From 1f82dab6f5c98480edc5572570b2f157094d4b12 Mon Sep 17 00:00:00 2001 From: Shreya Date: Thu, 20 Aug 2020 19:16:48 +0530 Subject: [PATCH 01/17] Add T1099 (timestomping) --- monkey/common/data/post_breach_consts.py | 1 + .../post_breach/actions/timestomping.py | 12 +++++ .../timestomping/linux/timestomping.py | 11 +++++ .../post_breach/timestomping/timestomping.py | 10 +++++ .../timestomping/windows/timestomping.ps1 | 13 ++++++ .../timestomping/windows/timestomping.py | 5 +++ .../cc/services/attack/attack_report.py | 22 ++++----- .../cc/services/attack/attack_schema.py | 9 ++++ .../attack/technique_reports/T1099.py | 13 ++++++ .../definitions/post_breach_actions.py | 9 ++++ .../cc/services/config_schema/monkey.py | 3 +- .../src/components/attack/techniques/T1099.js | 45 +++++++++++++++++++ 12 files changed, 142 insertions(+), 11 deletions(-) create mode 100644 monkey/infection_monkey/post_breach/actions/timestomping.py create mode 100644 monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py create mode 100644 monkey/infection_monkey/post_breach/timestomping/timestomping.py create mode 100644 monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 create mode 100644 monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py create mode 100644 monkey/monkey_island/cc/services/attack/technique_reports/T1099.py create mode 100644 monkey/monkey_island/cc/ui/src/components/attack/techniques/T1099.js diff --git a/monkey/common/data/post_breach_consts.py b/monkey/common/data/post_breach_consts.py index c3bba9950..1dc739a7d 100644 --- a/monkey/common/data/post_breach_consts.py +++ b/monkey/common/data/post_breach_consts.py @@ -6,3 +6,4 @@ POST_BREACH_HIDDEN_FILES = "Hide files and directories" POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received" POST_BREACH_SETUID_SETGID = "Setuid and Setgid" POST_BREACH_JOB_SCHEDULING = "Schedule jobs" +POST_BREACH_TIMESTOMPPING = "Modify files' timestamps" diff --git a/monkey/infection_monkey/post_breach/actions/timestomping.py b/monkey/infection_monkey/post_breach/actions/timestomping.py new file mode 100644 index 000000000..3d0564b0d --- /dev/null +++ b/monkey/infection_monkey/post_breach/actions/timestomping.py @@ -0,0 +1,12 @@ +from common.data.post_breach_consts import POST_BREACH_TIMESTOMPPING +from infection_monkey.post_breach.pba import PBA +from infection_monkey.post_breach.timestomping.timestomping import \ + get_timestomping_commands + + +class Timestomping(PBA): + def __init__(self): + linux_cmds, windows_cmds = get_timestomping_commands() + super().__init__(POST_BREACH_TIMESTOMPPING, + linux_cmd=linux_cmds, + windows_cmd=windows_cmds) diff --git a/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py new file mode 100644 index 000000000..ea608b85d --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py @@ -0,0 +1,11 @@ +TEMP_FILE = 'monkey-timestomping-file.txt' +TIMESTAMP_EPOCH = '197001010000.00' + + +def get_linux_timestomping_commands(): + return [ + f'echo "Successfully changed a file\'s modification timestamp" > {TEMP_FILE} && ' + f'touch -m -t {TIMESTAMP_EPOCH} {TEMP_FILE} && ' + f'cat {TEMP_FILE} ; ' + f'rm {TEMP_FILE} -f' + ] diff --git a/monkey/infection_monkey/post_breach/timestomping/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/timestomping.py new file mode 100644 index 000000000..04ed5cb6d --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/timestomping.py @@ -0,0 +1,10 @@ +from infection_monkey.post_breach.timestomping.linux.timestomping import \ + get_linux_timestomping_commands +from infection_monkey.post_breach.timestomping.windows.timestomping import \ + get_windows_timestomping_commands + + +def get_timestomping_commands(): + linux_cmds = get_linux_timestomping_commands() + windows_cmds = get_windows_timestomping_commands() + return linux_cmds, windows_cmds diff --git a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 new file mode 100644 index 000000000..8965a149a --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 @@ -0,0 +1,13 @@ +$TEMP_FILE = 'monkey-timestomping-file.txt' +$TIMESTAMP_EPOCH = '01/01/1970 00:00:00' + +# create temporary file +New-Item -Path $TEMP_FILE -Force | Out-Null +Set-Content $TEMP_FILE -Value "Successfully changed a file\'s modification timestamp" -Force | Out-Null + +# attempt to change modification timestamp +Get-ChildItem $TEMP_FILE | % { $_.LastWriteTime = $TIMESTAMP_EPOCH } +Get-Content $TEMP_FILE + +# remove temporary file +Remove-Item $TEMP_FILE -Force -ErrorAction Ignore diff --git a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py new file mode 100644 index 000000000..c18baabfc --- /dev/null +++ b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py @@ -0,0 +1,5 @@ +TEMP_FILE = 'monkey-timestomping-file.txt' + + +def get_windows_timestomping_commands(): + return 'powershell.exe infection_monkey/post_breach/timestomping/windows/timestomping.ps1' diff --git a/monkey/monkey_island/cc/services/attack/attack_report.py b/monkey/monkey_island/cc/services/attack/attack_report.py index 6d4bac9ed..6485fc5b5 100644 --- a/monkey/monkey_island/cc/services/attack/attack_report.py +++ b/monkey/monkey_island/cc/services/attack/attack_report.py @@ -10,15 +10,16 @@ from monkey_island.cc.services.attack.technique_reports import (T1003, T1005, T1059, T1064, T1065, T1075, T1082, T1086, - T1090, T1105, - T1106, T1107, - T1110, T1129, - T1136, T1145, - T1154, T1156, - T1158, T1166, - T1168, T1188, - T1197, T1210, - T1222, T1504) + T1090, T1099, + T1105, T1106, + T1107, T1110, + T1129, T1136, + T1145, T1154, + T1156, T1158, + T1166, T1168, + T1188, T1197, + T1210, T1222, + T1504) from monkey_island.cc.services.reporting.report_generation_synchronisation import \ safe_generate_attack_report @@ -57,7 +58,8 @@ TECHNIQUES = {'T1210': T1210.T1210, 'T1154': T1154.T1154, 'T1166': T1166.T1166, 'T1168': T1168.T1168, - 'T1053': T1053.T1053 + 'T1053': T1053.T1053, + 'T1099': T1099.T1099 } REPORT_NAME = 'new_report' diff --git a/monkey/monkey_island/cc/services/attack/attack_schema.py b/monkey/monkey_island/cc/services/attack/attack_schema.py index 30d33ca3e..ae0dbd2bc 100644 --- a/monkey/monkey_island/cc/services/attack/attack_schema.py +++ b/monkey/monkey_island/cc/services/attack/attack_schema.py @@ -185,6 +185,15 @@ SCHEMA = { "necessary": True, "link": "https://attack.mitre.org/techniques/T1222", "description": "Adversaries may modify file permissions/attributes to evade intended DACLs." + }, + "T1099": { + "title": "Timestomping", + "type": "bool", + "value": True, + "necessary": False, + "link": "https://attack.mitre.org/techniques/T1099", + "description": "Adversaries may modify file time attributes to hide new/changes to existing " + "files to avoid attention from forensic investigators or file analysis tools." } } }, diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py new file mode 100644 index 000000000..3ca46408d --- /dev/null +++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py @@ -0,0 +1,13 @@ +from common.data.post_breach_consts import POST_BREACH_TIMESTOMPPING +from monkey_island.cc.services.attack.technique_reports.pba_technique import \ + PostBreachTechnique + +__author__ = "shreyamalviya" + + +class T1099(PostBreachTechnique): + tech_id = "T1099" + unscanned_msg = "Monkey didn't try changing any file's time attributes." + scanned_msg = "Monkey tried changing a file's time attributes but failed." + used_msg = "Monkey successfully changed a file's time attributes." + pba_names = [POST_BREACH_TIMESTOMPPING] diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py index f3e2a9bfa..ab4356850 100644 --- a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py +++ b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py @@ -70,6 +70,15 @@ POST_BREACH_ACTIONS = { "title": "Job scheduling", "info": "Attempts to create a scheduled job on the system and remove it.", "attack_techniques": ["T1168", "T1053"] + }, + { + "type": "string", + "enum": [ + "Timestomping" + ], + "title": "Timestomping", + "info": "Creates a temporary file and attempts to modify its file time attributes. Removes temporary file.", + "attack_techniques": ["T1099"] } ] } diff --git a/monkey/monkey_island/cc/services/config_schema/monkey.py b/monkey/monkey_island/cc/services/config_schema/monkey.py index dd10cb35b..e58ac7c79 100644 --- a/monkey/monkey_island/cc/services/config_schema/monkey.py +++ b/monkey/monkey_island/cc/services/config_schema/monkey.py @@ -67,7 +67,8 @@ MONKEY = { "HiddenFiles", "TrapCommand", "ChangeSetuidSetgid", - "ScheduleJobs" + "ScheduleJobs", + "Timestomping" ] }, } diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1099.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1099.js new file mode 100644 index 000000000..2c95cdba9 --- /dev/null +++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1099.js @@ -0,0 +1,45 @@ +import React from 'react'; +import ReactTable from 'react-table'; +import {renderMachineFromSystemData, ScanStatus} from './Helpers'; +import MitigationsComponent from './MitigationsComponent'; + +class T1099 extends React.Component { + + constructor(props) { + super(props); + } + + static getColumns() { + return ([{ + columns: [ + { Header: 'Machine', + id: 'machine', + accessor: x => renderMachineFromSystemData(x.machine), + style: {'whiteSpace': 'unset'}}, + { Header: 'Result', + id: 'result', + accessor: x => x.result, + style: {'whiteSpace': 'unset'}} + ] + }]) + } + + render() { + return ( +
+
{this.props.data.message}
+
+ {this.props.data.status === ScanStatus.USED ? + : ''} + +
+ ); + } + } + + export default T1099; From e8f72f5cd597236d40d81d687293a707879baaa9 Mon Sep 17 00:00:00 2001 From: Shreya Date: Thu, 20 Aug 2020 19:20:36 +0530 Subject: [PATCH 02/17] Add commands' source --- .../post_breach/timestomping/linux/timestomping.py | 3 +++ .../post_breach/timestomping/windows/timestomping.py | 3 +++ 2 files changed, 6 insertions(+) diff --git a/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py index ea608b85d..ee6c02f58 100644 --- a/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py +++ b/monkey/infection_monkey/post_breach/timestomping/linux/timestomping.py @@ -9,3 +9,6 @@ def get_linux_timestomping_commands(): f'cat {TEMP_FILE} ; ' f'rm {TEMP_FILE} -f' ] + + +# Commands' source: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1070.006/T1070.006.md diff --git a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py index c18baabfc..9f23193f7 100644 --- a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py +++ b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.py @@ -3,3 +3,6 @@ TEMP_FILE = 'monkey-timestomping-file.txt' def get_windows_timestomping_commands(): return 'powershell.exe infection_monkey/post_breach/timestomping/windows/timestomping.ps1' + + +# Commands' source: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1070.006/T1070.006.md From 5dc2d54cef3ccac43e96c96e125634a6086c2e25 Mon Sep 17 00:00:00 2001 From: Shreya Date: Thu, 20 Aug 2020 19:39:14 +0530 Subject: [PATCH 03/17] Fix typos --- monkey/common/data/post_breach_consts.py | 2 +- monkey/infection_monkey/post_breach/actions/timestomping.py | 4 ++-- .../post_breach/timestomping/windows/timestomping.ps1 | 2 +- .../cc/services/attack/technique_reports/T1099.py | 4 ++-- .../services/config_schema/definitions/post_breach_actions.py | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/monkey/common/data/post_breach_consts.py b/monkey/common/data/post_breach_consts.py index 1dc739a7d..1650b89c5 100644 --- a/monkey/common/data/post_breach_consts.py +++ b/monkey/common/data/post_breach_consts.py @@ -6,4 +6,4 @@ POST_BREACH_HIDDEN_FILES = "Hide files and directories" POST_BREACH_TRAP_COMMAND = "Execute command when a particular signal is received" POST_BREACH_SETUID_SETGID = "Setuid and Setgid" POST_BREACH_JOB_SCHEDULING = "Schedule jobs" -POST_BREACH_TIMESTOMPPING = "Modify files' timestamps" +POST_BREACH_TIMESTOMPING = "Modify files' timestamps" diff --git a/monkey/infection_monkey/post_breach/actions/timestomping.py b/monkey/infection_monkey/post_breach/actions/timestomping.py index 3d0564b0d..50a940524 100644 --- a/monkey/infection_monkey/post_breach/actions/timestomping.py +++ b/monkey/infection_monkey/post_breach/actions/timestomping.py @@ -1,4 +1,4 @@ -from common.data.post_breach_consts import POST_BREACH_TIMESTOMPPING +from common.data.post_breach_consts import POST_BREACH_TIMESTOMPING from infection_monkey.post_breach.pba import PBA from infection_monkey.post_breach.timestomping.timestomping import \ get_timestomping_commands @@ -7,6 +7,6 @@ from infection_monkey.post_breach.timestomping.timestomping import \ class Timestomping(PBA): def __init__(self): linux_cmds, windows_cmds = get_timestomping_commands() - super().__init__(POST_BREACH_TIMESTOMPPING, + super().__init__(POST_BREACH_TIMESTOMPING, linux_cmd=linux_cmds, windows_cmd=windows_cmds) diff --git a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 index 8965a149a..ce94ac08a 100644 --- a/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 +++ b/monkey/infection_monkey/post_breach/timestomping/windows/timestomping.ps1 @@ -3,7 +3,7 @@ $TIMESTAMP_EPOCH = '01/01/1970 00:00:00' # create temporary file New-Item -Path $TEMP_FILE -Force | Out-Null -Set-Content $TEMP_FILE -Value "Successfully changed a file\'s modification timestamp" -Force | Out-Null +Set-Content $TEMP_FILE -Value "Successfully changed a file's modification timestamp" -Force | Out-Null # attempt to change modification timestamp Get-ChildItem $TEMP_FILE | % { $_.LastWriteTime = $TIMESTAMP_EPOCH } diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py index 3ca46408d..9cd4dc903 100644 --- a/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py +++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1099.py @@ -1,4 +1,4 @@ -from common.data.post_breach_consts import POST_BREACH_TIMESTOMPPING +from common.data.post_breach_consts import POST_BREACH_TIMESTOMPING from monkey_island.cc.services.attack.technique_reports.pba_technique import \ PostBreachTechnique @@ -10,4 +10,4 @@ class T1099(PostBreachTechnique): unscanned_msg = "Monkey didn't try changing any file's time attributes." scanned_msg = "Monkey tried changing a file's time attributes but failed." used_msg = "Monkey successfully changed a file's time attributes." - pba_names = [POST_BREACH_TIMESTOMPPING] + pba_names = [POST_BREACH_TIMESTOMPING] diff --git a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py index ab4356850..ec1ea4b91 100644 --- a/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py +++ b/monkey/monkey_island/cc/services/config_schema/definitions/post_breach_actions.py @@ -77,7 +77,7 @@ POST_BREACH_ACTIONS = { "Timestomping" ], "title": "Timestomping", - "info": "Creates a temporary file and attempts to modify its file time attributes. Removes temporary file.", + "info": "Creates a temporary file and attempts to modify its time attributes. Removes the file afterwards.", "attack_techniques": ["T1099"] } ] From 45465e2748b998ab02fa25afba1823b3ea4b22f7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 21 Aug 2020 07:01:28 +0000 Subject: [PATCH 04/17] fix: upgrade react-json-tree from 0.11.2 to 0.12.0 Snyk has created this PR to upgrade react-json-tree from 0.11.2 to 0.12.0. See this package in npm: https://www.npmjs.com/package/react-json-tree See this project in Snyk: https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr --- monkey/monkey_island/cc/ui/package-lock.json | 7 +++---- monkey/monkey_island/cc/ui/package.json | 2 +- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/monkey/monkey_island/cc/ui/package-lock.json b/monkey/monkey_island/cc/ui/package-lock.json index f976ea1fe..38ea2e994 100644 --- a/monkey/monkey_island/cc/ui/package-lock.json +++ b/monkey/monkey_island/cc/ui/package-lock.json @@ -13712,11 +13712,10 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==" }, "react-json-tree": { - "version": "0.11.2", - "resolved": "https://registry.npmjs.org/react-json-tree/-/react-json-tree-0.11.2.tgz", - "integrity": "sha512-aYhUPj1y5jR3ZQ+G3N7aL8FbTyO03iLwnVvvEikLcNFqNTyabdljo9xDftZndUBFyyyL0aK3qGO9+8EilILHUw==", + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/react-json-tree/-/react-json-tree-0.12.0.tgz", + "integrity": "sha512-lp+NDCsU25JTueO1s784oZ5wEmh1c6kHk96szlX1e9bAlyNiHwCBXINpp0C5/D/LwQi9H/a6NjXGkSOS8zxMDg==", "requires": { - "babel-runtime": "^6.6.1", "prop-types": "^15.5.8", "react-base16-styling": "^0.5.1" } diff --git a/monkey/monkey_island/cc/ui/package.json b/monkey/monkey_island/cc/ui/package.json index ff47b1206..75b9a350c 100644 --- a/monkey/monkey_island/cc/ui/package.json +++ b/monkey/monkey_island/cc/ui/package.json @@ -94,7 +94,7 @@ "react-filepond": "^7.0.1", "react-graph-vis": "^1.0.5", "react-hot-loader": "^4.12.20", - "react-json-tree": "^0.11.2", + "react-json-tree": "^0.12.0", "react-jsonschema-form-bs4": "^1.7.1", "react-particles-js": "^3.3.0", "react-redux": "^5.1.2", From 8589f05acf5eca5ad7b7f3bd115d8e0f3da209f1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 26 Aug 2020 07:00:27 +0000 Subject: [PATCH 05/17] fix: upgrade bootstrap from 4.5.0 to 4.5.1 Snyk has created this PR to upgrade bootstrap from 4.5.0 to 4.5.1. See this package in npm: https://www.npmjs.com/package/bootstrap See this project in Snyk: https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr --- monkey/monkey_island/cc/ui/package-lock.json | 6 +++--- monkey/monkey_island/cc/ui/package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/monkey/monkey_island/cc/ui/package-lock.json b/monkey/monkey_island/cc/ui/package-lock.json index f976ea1fe..33bda2a6b 100644 --- a/monkey/monkey_island/cc/ui/package-lock.json +++ b/monkey/monkey_island/cc/ui/package-lock.json @@ -3139,9 +3139,9 @@ "dev": true }, "bootstrap": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.5.0.tgz", - "integrity": "sha512-Z93QoXvodoVslA+PWNdk23Hze4RBYIkpb5h8I2HY2Tu2h7A0LpAgLcyrhrSUyo2/Oxm2l1fRZPs1e5hnxnliXA==" + "version": "4.5.1", + "resolved": "https://registry.npmjs.org/bootstrap/-/bootstrap-4.5.1.tgz", + "integrity": "sha512-bxUooHBSbvefnIZfjD0LE8nfdPKrtiFy2sgrxQwUZ0UpFzpjVbVMUxaGIoo9XWT4B2LG1HX6UQg0UMOakT0prQ==" }, "boxen": { "version": "4.2.0", diff --git a/monkey/monkey_island/cc/ui/package.json b/monkey/monkey_island/cc/ui/package.json index ff47b1206..5a44f9dc0 100644 --- a/monkey/monkey_island/cc/ui/package.json +++ b/monkey/monkey_island/cc/ui/package.json @@ -65,7 +65,7 @@ "@fortawesome/free-solid-svg-icons": "^5.13.1", "@fortawesome/react-fontawesome": "^0.1.11", "@kunukn/react-collapse": "^1.2.7", - "bootstrap": "^4.5.0", + "bootstrap": "^4.5.1", "classnames": "^2.2.6", "core-js": "^3.6.5", "d3": "^5.14.1", From 8db489722980df88e89ebbd06d183a6774788474 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 28 Aug 2020 07:00:52 +0000 Subject: [PATCH 06/17] fix: upgrade snyk from 1.368.0 to 1.369.3 Snyk has created this PR to upgrade snyk from 1.368.0 to 1.369.3. See this package in npm: https://www.npmjs.com/package/snyk See this project in Snyk: https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr --- monkey/monkey_island/cc/ui/package-lock.json | 46 ++++++++++---------- monkey/monkey_island/cc/ui/package.json | 2 +- 2 files changed, 24 insertions(+), 24 deletions(-) diff --git a/monkey/monkey_island/cc/ui/package-lock.json b/monkey/monkey_island/cc/ui/package-lock.json index f17b3ddd3..62de76547 100644 --- a/monkey/monkey_island/cc/ui/package-lock.json +++ b/monkey/monkey_island/cc/ui/package-lock.json @@ -1310,9 +1310,9 @@ } }, "@sindresorhus/is": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.1.tgz", - "integrity": "sha512-tLnujxFtfH7F+i5ghUfgGlJsvyCKvUnSMFMlWybFdX9/DdX8svb4Zwx1gV0gkkVCHXtmPSetoAR3QlKfOld6Tw==" + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-3.1.2.tgz", + "integrity": "sha512-JiX9vxoKMmu8Y3Zr2RVathBL1Cdu4Nt4MuNWemt1Nc06A0RAin9c5FArkhGsyMBWfCu4zj+9b+GxtjAnE4qqLQ==" }, "@snyk/cli-interface": { "version": "2.8.1", @@ -1550,9 +1550,9 @@ } }, "@snyk/java-call-graph-builder": { - "version": "1.12.1", - "resolved": "https://registry.npmjs.org/@snyk/java-call-graph-builder/-/java-call-graph-builder-1.12.1.tgz", - "integrity": "sha512-thaLaqwXYkvVKs1gqmCAB5aFvwp2cz84rFlODr93smG6E8s7U+KNMiiiWq1KjSvbRe3AN8YUENYGyUoGRu9m1w==", + "version": "1.12.3", + "resolved": "https://registry.npmjs.org/@snyk/java-call-graph-builder/-/java-call-graph-builder-1.12.3.tgz", + "integrity": "sha512-eN32RcCq5J0Veo5NIbDUSb2KRNiVsZMt1w94bFYKxFt6F1tIoiv1CraXdTHSlgQosZ7tw93e8qdOKmQXOtK88Q==", "requires": { "@snyk/graphlib": "2.1.9-patch", "ci-info": "^2.0.0", @@ -3034,9 +3034,9 @@ } }, "bl": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/bl/-/bl-4.0.2.tgz", - "integrity": "sha512-j4OH8f6Qg2bGuWfRiltT2HYGx0e1QcBTrK9KAHNMwMZdQnDZFk0ZSYIpADjYCB3U12nicC5tVJwSIhwOWjb4RQ==", + "version": "4.0.3", + "resolved": "https://registry.npmjs.org/bl/-/bl-4.0.3.tgz", + "integrity": "sha512-fs4G6/Hu4/EE+F75J8DuN/0IpQqNjAdC7aEQv7Qt8MHGUH7Ckv2MwTEEeN9QehD0pfIDkMI1bkHYkKy7xHyKIg==", "requires": { "buffer": "^5.5.0", "inherits": "^2.0.4", @@ -3716,9 +3716,9 @@ "integrity": "sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw==" }, "clipanion": { - "version": "2.4.4", - "resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.4.4.tgz", - "integrity": "sha512-KjyCBz8xplftHjIK/nOqq/9b3hPlXbAAo/AxoITrO4yySpQ6a9QSJDAfOx9PfcRUHteeqbdNxZKSPfeFqQ7plg==" + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/clipanion/-/clipanion-2.5.0.tgz", + "integrity": "sha512-VYOMl0h/mZXQC2BWq7oBto1zY1SkPWUaJjt+cuIred1HrmrcX1I2N+LNyNoRy8Iwu9r6vUxJwS/tWLwhQW4tPw==" }, "cliui": { "version": "5.0.0", @@ -12362,9 +12362,9 @@ } }, "open": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/open/-/open-7.1.0.tgz", - "integrity": "sha512-lLPI5KgOwEYCDKXf4np7y1PBEkj7HYIyP2DY8mVDRnx0VIIu6bNrRB0R66TuO7Mack6EnTNLm4uvcl1UoklTpA==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/open/-/open-7.2.0.tgz", + "integrity": "sha512-4HeyhxCvBTI5uBePsAdi55C5fmqnWZ2e2MlmvWi5KW5tdH5rxoiv/aMtbeVxKZc3eWkT1GymMnLG8XC4Rq4TDQ==", "requires": { "is-docker": "^2.0.0", "is-wsl": "^2.1.1" @@ -14904,9 +14904,9 @@ } }, "snyk": { - "version": "1.368.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.368.0.tgz", - "integrity": "sha512-ZwX0VxxKVBKqmycPiTpx2El1hPEeNJNKQRyez0yFtIlUM3FscsOpgtfRFWNQKA6znkI075JIpmmShpcrQRLpcQ==", + "version": "1.369.3", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.369.3.tgz", + "integrity": "sha512-I54pQeG7i/fLQfBQYK+hL/Yr3g9FPuSnVWKroRFdEaB6vfNSRBA2nd3cKPz9iTVm8v72dSZvixsvR6s+7iDi6g==", "requires": { "@snyk/cli-interface": "2.8.1", "@snyk/dep-graph": "1.18.3", @@ -14935,7 +14935,7 @@ "snyk-go-plugin": "1.16.0", "snyk-gradle-plugin": "3.5.1", "snyk-module": "3.1.0", - "snyk-mvn-plugin": "2.18.0", + "snyk-mvn-plugin": "2.18.2", "snyk-nodejs-lockfile-parser": "1.26.3", "snyk-nuget-plugin": "1.18.1", "snyk-php-plugin": "1.9.0", @@ -15398,12 +15398,12 @@ } }, "snyk-mvn-plugin": { - "version": "2.18.0", - "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.18.0.tgz", - "integrity": "sha512-ika5I/8G3wDUT7L+3mDIyzh6Xc4bK8sBhcfFnhpFS0WvOMRAdF4kpshfZ1HzFRsRfe/4YgA3T/D7EoJRtu7Aiw==", + "version": "2.18.2", + "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.18.2.tgz", + "integrity": "sha512-A36YmfpeEXGsKoChm644DysKG40d5y5MZnldkpsbrLz37R3JMxkt4igMACZ9QJZAkiWjVs28hOKyyT1vuMPlHg==", "requires": { "@snyk/cli-interface": "2.8.1", - "@snyk/java-call-graph-builder": "1.12.1", + "@snyk/java-call-graph-builder": "1.12.3", "debug": "^4.1.1", "needle": "^2.5.0", "tmp": "^0.1.0", diff --git a/monkey/monkey_island/cc/ui/package.json b/monkey/monkey_island/cc/ui/package.json index 330050848..e7d2d80d8 100644 --- a/monkey/monkey_island/cc/ui/package.json +++ b/monkey/monkey_island/cc/ui/package.json @@ -105,7 +105,7 @@ "react-tooltip-lite": "^1.12.0", "redux": "^4.0.4", "sha3": "^2.1.3", - "snyk": "^1.368.0" + "snyk": "^1.369.3" }, "snyk": true } From 60fdf06cfb3750415a71ecfd2a0694e7371f8c7f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 28 Aug 2020 07:00:57 +0000 Subject: [PATCH 07/17] fix: upgrade filepond from 4.19.0 to 4.19.2 Snyk has created this PR to upgrade filepond from 4.19.0 to 4.19.2. See this package in npm: https://www.npmjs.com/package/filepond See this project in Snyk: https://app.snyk.io/org/shaynehmad/project/37aecb9c-98b4-4735-95a2-83d941303b4e?utm_source=github&utm_medium=upgrade-pr --- monkey/monkey_island/cc/ui/package-lock.json | 6 +++--- monkey/monkey_island/cc/ui/package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/monkey/monkey_island/cc/ui/package-lock.json b/monkey/monkey_island/cc/ui/package-lock.json index f17b3ddd3..80884057c 100644 --- a/monkey/monkey_island/cc/ui/package-lock.json +++ b/monkey/monkey_island/cc/ui/package-lock.json @@ -6028,9 +6028,9 @@ "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==" }, "filepond": { - "version": "4.19.0", - "resolved": "https://registry.npmjs.org/filepond/-/filepond-4.19.0.tgz", - "integrity": "sha512-v/lYpu5YXoM5ctNxCaM4LMFedgFcZjp+YSkjJWSUiG+2i79YRuLOS99WWqMWTEdwW5av2AEzDYRp56VR6Qc5aA==" + "version": "4.19.2", + "resolved": "https://registry.npmjs.org/filepond/-/filepond-4.19.2.tgz", + "integrity": "sha512-2NgemeQGIx9TfjaRwn6LpjJFXILzGXl0FD+Er7veI/25Nn+4qu0mA8rk22S3vpJPajMRn+dD1EUTEOMgUolJ7w==" }, "fill-range": { "version": "4.0.0", diff --git a/monkey/monkey_island/cc/ui/package.json b/monkey/monkey_island/cc/ui/package.json index 330050848..2c8f09d97 100644 --- a/monkey/monkey_island/cc/ui/package.json +++ b/monkey/monkey_island/cc/ui/package.json @@ -72,7 +72,7 @@ "downloadjs": "^1.4.7", "fetch": "^1.1.0", "file-saver": "^2.0.2", - "filepond": "^4.19.0", + "filepond": "^4.19.2", "jwt-decode": "^2.2.0", "lodash": "^4.17.20", "marked": "^1.1.1", From a1356a14b3d48dfb694b45d1312fb53973c16e2a Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 12:12:50 +0300 Subject: [PATCH 08/17] npm audit fix --- monkey/monkey_island/cc/ui/package-lock.json | 25 +++++++++++--------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/monkey/monkey_island/cc/ui/package-lock.json b/monkey/monkey_island/cc/ui/package-lock.json index a6dda774f..6bed64142 100644 --- a/monkey/monkey_island/cc/ui/package-lock.json +++ b/monkey/monkey_island/cc/ui/package-lock.json @@ -14585,10 +14585,13 @@ } }, "serialize-javascript": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-2.1.2.tgz", - "integrity": "sha512-rs9OggEUF0V4jUSecXazOYsLfu7OGK2qIn3c7IPBiffz32XniEp/TX9Xmc9LQfK2nQ2QKHvZ2oygKUGU0lG4jQ==", - "dev": true + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-4.0.0.tgz", + "integrity": "sha512-GaNA54380uFefWghODBWEGisLZFj00nS5ACs6yHa9nLqlLpVLO8ChDGeKRjZnV4Nh4n0Qi7nhYZD/9fCPzEqkw==", + "dev": true, + "requires": { + "randombytes": "^2.1.0" + } }, "serve-index": { "version": "1.9.1", @@ -16862,9 +16865,9 @@ "integrity": "sha512-a6sumDlzyHVJWb8+YofY4TW112G6p2FCPEAFk+59gIYHv3XHRhm9ltVQ9kli4hNWeQBwSpe8cRN25x0ROunMOw==" }, "terser": { - "version": "4.6.13", - "resolved": "https://registry.npmjs.org/terser/-/terser-4.6.13.tgz", - "integrity": "sha512-wMvqukYgVpQlymbnNbabVZbtM6PN63AzqexpwJL8tbh/mRT9LE5o+ruVduAGL7D6Fpjl+Q+06U5I9Ul82odAhw==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/terser/-/terser-4.8.0.tgz", + "integrity": "sha512-EAPipTNeWsb/3wLPeup1tVPaXfIaU68xMnVdPafIL1TV05OhASArYyIfFvnvJCNrR2NIOvDVNNTFRa+Re2MWyw==", "dev": true, "requires": { "commander": "^2.20.0", @@ -16881,16 +16884,16 @@ } }, "terser-webpack-plugin": { - "version": "1.4.3", - "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.3.tgz", - "integrity": "sha512-QMxecFz/gHQwteWwSo5nTc6UaICqN1bMedC5sMtUc7y3Ha3Q8y6ZO0iCR8pq4RJC8Hjf0FEPEHZqcMB/+DFCrA==", + "version": "1.4.5", + "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.5.tgz", + "integrity": "sha512-04Rfe496lN8EYruwi6oPQkG0vo8C+HT49X687FZnpPF0qMAIHONI6HEXYPKDOE8e5HjXTyKfqRd/agHtH0kOtw==", "dev": true, "requires": { "cacache": "^12.0.2", "find-cache-dir": "^2.1.0", "is-wsl": "^1.1.0", "schema-utils": "^1.0.0", - "serialize-javascript": "^2.1.2", + "serialize-javascript": "^4.0.0", "source-map": "^0.6.1", "terser": "^4.1.2", "webpack-sources": "^1.4.0", From 910e8355f95f1edfd154ecc1405e1b89cb324eeb Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 14:13:56 +0300 Subject: [PATCH 09/17] Fix or noqa some python linter errors Also, replace os.path with Path --- .../island_client/monkey_island_requests.py | 6 +-- monkey/common/network/network_range.py | 2 +- monkey/infection_monkey/monkey.py | 2 +- monkey/monkey_island/cc/encryptor.py | 5 ++- monkey/monkey_island/cc/environment/aws.py | 1 - .../cc/environment/environment_singleton.py | 4 +- .../cc/environment/test__init__.py | 1 - .../cc/environment/test_environment_config.py | 2 +- monkey/monkey_island/cc/main.py | 44 +++++++++---------- monkey/monkey_island/cc/models/monkey.py | 2 +- monkey/monkey_island/cc/models/test_monkey.py | 2 +- .../monkey_island/cc/resources/island_logs.py | 2 +- monkey/monkey_island/cc/services/config.py | 3 +- .../cc/services/edge/test_displayed_edge.py | 1 - .../cc/services/netmap/net_edge.py | 1 - monkey/monkey_island/cc/services/node.py | 2 - .../cc/services/reporting/aws_exporter.py | 4 +- .../services/telemetry/processing/exploit.py | 1 - .../scripts/island_password_hasher.py | 2 +- 19 files changed, 40 insertions(+), 47 deletions(-) diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index 7e2418d6f..9a98c1e06 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -91,16 +91,14 @@ class MonkeyIslandRequests(object): return requests.patch(self.addr + url, # noqa: DUO123 data=data, headers=self.get_jwt_header(), - verify=False - ) + verify=False) @_Decorators.refresh_jwt_token def delete(self, url): return requests.delete( # noqa: DOU123 self.addr + url, headers=self.get_jwt_header(), - verify=False - ) + verify=False) @_Decorators.refresh_jwt_token def get_jwt_header(self): diff --git a/monkey/common/network/network_range.py b/monkey/common/network/network_range.py index b778bb5f9..7eb082c8f 100644 --- a/monkey/common/network/network_range.py +++ b/monkey/common/network/network_range.py @@ -28,7 +28,7 @@ class NetworkRange(object, metaclass=ABCMeta): """ base_range = self.get_range() if self._shuffle: - random.shuffle(base_range) + random.shuffle(base_range) # noqa: DUO102 for x in base_range: yield self._number_to_ip(x) diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py index 02463e988..07431bae9 100644 --- a/monkey/infection_monkey/monkey.py +++ b/monkey/infection_monkey/monkey.py @@ -89,7 +89,7 @@ class InfectionMonkey(object): if self._opts.depth is not None: WormConfiguration._depth_from_commandline = True WormConfiguration.depth = self._opts.depth - LOG.debug(f"Setting propagation depth from command line") + LOG.debug("Setting propagation depth from command line") LOG.debug(f"Set propagation depth to {WormConfiguration.depth}") self._keep_running = True diff --git a/monkey/monkey_island/cc/encryptor.py b/monkey/monkey_island/cc/encryptor.py index 585c84f87..cf1f02081 100644 --- a/monkey/monkey_island/cc/encryptor.py +++ b/monkey/monkey_island/cc/encryptor.py @@ -1,8 +1,9 @@ import base64 import os -from Crypto import Random -from Crypto.Cipher import AES +# PyCrypto is deprecated, but we use pycryptodome, which uses the exact same imports but it maintained +from Crypto import Random # noqa: DOU133 +from Crypto.Cipher import AES # noqa: DOU133 from monkey_island.cc.consts import MONKEY_ISLAND_ABS_PATH diff --git a/monkey/monkey_island/cc/environment/aws.py b/monkey/monkey_island/cc/environment/aws.py index 587989825..b1ba0a734 100644 --- a/monkey/monkey_island/cc/environment/aws.py +++ b/monkey/monkey_island/cc/environment/aws.py @@ -1,6 +1,5 @@ from common.cloud.aws.aws_instance import AwsInstance from monkey_island.cc.environment import Environment -from monkey_island.cc.resources.auth.auth_user import User __author__ = 'itay.mizeretz' diff --git a/monkey/monkey_island/cc/environment/environment_singleton.py b/monkey/monkey_island/cc/environment/environment_singleton.py index 6e800650f..194337384 100644 --- a/monkey/monkey_island/cc/environment/environment_singleton.py +++ b/monkey/monkey_island/cc/environment/environment_singleton.py @@ -1,7 +1,5 @@ import logging -env = None - import monkey_island.cc.resources.auth.user_store as user_store from monkey_island.cc.environment import (EnvironmentConfig, aws, password, standard, testing) @@ -22,6 +20,8 @@ ENV_DICT = { TESTING: testing.TestingEnvironment } +env = None + def set_env(env_type: str, env_config: EnvironmentConfig): global env diff --git a/monkey/monkey_island/cc/environment/test__init__.py b/monkey/monkey_island/cc/environment/test__init__.py index 881195309..3637d6dd2 100644 --- a/monkey/monkey_island/cc/environment/test__init__.py +++ b/monkey/monkey_island/cc/environment/test__init__.py @@ -112,4 +112,3 @@ class TestEnvironment(TestCase): self.assertTrue(method()) else: self.assertFalse(method()) - diff --git a/monkey/monkey_island/cc/environment/test_environment_config.py b/monkey/monkey_island/cc/environment/test_environment_config.py index 6a6da6be7..d4978a18a 100644 --- a/monkey/monkey_island/cc/environment/test_environment_config.py +++ b/monkey/monkey_island/cc/environment/test_environment_config.py @@ -57,7 +57,7 @@ class TestEnvironmentConfig(TestCase): def test_get_server_config_file_path(self): if platform.system() == "Windows": - server_file_path = MONKEY_ISLAND_ABS_PATH + "\cc\server_config.json" + server_file_path = MONKEY_ISLAND_ABS_PATH + r"\cc\server_config.json" else: server_file_path = MONKEY_ISLAND_ABS_PATH + "/cc/server_config.json" self.assertEqual(EnvironmentConfig.get_config_file_path(), server_file_path) diff --git a/monkey/monkey_island/cc/main.py b/monkey/monkey_island/cc/main.py index 5867b8825..d4e7a5394 100644 --- a/monkey/monkey_island/cc/main.py +++ b/monkey/monkey_island/cc/main.py @@ -1,35 +1,35 @@ import logging import os -import os.path import sys import time +from pathlib import Path from threading import Thread -MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0" +# Add the monkey_island directory to the path, to make sure imports that don't start with "monkey_island." work. +MONKEY_ISLAND_DIR_BASE_PATH = str(Path(__file__).parent.parent) +if str(MONKEY_ISLAND_DIR_BASE_PATH) not in sys.path: + sys.path.insert(0, MONKEY_ISLAND_DIR_BASE_PATH) -BASE_PATH = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) - -if BASE_PATH not in sys.path: - sys.path.insert(0, BASE_PATH) - -from monkey_island.cc.consts import MONKEY_ISLAND_ABS_PATH -from monkey_island.cc.island_logger import json_setup_logging +from monkey_island.cc.consts import MONKEY_ISLAND_ABS_PATH # noqa: E402 +from monkey_island.cc.island_logger import json_setup_logging # noqa: E402 # This is here in order to catch EVERYTHING, some functions are being called on imports the log init needs to be on top. -json_setup_logging(default_path=os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'island_logger_default_config.json'), +json_setup_logging(default_path=Path(MONKEY_ISLAND_ABS_PATH, 'cc', 'island_logger_default_config.json'), default_level=logging.DEBUG) logger = logging.getLogger(__name__) -import monkey_island.cc.environment.environment_singleton as env_singleton -from common.version import get_version -from monkey_island.cc.app import init_app -from monkey_island.cc.bootloader_server import BootloaderHttpServer -from monkey_island.cc.database import get_db_version, is_db_server_up -from monkey_island.cc.network_utils import local_ip_addresses -from monkey_island.cc.resources.monkey_download import MonkeyDownload -from monkey_island.cc.services.reporting.exporter_init import \ - populate_exporter_list -from monkey_island.cc.setup import setup +import monkey_island.cc.environment.environment_singleton as env_singleton # noqa: E402 +from common.version import get_version # noqa: E402 +from monkey_island.cc.app import init_app # noqa: E402 +from monkey_island.cc.bootloader_server import BootloaderHttpServer # noqa: E402 +from monkey_island.cc.database import get_db_version, is_db_server_up # noqa: E402 +from monkey_island.cc.network_utils import local_ip_addresses # noqa: E402 +from monkey_island.cc.resources.monkey_download import MonkeyDownload # noqa: E402 +from monkey_island.cc.services.reporting.exporter_init import populate_exporter_list # noqa: E402 +from monkey_island.cc.setup import setup # noqa: E402 + + +MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0" def main(should_setup_only=False): @@ -54,8 +54,8 @@ def start_island_server(should_setup_only): populate_exporter_list() app = init_app(mongo_url) - crt_path = os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.crt') - key_path = os.path.join(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.key') + crt_path = str(Path(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.crt')) + key_path = str(Path(MONKEY_ISLAND_ABS_PATH, 'cc', 'server.key')) setup() diff --git a/monkey/monkey_island/cc/models/monkey.py b/monkey/monkey_island/cc/models/monkey.py index 2d970c640..bc6202e65 100644 --- a/monkey/monkey_island/cc/models/monkey.py +++ b/monkey/monkey_island/cc/models/monkey.py @@ -143,7 +143,7 @@ class Monkey(Document): try: _ = Monkey.get_single_monkey_by_id(object_id) return True - except: + except: # noqa: E722 return False @staticmethod diff --git a/monkey/monkey_island/cc/models/test_monkey.py b/monkey/monkey_island/cc/models/test_monkey.py index 18bdb1177..b2bba9aa0 100644 --- a/monkey/monkey_island/cc/models/test_monkey.py +++ b/monkey/monkey_island/cc/models/test_monkey.py @@ -77,7 +77,7 @@ class TestMonkey(IslandTestCase): self.assertIsNotNone(Monkey.get_single_monkey_by_id(a_monkey.id)) # Raise on non-existent monkey - with pytest.raises(MonkeyNotFoundError) as e_info: + with pytest.raises(MonkeyNotFoundError) as _: _ = Monkey.get_single_monkey_by_id("abcdefabcdefabcdefabcdef") def test_get_os(self): diff --git a/monkey/monkey_island/cc/resources/island_logs.py b/monkey/monkey_island/cc/resources/island_logs.py index 5d1d6d276..b643f2147 100644 --- a/monkey/monkey_island/cc/resources/island_logs.py +++ b/monkey/monkey_island/cc/resources/island_logs.py @@ -15,5 +15,5 @@ class IslandLog(flask_restful.Resource): def get(self): try: return IslandLogService.get_log_file() - except Exception as e: + except Exception: logger.error('Monkey Island logs failed to download', exc_info=True) diff --git a/monkey/monkey_island/cc/services/config.py b/monkey/monkey_island/cc/services/config.py index 8d6210739..02dd91381 100644 --- a/monkey/monkey_island/cc/services/config.py +++ b/monkey/monkey_island/cc/services/config.py @@ -217,7 +217,8 @@ class ConfigService: @staticmethod def set_server_ips_in_config(config): ips = local_ip_addresses() - config["internal"]["island_server"]["command_servers"] = ["%s:%d" % (ip, env_singleton.env.get_island_port()) for ip in ips] + config["internal"]["island_server"]["command_servers"] = \ + ["%s:%d" % (ip, env_singleton.env.get_islaned_port()) for ip in ips] config["internal"]["island_server"]["current_server"] = "%s:%d" % (ips[0], env_singleton.env.get_island_port()) @staticmethod diff --git a/monkey/monkey_island/cc/services/edge/test_displayed_edge.py b/monkey/monkey_island/cc/services/edge/test_displayed_edge.py index dd214c9ed..d2a4e1f58 100644 --- a/monkey/monkey_island/cc/services/edge/test_displayed_edge.py +++ b/monkey/monkey_island/cc/services/edge/test_displayed_edge.py @@ -1,6 +1,5 @@ from bson import ObjectId -from monkey_island.cc.models.edge import Edge from monkey_island.cc.services.edge.displayed_edge import DisplayedEdgeService from monkey_island.cc.services.edge.edge import RIGHT_ARROW, EdgeService from monkey_island.cc.testing.IslandTestCase import IslandTestCase diff --git a/monkey/monkey_island/cc/services/netmap/net_edge.py b/monkey/monkey_island/cc/services/netmap/net_edge.py index 44e097630..0734bf606 100644 --- a/monkey/monkey_island/cc/services/netmap/net_edge.py +++ b/monkey/monkey_island/cc/services/netmap/net_edge.py @@ -1,7 +1,6 @@ from bson import ObjectId from monkey_island.cc.models import Monkey -from monkey_island.cc.models.edge import Edge from monkey_island.cc.services.edge.displayed_edge import DisplayedEdgeService from monkey_island.cc.services.edge.edge import EdgeService from monkey_island.cc.services.node import NodeService diff --git a/monkey/monkey_island/cc/services/node.py b/monkey/monkey_island/cc/services/node.py index fc18e0ef2..a537e4909 100644 --- a/monkey/monkey_island/cc/services/node.py +++ b/monkey/monkey_island/cc/services/node.py @@ -3,13 +3,11 @@ from datetime import datetime, timedelta from typing import Dict from bson import ObjectId -from mongoengine import DoesNotExist import monkey_island.cc.services.log from monkey_island.cc import models from monkey_island.cc.database import mongo from monkey_island.cc.models import Monkey -from monkey_island.cc.models.edge import Edge from monkey_island.cc.network_utils import is_local_ips, local_ip_addresses from monkey_island.cc.services.edge.displayed_edge import DisplayedEdgeService from monkey_island.cc.services.edge.edge import EdgeService diff --git a/monkey/monkey_island/cc/services/reporting/aws_exporter.py b/monkey/monkey_island/cc/services/reporting/aws_exporter.py index de8950042..1ff69163e 100644 --- a/monkey/monkey_island/cc/services/reporting/aws_exporter.py +++ b/monkey/monkey_island/cc/services/reporting/aws_exporter.py @@ -299,7 +299,7 @@ class AWSExporter(Exporter): title="Machines are accessible using passwords supplied by the user during the Monkey's configuration.", description="Change {0}'s password to a complex one-use password that is not shared with other computers on the " "network.", - recommendation="The machine machine ({ip_address}) is vulnerable to a WMI attack. The Monkey authenticated over " + recommendation="The machine {machine} ({ip_address}) is vulnerable to a WMI attack. The Monkey authenticated over " "the WMI protocol with user {username} and its password.".format( machine=issue['machine'], ip_address=issue['ip_address'], @@ -316,7 +316,7 @@ class AWSExporter(Exporter): title="Machines are accessible using passwords supplied by the user during the Monkey's configuration.", description="Change {0}'s password to a complex one-use password that is not shared with other computers on the " "network.".format(issue['username']), - recommendation="The machine machine ({ip_address}) is vulnerable to a WMI attack. The Monkey used a " + recommendation="The machine {machine} ({ip_address}) is vulnerable to a WMI attack. The Monkey used a " "pass-the-hash attack over WMI protocol with user {username}".format( machine=issue['machine'], ip_address=issue['ip_address'], diff --git a/monkey/monkey_island/cc/services/telemetry/processing/exploit.py b/monkey/monkey_island/cc/services/telemetry/processing/exploit.py index 69c1e20f6..e67b4182a 100644 --- a/monkey/monkey_island/cc/services/telemetry/processing/exploit.py +++ b/monkey/monkey_island/cc/services/telemetry/processing/exploit.py @@ -4,7 +4,6 @@ import dateutil from monkey_island.cc.encryptor import encryptor from monkey_island.cc.models import Monkey -from monkey_island.cc.models.edge import Edge from monkey_island.cc.services.edge.displayed_edge import EdgeService from monkey_island.cc.services.node import NodeService from monkey_island.cc.services.telemetry.processing.utils import \ diff --git a/monkey/monkey_island/scripts/island_password_hasher.py b/monkey/monkey_island/scripts/island_password_hasher.py index 9791ca386..334875477 100644 --- a/monkey/monkey_island/scripts/island_password_hasher.py +++ b/monkey/monkey_island/scripts/island_password_hasher.py @@ -7,7 +7,7 @@ for more details. import argparse -from Crypto.Hash import SHA3_512 +from Crypto.Hash import SHA3_512 # noqa: DUO133 def main(): From b26727d5e064e1e1a73183be3414b2789fb8b38a Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 14:36:26 +0300 Subject: [PATCH 10/17] Fix isort formatting --- monkey/monkey_island/cc/main.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/monkey/monkey_island/cc/main.py b/monkey/monkey_island/cc/main.py index d4e7a5394..96dfe9296 100644 --- a/monkey/monkey_island/cc/main.py +++ b/monkey/monkey_island/cc/main.py @@ -21,14 +21,17 @@ logger = logging.getLogger(__name__) import monkey_island.cc.environment.environment_singleton as env_singleton # noqa: E402 from common.version import get_version # noqa: E402 from monkey_island.cc.app import init_app # noqa: E402 -from monkey_island.cc.bootloader_server import BootloaderHttpServer # noqa: E402 -from monkey_island.cc.database import get_db_version, is_db_server_up # noqa: E402 +from monkey_island.cc.bootloader_server import \ + BootloaderHttpServer # noqa: E402 +from monkey_island.cc.database import (get_db_version, # noqa: E402 + is_db_server_up) from monkey_island.cc.network_utils import local_ip_addresses # noqa: E402 -from monkey_island.cc.resources.monkey_download import MonkeyDownload # noqa: E402 -from monkey_island.cc.services.reporting.exporter_init import populate_exporter_list # noqa: E402 +from monkey_island.cc.resources.monkey_download import \ + MonkeyDownload # noqa: E402 +from monkey_island.cc.services.reporting.exporter_init import \ + populate_exporter_list # noqa: E402 from monkey_island.cc.setup import setup # noqa: E402 - MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0" From f23199c4a39aeb49c2c5ee76919b8a3f5c2e288a Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 14:40:03 +0300 Subject: [PATCH 11/17] Fixed more warnings and lowered the linter upper limit to double digits --- .travis.yml | 2 +- .../post_breach/actions/communicate_as_new_user.py | 2 +- .../system_info/windows_info_collector.py | 12 ++++-------- .../infection_monkey/utils/windows/hidden_files.py | 2 +- 4 files changed, 7 insertions(+), 11 deletions(-) diff --git a/.travis.yml b/.travis.yml index 59a97f60c..8586aaf38 100644 --- a/.travis.yml +++ b/.travis.yml @@ -72,7 +72,7 @@ script: ## Display the linter issues - cat flake8_warnings.txt ## Make sure that we haven't increased the amount of warnings. -- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=120 +- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=90 - if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi ## Check import order diff --git a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py index 83065d20d..ce85c74c1 100644 --- a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py +++ b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py @@ -44,7 +44,7 @@ class CommunicateAsNewUser(PBA): @staticmethod def get_random_new_user_name(): - return USERNAME_PREFIX + ''.join(random.choice(string.ascii_lowercase) for _ in range(5)) + return USERNAME_PREFIX + ''.join(random.choice(string.ascii_lowercase) for _ in range(5)) # noqa: DUO102 @staticmethod def get_commandline_for_http_request(url, is_windows=is_windows_os()): diff --git a/monkey/infection_monkey/system_info/windows_info_collector.py b/monkey/infection_monkey/system_info/windows_info_collector.py index d6b3cbec8..3e7b2bfff 100644 --- a/monkey/infection_monkey/system_info/windows_info_collector.py +++ b/monkey/infection_monkey/system_info/windows_info_collector.py @@ -7,14 +7,10 @@ from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector MimikatzCredentialCollector sys.coinit_flags = 0 # needed for proper destruction of the wmi python module -# noinspection PyPep8 -import infection_monkey.config -# noinspection PyPep8 -from common.utils.wmi_utils import WMIUtils -# noinspection PyPep8 -from infection_monkey.system_info import InfoCollector -# noinspection PyPep8 -from infection_monkey.system_info.wmi_consts import WMI_CLASSES +import infection_monkey.config # noqa: E402 +from common.utils.wmi_utils import WMIUtils # noqa: E402 +from infection_monkey.system_info import InfoCollector # noqa: E402 +from infection_monkey.system_info.wmi_consts import WMI_CLASSES # noqa: E402 LOG = logging.getLogger(__name__) LOG.info('started windows info collector') diff --git a/monkey/infection_monkey/utils/windows/hidden_files.py b/monkey/infection_monkey/utils/windows/hidden_files.py index a8f813f1b..6199fa88d 100644 --- a/monkey/infection_monkey/utils/windows/hidden_files.py +++ b/monkey/infection_monkey/utils/windows/hidden_files.py @@ -51,7 +51,7 @@ def get_winAPI_to_hide_files(): fileCreation = win32file.CREATE_ALWAYS # overwrite existing file fileFlags = win32file.FILE_ATTRIBUTE_HIDDEN # make hidden - hiddenFile = win32file.CreateFile(HIDDEN_FILE_WINAPI, + _ = win32file.CreateFile(HIDDEN_FILE_WINAPI, fileAccess, 0, # sharing mode: 0 => can't be shared None, # security attributes From 9d26b5698cb7c84e169636f1cdb6377ae715ba63 Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 14:47:47 +0300 Subject: [PATCH 12/17] Fix isort bug with comments --- monkey/monkey_island/cc/main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/monkey_island/cc/main.py b/monkey/monkey_island/cc/main.py index 96dfe9296..610681034 100644 --- a/monkey/monkey_island/cc/main.py +++ b/monkey/monkey_island/cc/main.py @@ -23,8 +23,8 @@ from common.version import get_version # noqa: E402 from monkey_island.cc.app import init_app # noqa: E402 from monkey_island.cc.bootloader_server import \ BootloaderHttpServer # noqa: E402 -from monkey_island.cc.database import (get_db_version, # noqa: E402 - is_db_server_up) +from monkey_island.cc.database import get_db_version # noqa: E402 +from monkey_island.cc.database import is_db_server_up # noqa: E402 from monkey_island.cc.network_utils import local_ip_addresses # noqa: E402 from monkey_island.cc.resources.monkey_download import \ MonkeyDownload # noqa: E402 From accd6bd0faee5ce4b89a17be23338d3b2dfb32b7 Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 17:16:53 +0300 Subject: [PATCH 13/17] See https://eslint.org/docs/rules/no-prototype-builtins --- .travis.yml | 2 +- .../cc/ui/src/components/map/preview-pane/PreviewPane.js | 4 ++-- .../cc/ui/src/components/pages/ConfigurePage.js | 7 ++++--- monkey/monkey_island/cc/ui/src/components/pages/MapPage.js | 2 +- .../cc/ui/src/components/pages/RegisterPage.js | 2 +- .../monkey_island/cc/ui/src/components/pages/ReportPage.js | 2 +- .../cc/ui/src/components/pages/RunMonkeyPage.js | 2 +- .../cc/ui/src/components/report-components/AttackReport.js | 6 +++--- .../report-components/attack/ReportMatrixComponent.js | 6 +++--- .../report-components/attack/TechniqueDropdowns.js | 4 ++-- .../zerotrust/venn-components/VennDiagram.js | 4 ++-- .../cc/ui/src/components/run-monkey/AwsRunTable.js | 2 +- .../cc/ui/src/components/ui-components/Checkbox.js | 2 +- monkey/monkey_island/cc/ui/src/services/AuthService.js | 4 ++-- 14 files changed, 25 insertions(+), 24 deletions(-) diff --git a/.travis.yml b/.travis.yml index 8586aaf38..fcd9fc36b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -89,7 +89,7 @@ script: - cd monkey_island/cc/ui - npm ci # See https://docs.npmjs.com/cli/ci.html - eslint ./src --quiet # Test for errors -- JS_WARNINGS_AMOUNT_UPPER_LIMIT=28 +- JS_WARNINGS_AMOUNT_UPPER_LIMIT=4 - eslint ./src --max-warnings $JS_WARNINGS_AMOUNT_UPPER_LIMIT # Test for max warnings # Build documentation diff --git a/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js b/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js index 27800cb97..9007194b0 100644 --- a/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js +++ b/monkey/monkey_island/cc/ui/src/components/map/preview-pane/PreviewPane.js @@ -274,9 +274,9 @@ class PreviewPaneComponent extends AuthComponent { let label = ''; if (!this.props.item) { label = ''; - } else if (this.props.item.hasOwnProperty('label')) { + } else if (Object.prototype.hasOwnProperty.call(this.props.item, 'label')) { label = this.props.item['label']; - } else if (this.props.item.hasOwnProperty('_label')) { + } else if (Object.prototype.hasOwnProperty.call(this.props.item, '_label')) { label = this.props.item['_label']; } diff --git a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js index f3b3e190c..426e66c0a 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/ConfigurePage.js @@ -140,7 +140,7 @@ class ConfigurePageComponent extends AuthComponent { // Change value in attack configuration // Go trough each column in matrix, searching for technique Object.entries(this.state.attackConfig).forEach(techType => { - if (techType[1].properties.hasOwnProperty(technique)) { + if (Object.prototype.hasOwnProperty.call(techType[1].properties, technique)) { let tempMatrix = this.state.attackConfig; tempMatrix[techType[0]].properties[technique].value = value; this.setState({attackConfig: tempMatrix}); @@ -151,7 +151,8 @@ class ConfigurePageComponent extends AuthComponent { Object.entries(this.state.attackConfig).forEach(otherType => { Object.entries(otherType[1].properties).forEach(otherTech => { // If this technique depends on a technique that was changed - if (otherTech[1].hasOwnProperty('depends_on') && otherTech[1]['depends_on'].includes(technique)) { + if (Object.prototype.hasOwnProperty.call(otherTech[1], 'depends_on') && + otherTech[1]['depends_on'].includes(technique)) { this.attackTechniqueChange(otherTech[0], value, true) } }) @@ -393,7 +394,7 @@ class ConfigurePageComponent extends AuthComponent { render() { let displayedSchema = {}; - if (this.state.schema.hasOwnProperty('properties') && this.state.selectedSection !== 'attack') { + if (Object.prototype.hasOwnProperty.call(this.state.schema, 'properties') && this.state.selectedSection !== 'attack') { displayedSchema = this.state.schema['properties'][this.state.selectedSection]; displayedSchema['definitions'] = this.state.schema['definitions']; } diff --git a/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js b/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js index cf082f5b3..da11c7ed6 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/MapPage.js @@ -64,7 +64,7 @@ class MapPageComponent extends AuthComponent { this.authFetch('/api/netmap') .then(res => res.json()) .then(res => { - if (res.hasOwnProperty('edges')) { + if (Object.prototype.hasOwnProperty.call(res, 'edges')) { res.edges.forEach(edge => { edge.color = {'color': edgeGroupToColor(edge.group)}; }); diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js index 657e8645a..3b8188221 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js @@ -3,7 +3,7 @@ import {Row, Col, Container, Form, Button} from 'react-bootstrap'; import AuthService from '../../services/AuthService'; import monkeyDetective from '../../images/detective-monkey.svg'; -import ParticleBackground from "../ui-components/ParticleBackground"; +import ParticleBackground from '../ui-components/ParticleBackground'; class RegisterPageComponent extends React.Component { diff --git a/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js b/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js index 5329cfe06..cb30ba117 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/ReportPage.js @@ -31,7 +31,7 @@ class ReportPageComponent extends AuthComponent { static selectReport(reports) { let url = window.location.href; for (let report_name in reports) { - if (reports.hasOwnProperty(report_name) && url.endsWith(reports[report_name])) { + if (Object.prototype.hasOwnProperty.call(reports, report_name) && url.endsWith(reports[report_name])) { return reports[report_name]; } } diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js index 48a11f008..467812373 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage.js @@ -229,7 +229,7 @@ class RunMonkeyPageComponent extends AuthComponent { // update existing state, not run-over let prevRes = this.awsTable.state.result; for (let key in result) { - if (result.hasOwnProperty(key)) { + if (Object.prototype.hasOwnProperty.call(result, key)) { prevRes[key] = result[key]; } } diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js index 97f3c1a18..6a6d0c75f 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js @@ -134,7 +134,7 @@ class AttackReport extends React.Component { getTechniqueByTitle(title){ for (const tech_id in this.state.techniques){ - if (! this.state.techniques.hasOwnProperty(tech_id)) {return false;} + if (! Object.prototype.hasOwnProperty.call(this.state.techniques, tech_id)) {return false;} let technique = this.state.techniques[tech_id]; if (technique.title === title){ technique['tech_id'] = tech_id; @@ -148,10 +148,10 @@ class AttackReport extends React.Component { // add links to techniques schema = schema.properties; for(const type in schema){ - if (! schema.hasOwnProperty(type)) {return false;} + if (! Object.prototype.hasOwnProperty.call(schema, type)) {return false;} let typeTechniques = schema[type].properties; for(const tech_id in typeTechniques){ - if (! typeTechniques.hasOwnProperty(tech_id)) {return false;} + if (! Object.prototype.hasOwnProperty.call(typeTechniques, tech_id)) {return false;} if (typeTechniques[tech_id] !== undefined){ techniques[tech_id]['link'] = typeTechniques[tech_id].link } diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js b/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js index a110da5ea..00420f095 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/attack/ReportMatrixComponent.js @@ -15,7 +15,7 @@ class ReportMatrixComponent extends React.Component { getColumns() { let columns = []; for(const type_key in this.state.schema.properties){ - if (! this.state.schema.properties.hasOwnProperty(type_key)){ + if (! Object.prototype.hasOwnProperty.call(this.state.schema.properties, type_key)){ continue; } let tech_type = this.state.schema.properties[type_key]; @@ -32,11 +32,11 @@ class ReportMatrixComponent extends React.Component { getTableRows() { let rows = []; for (const tech_id in this.state.techniques) { - if (this.state.techniques.hasOwnProperty(tech_id)){ + if (Object.prototype.hasOwnProperty.call(this.state.techniques, tech_id)){ let technique_added = false; let technique = this.state.techniques[tech_id]; for(const row of rows){ - if (! row.hasOwnProperty(technique.type)){ + if (! Object.prototype.hasOwnProperty.call(row, technique.type)){ row[technique.type] = technique; technique_added = true; break; diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js b/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js index c32c4e16e..1ba9285e6 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/attack/TechniqueDropdowns.js @@ -79,13 +79,13 @@ class TechniqueDropdowns extends React.Component{ getOrderedTechniqueList(){ let content = []; for(const type_key in this.state.schema.properties){ - if (! this.state.schema.properties.hasOwnProperty(type_key)){ + if (! Object.prototype.hasOwnProperty.call(this.state.schema.properties, type_key)){ continue; } let tech_type = this.state.schema.properties[type_key]; content.push(

{tech_type.title}

); for(const tech_id in this.state.techniques){ - if (! this.state.techniques.hasOwnProperty(tech_id)){ + if (! Object.prototype.hasOwnProperty.call(this.state.techniques, tech_id)){ continue; } let technique = this.state.techniques[tech_id]; diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js b/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js index e6a2ddd36..4eddb420d 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/zerotrust/venn-components/VennDiagram.js @@ -209,7 +209,7 @@ class VennDiagram extends React.Component { if (key_ === 'Data') { this.layout[key_].fontStyle = this.fontStyles[0]; - } else if (this.layout[key_].hasOwnProperty('cx')) { + } else if (Object.prototype.hasOwnProperty.call(this.layout[key_], 'cx')) { this.layout[key_].fontStyle = this.fontStyles[1]; } else { this.layout[key_].fontStyle = this.fontStyles[2]; @@ -229,7 +229,7 @@ class VennDiagram extends React.Component { // equivalent to center translate (width/2, height/2) let viewPortParameters = (-this.width / 2) + ' ' + (-this.height / 2) + ' ' + this.width + ' ' + this.height; let nodes = Object.values(this.layout).map((d_, i_) => { - if (d_.hasOwnProperty('cx')) { + if (Object.prototype.hasOwnProperty.call(d_, 'cx')) { return ( response.json()) .then(res => { - if (res.hasOwnProperty('access_token')) { + if (Object.prototype.hasOwnProperty.call(res, 'access_token')) { this._setToken(res['access_token']); return {result: true}; } else { @@ -86,7 +86,7 @@ export default class AuthService { headers['Authorization'] = 'Bearer ' + this._getToken(); } - if (options.hasOwnProperty('headers')) { + if (Object.prototype.hasOwnProperty.call(options, 'headers')) { for (let header in headers) { options['headers'][header] = headers[header]; } From 5696c3e5368119b21c618ceb34646c7fe2dec7df Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 18:06:08 +0300 Subject: [PATCH 14/17] Some more easy noqas or invalid escape fixes --- monkey/infection_monkey/main.py | 3 ++- monkey/infection_monkey/model/__init__.py | 2 +- monkey/infection_monkey/network/ping_scanner.py | 2 +- monkey/infection_monkey/network/sshfinger.py | 2 +- .../job_scheduling/windows_job_scheduling.py | 2 +- monkey/infection_monkey/transport/__init__.py | 2 +- monkey/infection_monkey/transport/tcp.py | 2 +- monkey/infection_monkey/utils/hidden_files.py | 4 ++-- .../infection_monkey/utils/windows/hidden_files.py | 12 ++++++------ 9 files changed, 16 insertions(+), 15 deletions(-) diff --git a/monkey/infection_monkey/main.py b/monkey/infection_monkey/main.py index cad4a00c0..e4698a462 100644 --- a/monkey/infection_monkey/main.py +++ b/monkey/infection_monkey/main.py @@ -7,8 +7,9 @@ import sys import traceback from multiprocessing import freeze_support +# dummy import for pyinstaller # noinspection PyUnresolvedReferences -import infection_monkey.post_breach # dummy import for pyinstaller +import infection_monkey.post_breach # noqa: F401 from common.version import get_version from infection_monkey.config import EXTERNAL_CONFIG_FILE, WormConfiguration from infection_monkey.dropper import MonkeyDrops diff --git a/monkey/infection_monkey/model/__init__.py b/monkey/infection_monkey/model/__init__.py index e7ab94495..4f3f2c27d 100644 --- a/monkey/infection_monkey/model/__init__.py +++ b/monkey/infection_monkey/model/__init__.py @@ -1,4 +1,4 @@ -from infection_monkey.model.host import VictimHost +from infection_monkey.model.host import VictimHost # noqa: F401 __author__ = 'itamar' diff --git a/monkey/infection_monkey/network/ping_scanner.py b/monkey/infection_monkey/network/ping_scanner.py index f35533f0c..27c814593 100644 --- a/monkey/infection_monkey/network/ping_scanner.py +++ b/monkey/infection_monkey/network/ping_scanner.py @@ -12,7 +12,7 @@ __author__ = 'itamar' PING_COUNT_FLAG = "-n" if "win32" == sys.platform else "-c" PING_TIMEOUT_FLAG = "-w" if "win32" == sys.platform else "-W" -TTL_REGEX_STR = '(?<=TTL\=)[0-9]+' +TTL_REGEX_STR = r'(?<=TTL\=)[0-9]+' LINUX_TTL = 64 WINDOWS_TTL = 128 diff --git a/monkey/infection_monkey/network/sshfinger.py b/monkey/infection_monkey/network/sshfinger.py index a686d7fbd..909e75429 100644 --- a/monkey/infection_monkey/network/sshfinger.py +++ b/monkey/infection_monkey/network/sshfinger.py @@ -6,7 +6,7 @@ from infection_monkey.network.tools import check_tcp_port SSH_PORT = 22 SSH_SERVICE_DEFAULT = 'tcp-22' -SSH_REGEX = 'SSH-\d\.\d-OpenSSH' +SSH_REGEX = r'SSH-\d\.\d-OpenSSH' TIMEOUT = 10 BANNER_READ = 1024 LINUX_DIST_SSH = ['ubuntu', 'debian'] diff --git a/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py b/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py index fe3dad525..017203821 100644 --- a/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py +++ b/monkey/infection_monkey/post_breach/job_scheduling/windows_job_scheduling.py @@ -1,5 +1,5 @@ SCHEDULED_TASK_NAME = 'monkey-spawn-cmd' -SCHEDULED_TASK_COMMAND = 'C:\windows\system32\cmd.exe' +SCHEDULED_TASK_COMMAND = r'C:\windows\system32\cmd.exe' # Commands from: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1053.005/T1053.005.md diff --git a/monkey/infection_monkey/transport/__init__.py b/monkey/infection_monkey/transport/__init__.py index c3df1cb01..97d6a232b 100644 --- a/monkey/infection_monkey/transport/__init__.py +++ b/monkey/infection_monkey/transport/__init__.py @@ -1 +1 @@ -from infection_monkey.transport.http import HTTPServer, LockedHTTPServer +from infection_monkey.transport.http import HTTPServer, LockedHTTPServer # noqa: F401 diff --git a/monkey/infection_monkey/transport/tcp.py b/monkey/infection_monkey/transport/tcp.py index aa7ce253e..928f4b079 100644 --- a/monkey/infection_monkey/transport/tcp.py +++ b/monkey/infection_monkey/transport/tcp.py @@ -65,7 +65,7 @@ class TcpProxy(TransportProxyBase): dest = socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: dest.connect((self.dest_host, self.dest_port)) - except socket.error as ex: + except socket.error: source.close() dest.close() continue diff --git a/monkey/infection_monkey/utils/hidden_files.py b/monkey/infection_monkey/utils/hidden_files.py index 46d8e136b..863680085 100644 --- a/monkey/infection_monkey/utils/hidden_files.py +++ b/monkey/infection_monkey/utils/hidden_files.py @@ -5,8 +5,8 @@ from infection_monkey.utils.linux.hidden_files import ( get_linux_commands_to_delete, get_linux_commands_to_hide_files, get_linux_commands_to_hide_folders) from infection_monkey.utils.windows.hidden_files import ( - get_winAPI_to_hide_files, get_windows_commands_to_delete, - get_windows_commands_to_hide_files, get_windows_commands_to_hide_folders) + get_windows_commands_to_delete, get_windows_commands_to_hide_files, + get_windows_commands_to_hide_folders) def get_commands_to_hide_files(): diff --git a/monkey/infection_monkey/utils/windows/hidden_files.py b/monkey/infection_monkey/utils/windows/hidden_files.py index 6199fa88d..d192bbb76 100644 --- a/monkey/infection_monkey/utils/windows/hidden_files.py +++ b/monkey/infection_monkey/utils/windows/hidden_files.py @@ -52,12 +52,12 @@ def get_winAPI_to_hide_files(): fileFlags = win32file.FILE_ATTRIBUTE_HIDDEN # make hidden _ = win32file.CreateFile(HIDDEN_FILE_WINAPI, - fileAccess, - 0, # sharing mode: 0 => can't be shared - None, # security attributes - fileCreation, - fileFlags, - 0) # template file + fileAccess, + 0, # sharing mode: 0 => can't be shared + None, # security attributes + fileCreation, + fileFlags, + 0) # template file return "Succesfully created hidden file: {}".format(HIDDEN_FILE_WINAPI), True except Exception as err: From 1a4d27d7fff8ae03d839a035ea6c0a96f1cad95d Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 18:12:01 +0300 Subject: [PATCH 15/17] Delete return value --- .../infection_monkey/utils/windows/hidden_files.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/monkey/infection_monkey/utils/windows/hidden_files.py b/monkey/infection_monkey/utils/windows/hidden_files.py index d192bbb76..d5687fc2d 100644 --- a/monkey/infection_monkey/utils/windows/hidden_files.py +++ b/monkey/infection_monkey/utils/windows/hidden_files.py @@ -51,13 +51,13 @@ def get_winAPI_to_hide_files(): fileCreation = win32file.CREATE_ALWAYS # overwrite existing file fileFlags = win32file.FILE_ATTRIBUTE_HIDDEN # make hidden - _ = win32file.CreateFile(HIDDEN_FILE_WINAPI, - fileAccess, - 0, # sharing mode: 0 => can't be shared - None, # security attributes - fileCreation, - fileFlags, - 0) # template file + win32file.CreateFile(HIDDEN_FILE_WINAPI, + fileAccess, + 0, # sharing mode: 0 => can't be shared + None, # security attributes + fileCreation, + fileFlags, + 0) # template file return "Succesfully created hidden file: {}".format(HIDDEN_FILE_WINAPI), True except Exception as err: From f084d84157243392c178986ed136bc45f26ae5c9 Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Mon, 31 Aug 2020 18:31:00 +0300 Subject: [PATCH 16/17] Fixed isort --- monkey/infection_monkey/transport/__init__.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/monkey/infection_monkey/transport/__init__.py b/monkey/infection_monkey/transport/__init__.py index 97d6a232b..f9d56fe23 100644 --- a/monkey/infection_monkey/transport/__init__.py +++ b/monkey/infection_monkey/transport/__init__.py @@ -1 +1,2 @@ -from infection_monkey.transport.http import HTTPServer, LockedHTTPServer # noqa: F401 +from infection_monkey.transport.http import HTTPServer # noqa: F401 +from infection_monkey.transport.http import LockedHTTPServer # noqa: F401 From 33be50a6e285fb4096b7e63be7da45fec9d9861c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 1 Sep 2020 07:03:36 +0000 Subject: [PATCH 17/17] fix: upgrade snyk from 1.369.3 to 1.372.0 Snyk has created this PR to upgrade snyk from 1.369.3 to 1.372.0. See this package in npm: https://www.npmjs.com/package/snyk See this project in Snyk: https://app.snyk.io/org/guardicore/project/b4a24b2f-c0d4-474c-9f18-da5a77c685fe?utm_source=github&utm_medium=upgrade-pr --- monkey/monkey_island/cc/ui/package-lock.json | 208 +++++++------------ monkey/monkey_island/cc/ui/package.json | 2 +- 2 files changed, 81 insertions(+), 129 deletions(-) diff --git a/monkey/monkey_island/cc/ui/package-lock.json b/monkey/monkey_island/cc/ui/package-lock.json index e70ed4dae..c1ae3ec13 100644 --- a/monkey/monkey_island/cc/ui/package-lock.json +++ b/monkey/monkey_island/cc/ui/package-lock.json @@ -1550,9 +1550,9 @@ } }, "@snyk/java-call-graph-builder": { - "version": "1.12.3", - "resolved": "https://registry.npmjs.org/@snyk/java-call-graph-builder/-/java-call-graph-builder-1.12.3.tgz", - "integrity": "sha512-eN32RcCq5J0Veo5NIbDUSb2KRNiVsZMt1w94bFYKxFt6F1tIoiv1CraXdTHSlgQosZ7tw93e8qdOKmQXOtK88Q==", + "version": "1.13.1", + "resolved": "https://registry.npmjs.org/@snyk/java-call-graph-builder/-/java-call-graph-builder-1.13.1.tgz", + "integrity": "sha512-oOCSIyOMplV73a1agcXKXlFYQftK5esUUaFRTf90GOxQwKy8R9tZtKdP+CdutlgvjRP286DQ+7GlvKYsGGZbWg==", "requires": { "@snyk/graphlib": "2.1.9-patch", "ci-info": "^2.0.0", @@ -1719,12 +1719,14 @@ "@types/events": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/@types/events/-/events-3.0.0.tgz", - "integrity": "sha512-EaObqwIvayI5a8dCzhFrjKzVwKLxjoG9T6Ppd5CEo07LRKfQ8Yokw54r5+Wq7FaBQ+yXRvQAYPrHwya1/UFt9g==" + "integrity": "sha512-EaObqwIvayI5a8dCzhFrjKzVwKLxjoG9T6Ppd5CEo07LRKfQ8Yokw54r5+Wq7FaBQ+yXRvQAYPrHwya1/UFt9g==", + "dev": true }, "@types/glob": { "version": "7.1.1", "resolved": "https://registry.npmjs.org/@types/glob/-/glob-7.1.1.tgz", "integrity": "sha512-1Bh06cbWJUHMC97acuD6UMG29nMt0Aqz1vF3guLfG+kHHJhy3AyohZFFxYk2f7Q1SQIrNwvncxAE0N/9s70F2w==", + "dev": true, "requires": { "@types/events": "*", "@types/minimatch": "*", @@ -1772,7 +1774,8 @@ "@types/minimatch": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/@types/minimatch/-/minimatch-3.0.3.tgz", - "integrity": "sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==" + "integrity": "sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==", + "dev": true }, "@types/minimist": { "version": "1.2.0", @@ -2046,26 +2049,27 @@ "dev": true }, "@yarnpkg/core": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/@yarnpkg/core/-/core-2.1.1.tgz", - "integrity": "sha512-qeBxz8nHjKAbGTP2ZcXBnXGfM7+cN0A73mIai/24uru1ayvCIgfjWL1uIj/MM+m+K5lJX0Dcn94ZBHWits9JWQ==", + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/@yarnpkg/core/-/core-2.2.2.tgz", + "integrity": "sha512-TQ0wqQjbZQDrf31N5v4NtE4Juw1c16hYu9QwNloUxRgY/Z+AQIuqa6Jgv9BbAghchZkSIXDWp6bFGD7C+q7cuA==", "requires": { "@arcanis/slice-ansi": "^1.0.2", - "@yarnpkg/fslib": "^2.1.0", + "@yarnpkg/fslib": "^2.2.1", "@yarnpkg/json-proxy": "^2.1.0", - "@yarnpkg/libzip": "^2.1.0", - "@yarnpkg/parsers": "^2.1.0", - "@yarnpkg/pnp": "^2.1.0", - "@yarnpkg/shell": "^2.1.0", + "@yarnpkg/libzip": "^2.2.0", + "@yarnpkg/parsers": "^2.2.0", + "@yarnpkg/pnp": "^2.2.1", + "@yarnpkg/shell": "^2.2.0", "camelcase": "^5.3.1", "chalk": "^3.0.0", "ci-info": "^2.0.0", - "clipanion": "^2.4.2", + "clipanion": "^2.4.4", "cross-spawn": "7.0.3", "diff": "^4.0.1", - "globby": "^10.0.1", + "globby": "^11.0.1", "got": "^11.1.3", "json-file-plus": "^3.3.1", + "lodash": "^4.17.15", "logic-solver": "^2.0.1", "micromatch": "^4.0.2", "mkdirp": "^0.5.1", @@ -2074,7 +2078,7 @@ "pretty-bytes": "^5.1.0", "semver": "^7.1.2", "stream-to-promise": "^2.2.0", - "tar": "^4.4.6", + "tar-stream": "^2.0.1", "tslib": "^1.13.0", "tunnel": "^0.0.6" }, @@ -2142,17 +2146,15 @@ } }, "globby": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/globby/-/globby-10.0.2.tgz", - "integrity": "sha512-7dUi7RvCoT/xast/o/dLN53oqND4yk0nsHkhRgn9w65C4PofCLOoJ39iSOg+qVDdWQPIEj+eszMHQ+aLVwwQSg==", + "version": "11.0.1", + "resolved": "https://registry.npmjs.org/globby/-/globby-11.0.1.tgz", + "integrity": "sha512-iH9RmgwCmUJHi2z5o2l3eTtGBtXek1OYlHrbcxOYugyHLmAsZrPj43OtHThd62Buh/Vv6VyCBD2bdyWcGNQqoQ==", "requires": { - "@types/glob": "^7.1.1", "array-union": "^2.1.0", "dir-glob": "^3.0.1", - "fast-glob": "^3.0.3", - "glob": "^7.1.3", - "ignore": "^5.1.1", - "merge2": "^1.2.3", + "fast-glob": "^3.1.1", + "ignore": "^5.1.4", + "merge2": "^1.3.0", "slash": "^3.0.0" } }, @@ -2209,27 +2211,13 @@ "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==" }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } }, - "tar": { - "version": "4.4.13", - "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.13.tgz", - "integrity": "sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==", - "requires": { - "chownr": "^1.1.1", - "fs-minipass": "^1.2.5", - "minipass": "^2.8.6", - "minizlib": "^1.2.1", - "mkdirp": "^0.5.0", - "safe-buffer": "^5.1.2", - "yallist": "^3.0.3" - } - }, "to-regex-range": { "version": "5.0.1", "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", @@ -2250,20 +2238,15 @@ "requires": { "isexe": "^2.0.0" } - }, - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" } } }, "@yarnpkg/fslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/fslib/-/fslib-2.1.0.tgz", - "integrity": "sha512-E+f8w5yQZnTf1soyTWy7qdf+GmHsY+A0yEN4Di44/Txk6XRIMruyc1ShDi93mOI6ilnXxD87rNms18zJ8WnspA==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/@yarnpkg/fslib/-/fslib-2.2.1.tgz", + "integrity": "sha512-7SzLP/RHt8lEOaCTg6hMMrnxc2/Osbu3+UPwLZiZiGtLpYqwtTgtWTlAqddS3+MESXOZhc+3gKLX0lfqm6oWuw==", "requires": { - "@yarnpkg/libzip": "^2.1.0", + "@yarnpkg/libzip": "^2.2.0", "tslib": "^1.13.0" }, "dependencies": { @@ -2291,9 +2274,9 @@ } }, "@yarnpkg/libzip": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/libzip/-/libzip-2.1.0.tgz", - "integrity": "sha512-39c7KuSWcYUqVxlBLZwfqdD/D6lS+jplNVWd6uAnk8EpnacaYGJRegvkqWyfw5c8KHukNMeEGF5JHrXPZYBM0w==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@yarnpkg/libzip/-/libzip-2.2.0.tgz", + "integrity": "sha512-/YRSPJbPAvHeCJxcXJrUV4eRP9hER6YB6LyZxsFlpyF++eqdOzNu0WsuXRRJxfqYt3hl7SiGFkL23qB9jqC6cw==", "requires": { "@types/emscripten": "^1.38.0", "tslib": "^1.13.0" @@ -2312,9 +2295,9 @@ "integrity": "sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ==" }, "@yarnpkg/parsers": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/parsers/-/parsers-2.1.0.tgz", - "integrity": "sha512-75OYQ6PMs1C3zm+W+T1xhLyVDX78zXQGEVHpWd4o/QwpAbhneB3/5FXVGRzI3gjPPWWSb/pKOPB1S6p0xmQD2Q==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@yarnpkg/parsers/-/parsers-2.2.0.tgz", + "integrity": "sha512-k1XZaWYRHl7wCj04hcbtzKfPAZbKbsEi7xsB1Ka8obdS6DRnAw7n0gZPvvGjOoqkH95IqWf+Vi7vV5RhlGz63Q==", "requires": { "js-yaml": "^3.10.0", "tslib": "^1.13.0" @@ -2328,12 +2311,12 @@ } }, "@yarnpkg/pnp": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/pnp/-/pnp-2.1.0.tgz", - "integrity": "sha512-b8NlB71EFifv1jDX47nFaRXrykROxHcS7YuGb2dQ+Gp9gqJ0thIaZ3yB9+qWF8acdWtNcMpjCug4xkfAAR5Odw==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/@yarnpkg/pnp/-/pnp-2.2.1.tgz", + "integrity": "sha512-jrwJ3Q6M+nMs4n0O/GgxayU1Bq9mpLoZW2Mb8Nt2fs5whB0CeCr1/pGl9+yiCSjirv9jjp51TVFqF7OPvXy+gA==", "requires": { "@types/node": "^13.7.0", - "@yarnpkg/fslib": "^2.1.0", + "@yarnpkg/fslib": "^2.2.1", "tslib": "^1.13.0" }, "dependencies": { @@ -2345,13 +2328,13 @@ } }, "@yarnpkg/shell": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@yarnpkg/shell/-/shell-2.1.0.tgz", - "integrity": "sha512-9i9ZWqeKHGV0DOfdxTVq5zl73Li8Fg947v57uLBEaytNF+HywkDfouNkg/6HfgBrpI0WH8OJ9Pz/uDaE5cpctw==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/@yarnpkg/shell/-/shell-2.2.0.tgz", + "integrity": "sha512-IuOZhYxTydNySqP2HlKkfm1QjgCAgVBUZz5O5rXXxpS4vTNSa0q6fwqvNUSrHSWGKH/jAmJS23YbJqislj5wjg==", "requires": { - "@yarnpkg/fslib": "^2.1.0", - "@yarnpkg/parsers": "^2.1.0", - "clipanion": "^2.4.2", + "@yarnpkg/fslib": "^2.2.0", + "@yarnpkg/parsers": "^2.2.0", + "clipanion": "^2.4.4", "cross-spawn": "7.0.3", "fast-glob": "^3.2.2", "stream-buffers": "^3.0.2", @@ -3223,9 +3206,9 @@ } }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } @@ -3620,7 +3603,8 @@ "chownr": { "version": "1.1.4", "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz", - "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==" + "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==", + "dev": true }, "chrome-trace-event": { "version": "1.0.2", @@ -3692,9 +3676,9 @@ } }, "cli-boxes": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/cli-boxes/-/cli-boxes-2.2.0.tgz", - "integrity": "sha512-gpaBrMAizVEANOpfZp/EEUixTXDyGt7DFzdK5hU+UbWt/J0lB0w20ncZj59Z9a93xHb9u12zF5BS6i9RKbtg4w==" + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/cli-boxes/-/cli-boxes-2.2.1.tgz", + "integrity": "sha512-y4coMcylgSCdVinjiDBuR8PCC2bLjyGTwEmPb9NHR/QaNU6EUOXcTY/s6VjGMD6ENSEaeQYHCY0GNGS5jfMwPw==" }, "cli-cursor": { "version": "3.1.0", @@ -6227,14 +6211,6 @@ "universalify": "^0.1.0" } }, - "fs-minipass": { - "version": "1.2.7", - "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-1.2.7.tgz", - "integrity": "sha512-GWSSJGFy4e9GUeCcbIkED+bgAoFyj7XF1mV8rma3QW4NIqX9Kyx79N/PF61H5udOV3aY1IaMLs6pGbH71nlCTA==", - "requires": { - "minipass": "^2.6.0" - } - }, "fs-readdir-recursive": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/fs-readdir-recursive/-/fs-readdir-recursive-1.1.0.tgz", @@ -8518,30 +8494,6 @@ } } }, - "minipass": { - "version": "2.9.0", - "resolved": "https://registry.npmjs.org/minipass/-/minipass-2.9.0.tgz", - "integrity": "sha512-wxfUjg9WebH+CUDX/CdbRlh5SmfZiy/hpkxaRI16Y9W56Pa75sWgd/rvFilSgrauD9NyFymP/+JFV3KwzIsJeg==", - "requires": { - "safe-buffer": "^5.1.2", - "yallist": "^3.0.0" - }, - "dependencies": { - "yallist": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.1.1.tgz", - "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g==" - } - } - }, - "minizlib": { - "version": "1.3.3", - "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-1.3.3.tgz", - "integrity": "sha512-6ZYMOEnmVsdCeTJVE0W9ZD+pVnE8h9Hma/iOwwRDsdQoePpoX56/8B6z3P9VNwppJuBKNRuFDRNRqRWexT9G9Q==", - "requires": { - "minipass": "^2.9.0" - } - }, "mississippi": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/mississippi/-/mississippi-3.0.0.tgz", @@ -12362,9 +12314,9 @@ } }, "open": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/open/-/open-7.2.0.tgz", - "integrity": "sha512-4HeyhxCvBTI5uBePsAdi55C5fmqnWZ2e2MlmvWi5KW5tdH5rxoiv/aMtbeVxKZc3eWkT1GymMnLG8XC4Rq4TDQ==", + "version": "7.2.1", + "resolved": "https://registry.npmjs.org/open/-/open-7.2.1.tgz", + "integrity": "sha512-xbYCJib4spUdmcs0g/2mK1nKo/jO2T7INClWd/beL7PFkXRWgr8B23ssDHX/USPn2M2IjDR5UdpYs6I67SnTSA==", "requires": { "is-docker": "^2.0.0", "is-wsl": "^2.1.1" @@ -13203,9 +13155,9 @@ "integrity": "sha1-6SQ0v6XqjBn0HN/UAddBo8gZ2Jc=" }, "pretty-bytes": { - "version": "5.3.0", - "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.3.0.tgz", - "integrity": "sha512-hjGrh+P926p4R4WbaB6OckyRtO0F0/lQBiT+0gnxjV+5kjPBrfVBFCsCLbMqVQeydvIoouYTCmmEURiH3R1Bdg==" + "version": "5.4.1", + "resolved": "https://registry.npmjs.org/pretty-bytes/-/pretty-bytes-5.4.1.tgz", + "integrity": "sha512-s1Iam6Gwz3JI5Hweaz4GoCD1WUNUIyzePFy5+Js2hjwGVt2Z79wNN+ZKOZ2vB6C+Xs6njyB84Z1IthQg8d9LxA==" }, "pretty-error": { "version": "2.1.1", @@ -14906,9 +14858,9 @@ } }, "snyk": { - "version": "1.369.3", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.369.3.tgz", - "integrity": "sha512-I54pQeG7i/fLQfBQYK+hL/Yr3g9FPuSnVWKroRFdEaB6vfNSRBA2nd3cKPz9iTVm8v72dSZvixsvR6s+7iDi6g==", + "version": "1.372.0", + "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.372.0.tgz", + "integrity": "sha512-5eX7cEmbPtpZ9w+vQIEIf9tlb3FOEN36cnSFpla4bTim2biGTx50lWPKYAclX3z1tlLt654rdJfpTt5tOqWxUQ==", "requires": { "@snyk/cli-interface": "2.8.1", "@snyk/dep-graph": "1.18.3", @@ -14937,7 +14889,7 @@ "snyk-go-plugin": "1.16.0", "snyk-gradle-plugin": "3.5.1", "snyk-module": "3.1.0", - "snyk-mvn-plugin": "2.18.2", + "snyk-mvn-plugin": "2.19.1", "snyk-nodejs-lockfile-parser": "1.26.3", "snyk-nuget-plugin": "1.18.1", "snyk-php-plugin": "1.9.0", @@ -15332,9 +15284,9 @@ "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==" }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } @@ -15400,12 +15352,12 @@ } }, "snyk-mvn-plugin": { - "version": "2.18.2", - "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.18.2.tgz", - "integrity": "sha512-A36YmfpeEXGsKoChm644DysKG40d5y5MZnldkpsbrLz37R3JMxkt4igMACZ9QJZAkiWjVs28hOKyyT1vuMPlHg==", + "version": "2.19.1", + "resolved": "https://registry.npmjs.org/snyk-mvn-plugin/-/snyk-mvn-plugin-2.19.1.tgz", + "integrity": "sha512-VXYJSdhUmOQAyxdsv5frAKbi3UOcHPabWEQxQ9wxhVBEEmx2lP5ajv1a+ntxwWwL7u3jdc+rnCIKHpLlQJ5nyw==", "requires": { "@snyk/cli-interface": "2.8.1", - "@snyk/java-call-graph-builder": "1.12.3", + "@snyk/java-call-graph-builder": "1.13.1", "debug": "^4.1.1", "needle": "^2.5.0", "tmp": "^0.1.0", @@ -17240,9 +17192,9 @@ } }, "underscore": { - "version": "1.10.2", - "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.10.2.tgz", - "integrity": "sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg==" + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.11.0.tgz", + "integrity": "sha512-xY96SsN3NA461qIRKZ/+qox37YXPtSBswMGfiNptr+wrt6ds4HaMw23TP612fEyGekRE6LNRiLYr/aqbHXNedw==" }, "unherit": { "version": "1.1.3", @@ -17521,9 +17473,9 @@ "integrity": "sha1-BWmOPUXIjo1+nZLLBYTnfwlvPkM=" }, "supports-color": { - "version": "7.1.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.1.0.tgz", - "integrity": "sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==", + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", "requires": { "has-flag": "^4.0.0" } diff --git a/monkey/monkey_island/cc/ui/package.json b/monkey/monkey_island/cc/ui/package.json index 6ff6068c8..d6de01941 100644 --- a/monkey/monkey_island/cc/ui/package.json +++ b/monkey/monkey_island/cc/ui/package.json @@ -105,7 +105,7 @@ "react-tooltip-lite": "^1.12.0", "redux": "^4.0.4", "sha3": "^2.1.3", - "snyk": "^1.369.3" + "snyk": "^1.372.0" }, "snyk": true }