From fe459ddd3f17d0058896ac9747c976306beea89b Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 1 Feb 2022 14:53:09 -0500 Subject: [PATCH] Island: Remove ScoutSuite telemetry processing --- .../telemetry/processing/processing.py | 2 - .../telemetry/processing/scoutsuite.py | 38 ------------------- 2 files changed, 40 deletions(-) delete mode 100644 monkey/monkey_island/cc/services/telemetry/processing/scoutsuite.py diff --git a/monkey/monkey_island/cc/services/telemetry/processing/processing.py b/monkey/monkey_island/cc/services/telemetry/processing/processing.py index 667928d3c..4b38c237c 100644 --- a/monkey/monkey_island/cc/services/telemetry/processing/processing.py +++ b/monkey/monkey_island/cc/services/telemetry/processing/processing.py @@ -4,7 +4,6 @@ from common.common_consts.telem_categories import TelemCategoryEnum from monkey_island.cc.services.telemetry.processing.exploit import process_exploit_telemetry from monkey_island.cc.services.telemetry.processing.post_breach import process_post_breach_telemetry from monkey_island.cc.services.telemetry.processing.scan import process_scan_telemetry -from monkey_island.cc.services.telemetry.processing.scoutsuite import process_scoutsuite_telemetry from monkey_island.cc.services.telemetry.processing.state import process_state_telemetry from monkey_island.cc.services.telemetry.processing.system_info import process_system_info_telemetry from monkey_island.cc.services.telemetry.processing.tunnel import process_tunnel_telemetry @@ -18,7 +17,6 @@ TELEMETRY_CATEGORY_TO_PROCESSING_FUNC = { TelemCategoryEnum.SCAN: process_scan_telemetry, TelemCategoryEnum.SYSTEM_INFO: process_system_info_telemetry, TelemCategoryEnum.POST_BREACH: process_post_breach_telemetry, - TelemCategoryEnum.SCOUTSUITE: process_scoutsuite_telemetry, # `lambda *args, **kwargs: None` is a no-op. TelemCategoryEnum.TRACE: lambda *args, **kwargs: None, TelemCategoryEnum.ATTACK: lambda *args, **kwargs: None, diff --git a/monkey/monkey_island/cc/services/telemetry/processing/scoutsuite.py b/monkey/monkey_island/cc/services/telemetry/processing/scoutsuite.py deleted file mode 100644 index 5f2677bcb..000000000 --- a/monkey/monkey_island/cc/services/telemetry/processing/scoutsuite.py +++ /dev/null @@ -1,38 +0,0 @@ -import json - -from monkey_island.cc.database import mongo -from monkey_island.cc.models.zero_trust.scoutsuite_data_json import ScoutSuiteRawDataJson -from monkey_island.cc.services.zero_trust.scoutsuite.consts.scoutsuite_findings_list import ( - SCOUTSUITE_FINDINGS, -) -from monkey_island.cc.services.zero_trust.scoutsuite.consts.service_consts import SERVICES -from monkey_island.cc.services.zero_trust.scoutsuite.data_parsing.rule_parser import RuleParser -from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_rule_service import ( - ScoutSuiteRuleService, -) -from monkey_island.cc.services.zero_trust.scoutsuite.scoutsuite_zt_finding_service import ( - ScoutSuiteZTFindingService, -) - - -def process_scoutsuite_telemetry(telemetry_json): - # Encode data to json, because mongo can't save it as document (invalid document keys) - telemetry_json["data"] = json.dumps(telemetry_json["data"]) - ScoutSuiteRawDataJson.add_scoutsuite_data(telemetry_json["data"]) - scoutsuite_data = json.loads(telemetry_json["data"])["data"] - create_scoutsuite_findings(scoutsuite_data[SERVICES]) - update_data(telemetry_json) - - -def create_scoutsuite_findings(cloud_services: dict): - for finding in SCOUTSUITE_FINDINGS: - for rule in finding.rules: - rule_data = RuleParser.get_rule_data(cloud_services, rule) - rule = ScoutSuiteRuleService.get_rule_from_rule_data(rule_data) - ScoutSuiteZTFindingService.process_rule(finding, rule) - - -def update_data(telemetry_json): - mongo.db.scoutsuite.insert_one( - {"guid": telemetry_json["monkey_guid"]}, {"results": telemetry_json["data"]} - )