p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
5,376 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

3157 Commits

Author SHA1 Message Date
shreyamalviya 443b66e9d9 tests: Remove accidental code in `_get_acl_and_sid_from_path()` in test_utils.py 2021-06-14 23:50:08 +05:30
shreyamalviya 1170b176d3 island: Fix Windows' secure file creation by using a different file flag 2021-06-14 23:41:56 +05:30
shreyamalviya 7ddb986f15 tests: Fix file creation unit tests in test_utils.py 2021-06-14 23:24:52 +05:30
shreyamalviya 1467a53e60 island: Use win32file.CloseHandle() to close file descriptor on Windows 2021-06-14 23:24:09 +05:30
shreyamalviya 37eda4e7ad island: Fix secure file creation on Windows 2021-06-14 23:15:17 +05:30
Shreya c0d9489100 tests: Extract duplicate code in Windows tests in test_utils 2021-06-14 17:59:57 +05:30
Shreya 6d360ef865 tests: Fix assertion in `test_create_secure_directory__perm_linux()` 2021-06-14 17:51:55 +05:30
Shreya 248d57789f tests: Add unit tests for securly creating a file 2021-06-14 17:50:40 +05:30
Shreya 5fe0c80377 island: Can't use `with` with `os.open()`, use `os.close()` to close file descriptor 2021-06-14 17:07:47 +05:30
Shreya 8b932e1946 island: Add os.O_EXCL flag so that an error is thrown if trying to create a file that exists 2021-06-14 16:49:24 +05:30
Shreya 8dd4bb5e17 island: Use 'x' instead of '_' when creating a secure file 2021-06-14 16:26:00 +05:30
Shreya 26ae50f90f island: Create mongo key file securely before using it 2021-06-14 13:21:45 +05:30
Shreya ff85360639 island: Add functions to create a file securely on Linux and Windows 2021-06-14 13:21:45 +05:30
Shreya 5d7d86aedc island: Modify log message when creating secure directory on Windows 2021-06-14 13:21:46 +05:30
VakarisZ feeba1ea60
Merge pull request #1204 from guardicore/config_encrypt 
Config encrypt
 2021-06-11 17:09:07 +03:00
Mike Salvatore 57f35f9045 island: Fix typo in ConfigurationImport error logging 2021-06-11 09:28:29 -04:00
VakarisZ 8a673cc76c Added the logging for errors encountered in configuration decryption workflow 2021-06-11 16:25:47 +03:00
VakarisZ fbe9b4f4d7 Typos and small bugfixes for configuration export/import UI. 2021-06-11 16:06:04 +03:00
VakarisZ 5c7bab7a0d Refactored json parsing out of encryption/decryption functionality. 2021-06-11 16:05:32 +03:00
VakarisZ 3450b80a82 Refactored cyphertext to ciphertext for consistency 2021-06-11 11:43:15 +03:00
VakarisZ 5cf002d81a Refactored unit tests and added a unit test for a function which checks whether or not config is encrypted. 2021-06-11 11:40:07 +03:00
VakarisZ a36fc81755 Refactored configuration import and added a check to decide if configuration is encrypted or not. This solved a bug where invalid json was treated as credential error. 2021-06-11 11:40:07 +03:00
Mike Salvatore e2326fd71f
Merge pull request #1221 from guardicore/remove-ssl-perms-checks 
Remove ssl perms checks
 2021-06-10 13:08:12 -04:00
shreyamalviya f04f307f78 Add unit test for Linux directory permissions (removed accidentally previously) 2021-06-10 17:23:32 +05:30
Mike Salvatore 6a1a1721bd island: Loosen permissions on ssl cert in create_certificate.sh 2021-06-10 07:38:29 -04:00
Shreya Malviya 5d8db4b112
Update log message in monkey/monkey_island/cc/environment/utils.py 
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
 2021-06-10 17:03:01 +05:30
shreyamalviya 92a71451fb Remove unused import in test_utils.py 2021-06-10 17:01:57 +05:30
shreyamalviya 7643102ccd Rename function to not use abbreviations 2021-06-10 16:56:50 +05:30
Mike Salvatore 937dbac4d0 island: Remove SSL permissions checks 
These checks prevent the docker container from working properly, as the
default SSL cert must have at least 444 permissions.
 2021-06-10 06:57:45 -04:00
shreyamalviya 74111f80e9 Remove `create_parents_dir` parameter when creating directories 
Can't create parents on Windows using pywin32.
Removed it completely so that behavior is consistent across OSes.
 2021-06-10 15:25:16 +05:30
shreyamalviya 1fa2ffe8f7 Fix Windows directory creation 2021-06-10 15:25:16 +05:30
shreyamalviya 54f5524760 Fix race condition during Windows directory creation 2021-06-10 15:25:12 +05:30
VakarisZ 36e0309409 Fixed a race condition for linux secure directory creation, by setting dir permissions on creation. 2021-06-10 11:44:50 +03:00
Mike Salvatore 2fc726dc78 island: Add missing "f" to format string 2021-06-09 15:11:52 -04:00
Mike Salvatore 1c5daf168c Merge branch 'custom-certificate' into develop 2021-06-09 15:10:14 -04:00
Mike Salvatore 6aa76497ec island: Use config file in ~/.monkey_island if it exists 2021-06-09 14:48:59 -04:00
Mike Salvatore 9131f86215 island: remove misleading comment 
We don't check admin permissions at all, and admin is included in
"everyone else".
 2021-06-09 14:20:58 -04:00
Mike Salvatore 67d4f18d65 tests: Refactor create_empty_file() -> create_empty_tmp_file() 2021-06-09 14:14:44 -04:00
Mike Salvatore cf5b1378f2 island: Consolidate duplicate code in test_island_config_options_validator 2021-06-09 14:06:54 -04:00
Mike Salvatore 7fe10af1b2 island: Pass int, not str to has_expected_permissions() 2021-06-09 13:55:48 -04:00
shreyamalviya 5aaa844289 Add missing constant in config_setup.py 2021-06-09 22:00:44 +05:30
shreyamalviya 91a7c42a85 Format test_island_config_options_validator.py with black 2021-06-09 21:56:44 +05:30
shreyamalviya 8a321f0290 Add Windows tests for island_config_options_validator.py 2021-06-09 21:52:07 +05:30
Mike Salvatore b98ebc8a69 island: Remove tmpdir cleanup code from test_utils.py 
Pytest automatically cleans up tmpdir fixtures older than 3 runs. See
https://docs.pytest.org/en/6.2.x/tmpdir.html#the-default-base-temporary-directory

Windows10 and Linux will automatically clean their temp directories.
 2021-06-09 10:36:37 -04:00
Mike Salvatore 00b37ca6a5 island: Test windows permissions set by create_secure_directory() 2021-06-09 10:32:42 -04:00
shreyamalviya 91aad66e16 Modify log message when checking file permissions 
Removed code to display it in octal since it makes no sense on Windows.
Added `oct()` around linux permissions when expected_permissions is
being defined.
 2021-06-09 19:51:20 +05:30
shreyamalviya 424aceb116 Use constants instead of permission masks 2021-06-09 19:38:45 +05:30
shreyamalviya 84b0664423 Modify comment in monkey_island/cc/server_utils/file_utils.py 2021-06-09 19:37:58 +05:30
Mike Salvatore 945e1adf58 island: Split has_expected_permissions() into os-specific functions 2021-06-09 09:47:23 -04:00
shreyamalviya dc8e2b018d Fix/ignore flake8 and fix isort warnings 2021-06-09 07:39:56 -04:00
shreyamalviya cd2f627cc1 Add tests for Windows file permissions checking 2021-06-09 07:39:56 -04:00
shreyamalviya fcd758e24f Fix Windows file permissions checking 2021-06-09 07:39:56 -04:00
Shreya 438a63b0f4 Fix Windows file permission checking 2021-06-09 07:39:56 -04:00
Shreya f1d85dbc44 Change default cert permissions in bat script for creating default cert 2021-06-09 07:39:56 -04:00
Shreya 011ab2a393 Modify `has_expected_permissions()` to check files on Windows 2021-06-09 07:39:56 -04:00
Shreya 10e7b19669 Fix consts.py (mix up during rebase) 2021-06-09 07:39:56 -04:00
shreyamalviya ef17b7f9c8 Add unit tests for windows directory permission setting 2021-06-09 16:31:27 +05:30
Mike Salvatore 3841dd7f7b island: Set tighter permissions on certs in create_certificate.sh 2021-06-08 07:17:59 -04:00
Mike Salvatore 4b119ab4ce island: Skip some island_config_options_validator tests on Windows 2021-06-08 06:35:15 -04:00
Mike Salvatore 63fb396bbb island: Add unit tests for island_config_options_validator 2021-06-07 19:55:33 -04:00
Mike Salvatore b80dd59352 tests: move create_empty_file() to conftest.py 2021-06-07 19:44:06 -04:00
Mike Salvatore 78af0d86aa island: Move IslandConfigOptions validation to separate module 2021-06-07 19:28:03 -04:00
Mike Salvatore c19dc9dcad island: Add config validation to IslandConfigOptions 2021-06-07 14:41:05 -04:00
Mike Salvatore a45848ce0c island: Move file_has_expected_permissions() to file_utils.py 
Rename to `has_expected_permissions()` as
`file_has_expected_permissions()` is now reduntant.

Add unit tests
 2021-06-07 14:12:48 -04:00
Mike Salvatore 36314f09ae island: Use certificate provided in config, not environment variables 2021-06-07 13:24:31 -04:00
Mike Salvatore 4e1b4fbf6b island: Replace calls to os.{expandpath,expandusers} with expand_path() 2021-06-07 13:21:16 -04:00
Mike Salvatore bf0fe10ea9 island: Add unit tests for expand_path() 2021-06-07 13:18:04 -04:00
Mike Salvatore 8744011297 island: move set_home_env() to conftest.py so it can be reused 2021-06-07 13:17:22 -04:00
Mike Salvatore 0519153aaf island: Move _expand_path() to file_utils.py so it can be reused 2021-06-07 13:04:38 -04:00
Mike Salvatore e4866b1286 island: Change _expand_path() from a static to regular function 
_expand_path() is a utility function used by IslandConfigOptions. It
doesn't need to be part of the class. It can potentially be reused by
other modules that require the same functionality.
 2021-06-07 12:57:42 -04:00
Mike Salvatore f0a109a145 island: Add tests for ssl_certificate_key_file 2021-06-07 12:53:32 -04:00
Mike Salvatore 4231f316db island: Add tests for ssl_certificate_file 2021-06-07 12:41:11 -04:00
Mike Salvatore f2a2efc2a7 island: Remove redundant "test_island_config_options" from tests 
The file is named "test_island_config_options.py". Including
"island_config_options" in every test/function name is reduntant.
 2021-06-07 12:30:03 -04:00
Mike Salvatore ea0d6f0141 island: Add a generalized testing function to test_island_config_options 2021-06-07 12:20:32 -04:00
Shreya 4f601ca5dc Pass file paths to setup_certificate() instead of IslandConfigOptions 2021-06-07 20:12:29 +05:30
Shreya 42a9a79800 Modify server_config.json ssl cert fields 2021-06-07 20:12:29 +05:30
Shreya 2b73ec75c8 Move monkey_island/cc/setup/certificate/certificate_setup.py to monkey/monkey_island/cc/setup/certificate_setup.py 2021-06-07 20:12:29 +05:30
Shreya 227039f30c Add `_expand_path()` to wrap `os.path.expandvars()\' and `os.path.expanduser()\' 2021-06-07 20:12:27 +05:30
Mike Salvatore a815850c9e Merge branch 'default-data-dir-bug' into develop 2021-06-07 06:41:38 -04:00
Mike Salvatore 2b1af17433
island: Add typehint to create_default_server_config_file() 
Co-authored-by: Shreya Malviya <shreya.malviya@gmail.com>
 2021-06-07 06:39:05 -04:00
VakarisZ abaeafcb6b Split one unit test test_encrypt_decrypt_config__malformed into two, one for too short configuration, another one for corrupted file. 2021-06-07 11:43:44 +03:00
VakarisZ 04a35a1e36 Improved wording in configuration export related logs and UI 2021-06-07 11:41:28 +03:00
VakarisZ 1125b0fe4b Added pyAesEncrypt to the Pipfile 2021-06-07 11:31:46 +03:00
VakarisZ e918ae1d2c Renamed a unit test to be more specific: test_decrypt_config__no_password -> test_encrypt_decrypt_config__decrypt_no_password 2021-06-07 11:30:49 +03:00
VakarisZ c487a278fe Fixed a type-hint for a config decryption method 2021-06-07 11:30:10 +03:00
Shreya 5ba8effe1a Use octal representation for permissions 2021-06-07 13:26:14 +05:30
Shreya 4ad49d19c7 Rename "required" permissions to "expected" permissions 2021-06-07 13:22:44 +05:30
Shreya 53a126482f Extract file checking activities 2021-06-07 13:22:38 +05:30
Mike Salvatore b0ac07553a island: Assert isdir() in test_monkey_island_abs_path() 2021-06-06 19:01:16 -04:00
Shreya d740173f79 Post-rebase fixes 2021-06-04 13:20:01 +05:30
Shreya 88ae762618 Expand cert and key path in IslandConfigOptions 2021-06-04 12:23:04 +05:30
Shreya a2bd59c377 Move `has_sufficient_permissions` to a separate file in utils/ 2021-06-04 12:23:03 +05:30
Shreya 6f1154f911 Add log message for which certificate is being used 2021-06-04 12:23:03 +05:30
Shreya c1463b4a18 Implement `has_sufficient_permissions` function for checking certificate files 2021-06-04 12:23:03 +05:30
Shreya c9a53833e2 Add support for custom certificate (partially) 2021-06-04 12:23:03 +05:30
Mike Salvatore 0cd9709b82 island: Remove server_config.json.develop 
Since Monkey Island no longer writes to server_config.json in the source
code directory, and each package will overwrite server_config.json with
its own server config (until we separate the deployment from the config
in issue #1205), we no longer need server_config.json.develop and we
don't need to worry about accidentally committing credentials to git.
 2021-06-03 20:38:13 -04:00
Mike Salvatore e57e28a97f island: Consolidate tests for consts.py 2021-06-03 20:25:07 -04:00
Mike Salvatore 5ecc02d553 island: Use the data_dir specified in the default server config 2021-06-03 20:25:05 -04:00
Mike Salvatore 19e47583e9 island: Use `os.getcwd()` for MONKEY_ISLAND_ABS_PATH on Windows 
See issue #1207 for more details.
 2021-06-03 15:51:36 -04:00
Mike Salvatore 03b543f7f6 island: Move setup/island_config_options.py -> cc/setup/ 2021-06-03 12:20:55 -04:00