@ import sys import traceback from multiprocessing import freeze_support +# dummy import for pyinstaller # noinspection PyUnresolvedReferences -import infection_monkey.post_breach # dummy import for pyinstaller +import infection_monkey.post_breach # noqa: F401 from common.version import get_version from infection_monkey.config import EXTERNAL_CONFIG_FILE, WormConfiguration from infection_monkey.dropper import MonkeyDrops diff --git a/monkey/infection_monkey/model/__init__.py b/monkey/infection_monkey/model/__init__.py index e7ab94495..4f3f2c27d 100644 --- a/monkey/infection_monkey/model/__init__.py +++ b/monkey/infection_monkey/model/__init__.py @@ -1,4 +1,4 @@ -from infection_monkey.model.host import VictimHost +from infection_monkey.model.host import VictimHost # noqa: F401 __author__ = 'itamar' diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py index 02463e988..07431bae9 100644 --- a/monkey/infection_monkey/monkey.py +++ b/monkey/infection_monkey/monkey.py @@ -89,7 +89,7 @@ class InfectionMonkey(object): if self._opts.depth is not None: WormConfiguration._depth_from_commandline = True WormConfiguration.depth = self._opts.depth - LOG.debug(f"Setting propagation depth from command line") + LOG.debug("Setting propagation depth from command line") LOG.debug(f"Set propagation depth to {WormConfiguration.depth}") self._keep_running = True diff --git a/monkey/infection_monkey/network/ping_scanner.py b/monkey/infection_monkey/network/ping_scanner.py index f35533f0c..27c814593 100644 --- a/monkey/infection_monkey/network/ping_scanner.py +++ b/monkey/infection_monkey/network/ping_scanner.py @@ -12,7 +12,7 @@ __author__ = 'itamar' PING_COUNT_FLAG = "-n" if "win32" == sys.platform else "-c" PING_TIMEOUT_FLAG = "-w" if "win32" == sys.platform else "-W" -TTL_REGEX_STR = '(?<=TTL\=)[0-9]+' +TTL_REGEX_STR = r'(?<=TTL\=)[0-9]+' LINUX_TTL = 64 WINDOWS_TTL = 128 diff --git a/monkey/infection_monkey/network/sshfinger.py b/monkey/infection_monkey/network/sshfinger.py index a686d7fbd..909e75429 100644 --- a/monkey/infection_monkey/network/sshfinger.py +++ b/monkey/infection_monkey/network/sshfinger.py @@ -6,7 +6,7 @@ from infection_monkey.network.tools import check_tcp_port SSH_PORT = 22 SSH_SERVICE_DEFAULT = 'tcp-22' -SSH_REGEX = 'SSH-\d\.\d-OpenSSH' +SSH_REGEX = r'SSH-\d\.\d-OpenSSH' TIMEOUT = 10 BANNER_READ = 1024 LINUX_DIST_SSH = ['ubuntu', 'debian'] diff --git a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py index 83065d20d..ce85c74c1 100644 --- a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py +++ b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py @@ -44,7 +44,7 @@ class CommunicateAsNewUser(PBA): @staticmethod def get_random_new_user_name(): - return USERNAME_PREFIX + ''.join(random.choice(string.ascii_lowercase) for _ in range(5)) + return USERNAME_PREFIX + ''.join(random.choice(string.ascii_lowercase) for _ in range(5)) # noqa: DUO102 @staticmethod def get_commandline_for_http_request(url, is_windows=is_windows_os()): diff --git a/monkey/infection_monkey/post_breach/actions/timestomping.py b/monkey/infection_monkey/post_breach/actions/timestomping.py new file mode 100644 index 000000000..50a940524 --- /dev/null +++ b/monkey/infection_monkey/post_breach/actions/timestomping.py @@ -0,0 +1,12 @@ +from common.data.post_breach_consts import POST_BREACH_TIMESTOMPING +from infection_monkey.post_breach.pba import PBA +from infection_monkey.post_breach.timestomping.timestomping import \ + get_timestomping_commands + + +class Timestomping(PBA): + def __init__(self): + linux_cmds, windows_cmds = get_timestomping_commands() + super().__init__(POST_BREACH_TIMESTOMPING, + linux_cmd=linux_cmds, + windows_cmd=windows_cmds) diff --git a/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py b/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py index fe3dad525..017203821 100644 --- a/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py +++ b/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py @@ -1,5 +1,5 @@ SCHEDULED_TASK_NAME = 'monkey-spawn-cmd' -SCHEDULED_TASK_COMMAND = 'C:\windows\system32\cmd.exe' +SCHEDULED_TASK_COMMAND = r'C:\windows\system32\cmd.exe' # Commands from: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.005/T1053.005.md diff --git a/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py new file mode 100644 index 000000000..ee6c02f58 --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py @@ -0,0 +1,14 @@ +TEMP_FILE = 'monkey-timestomping-file.txt' +TIMESTAMP_EPOCH = '197001010000.00' + + +def get_linux_timestomping_commands(): + return [ + f'echo "Successfully changed a file\'s modification timestamp" > {TEMP_FILE} && ' + f'touch -m -t {TIMESTAMP_EPOCH} {TEMP_FILE} && ' + f'cat {TEMP_FILE} ; ' + f'rm {TEMP_FILE} -f' + ] + + +# Commands' source: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1070.006/T1070.006.md diff --git a/monkey/infection_monkey/post_breach/timestomping/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/timestomping.py new file mode 100644 index 000000000..04ed5cb6d --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/timestomping.py @@ -0,0 +1,10 @@ +from infection_monkey.post_breach.timestomping.linux.timestomping import \ + get_linux_timestomping_commands +from infection_monkey.post_breach.timestomping.windows.timestomping import \ + get_windows_timestomping_commands + + +def get_timestomping_commands(): + linux_cmds = get_linux_timestomping_commands() + windows_cmds = get_windows_timestomping_commands() + return linux_cmds, windows_cmds diff --git a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 new file mode 100644 index 000000000..ce94ac08a --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 @@ -0,0 +1,13 @@ +$TEMP_FILE = 'monkey-timestomping-file.txt' +$TIMESTAMP_EPOCH = '01/01/1970 00:00:00' + +# create temporary file +New-Item -Path $TEMP_FILE -Force | Out-Null +Set-Content $TEMP_FILE -Value "Successfully changed a file's modification timestamp" -Force | Out-Null + +# attempt to change modification timestamp +Get-ChildItem $TEMP_FILE | % { $_.LastWriteTime = $TIMESTAMP_EPOCH } +Get-Content $TEMP_FILE + +# remove temporary file +Remove-Item $TEMP_FILE -Force -ErrorAction Ignore diff --git a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py new file mode 100644 index 000000000..9f23193f7 --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py @@ -0,0 +1,8 @@ +TEMP_FILE = 'monkey-timestomping-file.txt' + + +def get_windows_timestomping_commands(): + return 'powershell.exe infection_monkey/post_breach/timestomping/windows/timestomping.ps1' + + +# Commands' source: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1070.006/T1070.006.md diff --git a/monkey/infection_monkey/system_info/windows_info_collector.py b/monkey/infection_monkey/system_info/windows_info_collector.py index d6b3cbec8..3e7b2bfff 100644 --- a/monkey/infection_monkey/system_info/windows_info_collector.py +++ b/monkey/infection_monkey/system_info/windows_info_collector.py @@ -7,14 +7,10 @@ from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector MimikatzCredentialCollector sys.coinit_flags = 0 # needed for proper destruction of the wmi python module -# noinspection PyPep8 -import infection_monkey.config -# noinspection PyPep8 -from common.utils.wmi_utils import WMIUtils -# noinspection PyPep8 -from infection_monkey.system_info import InfoCollector -# noinspection PyPep8 -from infection_monkey.system_info.wmi_consts import WMI_CLASSES +import infection_monkey.config # noqa: E402 +from common.utils.wmi_utils import WMIUtils # noqa: E402 +from infection_monkey.system_info import InfoCollector # noqa: E402 +from infection_monkey.system_info.wmi_consts import WMI_CLASSES # noqa: E402 LOG = logging.getLogger(__name__) LOG.info('started windows info collector') diff --git a/monkey/infection_monkey/transport/__init__.py b/monkey/infection_monkey/transport/__init__.py index c3df1cb01..f9d56fe23 100644 --- a/monkey/infection_monkey/transport/__init__.py +++ b/monkey/infection_monkey/transport/__init__.py @@ -1 +1,2 @@ -from infection_monkey.transport.http import HTTPServer, LockedHTTPServer +from infection_monkey.transport.http import HTTPServer # noqa: F401 +from infection_monkey.transport.http import LockedHTTPServer # noqa: F401 diff --git a/monkey/infection_monkey/transport/tcp.py b/monkey/infection_monkey/transport/tcp.py index aa7ce253e..928f4b079 100644 --- a/monkey/infection_monkey/transport/tcp.py +++ b/monkey/infection_monkey/transport/tcp.py @@ -65,7 +65,7 @@ class TcpProxy(TransportProxyBase): dest = socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: dest.connect((self.dest_host, self.dest_port)) - except socket.error as ex: + except socket.error: source.close() dest.close() continue diff --git a/monkey/infection_monkey/utils/hidden_files.py b/monkey/infection_monkey/utils/hidden_files.py index 46d8e136b..863680085 100644 --- a/monkey/infection_monkey/utils/hidden_files.py +++ b/monkey/infection_monkey/utils/hidden_files.py @@ -5,8 +5,8 @@ from infection_monkey.utils.linux.hidden_files import ( get_linux_commands_to_delete, get_linux_commands_to_hide_files, get_linux_commands_to_hide_folders) from infection_monkey.utils.windows.hidden_files import ( - get_winAPI_to_hide_files, get_windows_commands_to_delete, - get_windows_commands_to_hide_files, get_windows_commands_to_hide_folders) + get_windows_commands_to_delete, get_windows_commands_to_hide_files, + get_windows_commands_to_hide_folders) def get_commands_to_hide_files(): diff --git a/monkey/infection_monkey/utils/windows/hidden_files.py b/monkey/infection_monkey/utils/windows/hidden_files.py index a8f813f1b..d5687fc2d 100644 --- a/monkey/infection_monkey/utils/windows/hidden_files.py +++ b/monkey/infection_monkey/utils/windows/hidden_files.py @@ -51,13 +51,13 @@ def get_winAPI_to_hide_files(): fileCreation = win32file.CREATE_ALWAYS # overwrite existing file fileFlags = win32file.FILE_ATTRIBUTE_HIDDEN # make hidden - hiddenFile = win32file.CreateFile(HIDDEN_FILE_WINAPI, - fileAccess, - 0, # sharing mode: 0 => can't be shared - None, # security attributes - fileCreation, - fileFlags, - 0) # template file + win32file.CreateFile(HIDDEN_FILE_WINAPI, + fileAccess, + 0, # sharing mode: 0 => can't be shared + None, # security attributes + fileCreation, + fileFlags, + 0) # template file return "Succesfully created hidden file: {}".format(HIDDEN_FILE_WINAPI), True except Exception as err: diff --git a/monkey/monkey_island/cc/encryptor.py b/monkey/monkey_island/cc/encryptor.py index 585c84f87..cf1f02081 100644 --- a/monkey/monkey_island/cc/encryptor.py +++ b/monkey/monkey_island/cc/encryptor.py @@ -1,8 +1,9 @@ import base64 import os -from Crypto import Random -from Crypto.Cipher import AES +# PyCrypto is deprecated, but we use pycryptodome, which uses the exact same imports but it maintained +from Crypto import Random # noqa: DOU133 +from Crypto.Cipher import AES # noqa: DOU133 from monkey_island.cc.consts import MONKEY_ISLAND_ABS_PATH diff --git a/monkey/monkey_island/cc/environment/aws.py b/monkey/monkey_island/cc/environment/aws.py index 587989825..b1ba0a734 100644 --- a/monkey/monkey_island/cc/environment/aws.py +++ b/monkey/monkey_island/cc/environment/aws.py @@ -1,6 +1,5 @@ from common.cloud.aws.aws_instance import AwsInstance from monkey_island.cc.environment import Environment -from monkey_island.cc.resources.auth.auth_user import User __author__ = 'itay.mizeretz' diff --git a/monkey/monkey_island/cc/environment/environment_singleton.py b/monkey/monkey_island/cc/environment/environment_singleton.py index 6e800650f..194337384 100644 --- a/monkey/monkey_island/cc/environment/environment_singleton.py +++ b/monkey/monkey_island/cc/environment/environment_singleton.py @@ -1,7 +1,5 @@ import logging -env = None - import monkey_island.cc.resources.auth.user_store as user_store from monkey_island.cc.environment import (EnvironmentConfig, aws, password, standard, testing) @@ -22,6 +20,8 @@ ENV_DICT = { TESTING: testing.TestingEnvironment } +env = None + def set_env(env_type: str, env_config: EnvironmentConfig): global env diff --git a/monkey/monkey_island/cc/environment/test__init__.py b/monkey/monkey_island/cc/environment/test__init__.py index 881195309..3637d6dd2 100644 --- a/monkey/monkey_island/cc/environment/test__init__.py +++ b/monkey/monkey_island/cc/environment/test__init__.py @@ -112,4 +112,3 @@ class TestEnvironment(TestCase): self.assertTrue(method()) else: self.assertFalse(method()) - diff --git a/monkey/monkey_island/cc/environment/test_environment_config.py b/monkey/monkey_island/cc/environment/test_environment_config.py index 6a6da6be7..d4978a18a 100644 --- a/monkey/monkey_island/cc/environment/test_environment_config.py +++ b/monkey/monkey_island/cc/environment/test_environment_config.py @@ -57,7 +57,7 @@ class TestEnvironmentConfig(TestCase): def test_get_server_config_file_path(self): if platform.system() == "Windows": - server_file_path = MONKEY_ISLAND_ABS_PATH + "\cc\server_config.json" + server_file_path = MONKEY_ISLAND_ABS_PATH + r"\cc\server_config.json" else: server_file_path = MONKEY_ISLAND_ABS_PATH + "/cc/server_config.json" self.assertEqual(EnvironmentConfig.get_config_file_path(), server_file_path) diff --git a/monkey/monkey_island/cc/main.py b/monkey/monkey_island/cc/main.py index 5867b8825..610681034 100644 --- a/monkey/monkey_island/cc/main.py +++ b/monkey/monkey_island/cc/main.py @@ -1,35 +1,38 @@ import logging import os -import os.path import sys import time +from pathlib import Path from threading import Thread -MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0" +# Add the monkey_island directory to the path, to make sure imports that don't start with "monkey_island." work. +MONKEY_ISLAND_DIR_BASE_PATH = str(Path(__file__).parent.parent) +if str(MONKEY_ISLAND_DIR_BASE_PATH) not in sys.path: + sys.path.insert(0, MONKEY_ISLAND_DIR_BASE_PATH) -BASE_PATH = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) - -if BASE_PATH not in sys.path: - sys.path.insert(0, BASE_PATH) - -from monkey_island.cc.consts import MONKEY_ISLAND_ABS_PATH -from monkey_island.cc.island_logger import json_setup_logging +from monkey_island.cc.consts import MONKEY_ISLAND_ABS_PATH # noqa: E402 +from monkey_island.cc.island_logger import json_setup_logging # noqa: E402 # This is here in order to catch EVERYTHING, some functions are being called on imports the log init needs to be on top. -json_setup_logging(default_path=os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'island_logger_default_config.json'), +json_setup_logging(default_path=Path(MONKEY_ISLAND_ABS_PATH, 'cc', 'island_logger_default_config.json'), default_level=logging.DEBUG) logger = logging.getLogger(__name__) -import monkey_island.cc.environment.environment_singleton as env_singleton -from common.version import get_version -from monkey_island.cc.app import init_app -from monkey_island.cc.bootloader_server import BootloaderHttpServer -from monkey_island.cc.database import get_db_version, is_db_server_up -from monkey_island.cc.network_utils import local_ip_addresses -from monkey_island.cc.resources.monkey_download import MonkeyDownload +import monkey_island.cc.environment.environment_singleton as env_singleton # noqa: E402 +from common.version import get_version # noqa: E402 +from monkey_island.cc.app import init_app # noqa: E402 +from monkey_island.cc.bootloader_server import \ + BootloaderHttpServer # noqa: E402 +from monkey_island.cc.database import get_db_version # noqa: E402 +from monkey_island.cc.database import is_db_server_up # noqa: E402 +from monkey_island.cc.network_utils import local_ip_addresses # noqa: E402 +from monkey_island.cc.resources.monkey_download import \ + MonkeyDownload # noqa: E402 from monkey_island.cc.services.reporting.exporter_init import \ - populate_exporter_list -from monkey_island.cc.setup import setup + populate_exporter_list # noqa: E402 +from monkey_island.cc.setup import setup # noqa: E402 + +MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0" def main(should_setup_only=False): @@ -54,8 +57,8 @@ def start_island_server(should_setup_only): populate_exporter_list() app = init_app(mongo_url) - crt_path = os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.crt') - key_path = os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.key') + crt_path = str(Path(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.crt')) + key_path = str(Path(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.key')) setup() diff --git a/monkey/monkey_island/cc/models/monkey.py b/monkey/monkey_island/cc/models/monkey.py index 2d970c640..bc6202e65 100644 --- a/monkey/monkey_island/cc/models/monkey.py +++ b/monkey/monkey_island/cc/models/monkey.py @@ -143,7 +143,7 @@ class Monkey(Document): try: _ = Monkey.get_single_monkey_by_id(object_id) return True - except: + except: # noqa: E722 return False @staticmethod diff --git a/monkey/monkey_island/cc/models/test_monkey.py b/monkey/monkey_island/cc/models/test_monkey.py index 18bdb1177..b2bba9aa0 100644 --- a/monkey/monkey_island/cc/models/test_monkey.py +++ b/monkey/monkey_island/cc/models/test_monkey.py @@ -77,7 +77,7 @@ class TestMonkey(IslandTestCase): self.assertIsNotNone(Monkey.get_single_monkey_by_id(a_monkey.id)) # Raise on non-existent monkey - with pytest.raises(MonkeyNotFoundError) as e_info: + with pytest.raises(MonkeyNotFoundError) as _: _ = Monkey.get_single_monkey_by_id("abcdefabcdefabcdefabcdef") def test_get_os(self): diff --git a/monkey/monkey_island/cc/resources/island_logs.py b/monkey/monkey_island/cc/resources/island_logs.py index 5d1d6d276..b643f2147 100644 --- a/monkey/monkey_island/cc/resources/island_logs.py +++ b/monkey/monkey_island/cc/resources/island_logs.py @@ -15,5 +15,5 @@ class IslandLog(flask_restful.Resource): def get(self): try: return IslandLogService.get_log_file() - except Exception as e: + except Exception: logger.error('Monkey Island logs failed to download', exc_info=True) diff --git a/monkey/monkey_island/cc/services/attack/attack_report.py b/monkey/monkey_island/cc/services/attack/attack_report.py index f14ad7aa6..64ebf01b9 100644 --- a/monkey/monkey_island/cc/services/attack/attack_report.py +++ b/monkey/monkey_island/cc/services/attack/attack_report.py @@ -11,16 +11,16 @@ from monkey_island.cc.services.attack.technique_reports import (T1003, T1005, T1065, T1075, T1082, T1086, T1087, T1090, - T1105, T1106, - T1107, T1110, - T1129, T1136, - T1145, T1146, - T1154, T1156, - T1158, T1166, - T1168, T1188, - T1197, T1210, - T1216, T1222, - T1504) + T1099, T1105, + T1106, T1107, + T1110, T1129, + T1136, T1145, + T1146, T1154, + T1156, T1158, + T1166, T1168, + T1188, T1197, + T1210, T1216, + T1222, T1504) from monkey_island.cc.services.reporting.report_generation_synchronisation import \ safe_generate_attack_report @@ -60,6 +60,7 @@ TECHNIQUES = {'T1210': T1210.T1210, 'T1166': T1166.T1166, 'T1168': T1168.T1168, 'T1053': T1053.T1053, + 'T1099': T1099.T1099, 'T1216': T1216.T1216, 'T1087': T1087.T1087, 'T1146': T1146.T1146 diff --git a/monkey/monkey_island/cc/services/attack/attack_schema.py b/monkey/monkey_island/cc/services/attack/attack_schema.py index 366a86aa7..714e57135 100644 --- a/monkey/monkey_island/cc/services/attack/attack_schema.py +++ b/monkey/monkey_island/cc/services/attack/attack_schema.py @@ -195,6 +195,15 @@ SCHEMA = { "link": "https://attack.mitre.org/techniques/T1222", "description": "Adversaries may modify file permissions/attributes to evade intended DACLs." }, + "T1099": { + "title": "Timestomping", + "type": "bool", + "value": True, + "necessary": False, + "link": "https://attack.mitre.org/techniques/T1099", + "description": "Adversaries may modify file time attributes to hide new/changes to existing " + "files to avoid attention from forensic investigators or file analysis tools." + }, "T1216": { "title": "Signed script proxy execution", "type": "bool", diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py new file mode 100644 index 000000000..9cd4dc903 --- /dev/null +++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py @@ -0,0 +1,13 @@ +from common.data.post_breach_consts import POST_BREACH_TIMESTOMPING +from monkey_island.cc.services.attack.technique_reports.pba_technique import \ + PostBreachTechnique + +__author__ = "shreyamalviya" + + +class T1099(PostBreachTechnique): + tech_id = "T1099" + unscanned_msg = "Monkey didn't try changing any file's time attributes." + scanned_msg = "Monkey tried changing a file's time attributes but failed." + used_msg = "Monkey successfully changed a file's time attributes." + pba_names = [POST_BREACH_TIMESTOMPING] diff --git a/monkey/monkey_island/cc/services/config.py b/monkey/monkey_island/cc/services/config.py index 8d6210739..02dd91381 100644 --- a/monkey/monkey_island/cc/services/config.py +++ b/monkey/monkey_island/cc/services/config.py @@ -217,7 +217,8 @@ class ConfigService: @staticmethod def set_server_ips_in_config(config): ips = local_ip_addresses() - config["internal"]["island_server"]["command_servers"] = ["%s:%d" % (ip, env_singleton.env.get_island_port()) for ip in ips] + config["internal"]["island_server"]["command_servers"] = \ + ["%s:%d" % (ip, env_singleton.env.get_islaned_port()) for ip in ips] config["internal"]["island_server"]["current_server"] = "%s:%d" % (ips[0], env_singleton.env.get_island_port()) @staticmethod diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py index f61bcbeda..f1fe0f6f2 100644 --- a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py +++ b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py @@ -71,6 +71,15 @@ POST_BREACH_ACTIONS = { "info": "Attempts to create a scheduled job on the system and remove it.", "attack_techniques": ["T1168", "T1053"] }, + { + "type": "string", + "enum": [ + "Timestomping" + ], + "title": "Timestomping", + "info": "Creates a temporary file and attempts to modify its time attributes. Removes the file afterwards.", + "attack_techniques": ["T1099"] + }, { "type": "string", "enum": [ diff --git a/monkey/monkey_island/cc/services/config_schema/monkey.py b/monkey/monkey_island/cc/services/config_schema/monkey.py index c9fbdde74..b47d6a15b 100644 --- a/monkey/monkey_island/cc/services/config_schema/monkey.py +++ b/monkey/monkey_island/cc/services/config_schema/monkey.py @@ -68,6 +68,7 @@ MONKEY = { "TrapCommand", "ChangeSetuidSetgid", "ScheduleJobs", + "Timestomping", "AccountDiscovery" ] }, diff --git a/monkey/monkey_island/cc/services/edge/test_displayed_edge.py b/monkey/monkey_island/cc/services/edge/test_displayed_edge.py index dd214c9ed..d2a4e1f58 100644 --- a/monkey/monkey_island/cc/services/edge/test_displayed_edge.py +++ b/monkey/monkey_island/cc/services/edge/test_displayed_edge.py @@ -1,6 +1,5 @@ from bson import ObjectId -from monkey_island.cc.models.edge import Edge from monkey_island.cc.services.edge.displayed_edge import DisplayedEdgeService from monkey_island.cc.services.edge.edge import RIGHT_ARROW, EdgeService from monkey_island.cc.testing.IslandTestCase import IslandTestCase diff --git a/monkey/monkey_island/cc/services/netmap/net_edge.py b/monkey/monkey_island/cc/services/netmap/net_edge.py index 44e097630..0734bf606 100644 --- a/monkey/monkey_island/cc/services/netmap/net_edge.py +++ b/monkey/monkey_island/cc/services/netmap/net_edge.py @@ -1,7 +1,6 @@ from bson import ObjectId from monkey_island.cc.models import Monkey -from monkey_island.cc.models.edge import Edge from monkey_island.cc.services.edge.displayed_edge import DisplayedEdgeService from monkey_island.cc.services.edge.edge import EdgeService from monkey_island.cc.services.node import NodeService diff --git a/monkey/monkey_island/cc/services/node.py b/monkey/monkey_island/cc/services/node.py index fc18e0ef2..a537e4909 100644 --- a/monkey/monkey_island/cc/services/node.py +++ b/monkey/monkey_island/cc/services/node.py @@ -3,13 +3,11 @@ from datetime import datetime, timedelta from typing import Dict from bson import ObjectId -from mongoengine import DoesNotExist import monkey_island.cc.services.log from monkey_island.cc import models from monkey_island.cc.database import mongo from monkey_island.cc.models import Monkey -from monkey_island.cc.models.edge import Edge from monkey_island.cc.network_utils import is_local_ips, local_ip_addresses from monkey_island.cc.services.edge.displayed_edge import DisplayedEdgeService from monkey_island.cc.services.edge.edge import EdgeService diff --git a/monkey/monkey_island/cc/services/reporting/aws_exporter.py b/monkey/monkey_island/cc/services/reporting/aws_exporter.py index de8950042..1ff69163e 100644 --- a/monkey/monkey_island/cc/services/reporting/aws_exporter.py +++ b/monkey/monkey_island/cc/services/reporting/aws_exporter.py @@ -299,7 +299,7 @@ class AWSExporter(Exporter): title="Machines are accessible using passwords supplied by the user during the Monkey's configuration.", description="Change {0}'s password to a complex one-use password that is not shared with other computers on the " "network.", - recommendation="The machine machine ({ip_address}) is vulnerable to a WMI attack. The Monkey authenticated over " + recommendation="The machine {machine} ({ip_address}) is vulnerable to a WMI attack. The Monkey authenticated over " "the WMI protocol with user {username} and its password.".format( machine=issue['machine'], ip_address=issue['ip_address'], @@ -316,7 +316,7 @@ class AWSExporter(Exporter): title="Machines are accessible using passwords supplied by the user during the Monkey's configuration.", description="Change {0}'s password to a complex one-use password that is not shared with other computers on the " "network.".format(issue['username']), - recommendation="The machine machine ({ip_address}) is vulnerable to a WMI attack. The Monkey used a " + recommendation="The machine {machine} ({ip_address}) is vulnerable to a WMI attack. The Monkey used a " "pass-the-hash attack over WMI protocol with user {username}".format( machine=issue['machine'], ip_address=issue['ip_address'], diff --git a/monkey/monkey_island/cc/services/telemetry/processing/exploit.py b/monkey/monkey_island/cc/services/telemetry/processing/exploit.py index 69c1e20f6..e67b4182a 100644 --- a/monkey/monkey_island/cc/services/telemetry/processing/exploit.py +++ b/monkey/monkey_island/cc/services/telemetry/processing/exploit.py @@ -4,7 +4,6 @@ import dateutil from monkey_island.cc.encryptor import encryptor from monkey_island.cc.models import Monkey -from monkey_island.cc.models.edge import Edge from monkey_island.cc.services.edge.displayed_edge import EdgeService from monkey_island.cc.services.node import NodeService from monkey_island.cc.services.telemetry.processing.utils import \ diff --git a/monkey/monkey_island/cc/ui/package-lock.json b/monkey/monkey_island/cc/ui/package-lock.json index f17b3ddd3..c1ae3ec13 100644 --- a/monkey/monkey_island/cc/ui/package-lock.json +++ b/monkey/monkey_island/cc/ui/package-lock.json @@ -1310,9 +1310,9 @@ } }, "@sindresorhus/is": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.1.tgz", - "integrity": "sha512-tLnujxFtfH7F+i5ghUfgGlJsvyCKvUnSMFMlWybFdX9/DdX8svb4Zwx1gV0gkkVCHXtmPSetoAR3QlKfOld6Tw==" + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.2.tgz", + "integrity": "sha512-JiX9vxoKMmu8Y3Zr2RVathBL1Cdu4Nt4MuNWemt1Nc06A0RAin9c5FArkhGsyMBWfCu4zj+9b+GxtjAnE4qqLQ==" }, "@snyk/cli-interface": { "version": "2.8.1", @@ -1550,9 +1550,9 @@ } }, "@snyk/java-call-graph-builder": { - "version": "1.12.1", - "resolved": "https://registry.npmjs.org/@snyk/java-call-graph-builder/-/java-call-graph-builder-1.12.1.tgz", - "integrity": "sha512-thaLaqwXYkvVKs1gqmCAB5aFvwp2cz84rFlODr93smG6E8s7U+KNMiiiWq1KjSvbRe3AN8YUENYGyUoGRu9m1w==", + "version": "1.13.1", + "resolved": "https://registry.npmjs.org/@snyk/java-call-graph-builder/-/java-call-graph-builder-1.13.1.tgz", + "integrity": "sha512-oOCSIyOMplV73a1agcXKXlFYQftK5esUUaFRTf90GOxQwKy8R9tZtKdP+CdutlgvjRP286DQ+7GlvKYsGGZbWg==", "requires": { "@snyk/graphlib": "2.1.9-patch", "ci-info": "^2.0.0", @@ -1719,12 +1719,14 @@ "@types/events": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/@types/events/-/events-3.0.0.tgz", - "integrity": "sha512-EaObqwIvayI5a8dCzhFrjKzVwKLxjoG9T6Ppd5CEo07LRKfQ8Yokw54r5+Wq7FaBQ+yXRvQAYPrHwya1/UFt9g==" + "integrity": "sha512-EaObqwIvayI5a8dCzhFrjKzVwKLxjoG9T6Ppd5CEo07LRKfQ8Yokw54r5+Wq7FaBQ+yXRvQAYPrHwya1/UFt9g==", + "dev": true }, "@types/glob": { "version": "7.1.1", "resolved": "https://registry.npmjs.org/@types/glob/-/glob-7.1.1.tgz", "integrity": "sha512-1Bh06cbWJUHMC97acuD6UMG29nMt0Aqz1vF3guLfG+kHHJhy3AyohZFFxYk2f7Q1SQIrNwvncxAE0N/9s70F2w==", + "dev": true, "requires": { "@types/events": "*", "@types/minimatch": "*", @@ -1772,7 +1774,8 @@ "@types/minimatch": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/@types/minimatch/-/minimatch-3.0.3.tgz", - "integrity": "sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==" + "integrity": "sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==", + "dev": true }, "@types/minimist": { "version": "1.2.0", @@ -2046,26 +2049,27 @@ "dev": true }, "@yarnpkg/core": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/@yarnpkg/core/-/core-2.1.1.tgz", - "integrity": "sha512-qeBxz8nHjKAbGTP2ZcXBnXGfM7+cN0A73mIai/24uru1ayvCIgfjWL1uIj/MM+m+K5lJX0Dcn94ZBHWits9JWQ==", + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/@yarnpkg/core/-/core-2.2.2.tgz", + "integrity": "sha512-TQ0wqQjbZQDrf31N5v4NtE4Juw1c16hYu9QwNloUxRgY/Z+AQIuqa6Jgv9BbAghchZkSIXDWp6bFGD7C+q7cuA==", "requires": { "@arcanis/slice-ansi": "^1.0.2", - "@yarnpkg/fslib": "^2.1.0", + "@yarnpkg/fslib": "^2.2.1", "@yarnpkg/json-proxy": "^2.1.0", - "@yarnpkg/libzip": "^2.1.0", - "@yarnpkg/parsers": "^2.1.0", - "@yarnpkg/pnp": "^2.1.0", - "@yarnpkg/shell": "^2.1.0", + "@yarnpkg/libzip": "^2.2.0", + "@yarnpkg/parsers": "^2.2.0", + "@yarnpkg/pnp": "^2.2.1", + "@yarnpkg/shell": "^2.2.0", "camelcase": "^5.3.1", "chalk": "^3.0.0", "ci-info": "^2.0.0", - "clipanion": "^2.4.2", + "clipanion": "^2.4.4", "cross-spawn": "7.0.3", "diff": "^4.0.1", - "globby": "^10.0.1", + "globby": "^11.0.1", "got": "^11.1.3", "json-file-plus": "^3.3.1", + "lodash": "^4.17.15", "logic-solver": "^2.0.1", "micromatch": "^4.0.2", "mkdirp": "^0.5.1", @@ -2074,7 +2078,7 @@ "pretty-bytes": "^5.1.0", "semver": "^7.1.2", "stream-to-promise": "^2.2.0", - "tar": "^4.4.6", + "tar-stream": "^2.0.1", "tslib": "^1.13.0", "tunnel": "^0.0.6" }, @@ -2142,17 +2146,15 @@ } }, "globby": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/globby/-/globby-10.0.2.tgz", - "integrity": "sha512-7dUi7RvCoT/xast/o/dLN53oqND4yk0nsHkhRgn9w65C4PofCLOoJ39iSOg+qVDdWQPIEj+eszMHQ+aLVwwQSg==", + "version": "11.0.1", + "resolved": "https://registry.npmjs.org/globby/-/globby-11.0.1.tgz", + "integrity": "sha512-iH9RmgwCmUJHi2z5o2l3eTtGBtXek1OYlHrbcxOYugyHLmAsZrPj43OtHThd62Buh/Vv6VyCBD2bdyWcGNQqoQ==", "requires": { - "@types/glob": "^7.1.1", "array-union": "^2.1.0", "dir-glob": "^3.0.1", - "fast-glob": "^3.0.3", - "glob": "^7.1.3", - "ignore": "^5.1.1", - "merge2": "^1.2.3", + "fast-glob": "^3.1.1", + "ignore": "^5.1.4", + "merge2": "^1.3.0", "slash": "^3.0.0" } }, @@ -2209,27 +2211,13 @@ "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==" }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } }, - "tar": { - "version": "4.4.13", - "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.13.tgz", - "integrity": "sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==", - "requires": { - "chownr": "^1.1.1", - "fs-minipass": "^1.2.5", - "minipass": "^2.8.6", - "minizlib": "^1.2.1", - "mkdirp": "^0.5.0", - "safe-buffer": "^5.1.2", - "yallist": "^3.0.3" - } - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -2250,20 +2238,15 @@ "requires": { "isexe": "^2.0.0" } - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" } } }, "@yarnpkg/fslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/fslib/-/fslib-2.1.0.tgz", - "integrity": "sha512-E+f8w5yQZnTf1soyTWy7qdf+GmHsY+A0yEN4Di44/Txk6XRIMruyc1ShDi93mOI6ilnXxD87rNms18zJ8WnspA==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/@yarnpkg/fslib/-/fslib-2.2.1.tgz", + "integrity": "sha512-7SzLP/RHt8lEOaCTg6hMMrnxc2/Osbu3+UPwLZiZiGtLpYqwtTgtWTlAqddS3+MESXOZhc+3gKLX0lfqm6oWuw==", "requires": { - "@yarnpkg/libzip": "^2.1.0", + "@yarnpkg/libzip": "^2.2.0", "tslib": "^1.13.0" }, "dependencies": { @@ -2291,9 +2274,9 @@ } }, "@yarnpkg/libzip": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/libzip/-/libzip-2.1.0.tgz", - "integrity": "sha512-39c7KuSWcYUqVxlBLZwfqdD/D6lS+jplNVWd6uAnk8EpnacaYGJRegvkqWyfw5c8KHukNMeEGF5JHrXPZYBM0w==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@yarnpkg/libzip/-/libzip-2.2.0.tgz", + "integrity": "sha512-/YRSPJbPAvHeCJxcXJrUV4eRP9hER6YB6LyZxsFlpyF++eqdOzNu0WsuXRRJxfqYt3hl7SiGFkL23qB9jqC6cw==", "requires": { "@types/emscripten": "^1.38.0", "tslib": "^1.13.0" @@ -2312,9 +2295,9 @@ "integrity": "sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ==" }, "@yarnpkg/parsers": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/parsers/-/parsers-2.1.0.tgz", - "integrity": "sha512-75OYQ6PMs1C3zm+W+T1xhLyVDX78zXQGEVHpWd4o/QwpAbhneB3/5FXVGRzI3gjPPWWSb/pKOPB1S6p0xmQD2Q==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@yarnpkg/parsers/-/parsers-2.2.0.tgz", + "integrity": "sha512-k1XZaWYRHl7wCj04hcbtzKfPAZbKbsEi7xsB1Ka8obdS6DRnAw7n0gZPvvGjOoqkH95IqWf+Vi7vV5RhlGz63Q==", "requires": { "js-yaml": "^3.10.0", "tslib": "^1.13.0" @@ -2328,12 +2311,12 @@ } }, "@yarnpkg/pnp": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/pnp/-/pnp-2.1.0.tgz", - "integrity": "sha512-b8NlB71EFifv1jDX47nFaRXrykROxHcS7YuGb2dQ+Gp9gqJ0thIaZ3yB9+qWF8acdWtNcMpjCug4xkfAAR5Odw==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/@yarnpkg/pnp/-/pnp-2.2.1.tgz", + "integrity": "sha512-jrwJ3Q6M+nMs4n0O/GgxayU1Bq9mpLoZW2Mb8Nt2fs5whB0CeCr1/pGl9+yiCSjirv9jjp51TVFqF7OPvXy+gA==", "requires": { "@types/node": "^13.7.0", - "@yarnpkg/fslib": "^2.1.0", + "@yarnpkg/fslib": "^2.2.1", "tslib": "^1.13.0" }, "dependencies": { @@ -2345,13 +2328,13 @@ } }, "@yarnpkg/shell": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/shell/-/shell-2.1.0.tgz", - "integrity": "sha512-9i9ZWqeKHGV0DOfdxTVq5zl73Li8Fg947v57uLBEaytNF+HywkDfouNkg/6HfgBrpI0WH8OJ9Pz/uDaE5cpctw==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@yarnpkg/shell/-/shell-2.2.0.tgz", + "integrity": "sha512-IuOZhYxTydNySqP2HlKkfm1QjgCAgVBUZz5O5rXXxpS4vTNSa0q6fwqvNUSrHSWGKH/jAmJS23YbJqislj5wjg==", "requires": { - "@yarnpkg/fslib": "^2.1.0", - "@yarnpkg/parsers": "^2.1.0", - "clipanion": "^2.4.2", + "@yarnpkg/fslib": "^2.2.0", + "@yarnpkg/parsers": "^2.2.0", + "clipanion": "^2.4.4", "cross-spawn": "7.0.3", "fast-glob": "^3.2.2", "stream-buffers": "^3.0.2", @@ -3034,9 +3017,9 @@ } }, "bl": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/bl/-/bl-4.0.2.tgz", - "integrity": "sha512-j4OH8f6Qg2bGuWfRiltT2HYGx0e1QcBTrK9KAHNMwMZdQnDZFk0ZSYIpADjYCB3U12nicC5tVJwSIhwOWjb4RQ==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/bl/-/bl-4.0.3.tgz", + "integrity": "sha512-fs4G6/Hu4/EE+F75J8DuN/0IpQqNjAdC7aEQv7Qt8MHGUH7Ckv2MwTEEeN9QehD0pfIDkMI1bkHYkKy7xHyKIg==", "requires": { "buffer": "^5.5.0", "inherits": "^2.0.4", @@ -3129,9 +3112,9 @@ "dev": true }, "bootstrap": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.5.0.tgz", - "integrity": "sha512-Z93QoXvodoVslA+PWNdk23Hze4RBYIkpb5h8I2HY2Tu2h7A0LpAgLcyrhrSUyo2/Oxm2l1fRZPs1e5hnxnliXA==" + "version": "4.5.1", + "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.5.1.tgz", + "integrity": "sha512-bxUooHBSbvefnIZfjD0LE8nfdPKrtiFy2sgrxQwUZ0UpFzpjVbVMUxaGIoo9XWT4B2LG1HX6UQg0UMOakT0prQ==" }, "boxen": { "version": "4.2.0", @@ -3223,9 +3206,9 @@ } }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } @@ -3620,7 +3603,8 @@ "chownr": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", - "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==" + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", + "dev": true }, "chrome-trace-event": { "version": "1.0.2", @@ -3692,9 +3676,9 @@ } }, "cli-boxes": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/cli-boxes/-/cli-boxes-2.2.0.tgz", - "integrity": "sha512-gpaBrMAizVEANOpfZp/EEUixTXDyGt7DFzdK5hU+UbWt/J0lB0w20ncZj59Z9a93xHb9u12zF5BS6i9RKbtg4w==" + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/cli-boxes/-/cli-boxes-2.2.1.tgz", + "integrity": "sha512-y4coMcylgSCdVinjiDBuR8PCC2bLjyGTwEmPb9NHR/QaNU6EUOXcTY/s6VjGMD6ENSEaeQYHCY0GNGS5jfMwPw==" }, "cli-cursor": { "version": "3.1.0", @@ -3716,9 +3700,9 @@ "integrity": "sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw==" }, "clipanion": { - "version": "2.4.4", - "resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.4.tgz", - "integrity": "sha512-KjyCBz8xplftHjIK/nOqq/9b3hPlXbAAo/AxoITrO4yySpQ6a9QSJDAfOx9PfcRUHteeqbdNxZKSPfeFqQ7plg==" + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.5.0.tgz", + "integrity": "sha512-VYOMl0h/mZXQC2BWq7oBto1zY1SkPWUaJjt+cuIred1HrmrcX1I2N+LNyNoRy8Iwu9r6vUxJwS/tWLwhQW4tPw==" }, "cliui": { "version": "5.0.0", @@ -6028,9 +6012,9 @@ "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==" }, "filepond": { - "version": "4.19.0", - "resolved": "https://registry.npmjs.org/filepond/-/filepond-4.19.0.tgz", - "integrity": "sha512-v/lYpu5YXoM5ctNxCaM4LMFedgFcZjp+YSkjJWSUiG+2i79YRuLOS99WWqMWTEdwW5av2AEzDYRp56VR6Qc5aA==" + "version": "4.19.2", + "resolved": "https://registry.npmjs.org/filepond/-/filepond-4.19.2.tgz", + "integrity": "sha512-2NgemeQGIx9TfjaRwn6LpjJFXILzGXl0FD+Er7veI/25Nn+4qu0mA8rk22S3vpJPajMRn+dD1EUTEOMgUolJ7w==" }, "fill-range": { "version": "4.0.0", @@ -6227,14 +6211,6 @@ "universalify": "^0.1.0" } }, - "fs-minipass": { - "version": "1.2.7", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-1.2.7.tgz", - "integrity": "sha512-GWSSJGFy4e9GUeCcbIkED+bgAoFyj7XF1mV8rma3QW4NIqX9Kyx79N/PF61H5udOV3aY1IaMLs6pGbH71nlCTA==", - "requires": { - "minipass": "^2.6.0" - } - }, "fs-readdir-recursive": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/fs-readdir-recursive/-/fs-readdir-recursive-1.1.0.tgz", @@ -8518,30 +8494,6 @@ } } }, - "minipass": { - "version": "2.9.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-2.9.0.tgz", - "integrity": "sha512-wxfUjg9WebH+CUDX/CdbRlh5SmfZiy/hpkxaRI16Y9W56Pa75sWgd/rvFilSgrauD9NyFymP/+JFV3KwzIsJeg==", - "requires": { - "safe-buffer": "^5.1.2", - "yallist": "^3.0.0" - }, - "dependencies": { - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" - } - } - }, - "minizlib": { - "version": "1.3.3", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-1.3.3.tgz", - "integrity": "sha512-6ZYMOEnmVsdCeTJVE0W9ZD+pVnE8h9Hma/iOwwRDsdQoePpoX56/8B6z3P9VNwppJuBKNRuFDRNRqRWexT9G9Q==", - "requires": { - "minipass": "^2.9.0" - } - }, "mississippi": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/mississippi/-/mississippi-3.0.0.tgz", @@ -12362,9 +12314,9 @@ } }, "open": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/open/-/open-7.1.0.tgz", - "integrity": "sha512-lLPI5KgOwEYCDKXf4np7y1PBEkj7HYIyP2DY8mVDRnx0VIIu6bNrRB0R66TuO7Mack6EnTNLm4uvcl1UoklTpA==", + "version": "7.2.1", + "resolved": "https://registry.npmjs.org/open/-/open-7.2.1.tgz", + "integrity": "sha512-xbYCJib4spUdmcs0g/2mK1nKo/jO2T7INClWd/beL7PFkXRWgr8B23ssDHX/USPn2M2IjDR5UdpYs6I67SnTSA==", "requires": { "is-docker": "^2.0.0", "is-wsl": "^2.1.1" @@ -13203,9 +13155,9 @@ "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc=" }, "pretty-bytes": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.3.0.tgz", - "integrity": "sha512-hjGrh+P926p4R4WbaB6OckyRtO0F0/lQBiT+0gnxjV+5kjPBrfVBFCsCLbMqVQeydvIoouYTCmmEURiH3R1Bdg==" + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.4.1.tgz", + "integrity": "sha512-s1Iam6Gwz3JI5Hweaz4GoCD1WUNUIyzePFy5+Js2hjwGVt2Z79wNN+ZKOZ2vB6C+Xs6njyB84Z1IthQg8d9LxA==" }, "pretty-error": { "version": "2.1.1", @@ -13702,11 +13654,10 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==" }, "react-json-tree": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/react-json-tree/-/react-json-tree-0.11.2.tgz", - "integrity": "sha512-aYhUPj1y5jR3ZQ+G3N7aL8FbTyO03iLwnVvvEikLcNFqNTyabdljo9xDftZndUBFyyyL0aK3qGO9+8EilILHUw==", + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/react-json-tree/-/react-json-tree-0.12.0.tgz", + "integrity": "sha512-lp+NDCsU25JTueO1s784oZ5wEmh1c6kHk96szlX1e9bAlyNiHwCBXINpp0C5/D/LwQi9H/a6NjXGkSOS8zxMDg==", "requires": { - "babel-runtime": "^6.6.1", "prop-types": "^15.5.8", "react-base16-styling": "^0.5.1" } @@ -14585,10 +14536,13 @@ } }, "serialize-javascript": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-2.1.2.tgz", - "integrity": "sha512-rs9OggEUF0V4jUSecXazOYsLfu7OGK2qIn3c7IPBiffz32XniEp/TX9Xmc9LQfK2nQ2QKHvZ2oygKUGU0lG4jQ==", - "dev": true + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-4.0.0.tgz", + "integrity": "sha512-GaNA54380uFefWghODBWEGisLZFj00nS5ACs6yHa9nLqlLpVLO8ChDGeKRjZnV4Nh4n0Qi7nhYZD/9fCPzEqkw==", + "dev": true, + "requires": { + "randombytes": "^2.1.0" + } }, "serve-index": { "version": "1.9.1", @@ -14904,9 +14858,9 @@ } }, "snyk": { - "version": "1.368.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.368.0.tgz", - "integrity": "sha512-ZwX0VxxKVBKqmycPiTpx2El1hPEeNJNKQRyez0yFtIlUM3FscsOpgtfRFWNQKA6znkI075JIpmmShpcrQRLpcQ==", + "version": "1.372.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.372.0.tgz", + "integrity": "sha512-5eX7cEmbPtpZ9w+vQIEIf9tlb3FOEN36cnSFpla4bTim2biGTx50lWPKYAclX3z1tlLt654rdJfpTt5tOqWxUQ==", "requires": { "@snyk/cli-interface": "2.8.1", "@snyk/dep-graph": "1.18.3", @@ -14935,7 +14889,7 @@ "snyk-go-plugin": "1.16.0", "snyk-gradle-plugin": "3.5.1", "snyk-module": "3.1.0", - "snyk-mvn-plugin": "2.18.0", + "snyk-mvn-plugin": "2.19.1", "snyk-nodejs-lockfile-parser": "1.26.3", "snyk-nuget-plugin": "1.18.1", "snyk-php-plugin": "1.9.0", @@ -15330,9 +15284,9 @@ "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } @@ -15398,12 +15352,12 @@ } }, "snyk-mvn-plugin": { - "version": "2.18.0", - "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.18.0.tgz", - "integrity": "sha512-ika5I/8G3wDUT7L+3mDIyzh6Xc4bK8sBhcfFnhpFS0WvOMRAdF4kpshfZ1HzFRsRfe/4YgA3T/D7EoJRtu7Aiw==", + "version": "2.19.1", + "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.19.1.tgz", + "integrity": "sha512-VXYJSdhUmOQAyxdsv5frAKbi3UOcHPabWEQxQ9wxhVBEEmx2lP5ajv1a+ntxwWwL7u3jdc+rnCIKHpLlQJ5nyw==", "requires": { "@snyk/cli-interface": "2.8.1", - "@snyk/java-call-graph-builder": "1.12.1", + "@snyk/java-call-graph-builder": "1.13.1", "debug": "^4.1.1", "needle": "^2.5.0", "tmp": "^0.1.0", @@ -16862,9 +16816,9 @@ "integrity": "sha512-a6sumDlzyHVJWb8+YofY4TW112G6p2FCPEAFk+59gIYHv3XHRhm9ltVQ9kli4hNWeQBwSpe8cRN25x0ROunMOw==" }, "terser": { - "version": "4.6.13", - "resolved": "https://registry.npmjs.org/terser/-/terser-4.6.13.tgz", - "integrity": "sha512-wMvqukYgVpQlymbnNbabVZbtM6PN63AzqexpwJL8tbh/mRT9LE5o+ruVduAGL7D6Fpjl+Q+06U5I9Ul82odAhw==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/terser/-/terser-4.8.0.tgz", + "integrity": "sha512-EAPipTNeWsb/3wLPeup1tVPaXfIaU68xMnVdPafIL1TV05OhASArYyIfFvnvJCNrR2NIOvDVNNTFRa+Re2MWyw==", "dev": true, "requires": { "commander": "^2.20.0", @@ -16881,16 +16835,16 @@ } }, "terser-webpack-plugin": { - "version": "1.4.3", - "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.3.tgz", - "integrity": "sha512-QMxecFz/gHQwteWwSo5nTc6UaICqN1bMedC5sMtUc7y3Ha3Q8y6ZO0iCR8pq4RJC8Hjf0FEPEHZqcMB/+DFCrA==", + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.5.tgz", + "integrity": "sha512-04Rfe496lN8EYruwi6oPQkG0vo8C+HT49X687FZnpPF0qMAIHONI6HEXYPKDOE8e5HjXTyKfqRd/agHtH0kOtw==", "dev": true, "requires": { "cacache": "^12.0.2", "find-cache-dir": "^2.1.0", "is-wsl": "^1.1.0", "schema-utils": "^1.0.0", - "serialize-javascript": "^2.1.2", + "serialize-javascript": "^4.0.0", "source-map": "^0.6.1", "terser": "^4.1.2", "webpack-sources": "^1.4.0", @@ -17238,9 +17192,9 @@ } }, "underscore": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.10.2.tgz", - "integrity": "sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==" + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.11.0.tgz", + "integrity": "sha512-xY96SsN3NA461qIRKZ/+qox37YXPtSBswMGfiNptr+wrt6ds4HaMw23TP612fEyGekRE6LNRiLYr/aqbHXNedw==" }, "unherit": { "version": "1.1.3", @@ -17519,9 +17473,9 @@ "integrity": "sha1-BWmOPUXIjo1+nZLLBYTnfwlvPkM=" }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } diff --git a/monkey/monkey_island/cc/ui/package.json b/monkey/monkey_island/cc/ui/package.json index 330050848..d6de01941 100644 --- a/monkey/monkey_island/cc/ui/package.json +++ b/monkey/monkey_island/cc/ui/package.json @@ -65,14 +65,14 @@ "@fortawesome/free-solid-svg-icons": "^5.13.1", "@fortawesome/react-fontawesome": "^0.1.11", "@kunukn/react-collapse": "^1.2.7", - "bootstrap": "^4.5.0", + "bootstrap": "^4.5.1", "classnames": "^2.2.6", "core-js": "^3.6.5", "d3": "^5.14.1", "downloadjs": "^1.4.7", "fetch": "^1.1.0", "file-saver": "^2.0.2", - "filepond": "^4.19.0", + "filepond": "^4.19.2", "jwt-decode": "^2.2.0", "lodash": "^4.17.20", "marked": "^1.1.1", @@ -94,7 +94,7 @@ "react-filepond": "^7.0.1", "react-graph-vis": "^1.0.5", "react-hot-loader": "^4.12.20", - "react-json-tree": "^0.11.2", + "react-json-tree": "^0.12.0", "react-jsonschema-form-bs4": "^1.7.1", "react-particles-js": "^3.3.0", "react-redux": "^5.1.2", @@ -105,7 +105,7 @@ "react-tooltip-lite": "^1.12.0", "redux": "^4.0.4", "sha3": "^2.1.3", - "snyk": "^1.368.0" + "snyk": "^1.372.0" }, "snyk": true } diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1099.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1099.js new file mode 100644 index 000000000..2c95cdba9 --- /dev/null +++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1099.js @@ -0,0 +1,45 @@ +import React from 'react'; +import ReactTable from 'react-table'; +import {renderMachineFromSystemData, ScanStatus} from './Helpers'; +import MitigationsComponent from './MitigationsComponent'; + +class T1099 extends React.Component { + + constructor(props) { + super(props); + } + + static getColumns() { + return ([{ + columns: [ + { Header: 'Machine', + id: 'machine', + accessor: x => renderMachineFromSystemData(x.machine), + style: {'whiteSpace': 'unset'}}, + { Header: 'Result', + id: 'result', + accessor: x => x.result, + style: {'whiteSpace': 'unset'}} + ] + }]) + } + + render() { + return ( +
+
{this.props.data.message}
+
+ {this.props.data.status === ScanStatus.USED ? + : ''} + +
+ ); + } + } + + export default T1099; diff --git a/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js b/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js index 27800cb97..9007194b0 100644 --- a/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js +++ b/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js @@ -274,9 +274,9 @@ class PreviewPaneComponent extends AuthComponent { let label = ''; if (!this.props.item) { label = ''; - } else if (this.props.item.hasOwnProperty('label')) { + } else if (Object.prototype.hasOwnProperty.call(this.props.item, 'label')) { label = this.props.item['label']; - } else if (this.props.item.hasOwnProperty('_label')) { + } else if (Object.prototype.hasOwnProperty.call(this.props.item, '_label')) { label = this.props.item['_label']; } diff --git a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js index f3b3e190c..426e66c0a 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js @@ -140,7 +140,7 @@ class ConfigurePageComponent extends AuthComponent { // Change value in attack configuration // Go trough each column in matrix, searching for technique Object.entries(this.state.attackConfig).forEach(techType => { - if (techType[1].properties.hasOwnProperty(technique)) { + if (Object.prototype.hasOwnProperty.call(techType[1].properties, technique)) { let tempMatrix = this.state.attackConfig; tempMatrix[techType[0]].properties[technique].value = value; this.setState({attackConfig: tempMatrix}); @@ -151,7 +151,8 @@ class ConfigurePageComponent extends AuthComponent { Object.entries(this.state.attackConfig).forEach(otherType => { Object.entries(otherType[1].properties).forEach(otherTech => { // If this technique depends on a technique that was changed - if (otherTech[1].hasOwnProperty('depends_on') && otherTech[1]['depends_on'].includes(technique)) { + if (Object.prototype.hasOwnProperty.call(otherTech[1], 'depends_on') && + otherTech[1]['depends_on'].includes(technique)) { this.attackTechniqueChange(otherTech[0], value, true) } }) @@ -393,7 +394,7 @@ class ConfigurePageComponent extends AuthComponent { render() { let displayedSchema = {}; - if (this.state.schema.hasOwnProperty('properties') && this.state.selectedSection !== 'attack') { + if (Object.prototype.hasOwnProperty.call(this.state.schema, 'properties') && this.state.selectedSection !== 'attack') { displayedSchema = this.state.schema['properties'][this.state.selectedSection]; displayedSchema['definitions'] = this.state.schema['definitions']; } diff --git a/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js b/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js index cf082f5b3..da11c7ed6 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js @@ -64,7 +64,7 @@ class MapPageComponent extends AuthComponent { this.authFetch('/api/netmap') .then(res => res.json()) .then(res => { - if (res.hasOwnProperty('edges')) { + if (Object.prototype.hasOwnProperty.call(res, 'edges')) { res.edges.forEach(edge => { edge.color = {'color': edgeGroupToColor(edge.group)}; }); diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js index 657e8645a..3b8188221 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js @@ -3,7 +3,7 @@ import {Row, Col, Container, Form, Button} from 'react-bootstrap'; import AuthService from '../../services/AuthService'; import monkeyDetective from '../../images/detective-monkey.svg'; -import ParticleBackground from "../ui-components/ParticleBackground"; +import ParticleBackground from '../ui-components/ParticleBackground'; class RegisterPageComponent extends React.Component { diff --git a/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js b/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js index 5329cfe06..cb30ba117 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js @@ -31,7 +31,7 @@ class ReportPageComponent extends AuthComponent { static selectReport(reports) { let url = window.location.href; for (let report_name in reports) { - if (reports.hasOwnProperty(report_name) && url.endsWith(reports[report_name])) { + if (Object.prototype.hasOwnProperty.call(reports, report_name) && url.endsWith(reports[report_name])) { return reports[report_name]; } } diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js index 48a11f008..467812373 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js @@ -229,7 +229,7 @@ class RunMonkeyPageComponent extends AuthComponent { // update existing state, not run-over let prevRes = this.awsTable.state.result; for (let key in result) { - if (result.hasOwnProperty(key)) { + if (Object.prototype.hasOwnProperty.call(result, key)) { prevRes[key] = result[key]; } } diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js index 97f3c1a18..6a6d0c75f 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js @@ -134,7 +134,7 @@ class AttackReport extends React.Component { getTechniqueByTitle(title){ for (const tech_id in this.state.techniques){ - if (! this.state.techniques.hasOwnProperty(tech_id)) {return false;} + if (! Object.prototype.hasOwnProperty.call(this.state.techniques, tech_id)) {return false;} let technique = this.state.techniques[tech_id]; if (technique.title === title){ technique['tech_id'] = tech_id; @@ -148,10 +148,10 @@ class AttackReport extends React.Component { // add links to techniques schema = schema.properties; for(const type in schema){ - if (! schema.hasOwnProperty(type)) {return false;} + if (! Object.prototype.hasOwnProperty.call(schema, type)) {return false;} let typeTechniques = schema[type].properties; for(const tech_id in typeTechniques){ - if (! typeTechniques.hasOwnProperty(tech_id)) {return false;} + if (! Object.prototype.hasOwnProperty.call(typeTechniques, tech_id)) {return false;} if (typeTechniques[tech_id] !== undefined){ techniques[tech_id]['link'] = typeTechniques[tech_id].link } diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js b/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js index a110da5ea..00420f095 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js @@ -15,7 +15,7 @@ class ReportMatrixComponent extends React.Component { getColumns() { let columns = []; for(const type_key in this.state.schema.properties){ - if (! this.state.schema.properties.hasOwnProperty(type_key)){ + if (! Object.prototype.hasOwnProperty.call(this.state.schema.properties, type_key)){ continue; } let tech_type = this.state.schema.properties[type_key]; @@ -32,11 +32,11 @@ class ReportMatrixComponent extends React.Component { getTableRows() { let rows = []; for (const tech_id in this.state.techniques) { - if (this.state.techniques.hasOwnProperty(tech_id)){ + if (Object.prototype.hasOwnProperty.call(this.state.techniques, tech_id)){ let technique_added = false; let technique = this.state.techniques[tech_id]; for(const row of rows){ - if (! row.hasOwnProperty(technique.type)){ + if (! Object.prototype.hasOwnProperty.call(row, technique.type)){ row[technique.type] = technique; technique_added = true; break; diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js b/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js index c32c4e16e..1ba9285e6 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js @@ -79,13 +79,13 @@ class TechniqueDropdowns extends React.Component{ getOrderedTechniqueList(){ let content = []; for(const type_key in this.state.schema.properties){ - if (! this.state.schema.properties.hasOwnProperty(type_key)){ + if (! Object.prototype.hasOwnProperty.call(this.state.schema.properties, type_key)){ continue; } let tech_type = this.state.schema.properties[type_key]; content.push(

{tech_type.title}

); for(const tech_id in this.state.techniques){ - if (! this.state.techniques.hasOwnProperty(tech_id)){ + if (! Object.prototype.hasOwnProperty.call(this.state.techniques, tech_id)){ continue; } let technique = this.state.techniques[tech_id]; diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js b/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js index e6a2ddd36..4eddb420d 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js @@ -209,7 +209,7 @@ class VennDiagram extends React.Component { if (key_ === 'Data') { this.layout[key_].fontStyle = this.fontStyles[0]; - } else if (this.layout[key_].hasOwnProperty('cx')) { + } else if (Object.prototype.hasOwnProperty.call(this.layout[key_], 'cx')) { this.layout[key_].fontStyle = this.fontStyles[1]; } else { this.layout[key_].fontStyle = this.fontStyles[2]; @@ -229,7 +229,7 @@ class VennDiagram extends React.Component { // equivalent to center translate (width/2, height/2) let viewPortParameters = (-this.width / 2) + ' ' + (-this.height / 2) + ' ' + this.width + ' ' + this.height; let nodes = Object.values(this.layout).map((d_, i_) => { - if (d_.hasOwnProperty('cx')) { + if (Object.prototype.hasOwnProperty.call(d_, 'cx')) { return ( response.json()) .then(res => { - if (res.hasOwnProperty('access_token')) { + if (Object.prototype.hasOwnProperty.call(res, 'access_token')) { this._setToken(res['access_token']); return {result: true}; } else { @@ -86,7 +86,7 @@ export default class AuthService { headers['Authorization'] = 'Bearer ' + this._getToken(); } - if (options.hasOwnProperty('headers')) { + if (Object.prototype.hasOwnProperty.call(options, 'headers')) { for (let header in headers) { options['headers'][header] = headers[header]; } diff --git a/monkey/monkey_island/scripts/island_password_hasher.py b/monkey/monkey_island/scripts/island_password_hasher.py index 9791ca386..334875477 100644 --- a/monkey/monkey_island/scripts/island_password_hasher.py +++ b/monkey/monkey_island/scripts/island_password_hasher.py @@ -7,7 +7,7 @@ for more details. import argparse -from Crypto.Hash import SHA3_512 +from Crypto.Hash import SHA3_512 # noqa: DUO133 def main():