Compare commits

...

1552 Commits

Author SHA1 Message Date
p34709852 994f7de8e3 Update README.md 2022-10-12 13:27:11 +08:00
wutao dedde27c8c 11222223333 2022-10-11 15:35:25 +08:00
wutao 1d0f3c8e50 测试1111111111 2022-10-11 14:38:05 +08:00
wutao 25054d8479 Merge branch 'develop' of http://111.8.36.180:3000/p15670423/monkey into develop 2022-10-11 14:37:24 +08:00
wutao 5273769ca7 测试 2022-10-11 14:37:03 +08:00
p15670423 c4b2f4d171 Delete 'test_dumps03.py' 2022-10-11 14:01:23 +08:00
p15670423 bfe3e6da58 Delete 'test_dumps01.py' 2022-10-11 14:01:10 +08:00
p15670423 dbab067af5 Delete 'test03.txt' 2022-10-11 14:00:54 +08:00
p15670423 453dd67e03 Delete 'requirements.txt' 2022-10-11 14:00:45 +08:00
p15670423 386bbf84b2 ddfyas
ysdf
Co-authored-by: p15670423 <p15670423@example.org>
Co-committed-by: p15670423 <p15670423@example.org>
2022-10-11 14:00:25 +08:00
p15670423 4cd9fd289e Delete 'test_dumps03.py' 2022-10-11 13:59:36 +08:00
p15670423 ffdf699f32 Delete 'test_dumps01.py' 2022-10-11 13:59:26 +08:00
p15670423 036742925c Delete 'test03.txt' 2022-10-11 13:59:16 +08:00
p15670423 017d109a77 Delete 'requirements.txt' 2022-10-11 13:58:46 +08:00
p15670423 14ea13c6ee ces
ceees
Co-authored-by: p15670423 <p15670423@example.org>
Co-committed-by: p15670423 <p15670423@example.org>
2022-10-11 13:56:30 +08:00
p15670423 00034313b1 Delete 'test03.txt' 2022-10-11 13:55:26 +08:00
p34709852 bef6e2c37f ADD file via upload 2022-10-11 13:50:14 +08:00
p34709852 f10c9f7e29 Delete 'requirements.txt' 2022-10-11 13:48:45 +08:00
p34709852 b0d3201186 Delete 'test_dumps03.py' 2022-10-11 13:47:11 +08:00
p15670423 73cc1994d9 Update test_dumps03.py 2022-10-11 13:42:14 +08:00
p15670423 9208f6691d Update requirements.txt 2022-10-11 13:41:56 +08:00
p15670423 73a326a3e3 no-ff
no-ff方式。。。。。。。。。。。
2022-10-11 13:30:17 +08:00
p15670423 4188bb507c Update test_dumps03.py 2022-10-11 13:30:17 +08:00
p34709852 7985a6b07f Add requirements.txt 2022-10-11 13:30:17 +08:00
p34709852 c8859701c8 ADD file via upload 2022-10-11 13:30:17 +08:00
p34709852 880a2d68e8 Delete 'test_dumps01.py' 2022-10-11 13:28:20 +08:00
p34709852 a47ca4dac8 ADD file via upload 2022-10-11 11:36:11 +08:00
p15670423 f803f88afc 确认合并
测试,,,,,,,,,,,,,,,,,,
2022-10-11 09:55:06 +08:00
p34709852 09b3b42dc5 ADD file via upload 2022-10-10 14:48:05 +08:00
p31829507 de18b55417 Add test_dumps.py 2022-10-10 14:39:32 +08:00
p31829507 9071fc90aa Add test_dumps 2022-10-10 14:38:31 +08:00
wutao 4505399049 测试:重复提交代码 2022-10-10 13:40:54 +08:00
wutao f5bfdc430c 测试:提交代码 2022-10-10 13:36:32 +08:00
wutao 0382831701 测试:提交代码 2022-10-10 13:34:44 +08:00
Mike Salvatore 04fec93c39 Merge branch '2269-publish-events-from-hadoop-exploiter' into develop
PR #2396
2022-10-07 09:37:37 -04:00
Ilija Lazoroski 7a664218bd Agent: Check all potential urls in Hadoop 2022-10-07 15:13:04 +02:00
Mike Salvatore 6d60e33c1e Merge branch '2269-publish-events-for-mssql-exploiter' into develop
PR #2401
2022-10-07 08:46:40 -04:00
Mike Salvatore a558948c5d Agent: Remove unnecessary `pass` from MSSQLExploiter 2022-10-07 08:43:05 -04:00
Mike Salvatore 66f5d7a86a Agent: Remove errant exploitation event from hadoop
If no potential URLs are found, then no exploit is attempted, so there's
no reason to publish an ExploitationEvent.
2022-10-07 08:35:24 -04:00
Shreya Malviya 3b225a9c7d
Merge pull request #2376 from guardicore/dependabot/npm_and_yarn/monkey/monkey_island/cc/ui/d3-color-and-d3-3.1.0
Bump d3-color and d3 in /monkey/monkey_island/cc/ui
2022-10-07 18:01:53 +05:30
Mike Salvatore 79e8ce5f79 Island: Pass tuple, not set to upsert_tcp_connections()
pydantic can probably handle the set -> tuple conversion itself, but
mypy complains.
2022-10-07 07:44:49 -04:00
Mike Salvatore 0965b97d45 Island: Use ScanEvent for typehint in ScanEventHandler
`event` gets passed to `_get_source_machine()`, which expects
`ScanEvent`, not `AbstractAgentEvent`
2022-10-07 07:43:50 -04:00
Mike Salvatore 4c026241ea Island: Change method order in ScanEventHandler 2022-10-07 07:41:50 -04:00
Ilija Lazoroski 25073be9f3 Agent: Remove adding vulnerable urls in Hadoop
Adding vulnerable ulrs causes check to see if the target is exploitable
which calls self.exploit
2022-10-07 11:46:35 +02:00
Ilija Lazoroski c02d43556a Agent: Make Hadoop tags uppercase 2022-10-07 11:46:35 +02:00
Ilija Lazoroski 8bdb30dcfb Agent: Rename stamp to timestamp in Hadoop 2022-10-07 11:46:35 +02:00
Ilija Lazoroski 8f6df12d9c Agent: Modify HadoopExploiter tags to be properties 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala 76a3cb0ba0 Agent: Stamp time before exploit executes 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala de5d365bb0 Agent: Publish events sooner 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala 3e592cfa69 Agent: Use exploiter tag properties 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala 4a0a24dde2 Agent: Update hadoop exploiter tags T1570 -> T1105 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala 76ae57281d Agent: Use EXPLOIT_TAGS for exploitation event 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala 54b551b728 Agent: Update tags for hadoop events 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala c31aed94ea Agent: Move successful explotiation event publish 2022-10-07 11:46:35 +02:00
Kekoa Kaaikala bee1047024 Agent: Update hadoop failed event publishing 2022-10-07 11:46:34 +02:00
Kekoa Kaaikala 57af640317 Agent: Use correct publish method names 2022-10-07 11:46:34 +02:00
Ilija Lazoroski 9c185a3a78 Agent: Add tags and error messages in Hadoop 2022-10-07 11:46:34 +02:00
Ilija Lazoroski fe864792f3 Agent: Publish Propagation and Exploitation events from Hadoop 2022-10-07 11:46:34 +02:00
VakarisZ 4709ae771b
Merge pull request #2400 from guardicore/2267-add-tcp-connections
2267 add tcp connections
2022-10-07 12:15:39 +03:00
vakarisz be4ecccdcd Island: Refactor get_node_by_id to raise UnknownRecordError 2022-10-07 10:05:06 +03:00
Mike Salvatore 77d37bdb21 Merge branch '2269-publish-events-from-log4shell-exploiter' into develop
PR #2397
2022-10-06 17:26:06 -04:00
Mike Salvatore 9c2cdf15e2 Agent: Add TODO in Log4ShellExploiter 2022-10-06 17:01:06 -04:00
Mike Salvatore ead979c6ca Agent: Add T1110 to Log4Shell exploiter tags 2022-10-06 16:54:02 -04:00
Mike Salvatore 03c6c5ea4b Agent: Remove unnecessary Path -> str in Log4ShellExploiter 2022-10-06 16:51:14 -04:00
Mike Salvatore eac3076828 Agent: Change typehint for build_monkey_commandline's location
The function can handle str, PurePath, or None. This typehint change
reflects that capability
2022-10-06 16:50:41 -04:00
Mike Salvatore 7bc9993c6f Agent: Reduce VICTIM_WAIT_SLEEP_TIME_SEC to 0.050 seconds
1 second is a long time to wait, and we want our event timestamps to be
more accurate. 0.050 is 10 x sys.getswitchinterval(). It's reasonably
accurate but will also share the CPU nicely.
2022-10-06 16:46:41 -04:00
Mike Salvatore 6bd7042444 Agent: Add VICTIM_WAIT_SLEEP_TIME_SEC constant in log4shell exlpoiter 2022-10-06 16:42:33 -04:00
Mike Salvatore d8fca72f28 Agent: Publish all prop/exploit events from _wait_for_victim() 2022-10-06 16:41:20 -04:00
Mike Salvatore b2c5b22128 Merge branch '2269-publish-events-from-powershell-exploiter' into develop
PR #2402
2022-10-06 12:45:13 -04:00
Mike Salvatore 8e3bf96589 Agent: Convert plaintext to str()
get_plaintext() can return bytes. Convert the output to a str in
PowershellClient to avoid potential issues.
2022-10-06 12:40:50 -04:00
Mike Salvatore 65dd386603 Agent: Collect timestamp before powershell connect 2022-10-06 12:39:37 -04:00
Mike Salvatore c4573673ce Agent: Rename timestamp -> execute_agent_timestamp 2022-10-06 12:39:11 -04:00
Ilija Lazoroski ac11d159fe Agent: Revise Powershell publishing of events 2022-10-06 16:03:15 +02:00
Mike Salvatore de9b5601d8
Merge branch 2269-publish-events-from-sshexec-exploiter into develop
PR #2395
2022-10-06 10:00:35 -04:00
Mike Salvatore c980bfd915 Agent: Move timestamp closer to ssh.exec_command() 2022-10-06 09:57:11 -04:00
Mike Salvatore 52380a2513 Agent: Publish exploitation event on unexpected SSH exception 2022-10-06 09:55:53 -04:00
Mike Salvatore 39bada5bb1 Agent: Move assignment outside of try/except 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 3bca02af59 Agent: Fix powershell tests 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 7d535c72d9 Agent: Publish powershell exploitation events 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala 3bede2f9d1 Agent: Publish propagation events 2022-10-06 15:50:46 +02:00
Kekoa Kaaikala bb6716df18 Common: Add attack technique T1059 2022-10-06 15:50:46 +02:00
vakarisz 8503e0f499 UT: Remove unused test data structures 2022-10-06 15:02:13 +03:00
Ilija Lazoroski ec617df06a Agent: Fix LocketHTTPServer mypy error in MSSQLExploiter 2022-10-06 13:53:17 +02:00
vakarisz 0d246a0479 Island: Rename add_tcp_connections to upsert_tcp_connections 2022-10-06 14:49:11 +03:00
Ilija Lazoroski 47846628e6 Agent: Modify MSSQL tags to be properties 2022-10-06 13:47:11 +02:00
vakarisz 3bc2e4876f Island: Handle missing node in add_tcp_connections 2022-10-06 14:45:56 +03:00
Kekoa Kaaikala 15974ff21c Agent: Stamp time before running exploit 2022-10-06 13:37:26 +02:00
Kekoa Kaaikala 66f8471f24 Agent: Remove "summary" event 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala e404416363 Agent: Use exploit tag properties 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 5c6b1e3910 Common: Remove unused technique T1071 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 9269c8579c Agent: Remove unneccessary technique 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 8317c03686 Agent: Add tags to MSSQL propagation events 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala aab965bad7 Common: Add attack technique T1071 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala fa8b721abe Common: Add attack technique T1059 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 183bd1145f Agent: Add tags to MSSQL exploitation events 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 33230e85f7 Agent: Use updated publish methods 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 2cd9d0086b Agent: Fix mypy error in http_tools.py 2022-10-06 13:35:18 +02:00
Kekoa Kaaikala 8dd196122b Agent: Publish events from MSSQLExploiter 2022-10-06 13:35:18 +02:00
vakarisz b0ec035909 Island: Move tcp_connection addition to node repository 2022-10-06 14:31:12 +03:00
Ilija Lazoroski 0f3f45e92f Agent: Modify Log4Shell tags to be properties 2022-10-06 13:26:48 +02:00
Kekoa Kaaikala 016bf5c795 Agent: Stamp times before the exploit runs 2022-10-06 13:24:03 +02:00
Kekoa Kaaikala 48e6e95271 Agent: Update propagation tags for log4shell 2022-10-06 13:22:38 +02:00
Kekoa Kaaikala ac69064dec Agent: Send failed exploitation event 2022-10-06 13:22:38 +02:00
Kekoa Kaaikala 0c4b90beb5 Agent: Fix typo 2022-10-06 13:22:38 +02:00
Ilija Lazoroski c5d5418af4 Agent: Fix typo in t1203 attack technique in Log4Shell 2022-10-06 13:22:38 +02:00
Ilija Lazoroski ef4a465515 Agent: Add tags to exploitation and propagation events in Log4Shell 2022-10-06 13:22:38 +02:00
Ilija Lazoroski c5506f98e8 Agent: Publish Propagation and Exploitation events from Log4Shell 2022-10-06 13:22:38 +02:00
vakarisz c90044074d Island: Remove storage error when node wasn't modified
Upserting should throw an error when updating or inserting went wrong, not when a node is already up to date.
2022-10-06 14:21:13 +03:00
Ilija Lazoroski 95f1e3cb7b Agent: Modify tags methods to be properties in SSHExploiter 2022-10-06 13:16:49 +02:00
Ilija Lazoroski dcb08b2881 Agent: Convert IPv4Address to str when connecting to socket 2022-10-06 13:15:42 +02:00
Ilija Lazoroski f0112410c9 Agent: Rename stamp to timestamp in SSHExploiter 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala e11bd2c7f2 Agent: Stamp start time prior to running exploit 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala aba886624e Agent: Send propagation events sooner 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala e8f48085a4 Agent: Use the tag properties 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 79f72dda55 Agent: Stop sending PropagationEvent before attempt 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 72378f4e53 Agent: Publish scan event when checking ssh port 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 431d6ae775 Agent: Extract method _get_ssh_port 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 0a1901b9a1 Agent: Use error to propagate failure 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala a2534391a6 Agent: Extract method _propagate 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 1cb88e029a Agent: Extract method _exploit 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala b31eb885f0 Agent: Extract method _get_victim_os 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala dc8a0ac2ad Agent: Extract method _upload_agent_binary 2022-10-06 13:15:42 +02:00
Kekoa Kaaikala 9dac64b60e Agent: Update ssh exploiter tags 2022-10-06 13:15:42 +02:00
Ilija Lazoroski 5d9416c385 Agent: Use common.tags to publish events in SSHExploiter 2022-10-06 13:15:42 +02:00
Ilija Lazoroski 5948537d4a Agent: Add tags to SSHExploiter 2022-10-06 13:15:42 +02:00
Ilija Lazoroski ddaada1f09 Agent: Revise event publishing in SSHExploiter 2022-10-06 13:15:42 +02:00
vakarisz 2248bdcd67 Island: Add _get_node_by_id method to mongo_node_repository.py 2022-10-06 14:10:47 +03:00
Shreya Malviya e2453e481c Agent: Rename variables in HostExploiter 2022-10-06 16:38:42 +05:30
Kekoa Kaaikala 254b4e1c6c Agent: Update publish methods to accept timestamp 2022-10-05 19:43:25 +00:00
Kekoa Kaaikala 12e9aaf42e Agent: Add abstract properties for exploiter tags 2022-10-05 17:32:48 +00:00
Kekoa Kaaikala 95b1d9c62d Agent: Remove target from publish methods 2022-10-05 15:57:15 +00:00
vakarisz 249950d602 Island: Improve tcp handler code and coverage 2022-10-05 17:07:19 +03:00
vakarisz 6c913895c5 Island: Add TCP connections to nodes based on TCP scan event 2022-10-05 15:33:16 +03:00
vakarisz bbcdc1bef4 Island: Make upsert_node method public
Updating/inserting the node into the repository is required outside of repository itself.
2022-10-05 15:33:11 +03:00
Mike Salvatore 73a8c14397 Merge branch '2269-add-attack-technique-tags' into develop
PR #2394
2022-10-05 08:25:51 -04:00
Ilija Lazoroski 63f869d296 Project: Add common.tags and HostExploiter publish functions to Vulture 2022-10-05 14:21:23 +02:00
Mike Salvatore 82217b4094
Merge branch 2267-add-network-services into develop
PR #2398
2022-10-05 08:20:13 -04:00
Mike Salvatore 10e3c97489 Island: Use Tuple[SocketAddress] for tcp_connections
There are serialization issues when using FrozenSet because pydantic
converts the SocketAddress to a dict, which is not hashable. There are
probably ways to work around this, but it's not worth the effort at thsi
time. If performance becomes an issue (doubtful) we can revisit using a
frozenset instead.
2022-10-05 14:51:31 +03:00
Mike Salvatore 8799a60f47 Island: Fix serialization/deserialization of Machine.network_services 2022-10-05 14:51:30 +03:00
Mike Salvatore d8cf5d33dd Common: Extract MutableInfectionMonkeyModelConfig 2022-10-05 14:51:30 +03:00
Mike Salvatore eb3daf84f1 Common: Use strings for NetworkService Enum values 2022-10-05 14:51:30 +03:00
Mike Salvatore f6ed8a997c Common: Rename NetworkServiceNameEnum -> NetworkService
"Name" and "Enum" are redundant in this case
2022-10-05 14:51:25 +03:00
vakarisz 8bf1d1f46f Island, Common: Add services to machine.py 2022-10-05 14:51:01 +03:00
vakarisz a390c97b70 Island: Add tcp_connections to node 2022-10-05 14:50:02 +03:00
vakarisz 80a095b657 Agent: Use NetworkPort instead of Port 2022-10-05 14:50:02 +03:00
Ilija Lazoroski 2ece91b9df Agent: Rename event_queue to agent_event_queue in SSHCredentialCollector 2022-10-05 11:37:58 +02:00
Ilija Lazoroski c7e2b91735 Agent: Rename event_queue to agent_event_queue in
MimikatzCredentialCollector
2022-10-05 11:34:50 +02:00
Ilija Lazoroski 19fcf8d053 Agent: Import attack technique tags from common in MimikatzCollector 2022-10-05 11:30:09 +02:00
Ilija Lazoroski c8aee645fa Agent: Import attack technique tags from common in SSHCollector 2022-10-05 11:24:52 +02:00
Ilija Lazoroski 491612f9e8 Common: Add T1005 and T1145 attack technique tags 2022-10-05 11:21:28 +02:00
Ilija Lazoroski 0ed167fb48 Agent: Import attack technique tags from common in Zerologon 2022-10-05 11:13:39 +02:00
Ilija Lazoroski e46bb8964d Common: Add T1003 and T1098 attack technique tags 2022-10-05 11:11:18 +02:00
Mike Salvatore fd8ea53e8b Merge branch '2269-remove-find_monkeys_in_db' into develop
PR #2391
2022-10-04 18:21:00 -04:00
Mike Salvatore bbbb1ac773 Island: Remove disused LogBlackboxEndpoint 2022-10-04 16:30:13 -04:00
Mike Salvatore 6ae7676322 BB: Pass generator instead of list comprehension to all()
This will allow a short-circuit.
2022-10-04 16:30:13 -04:00
Mike Salvatore b713cce893 Island: Remove /api/test/monkey endpoint 2022-10-04 16:30:13 -04:00
Kekoa Kaaikala 2bea619786 BB: Removed unused method and endpoint 2022-10-04 16:30:13 -04:00
Kekoa Kaaikala e0c9717da9 BB: Update test_compabitiblity to use new api 2022-10-04 16:30:13 -04:00
Kekoa Kaaikala 73fbc22e3d BB: Remove find_monkeys_in_db 2022-10-04 16:30:13 -04:00
Mike Salvatore a691a16625
Merge pull request #2393 from guardicore/2269-update-hostexploiter
2269 update hostexploiter
2022-10-04 15:34:08 -04:00
Mike Salvatore 3172433410 Agent: Swap order of _publish_{propagation,exploitation}_event()
Putting _publish_exploitation_event() first puts the methods in both
alphabetical and chronological order.
2022-10-04 15:20:14 -04:00
Mike Salvatore 8e6a098a2e Project: Add HostExploiter methods to vulture_allowlist.py 2022-10-04 15:18:12 -04:00
Kekoa Kaaikala a07eadce60 Common: Add T1570 attack technique 2022-10-04 18:00:41 +00:00
Kekoa Kaaikala d1a8ce2082 Common: Add T1210 tag 2022-10-04 17:58:33 +00:00
Kekoa Kaaikala 6a100105be Common: Order attack tags alphanumerically 2022-10-04 17:58:23 +00:00
Ilija Lazoroski 8b4af5c349 Common: Fix typo in attack tags 2022-10-04 17:57:57 +00:00
Ilija Lazoroski dd35bebb3e Common: Add T1203 attack technique tag 2022-10-04 17:57:16 +00:00
Ilija Lazoroski bb11ea7857 Common: Add attack tags 2022-10-04 17:56:49 +00:00
Kekoa Kaaikala ee77eddaab Agent: Fix tuple type hint 2022-10-04 17:50:39 +00:00
Kekoa Kaaikala 116ae90f3d UT: Remove host exploiter tests 2022-10-04 17:45:30 +00:00
Kekoa Kaaikala b94002a984 Agent: Make publish methods private 2022-10-04 17:44:37 +00:00
Ilija Lazoroski 8e161f0fd9 Agent: Accept tuple as tags to HostExploiter publish events methods 2022-10-04 17:36:27 +00:00
Ilija Lazoroski 95b3556cd0 Agent: Exploiter name when publishing events to be __class__.__name__ 2022-10-04 17:36:05 +00:00
Kekoa Kaaikala a79d40b42e UT: Fix powershell tests 2022-10-04 17:35:33 +00:00
Kekoa Kaaikala 3e86766aaf Agent: Use default value for exploiter name 2022-10-04 17:35:05 +00:00
Ilija Lazoroski 0b72e4ef9a Agent: Add publish methods to HostExploiter 2022-10-04 17:34:41 +00:00
Ilija Lazoroski bf4fecf464 Agent: Rename event_queue to agent_event_queue in HostExploiter 2022-10-04 17:34:31 +00:00
Mike Salvatore 4ace93e417 Merge branch 'consolidate-agent-event-handlers' into develop
PR #2390
2022-10-03 15:19:16 -04:00
Mike Salvatore adee0b4063 Agent: Move add_credentials_from_event to agent_event_handlers package 2022-10-03 14:47:03 -04:00
Mike Salvatore 37b884a5b8 Agent: Move agent_event_forwarder.py to agent_event_handlers package 2022-10-03 14:47:03 -04:00
Mike Salvatore a3ce870b64
Merge pull request #2389 from guardicore/2269-notify-relay-on-propagation
2269 notify relay on propagation
2022-10-03 14:46:14 -04:00
Mike Salvatore 399fedfba5 UT: Rename test_relay_not_notified_if_none 2022-10-03 14:45:44 -04:00
Kekoa Kaaikala 57b4ec4117 BB: Refactor agent communication check
Updated CommunicationAnalyzer to use the /api/agents and /api/machines
endpoints to determine whether or not an agent communicated back to the
island.

Resolves PR #2388
2022-10-03 14:28:22 -04:00
Mike Salvatore a8383f4a79 Agent: Add docstrings to notify_relay_on_propagation 2022-10-03 13:25:30 -04:00
Mike Salvatore d3ff56138f Agent: Remove disused ExploitInterceptingTelemetryMessenger 2022-10-03 13:15:55 -04:00
Mike Salvatore 2ad972548b Agent: Remove ExploitInterceptingTelemetryMessenger decoration 2022-10-03 13:15:55 -04:00
Mike Salvatore fb7d62e318 Agent: Subscribe notify_relay_on_propagation to PropagationEvent events 2022-10-03 13:15:55 -04:00
Mike Salvatore 0466eb7239 Agent: Add notify_relay_on_propagation agent event handler 2022-10-03 13:15:55 -04:00
Mike Salvatore 368ddde20f Common: Register serializers for {Exploitation,Propagation}Event 2022-10-03 13:15:12 -04:00
Mike Salvatore eb16969a56 Merge branch '2362-bb-get-agent-logs' into develop
PR #2384
2022-10-03 10:41:30 -04:00
Mike Salvatore a8627aed48 Merge branch '2269-exploitation-event' into develop
PR #2387
2022-10-03 10:36:25 -04:00
Mike Salvatore 07839a46ae
Merge pull request #2385 from guardicore/2269-propagation-event
Define Propagation Event
2022-10-03 10:34:33 -04:00
Ilija Lazoroski 779fc63edc Common: Add param docstring in TCPScanEvent 2022-10-03 16:26:55 +02:00
Ilija Lazoroski d1af356e19 UT: Add tests for PropagationEvent 2022-10-03 16:25:47 +02:00
Ilija Lazoroski 3389915399 Common: Add PropagationEvent to agent_events 2022-10-03 16:25:45 +02:00
Ilija Lazoroski fa2ac64b16 UT: Add ExploitationEvent tests 2022-10-03 16:24:09 +02:00
Ilija Lazoroski a7872d69cf Common: Add ExploitationEvent to agent_events 2022-10-03 16:24:07 +02:00
Mike Salvatore 82c81c2a4b Common: Move JSONSerializable to common.types 2022-10-03 10:19:16 -04:00
Mike Salvatore cfd49db8d2 Island: Use logger.exception() 2022-10-03 10:16:40 -04:00
Mike Salvatore d922d71081 BB: Add error message when machine is missing interfaces 2022-10-03 10:14:48 -04:00
Ilija Lazoroski 5b9811f089 UT: Add tests for PropagationEvent 2022-10-03 15:00:27 +02:00
Ilija Lazoroski 3d22e49ccc Common: Add PropagationEvent to agent_events 2022-10-03 15:00:25 +02:00
Mike Salvatore 378e8d55ff BB: Add type hints to MonkeyLogsDownloader.__init__() 2022-10-03 07:54:36 -04:00
Mike Salvatore 477e80bfba BB: Remove disused MonkeyIslandClient.find_log_in_db() 2022-10-03 07:52:40 -04:00
Mike Salvatore fc24d80410 BB: Change agent log file name
Use underscores to improve readability
2022-10-03 07:51:40 -04:00
Mike Salvatore e369ef2933 BB: Remove disused MonkeyLog 2022-10-02 16:57:58 -04:00
Mike Salvatore 6a783d9c3e BB: Use threading to download logs
Reduces time to download logs by approx. 40%, but may be unnecessary
after resolving https://github.com/guardicore/monkey/issues/2383
2022-10-02 16:57:56 -04:00
Mike Salvatore e4155648c1 BB: Download agent logs from new endpoints 2022-10-02 14:23:01 -04:00
Mike Salvatore 07a6f49e8b Island: Return empty str, not dict on 404 in AgentLogs.get() 2022-10-02 14:23:00 -04:00
Mike Salvatore c706466cdd BB: Add MonkeyIslandClient.get_agent_log() 2022-10-02 14:21:05 -04:00
Mike Salvatore 99c2c5c6ef BB: Add MonkeyIslandClient.get_machines() 2022-10-02 14:20:49 -04:00
Mike Salvatore b335601a05 BB: Add MonkeyIslandClient.get_agents() 2022-10-02 14:20:30 -04:00
Mike Salvatore 3db3df8bae BB: Add a TODO about parse_log() 2022-10-01 19:21:54 -04:00
Mike Salvatore 25f12305f5
Merge pull request #2379 from guardicore/2267-update-nodes-with-tcp-scan-events
2267 update nodes with tcp scan events
2022-10-01 19:16:54 -04:00
Kekoa Kaaikala 3b6a0cd6af UT: Split test_target_machine_not_exists 2022-09-30 19:54:52 +00:00
Kekoa Kaaikala 28560bd65d UT: Remove more unused `request` parameters 2022-09-30 19:49:16 +00:00
Kekoa Kaaikala 24684bf904 UT: Split scan event StorageError test 2022-09-30 19:46:36 +00:00
Kekoa Kaaikala 978a2a57a9 UT: Add default mocks for fixture methods
Update machine_repository fixture to use:
  - machine_from_id for get_machine_by_id()
  - machines_from_ip for get_machines_by_ip()
2022-09-30 19:36:19 +00:00
Kekoa Kaaikala da5d7b7357 UT: Removed unsed 'request' parameter 2022-09-30 19:32:08 +00:00
Kekoa Kaaikala cf13481865 UT: Remove unused constant 2022-09-30 19:29:27 +00:00
Kekoa Kaaikala 1dbfca567a UT: Give constants uppercase names 2022-09-30 19:28:26 +00:00
Mike Salvatore de435e27ad Merge branch '2268-update-reporting' into develop
PR #2367
2022-09-30 14:50:54 -04:00
Mike Salvatore cefc90034f UT: Add missing __init__.py files 2022-09-30 14:47:58 -04:00
Mike Salvatore 3cde0919e7 Common: Ignore valid-type on con{int,float}
mypy can't handle pydantic's conint and confloat. See
https://github.com/pydantic/pydantic/issues/239 and
https://github.com/pydantic/pydantic/issues/156 for more details.
2022-09-30 14:39:35 -04:00
Mike Salvatore c29d90aa5f Island: Use list comprehension instead of list(map()) 2022-09-30 14:35:30 -04:00
Mike Salvatore 807193ece5 Island: Use list comprehension instead of map() 2022-09-30 14:29:31 -04:00
Kekoa Kaaikala 519f48b6d8 Island: Use ip address in scan report 2022-09-30 18:26:11 +00:00
Mike Salvatore f9e74d4f03
Merge pull request #2381 from guardicore/2362-add-machines-endpoint
2362 add machines endpoint
2022-09-30 14:24:44 -04:00
Mike Salvatore df1baeebe0 Island: Use list comprehension instead of map() 2022-09-30 14:22:54 -04:00
Mike Salvatore b7566a805b Island: Use list comprehension instead of map() 2022-09-30 14:22:32 -04:00
Kekoa Kaaikala a2a6934a49 Changelog: Add entry for /api/machines 2022-09-30 18:11:21 +00:00
Kekoa Kaaikala 3409234a4d UT: Address mypy errors due to get_url_for_resource 2022-09-30 18:11:21 +00:00
Kekoa Kaaikala a3d2d7f6a1 UT: Add tests for Machines resource 2022-09-30 18:11:21 +00:00
Kekoa Kaaikala f05f247417 Island: Hook up the /api/machines endpoint 2022-09-30 18:11:21 +00:00
Kekoa Kaaikala eeca5fbea2 Island: Add resource for /api/machines endpoint 2022-09-30 18:11:21 +00:00
Kekoa Kaaikala 0516e1e015 Island: Add get_machines to IMachineRepository 2022-09-30 18:11:21 +00:00
vakarisz 1bf4407b20 UI: Remove temporarily unused import in SecurityReport.js 2022-09-30 18:08:23 +00:00
vakarisz e8ed30660e UT: Fix report test 2022-09-30 18:08:23 +00:00
vakaris_zilius d0d08f7649 UI: Fix the rendering of scanned machines in UI 2022-09-30 18:08:23 +00:00
vakaris_zilius 9048f72030 Island: Convert scanned machines to json serializable data 2022-09-30 18:08:23 +00:00
vakaris_zilius d974b03ab0 Common: Register PingScanEvent to event serializer 2022-09-30 18:08:23 +00:00
vakaris_zilius 550c375abc Agent: Fix exception handling for failed delivery of agent events
If there's an exception while sending the event to the island it should be logged as exception, not warning (events are not being stored, that's a big no-no). Also, the log should contain proper information of stack trace, not event type
2022-09-30 18:08:23 +00:00
vakarisz 3d27e42ff3 Island: Simplify the report of scanned machines 2022-09-30 18:08:23 +00:00
vakarisz 9a82e46799 Island: Make machine model hashable
Machines can be hashed based on their ID. This allows us to add them to set for example and make sure no duplicate entries are there
2022-09-30 18:08:23 +00:00
Kekoa Kaaikala f0f858eba5 UT: Fix bad values in test_report 2022-09-30 18:08:23 +00:00
Kekoa Kaaikala f7a30e4608 Island: Raise errors if repositories do not exist 2022-09-30 18:08:23 +00:00
vakarisz dd0c504743 UT: Add machines and node to report tests 2022-09-30 18:08:23 +00:00
Kekoa Kaaikala bbd606501e Island: Fix bug in reporting 2022-09-30 18:08:23 +00:00
Kekoa Kaaikala 2740100621 Island: Connect new ReportService dependencies 2022-09-30 18:08:23 +00:00
Kekoa Kaaikala 520b212c69 Island: Remove ReportService.get_all_displayed_nodes 2022-09-30 18:08:22 +00:00
Kekoa Kaaikala 8acf2d9e91 Island: Refactor ReportService.get_scanned
Update ReportService.get_scanned to use repositories instead of services
2022-09-30 18:08:22 +00:00
Kekoa Kaaikala 49c6839c10 Island: Add ReportService.get_accessible_machines 2022-09-30 18:08:22 +00:00
Kekoa Kaaikala 85a5cb3209 Island: Add ReportService.get_all_machines 2022-09-30 18:08:22 +00:00
Kekoa Kaaikala 8537f1fcb7 Island: Add get_machines to IMachineRepository 2022-09-30 18:08:13 +00:00
Mike Salvatore 63447b759a Island: Add missing @jwt_required to `GET /api/agents` 2022-09-30 13:19:41 -04:00
Mike Salvatore 067a143f2c UT: Fix bug in test mock 2022-09-30 13:16:04 -04:00
Mike Salvatore 2811009019 UT: Deparametrize a test
TCP scan events do not contain OS information.
2022-09-30 13:10:57 -04:00
Mike Salvatore 97061ea61c UT: Remove redundant "test_scan_event_handler" from test names 2022-09-30 13:04:57 -04:00
Mike Salvatore 029c101643 UT: Remove disused scan event fixtures 2022-09-30 12:54:27 -04:00
Mike Salvatore 79f56e0789 UT: Use constants for TCP and ping scan method names 2022-09-30 12:54:03 -04:00
Mike Salvatore 20b84aa1a4 UT: Use indirect instead of get_fixture_value() 2022-09-30 12:48:03 -04:00
Mike Salvatore a6d2f45cbb
Merge pull request #2380 from guardicore/2362-get-agents
2362 get agents
2022-09-30 12:37:23 -04:00
Mike Salvatore f89068ae00 Common: Register TCPScanEvent serializer 2022-09-30 12:36:32 -04:00
Mike Salvatore 521411c7fc Common: Register TCPScanEvent serializer 2022-09-30 12:35:57 -04:00
vakaris_zilius c16c093083 Common: Register PingScanEvent to event serializer 2022-09-30 12:33:22 -04:00
vakaris_zilius e2c86d3d7a Common: Register PingScanEvent to event serializer 2022-09-30 12:33:13 -04:00
Mike Salvatore 07fa283ce1 Island: Use container.resolve(ScanEventHandler) 2022-09-30 12:28:22 -04:00
Mike Salvatore 0c786dfd94 Island: Change method order in ScanEventHandler 2022-09-30 12:08:32 -04:00
Mike Salvatore f6e5462ad3 Island: Use sum() to count open ports 2022-09-30 12:06:09 -04:00
Mike Salvatore 9a6300481c
Merge pull request #2377 from guardicore/2267-publish-tcp-scan-event
Publish TCPScanEvent
2022-09-30 11:59:51 -04:00
Mike Salvatore 4987dddc0c Agent: Use dict comprehension instead of for 2022-09-30 11:53:53 -04:00
Mike Salvatore 68b288e5b3 Island: Add `GET /api/agents/` 2022-09-30 11:07:33 -04:00
Ilija Lazoroski 3f89e50930 UT: Fix tcp_scanner tests to patch the time function 2022-09-30 16:51:53 +02:00
Ilija Lazoroski 9154f6f9dc Agent: Generate timestamp when checking for tcp ports 2022-09-30 16:51:53 +02:00
Shreya Malviya 96af86f766 UT: Move variable to above fixtures in test_tcp_scanner.py 2022-09-30 16:51:53 +02:00
Shreya Malviya 9754b4731c UT: Mock AbstractAgentEvent's timestamp (time.time()) in test_tcp_scanner.py 2022-09-30 16:51:53 +02:00
Ilija Lazoroski 326b07e5c1 Island: Fix typo in ScanEventHandler docstring 2022-09-30 16:26:00 +02:00
Ilija Lazoroski d42a353aaa Island: Remove TypeError exception from ScanEventHandler 2022-09-30 16:23:04 +02:00
Ilija Lazoroski f23093dc78 Island: Remove handle_ping_scan_event callable class 2022-09-30 16:20:23 +02:00
Ilija Lazoroski 8002080c8b Island: Subscribe to Ping and TCP scan events with ScanEventHandlers 2022-09-30 16:18:49 +02:00
Ilija Lazoroski 2686a7a4ee UT: Add tests for ScanEventHandler 2022-09-30 16:18:49 +02:00
Ilija Lazoroski e4aec8b9a3 Island: Add ScanEventHandler to agent_event_handlers 2022-09-30 16:18:49 +02:00
Mike Salvatore 3b6e4f5313 Island: Simplify cursor to agents 2022-09-30 10:16:17 -04:00
Mike Salvatore 411b027e92 Island: Implement MongoAgentRepository.get_agents() 2022-09-30 10:15:31 -04:00
Mike Salvatore 84f21b0c1d Island: Add IAgentRepository.get_agents() 2022-09-30 10:15:18 -04:00
Mike Salvatore 61bda27d7f UT: Fix bug in test_handle_ping_scan_event test 2022-09-30 09:50:17 -04:00
Mike Salvatore 2142dce97e Island: Don't handle TypeError in handle_ping_scan_event 2022-09-30 09:49:54 -04:00
Shreya Malviya 0a11d34fb7 UT: Assert mock_agent_event_queue.publish's call args in test_tcp_scanner.py 2022-09-30 18:57:29 +05:30
Shreya Malviya 0bf9309e07 UT: Assert mock_agent_event_queue.publish's call counts in test_tcp_scanner.py 2022-09-30 18:57:29 +05:30
Shreya Malviya bab4ebc2bc Agent: Add 'source' field when creating TCPScanEvent in TCP scanner 2022-09-30 18:57:29 +05:30
Shreya Malviya 35d3038bc8 Agent: Create TCPScanEvent and return from _generate_tcp_scan_event() in TCP scanner 2022-09-30 18:57:29 +05:30
Shreya Malviya 58ddd6e47d Agent: Partially implement publishing TCPScanEvent in TCP scanner 2022-09-30 18:57:29 +05:30
Shreya Malviya a3ca21481e Agent: Add missing/fix existing type hints in TCP scanner 2022-09-30 18:57:29 +05:30
Mike Salvatore fa18cb72da Common: Use NetworkPort in ExploitationOptionsConfiguration 2022-09-30 09:15:50 -04:00
Mike Salvatore 1a01b7c5dc Common: Use NetworkPort in TCPScanConfiguration 2022-09-30 09:14:22 -04:00
Mike Salvatore 5fc4d52d9f Common: Allow 0 for NetworkPort
While TCP port 0 is reserved and you're not supposed to use it, it is a
valid port.
2022-09-30 09:12:25 -04:00
Mike Salvatore 9f3aaf970f Island: Remove disused/emtpy monkey_control package 2022-09-30 07:33:48 -04:00
VakarisZ 61d7050594
Merge pull request #2368 from guardicore/2268-update-nodes
2268 update nodes
2022-09-30 13:58:22 +03:00
vakarisz 7ed071b565 Common: Fix imports in ping_scan_event.py 2022-09-30 09:47:20 +03:00
dependabot[bot] 21656dabb4
Bump d3-color and d3 in /monkey/monkey_island/cc/ui
Bumps [d3-color](https://github.com/d3/d3-color) to 3.1.0 and updates ancestor dependency [d3](https://github.com/d3/d3). These dependencies need to be updated together.


Updates `d3-color` from 1.4.1 to 3.1.0
- [Release notes](https://github.com/d3/d3-color/releases)
- [Commits](https://github.com/d3/d3-color/compare/v1.4.1...v3.1.0)

Updates `d3` from 5.16.0 to 7.6.1
- [Release notes](https://github.com/d3/d3/releases)
- [Changelog](https://github.com/d3/d3/blob/main/CHANGES.md)
- [Commits](https://github.com/d3/d3/compare/v5.16.0...v7.6.1)

---
updated-dependencies:
- dependency-name: d3-color
  dependency-type: indirect
- dependency-name: d3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-30 01:20:57 +00:00
Mike Salvatore 5ab47fbdd3
Merge pull request #2373 from guardicore/2267-tcp-scan-event
2267 tcp scan event
2022-09-29 19:06:32 -04:00
Kekoa Kaaikala a267f02ca9 Island: Move param docstring to __call__ method 2022-09-29 19:47:32 +00:00
Kekoa Kaaikala c1dcb285ae UT: Properly group arrange/assert/act steps 2022-09-29 19:47:23 +00:00
Mike Salvatore f94ef035d6
Merge pull request #2374 from guardicore/2267-island-event-queue-threadsafe
2267 island event queue threadsafe
2022-09-29 15:43:45 -04:00
Mike Salvatore 31c97faf98
Merge pull request #2375 from guardicore/2267-tcp-scanner-accept-iagenteventqueue
2267 tcp scanner accept iagenteventqueue
2022-09-29 15:41:48 -04:00
Mike Salvatore c632b9b77b Island: Rename dest -> target 2022-09-29 15:09:29 -04:00
Mike Salvatore 2aa79331e3 Island: Extract method to improve readablility 2022-09-29 15:05:46 -04:00
Mike Salvatore 052c31e8ff Agent: Modify scan_tcp_ports() to accept an IAgentEventQueue 2022-09-29 14:45:24 -04:00
Kekoa Kaaikala c06d06edc4 UT: Fix storageerror test 2022-09-29 18:34:46 +00:00
Kekoa Kaaikala 783cc06c0d Common: Mitigate mypy errors from DIContainer 2022-09-29 18:34:46 +00:00
Kekoa Kaaikala 9a880123da UT: Fix failing tests 2022-09-29 18:34:46 +00:00
Kekoa Kaaikala d811c6548c Island: Prefer existing OS data to ping OS data
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2022-09-29 18:34:46 +00:00
vakarisz 9b30770777 Island: Fix ping scan handler to add machines IP 2022-09-29 18:34:46 +00:00
vakarisz ff2b04c703 Common: Override target for PingScanEvent to more specific type hint 2022-09-29 18:34:46 +00:00
vakarisz 4d2a6083a1 Island: Fix a bug where failed ping scan created machines 2022-09-29 18:34:46 +00:00
vakarisz 3d80adbcd5 Common: Flatten the ping scan event 2022-09-29 18:34:46 +00:00
vakarisz 6aa69a10b6 Island: Setup ping scan event listener/handler 2022-09-29 18:32:51 +00:00
Kekoa Kaaikala 65d43575d1 UT: Make tests pass 2022-09-29 18:32:51 +00:00
vakarisz 168a5845fd UT: Fix and rename unit tests in test_handle_ping_scan_event.py 2022-09-29 18:32:51 +00:00
vakarisz b6d9f88dee Island: Style improvements in handle_ping_scan_event.py 2022-09-29 18:32:50 +00:00
vakarisz c807f97d18 Island: Rename handle_scan_data to handle_ping_scan_event 2022-09-29 18:32:50 +00:00
vakarisz ecb7ca0d8d Island: Subscribe ping scan events 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala 799f08e383 UT: Implement test_handle_scan_data__upserts_machine_if_not_existed 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala 29355e9d14 UT: Implement test_handle_scan_data__node_not_upserted_if_no_matching_machine 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala 18ca84a247 UT: Implement test_handle_scan_data__node_not_upserted_if_no_matching_agent 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala ce8219aa6d UT: Implement test_handle_scan_data__upserts_node 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala ab32daa0e0 Common: Fix AbstractAgentEvent union 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala 1c127781ca UT: Implement test_handle_scan_data__upserts_machine 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala a0d6565c4a UT: Stub out unit tests for handle_scan_data 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala 371ca12dfb Island: Add handle_scan_data to __init__.py 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala 89c6e2b7bc Island: Extract methods in handle_scan_data 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala eacd426969 Island: Handle StorageError in handle_scan_data 2022-09-29 18:32:50 +00:00
Kekoa Kaaikala 304dfbd21f Island: Add callable to handle PingScanEvent 2022-09-29 18:32:50 +00:00
Mike Salvatore 4b3402f7a8 UT: Move mock_agent_event_queue into conftest.py 2022-09-29 14:32:20 -04:00
Mike Salvatore b95baaba87 UT: Add tests for TCPScanEvent 2022-09-29 13:59:55 -04:00
Mike Salvatore 208ba1c2ab Common: Use lower-case member name for PortStatus values 2022-09-29 13:49:50 -04:00
Mike Salvatore 28026716db Project: Import NetworkPort in vulture_allowlist.py 2022-09-29 13:41:19 -04:00
Mike Salvatore 349b183e5d Common: Represent multiple ports in TCPScanEvent 2022-09-29 13:39:59 -04:00
Mike Salvatore ccaf0b63c6 Common: Remove banner from TCPScanEvent 2022-09-29 13:38:33 -04:00
Mike Salvatore 34ca127c6c Common: Capitalize TCP 2022-09-29 13:31:06 -04:00
Mike Salvatore ba7e44038c Common: Remove "service" from TCPScanEvent
It's not the responsibility of the agent to format this information for
display.
2022-09-29 13:29:43 -04:00
Mike Salvatore edaa7ec34d Common: Reword TCPScanEvent summary 2022-09-29 13:29:21 -04:00
Mike Salvatore 3dc6eba2da Common: Remove disused common/port_status.py
This was moved to common.types and should have been removed in
8ae11e94aa
2022-09-29 13:22:25 -04:00
Ilija Lazoroski 28ca462ce5 Common: Add TCPScanEvent to agent events 2022-09-29 13:19:25 -04:00
Ilija Lazoroski f62ab10d1c Common: Add NetworkPort type 2022-09-29 13:17:50 -04:00
Mike Salvatore 0207519343 Merge branch '2267-common-port-status' into develop 2022-09-29 13:15:38 -04:00
Mike Salvatore 8ae11e9faa Common,Agent: Move PortStatus to common.types 2022-09-29 13:15:03 -04:00
Ilija Lazoroski 18f8594deb Agent: Use common.PortStatus instead of i_puppet.PortStatus 2022-09-29 13:13:36 -04:00
Ilija Lazoroski c32013bf87 Common: Add PortStatus enum 2022-09-29 13:13:25 -04:00
Ilija Lazoroski 725c6d9419 UT: Make string ports to be integers
Pydantic converts strings to integer but if we enter
integers is safer.
2022-09-29 13:12:04 -04:00
Mike Salvatore 1b7c3be65b Island: Add missing return types 2022-09-29 12:43:23 -04:00
Mike Salvatore 82e08ba157 Island: Pass the same lock to agent and island event queues
Subscribers to the Agent and Island event queues manipulate some of the
same data structures. Sharing the same lock between the queues allows
this to happen in a thread-safe manner.
2022-09-29 12:40:18 -04:00
Mike Salvatore 00d72390ff Common: Accept a lock in LockingIslandEventQueueDecorator's constructor 2022-09-29 12:39:57 -04:00
Mike Salvatore 3344300f84 Common: Accept a lock in LockingAgentEventQueueDecorator's constructor 2022-09-29 12:39:17 -04:00
Mike Salvatore 91375cdff2 Island: Register a thread-safe IAgentEventQueue 2022-09-29 12:21:28 -04:00
Mike Salvatore 5d893d64cd Common: Add LockingAgentEventQueueDecorator 2022-09-29 12:16:00 -04:00
Mike Salvatore cb7add7e59 Island: Register a thread-safe IIslandEventQueue 2022-09-29 12:12:20 -04:00
Mike Salvatore 8ee14c4564 Island: Add LockingIslandEventQueueDecorator 2022-09-29 12:12:19 -04:00
Mike Salvatore 67c78abee1 Island: Add docstring to PyPubSubIslandEventQueue 2022-09-29 11:50:43 -04:00
Mike Salvatore 17017d6962 UT: Add missing SocketAddress tests for invalid ports 2022-09-29 11:37:54 -04:00
Mike Salvatore 64b9432bb9 UI: Capitalize "Agent" in info_box_scan_my_metworks 2022-09-29 09:21:12 -04:00
Mike Salvatore 5a0251c442
Merge pull request #2358 from guardicore/2268-modify-ping-scanner-with-agent-queue
2268 modify ping scanner with agent queue
2022-09-29 07:57:29 -04:00
Ilija Lazoroski 66e8032ef3 UT: Replace call_args comparison with assert_called_with in test_ping_scanner 2022-09-29 13:45:59 +02:00
Mike Salvatore 2ab86fa428 UT: Remove patch_get_agent_id()
1. This fixture was never actually executing
2. get_agent_id() always returns the same value (per process). This
   means that _get_ping_scan_event() and the ping scanner will receive
   the same value for any given test. In other words, mocking it is
   unnecessary.
2022-09-29 07:39:57 -04:00
Shreya Malviya 03ebdd461f UT: Check that correct events are published in test_ping_scanner.py 2022-09-29 15:34:07 +05:30
Shreya Malviya d78615fa92 UT: Add _get_ping_scan_event()to test_ping_scanner.py 2022-09-29 15:30:12 +05:30
Shreya Malviya 9f15bea5bd UT: Extract data to variables HOST_IP and TIMEOUT in test_ping_scanner.py 2022-09-29 15:27:55 +05:30
Shreya Malviya a65bbc592d UT: Check that publish is being called with expected event in test_linux_ping_success 2022-09-29 15:23:57 +05:30
Mike Salvatore 2eee427901 Agent: Generate PingScanEvent timestamp closer to ping command 2022-09-29 14:29:53 +05:30
Mike Salvatore 0cd8cd577d UT: Remove unnecessary tests from test_ping_scan_event.py
These tests are unnecessary because we will not use json() to convert to
JSON.
2022-09-29 14:29:53 +05:30
Mike Salvatore 6390993875 UT: Handle ValueError in test_construct_invalid_field__value_error() 2022-09-29 14:29:53 +05:30
Mike Salvatore d3c9691dfe UT: Add assertion to PingScanEvent serialization tests 2022-09-29 14:29:53 +05:30
Ilija Lazoroski 14f8014709 Agent: Save correct event timestamp in ping_scanner 2022-09-29 14:29:53 +05:30
Ilija Lazoroski d235e7a19e UT: Add unit tests for PingScanEvent 2022-09-29 14:29:53 +05:30
Ilija Lazoroski 478ea05fa9 Common: Override target in PingScanEvent 2022-09-29 14:29:52 +05:30
Ilija Lazoroski aa2b49bc66 Agent: Seperate the generation of PingScanEvents 2022-09-29 14:29:52 +05:30
Ilija Lazoroski 3202bfa2c1 Common: Flatten out PingScanEvent 2022-09-29 14:29:52 +05:30
Ilija Lazoroski 228ce9bae1 Agent: Publish PingScanEvent from ping_scanner 2022-09-29 14:29:52 +05:30
Ilija Lazoroski 0357d43d33 Agent: Accept IAgentEventQueue in Puppet constructor 2022-09-29 14:29:52 +05:30
Ilija Lazoroski ec56b15219 Agent: Pass IAgentEventQueue to the Puppet 2022-09-29 14:29:52 +05:30
Mike Salvatore ba0ffeacce Agent: Change method order 2022-09-29 14:29:52 +05:30
Mike Salvatore 082bb3bb6f Agent: Return a sequence from InfectionMonkey._build_server_list() 2022-09-29 14:29:52 +05:30
Mike Salvatore 5e129fd137 Agent: Use set comprehension instead of set(list()) 2022-09-29 14:29:52 +05:30
Ilija Lazoroski acf877f3d8 Common: Remove default from PingScanEvent 2022-09-29 14:29:52 +05:30
Ilija Lazoroski a44f763fab Common: Remove default from AbstractAgentEvent source field 2022-09-29 14:29:52 +05:30
Ilija Lazoroski 9ada95c126 Agent: Return set when building server list 2022-09-29 14:29:52 +05:30
Ilija Lazoroski 799aae4498 Common: Add default to PingScanEvent 2022-09-29 14:29:52 +05:30
Ilija Lazoroski b1b9eb394e Common: Add default to source in AbstractAgentEvent 2022-09-29 14:29:52 +05:30
Ilija Lazoroski 89397d8cbd Agent: Rename event_queue to agent_event_queue 2022-09-29 14:29:52 +05:30
Mike Salvatore 56ead43c11 Changelog: Add entry for #2299 2022-09-28 15:43:07 -04:00
Mike Salvatore 83f0ebfda4
Merge pull request #2356 from guardicore/2299-local-network-scan-ui-tooltip
Info box in UI for Scan Agent's networks
2022-09-28 15:41:09 -04:00
Mike Salvatore e8449817ad Island: Reword Scan Agent's networks tool tip wording 2022-09-28 15:38:05 -04:00
Mike Salvatore 1b4f72e5e3
Merge pull request #2364 from guardicore/2274-agent-logs-endpoint
Use new agent logs endpoint
2022-09-28 15:28:40 -04:00
Mike Salvatore ff8c8bd0a0 Agent: Use PUT instead of POST to send agent logs 2022-09-28 15:24:46 -04:00
Kekoa Kaaikala ab919f6d57 UI: Use colors from existing warning theme 2022-09-28 19:21:09 +00:00
Mike Salvatore 87d25d2ac8 Agent: Remove disused send_log() from ControlClient 2022-09-28 15:15:32 -04:00
Mike Salvatore fab67d893f Agent: Call IIslandAPIClient.send_log() directly
ControlClient is going away. It's been replaced by IIslandAPIClient.
Now is a good time to remove ControlClient.send_log()
2022-09-28 15:11:42 -04:00
Mike Salvatore a1516535f9 Agent: Add InfectionMonkey._agent_id attribute 2022-09-28 15:08:59 -04:00
Shreya Malviya 21f01292f7 Agent: Fix type hint in IIslandAPIClient.send_log() 2022-09-28 15:03:32 -04:00
Shreya Malviya 8dc8a516d5 Agent: Fix type hint in HTTPIslandAPIClient.send_log() 2022-09-28 15:03:32 -04:00
Shreya Malviya 29c08ff40c Agent: Simplify logic for sending logs in ControlClient 2022-09-28 15:03:32 -04:00
Shreya Malviya 8e3918cebe UT: Fix island_api_client.send_log() calls in test_http_island_api_client.py 2022-09-28 15:03:32 -04:00
Shreya Malviya 539f4e1c82 Agent: Fix self._island_api_client.send_log() call in ControlClient 2022-09-28 15:03:32 -04:00
Shreya Malviya 74e30a2f88 Agent: Update API endpoint in HTTPIslandAPIClient.send_log() 2022-09-28 15:03:32 -04:00
Shreya Malviya a9e1b99f2f Agent: Add agent_id parameter to IIslandAPIClient.send_log() 2022-09-28 15:03:32 -04:00
Mike Salvatore 4f3fd6987e Merge branch '2274-implement-new-agent-logs-endpoint' into develop
PR #2365
2022-09-28 14:19:21 -04:00
Kekoa Kaaikala 2f7f4fef9c UI: Fix warning icon spacing 2022-09-28 18:18:35 +00:00
Mike Salvatore 05b8f2bb4b Agent: Fix typo occured -> occurred 2022-09-28 14:17:04 -04:00
Mike Salvatore f7f4440b61 Island: Fix typo occured -> occurred 2022-09-28 14:15:41 -04:00
Mike Salvatore 078574998a
Merge pull request #2363 from guardicore/2274-file-agent-log-repo
FileAgentLogRepository
2022-09-28 14:11:31 -04:00
Mike Salvatore 93b0fe0f6e UT: Fix UnknownRecordError message in InMemoryAgentLogRepository 2022-09-28 14:10:30 -04:00
Kekoa Kaaikala 09cf2762f9 UI: Use yellow warning icon 2022-09-28 18:07:31 +00:00
Mike Salvatore 3202404e46 Changelog: Update agent-logs to use uuid instead of str
This was missed in 10954e0a6e.
2022-09-28 14:06:50 -04:00
Mike Salvatore c69a414a4d Island: Fix typo occured -> occurred 2022-09-28 14:06:09 -04:00
Mike Salvatore 2e8afe218e UT: Add test of multiple agent logs 2022-09-28 14:00:16 -04:00
Kekoa Kaaikala 4038622e83 UI: Remove redundant info from info box 2022-09-28 17:55:53 +00:00
Kekoa Kaaikala 05e9c2af62 UI: Add WarningBox 2022-09-28 17:40:56 +00:00
Mike Salvatore 412a58f1f2 UT: Use InMemoryFileRepository in test_file_agent_log_repository.py 2022-09-28 13:30:01 -04:00
Mike Salvatore bddee026fe UT: Add InMemoryFileRepository 2022-09-28 13:29:34 -04:00
Mike Salvatore 20d5fb3748 Island: Use re.Pattern for IFileRepository.delete_files_by_regex() 2022-09-28 13:29:07 -04:00
Mike Salvatore 0e2d82a7ad UT: Add comment 2022-09-28 12:57:21 -04:00
Mike Salvatore 35d0cbc3b0 UT: Add type hints to test_file_agent_log_repository.py 2022-09-28 12:55:58 -04:00
Mike Salvatore d49d16bc37 Island: Allow RepositoryErrors to be reraised
Previously, FileAgentLogRepository.get_agent_log() wrapped all errors as
RetrievalError, which is not necessarily correct. This commit allows all
repository errors raised by IFileRepository to be reraised, and all
other, unexpected errors to be reraised as RetrievalError.
2022-09-28 12:54:45 -04:00
Mike Salvatore 3c2ee32bdf Island: Add RepositoryError 2022-09-28 12:21:41 -04:00
Ilija Lazoroski 10954e0a6e Island: Use UUID for AgentSignals endpoint parameter 2022-09-28 16:45:28 +02:00
Ilija Lazoroski 1a8306af1b Island: Change log level in AgentLogs endpoint 2022-09-28 16:43:33 +02:00
Ilija Lazoroski d0293b4edc UT: Move and rename StubAgentLogRepository to InMemoryAgentLogRepository 2022-09-28 16:42:23 +02:00
Ilija Lazoroski e4d45b25cb Island: AgentLogs.GET to return 404 if not agent log is found 2022-09-28 16:42:23 +02:00
Ilija Lazoroski 96662f3f66 UT: Fix AgentLogs tests 2022-09-28 16:41:30 +02:00
Ilija Lazoroski b705e33af3 Island: Add AgentID type for agent_id to AgentLogs endpoint 2022-09-28 16:41:30 +02:00
Shreya Malviya e374341ce1 UT: Fix tests in test_file_agent_log_repository.py 2022-09-28 20:01:13 +05:30
Shreya Malviya 8f46b3b9fd Island: Make FileNotFoundError inherit UnknownRecordError instead of RetrievalError + add TODO for updating the rest of the code 2022-09-28 19:55:52 +05:30
Shreya Malviya 64990eea0e UT: Update tests as per changes to file repositories 2022-09-28 19:50:17 +05:30
Shreya Malviya 7823759cf8 Island: delete_files_by_pattern -> delete_files_by_regex 2022-09-28 19:50:17 +05:30
Shreya Malviya 2707605622 Island: Add AGENT_LOG_FILE_NAME_REGEX and modify some logic in FileAgentLogRepository 2022-09-28 19:50:13 +05:30
Shreya Malviya 1c486c6571 Island: Modify delete_files_by_pattern -> delete_files_by_regex in LocalStorageFileRepository 2022-09-28 19:27:25 +05:30
Mike Salvatore fa13ca8df8 Island: Rename agent_log -> log_contents 2022-09-28 09:31:38 -04:00
Shreya Malviya c5d26749b7 Island: Change agent log file name in FileAgentLogRepository 2022-09-28 18:29:53 +05:30
Shreya Malviya 30d3124cb4 UT: Fix assert logic in test_delete_files_by_pattern() 2022-09-28 18:28:05 +05:30
Ilija Lazoroski 08bc43e0c4 Changelog: Add entry for adding new AgentLogs endpoint 2022-09-28 14:57:09 +02:00
Ilija Lazoroski 546c44f501 UT: Add tests for AgentLogs endpoint 2022-09-28 14:55:37 +02:00
Ilija Lazoroski 89ae9824d0 Island: Add the new AgentLogs endpoint to the island 2022-09-28 14:53:24 +02:00
Ilija Lazoroski 543c063f7b Island: Add AgentLogs endpoint 2022-09-28 14:52:19 +02:00
Shreya Malviya f61e734d29 Island: Subscribe IAgentLogRepository.reset() to IslandEventTopic.CLEAR_SIMULATION_DATA 2022-09-28 17:53:30 +05:30
Shreya Malviya cadf0d61d0 Island: Implement delete_files_by_pattern() in FileRepositoryCachingDecorator 2022-09-28 16:26:37 +05:30
Shreya Malviya 5f11008b40 Island: Implement delete_files_by_pattern() in FileRepositoryLockingDecorator 2022-09-28 16:25:13 +05:30
Shreya Malviya d5b62651a0 Island: Implement delete_files_by_pattern() in FileRepositoryLoggingDecorator 2022-09-28 16:23:47 +05:30
Shreya Malviya 885a907287 UT: Add tests for delete_files_by_pattern() in LocalStorageFileRepository 2022-09-28 16:21:09 +05:30
Shreya Malviya 6aae63f9fc UT: Add tests for FileAgentLogRepository 2022-09-28 16:10:55 +05:30
Shreya Malviya c1a4641ffe UT: Add delete_files_by_pattern() to SingleFileRepository and MockFileRepository 2022-09-28 16:10:30 +05:30
Shreya Malviya e1d139fde4 Island: Add FileAgentLogRepository to cc/repository/__init__.py 2022-09-28 16:03:08 +05:30
Shreya Malviya 01d8875f22 Island: Register FileAgentLogRegister in DI container 2022-09-28 15:42:07 +05:30
Shreya Malviya 1c6cfa1ce6 Island: Add FileAgentLogRepository 2022-09-28 15:39:57 +05:30
Shreya Malviya ce0affb1ed Island: Implement delete_files_by_pattern() in LocalStorageFileRepository 2022-09-28 15:39:14 +05:30
Shreya Malviya d9b55a5c21 Island: Add delete_files_by_pattern() to IFileRepository 2022-09-28 15:35:58 +05:30
Shreya Malviya 8a96598d10 UI: Remove trailing comma in SCAN_TARGET_CONFIGURATION_SCHEMA 2022-09-28 13:08:03 +05:30
Shreya Malviya 98d01b5324 UI: Reword in SCAN_TARGET_CONFIGURATION_SCHEMA's info_box_scan_my_networks 2022-09-28 12:52:49 +05:30
Shreya Malviya 793a401a33 UI: Move and reword description in SCAN_TARGET_CONFIGURATION_SCHEMA 2022-09-28 12:43:01 +05:30
Shreya Malviya e32d5555fb UI: Move segmentation section in network configuration to the end 2022-09-28 12:36:12 +05:30
Mike Salvatore 699f2210f4
Merge pull request #2359 from guardicore/2318-powershell-bb-fix
2318 powershell bb fix
2022-09-27 19:37:46 -04:00
Ilija Lazoroski d7be8e2bc0 Island: Remove `log_contents` from Agent model 2022-09-27 12:52:24 -04:00
Kekoa Kaaikala bf7544c47a Common: Disable scan_my_networks by default 2022-09-27 15:43:43 +00:00
Kekoa Kaaikala ea94da9725
Merge pull request #2357 from guardicore/2299-update-network-config-docs
Docs: Update network scanning documentation
2022-09-27 11:10:12 -04:00
Kekoa Kaaikala e63409d1ad Docs: Update paths for custom-scenario 2022-09-27 14:39:15 +00:00
vakarisz 26a5b4cf4d BB: Delete "skip_powershell_reuse" mark
Not sure why we would want to skip this test specifically
2022-09-27 17:28:12 +03:00
vakarisz 164c0d6127 BB: Add network diagram for powershell credential reuse test 2022-09-27 17:11:08 +03:00
vakarisz 85c101aff9 BB: Remove 46 from depth 3 test suite as it's reserved for credential reuse 2022-09-27 17:06:39 +03:00
vakarisz 031a0ab426 BB: Change powershell credential reuse test to a dedicated machine
Island shouldn't be part of the test, so powershell credential reuse was moved to powershell 46(exploited via log4shell) and powershell 44(exploited via credential reuse from powershell 46)
2022-09-27 17:06:39 +03:00
Kekoa Kaaikala 036a382e95
Merge pull request #2354 from guardicore/2323-use-socketaddress-in-running_on_island
2323 use socketaddress in running on island
2022-09-27 09:44:04 -04:00
VakarisZ 9823301c3b
Merge pull request #2348 from guardicore/2299-rename-local-network-scan
Island: Rename local_network_scan
2022-09-27 16:00:36 +03:00
Shreya Malviya 085883d3a6 UI: Add info box for "Scan Agent's networks" option in configuration 2022-09-27 18:08:36 +05:30
Kekoa Kaaikala 21cbf8d38b
Merge pull request #2351 from guardicore/2323-update-iislandapiclient-with-socketaddress
2323 update iislandapiclient with socketaddress
2022-09-27 08:17:17 -04:00
Shreya Malviya 4f3a8a5b2f
Agent: Simplify logic in _build_server_list() in monkey/infection_monkey/monkey.py
Co-authored-by: VakarisZ <36815064+VakarisZ@users.noreply.github.com>
2022-09-27 17:17:09 +05:30
Shreya Malviya 3accaccceb Agent: Simplify logic to set self._island_address in InfectionMonkey 2022-09-27 17:06:42 +05:30
Kekoa Kaaikala c33189725d Agent: Update ControlClient to use SocketAddress 2022-09-27 17:01:47 +05:30
Kekoa Kaaikala 19dbf81fa3 Agent: Fix mypy issue 2022-09-27 17:01:39 +05:30
Shreya Malviya 688a41a11e BB: Rename local_network_scan -> scan_my_networks in test_configurations/noop.py 2022-09-27 16:32:09 +05:30
Shreya Malviya 80328159f0 Agent: Change return type hint of _get_segmentation_check_targets() to be more specific 2022-09-27 16:30:28 +05:30
Shreya Malviya 01f1d62272 UT: Simplify logic in test data in test_http_island_api_client.py 2022-09-27 16:19:23 +05:30
Shreya Malviya 6d63f3c378 Agent: Fix some logic caused by rebase 2022-09-27 16:17:04 +05:30
Kekoa Kaaikala aeef2cdcbe Agent: Update send_remove_from_waitlist_control_message_to_relays
Update send_remove_from_waitlist_control_message_to_relays to use
SocketAddress
2022-09-27 15:37:57 +05:30
Kekoa Kaaikala af8d3937be Agent: Use correct return type for _connect_to_island_api 2022-09-27 15:37:36 +05:30
Kekoa Kaaikala 110542eeb8 Common: Make SocketAddress hashable 2022-09-27 15:34:13 +05:30
Kekoa Kaaikala c4804f06a9 Agent: Use SocketAddress in IIslandAPIClient 2022-09-27 15:33:28 +05:30
ilija-lazoroski 90890106f7
Merge pull request #2355 from guardicore/2268-pingscanevent
2268 pingscanevent
2022-09-27 10:58:20 +02:00
vakarisz e2f0a2dfc0 Common: Improve comment's readability in agent_sub_configurations.py 2022-09-27 11:51:27 +03:00
Ilija Lazoroski c119406b2d Project: Add import for PingScanEvent 2022-09-27 10:50:23 +02:00
vakarisz b9cf200832 Agent: Change return typehint to be more specific 2022-09-27 11:50:20 +03:00
Ilija Lazoroski 7bb7ef7dce Common: Export PingScanEvent from __init__ 2022-09-27 10:49:40 +02:00
vakarisz 182a566087 Agent: Simplify scan_target_generator.py
The responsibility of type-hints are not to implement logic. Implementing logic via type-hints diminishes readability, because it forces you to cross-reference a class instead of just exposing the logic where it's used
2022-09-27 11:33:30 +03:00
Shreya Malviya 14999fba4e
Merge pull request #2353 from guardicore/2323-SocketAddress-in-AgentRegistrationData
SocketAddress in AgentRegistrationData
2022-09-27 13:56:16 +05:30
Shreya Malviya 9b4de6bab8 UT: Use SocketAddress.from_string() in test_handle_agent_registration.py 2022-09-27 13:11:13 +05:30
Shreya Malviya d1199fdab2 Agent: Simplify relay disconnect logic in network/relay/utils.py 2022-09-27 13:06:29 +05:30
Shreya Malviya 441c14f15d Use SocketAddress.from_string() in network/relay/utils.py 2022-09-27 12:56:10 +05:30
Shreya Malviya 1f80eac4b6 island: Remove unused import in cc/island_event_handlers/handle_agent_registration.py 2022-09-27 12:51:49 +05:30
Shreya Malviya 8b0ebfc3a7 UT: Add/modify tests as per SocketAddress related changes 2022-09-27 12:51:49 +05:30
Shreya Malviya 3b192a869e UT: Replace test data with SocketAddress wherever required 2022-09-27 12:51:49 +05:30
Shreya Malviya 0ae653fb72 Agent: Let InfectionMonkey._cmd_island_port stay a str
No part of the code in InfectionMonkey requires _cmd_island_port to be an int now
2022-09-27 12:51:49 +05:30
Shreya Malviya 8a609e0871 Agent: Simplify logic in SocketAddress object creation in monkey.py and network/relay/utils.py 2022-09-27 12:51:49 +05:30
Shreya Malviya 6a29702846 Island: Modify cc_server type in Agent pydantic model 2022-09-27 12:51:49 +05:30
Shreya Malviya 284ec3d119 Agent: Use SocketAddress type in handle_agent_registration._get_or_create_cc_machine() 2022-09-27 12:51:49 +05:30
Shreya Malviya ac633a6e75 Agent: Change argument in InfectionMonkey._register_agent() to type SocketAddress 2022-09-27 12:51:49 +05:30
Shreya Malviya 6df2c29e30 Common: Update cc_server's type in AgentRegistrationData to SocketAddress 2022-09-27 12:51:49 +05:30
Kekoa Kaaikala 311c294033 Agent: Fix mypy issues in scan_target_generator.py 2022-09-26 20:20:24 +00:00
Kekoa Kaaikala 1bf610a4a8 Agent: Fix missing names 2022-09-26 19:51:14 +00:00
Kekoa Kaaikala 87ca11962e Common: Create PingScanEvent 2022-09-26 19:04:06 +00:00
Kekoa Kaaikala d87cf5a9f5 Agent: Fix mypy issues in test_propagator.py 2022-09-26 18:54:26 +00:00
Kekoa Kaaikala aeb6630ebc Agent: Move PingScanData to common 2022-09-26 18:52:23 +00:00
Kekoa Kaaikala dd5b796bfe Agent: Convert PingScanData to dataclass 2022-09-26 17:48:27 +00:00
Kekoa Kaaikala ef053ea017 Docs: Update network scanning documentation 2022-09-26 15:13:45 +00:00
Kekoa Kaaikala 6f095eb0c1
Merge pull request #2350 from guardicore/2323-parse-servers-as-socketaddress
2323 parse servers as socketaddress
2022-09-26 10:44:18 -04:00
vakarisz 9728d22250 Agent, Island: Rename scan_local_interfaces to scan_my_networks
"scan_my_networks" is the shortest way to convey that networks the machine belongs to will get scanned
2022-09-26 16:14:47 +03:00
Kekoa Kaaikala 8b8ef79e0a Common: Move SocketAddress function into the class
Moved socketaddress_from_string into SocketAddress.from_string
2022-09-26 12:32:00 +00:00
Shreya Malviya aec9cbb4b1
Merge pull request #2352 from guardicore/2323-SocketAddress-in-TCPRelay
SocketAddress in TCPRelay
2022-09-26 17:10:30 +05:30
Shreya Malviya 3de18d5f1c Project: Remove stale Vulture allowlist entry 2022-09-26 16:50:01 +05:30
Shreya Malviya a093a3e527 Agent: Use default str representation of SocketAddress in log message in notify_disconnect() 2022-09-26 16:49:42 +05:30
Shreya Malviya 4c76543a28 Agent: Use SocketAddress in notify_disconnect() in network relay utils 2022-09-26 13:44:40 +05:30
Shreya Malviya 105a2b39cf Agent: Add SocketAddress type variable in _send_remove_from_waitlist_control_message_to_relay() 2022-09-26 13:38:13 +05:30
Shreya Malviya 0db0347008 Agent: Use SocketAddress in TCPPipeSpawner 2022-09-26 13:30:30 +05:30
Shreya Malviya 426647c5b9 Agent: Use SocketAddress in TCPRelay 2022-09-26 13:07:47 +05:30
Kekoa Kaaikala 53a9c62245 Agent: Parse --servers to SocketAddress 2022-09-23 17:57:53 +00:00
Kekoa Kaaikala 4982999b99 Common: Add function to parse SocketAddress 2022-09-23 17:54:49 +00:00
Mike Salvatore dbaa56c39d
Merge pull request #2349 from guardicore/2261-refactor-manual-agent-logic
2261 refactor manual agent logic
2022-09-23 13:45:55 -04:00
Mike Salvatore 73841fb04e Project: Update vulture_allowlist.py 2022-09-23 13:04:21 -04:00
Mike Salvatore 6c63d4edbd Agent: Remove unused "Option" from i_island_api_client.py 2022-09-23 12:57:09 -04:00
Mike Salvatore 3fbbc01861 Changelog: Add entries for #2261 2022-09-23 12:56:13 -04:00
vakarisz b11cd9c5f1 Island: Remove agent controls
Agent controls are being replaced by agent signal events
2022-09-23 12:56:13 -04:00
Mike Salvatore a49ddf7a4a Merge pull request #2347 from guardicore/2261-move-agent-signals-to-common
2261 move agent signals to common
2022-09-23 12:56:13 -04:00
Mike Salvatore feb8288c98 Agent: Pass the correct agent ID to ControlChannel 2022-09-23 12:56:13 -04:00
Mike Salvatore f7198ea98a UT: Add proper test for ControlChannel.should_agent_stop() 2022-09-23 12:56:13 -04:00
ilija-lazoroski 5ec0f2dbd2 Merge pull request #2343 from guardicore/2261-modify-agent-to-use-signals
2261 modify agent to use signals
2022-09-23 12:56:13 -04:00
Mike Salvatore a5f1117ce3 Island: Fix grammar in docstring
Co-authored-by: Kekoa Kaaikala <kekoa.kaaikala@gmail.com>
2022-09-23 12:56:13 -04:00
Ilija Lazoroski a314efb8d9 Agent: Reword get_agent_signals docstring 2022-09-23 12:56:13 -04:00
Ilija Lazoroski e5c5cce94e Agent: Modify should_agent_stop to use AgentSignals model 2022-09-23 12:56:13 -04:00
Ilija Lazoroski d1fc4fa7f4 UT: Parametrize HTTPIslandAPIClient get_agent_signals test 2022-09-23 12:56:13 -04:00
Ilija Lazoroski 6299529f4a Island: Modify HTTPIslandAPIClient.get_agent_signals to return
AgentSignals
2022-09-23 12:56:13 -04:00
Ilija Lazoroski edf0593d4a Agent: Remove should_agent_stop from HTTPIslandAPIClient 2022-09-23 12:56:13 -04:00
Ilija Lazoroski a2be330d16 Island: IIslandAPIClient.get_agent_signals to return AgentSignals 2022-09-23 12:56:13 -04:00
Ilija Lazoroski 67956358bd Agent: Remove shoudl_agent_stop from IIslandAPIClient 2022-09-23 12:56:13 -04:00
Ilija Lazoroski 7a9ac1a6ba UT: Fix AgentSignals endpoint tests to use common.agent_signals 2022-09-23 12:56:13 -04:00
Ilija Lazoroski 3da90223fc Agent: Use IIslandAPIClient.get_agent_signals in ControlChannel 2022-09-23 12:56:13 -04:00
Ilija Lazoroski ffa5f90cbd Island: Use common.agent_signals in AgentSignalsService 2022-09-23 12:56:13 -04:00
Ilija Lazoroski 88c011e883 Agent: Implement IIslandAPIClient.get_agent_signals in
HTTPIslandAPIClient
2022-09-23 12:56:13 -04:00
Ilija Lazoroski 296f4e55df Common, Island: Move AgentSignals model to Common 2022-09-23 12:56:13 -04:00
Ilija Lazoroski a3d94d7a49 Agent: Add get_agent_signals to IIslandAPIClient 2022-09-23 12:56:11 -04:00
Mike Salvatore 6ae0e6f715 Merge pull request #2336 from guardicore/2261-add-agent-signals-resource
2261 add agent signals resource
2022-09-23 12:54:49 -04:00
ilija-lazoroski dd88745536 Merge pull request #2337 from guardicore/2261-on-terminate-agents-signal
2261 on terminate agents signal
2022-09-23 12:54:49 -04:00
Shreya Malviya dee2884144 UT: Move test_agent_signals.py and test_terminate_all_agents.py under cc/resources/agent_signals/ 2022-09-23 12:54:49 -04:00
Mike Salvatore a04a6a3cea Island: Implement AgentSignalsService.get_signals() 2022-09-23 12:54:49 -04:00
Ilija Lazoroski f9306cf8f1 Island: Keep naming consistency in island_event_handlers 2022-09-23 12:54:49 -04:00
Shreya Malviya 1dc72e45e7 UT: Remove unnecessary wrapper around pytest fixture flask_client in test_terminate_all_agents.py and test_agent_signals.py 2022-09-23 12:54:49 -04:00
Mike Salvatore 8e45a71a15 Island: Change agent parameter to agent_id in get_signals() 2022-09-23 12:54:49 -04:00
Kekoa Kaaikala 275efb2ab1 UT: Test on_terminate_agents_signal 2022-09-23 12:54:49 -04:00
Shreya Malviya c4642141f0 Island: Move terminate_all_agents.py and terminate_all_agents.py under cc/resources/agent_signals/ 2022-09-23 12:54:49 -04:00
Mike Salvatore f7997a6a50 Island: Fix tenses in repository docstrings 2022-09-23 12:54:49 -04:00
Ilija Lazoroski 9d3be7e1d3 Island: Implement AgentSignalsService.on_terminate_agents_signal 2022-09-23 12:54:49 -04:00
Shreya Malviya 6174e8dfcb BB: '/api/terminate-all-agents' -> '/api/agent-signals/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Mike Salvatore 92dd564299 Merge pull request #2333 from guardicore/2261-get-progenitor
2261 get progenitor
2022-09-23 12:54:49 -04:00
Ilija Lazoroski 5eeee2a60d Island: Subscribe AgentSignalsService.on_terminate_agents_signal to
TERMINATE_AGENTS events
2022-09-23 12:54:49 -04:00
Shreya Malviya 850857c8a1 UI: '/api/terminate-all-agents' -> '/api/agent-signals/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Mike Salvatore 60198ec879 Merge pull request #2332 from guardicore/2261-agent-signals-model
2261 agent signals model
2022-09-23 12:54:49 -04:00
Ilija Lazoroski c25e245a8e Island: Implement `get_progenitor` in MongoAgentRepository 2022-09-23 12:54:49 -04:00
Ilija Lazoroski f12e839878 Island: Register AgentSignalsSerivce in DI Container 2022-09-23 12:54:49 -04:00
Shreya Malviya b666078e7d Island: '/api/terminate-all-agents' -> '/api/agent-signals/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Ilija Lazoroski d10c148533 Island: Add `get_progenitor` to IAgentRepository 2022-09-23 12:54:49 -04:00
Shreya Malviya 066f106882 UT: Move relevant tests from test_agent_signals.py to test_terminate_all_agents.py 2022-09-23 12:54:49 -04:00
Shreya Malviya 645e03e46f Island: Import TerminateAllAgents in cc/resources/__init__.py 2022-09-23 12:54:49 -04:00
Shreya Malviya 105cc60f4b Island: Remove POST method from AgentSignals resource 2022-09-23 12:54:49 -04:00
Shreya Malviya c586623b8b BB: '/api/agent-signals/terminate-all' -> '/api/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Shreya Malviya 7527eca861 UI: '/api/agent-signals/terminate-all' -> '/api/terminate-all-agents' 2022-09-23 12:54:49 -04:00
Shreya Malviya 2864286a29 Island: Add TerminateAllAgents resource 2022-09-23 12:54:49 -04:00
Shreya Malviya 28c3cf581f UT: Add test cases for AgentSignal resource's POST 2022-09-23 12:54:49 -04:00
Shreya Malviya 24210d4f6f Island: Add check that terminate timestamp is > 0 in AgentSignals resource 2022-09-23 12:54:49 -04:00
Shreya Malviya 1632d8b3e9 BB: 'kill_time' -> 'terminate_time' 2022-09-23 12:54:49 -04:00
Shreya Malviya 11f443e641 UT: 'kill_time' -> 'terminate_time' 2022-09-23 12:54:49 -04:00
Shreya Malviya 489ead31d2 Island: 'kill_time' -> 'terminate_time' 2022-09-23 12:54:49 -04:00
Shreya Malviya fbfebc6167 UI: 'kill_time' -> 'terminate_time' 2022-09-23 12:54:49 -04:00
Shreya Malviya 14c615e238 Island: Rename some variables in test_agent_signals.py 2022-09-23 12:54:49 -04:00
Ilija Lazoroski 2d42355e2c UT: Add tests for GET AgentSignals endpoint 2022-09-23 12:54:49 -04:00
Ilija Lazoroski 41951511d0 Island: Add simplify=true when returning AgentSignals in endpoint 2022-09-23 12:54:49 -04:00
Shreya Malviya ef273bc1cf Island: Remove set_stop_all() 2022-09-23 12:54:49 -04:00
Shreya Malviya 637978648a Island: Remove StopAllAgents resource 2022-09-23 12:54:49 -04:00
Shreya Malviya 263fff28f3 BB: Use /api/agent-signals/terminate-all instead of /api/monkey-control/stop-all-agents 2022-09-23 12:54:49 -04:00
Shreya Malviya bc43f81a11 UI: Use /api/agent-signals/terminate-all instead of /api/monkey-control/stop-all-agents 2022-09-23 12:54:49 -04:00
Shreya Malviya 5bf63c1221 UT: Fix POST tests in test_agent_signals.py 2022-09-23 12:54:49 -04:00
Shreya Malviya 1afe625395 Island: Catch KeyError in AgentSignals resource's POST 2022-09-23 12:54:49 -04:00
Shreya Malviya cca4cf9df2 Island: Implement AgentSignals resource's GET 2022-09-23 12:54:49 -04:00
Shreya Malviya cfe31f8dee Island: Use terminate signal's timestamp directly instead of creating an AgentSignals object in AgentSignals resource 2022-09-23 12:54:49 -04:00
Shreya Malviya f23a6c8fa4 Island: Add message to ValueError in AgentSignals resource 2022-09-23 12:54:49 -04:00
Shreya Malviya 58ad44366a Island: Remove comment in cc/resources/agent_signals.py 2022-09-23 12:54:49 -04:00
Shreya Malviya dccef0efa5 Island: Rename Signal -> Signals in cc/resources/agent_signals.py 2022-09-23 12:54:49 -04:00
Kekoa Kaaikala 0775449fa9 Island: Add AgentSignals resource 2022-09-23 12:54:49 -04:00
Ilija Lazoroski c0afae6dfa Island: Add stubbed AgentSignalsService 2022-09-23 12:54:48 -04:00
Ilija Lazoroski 721cc29559 Island: Add AgentSignals model 2022-09-23 12:51:30 -04:00
Ilija Lazoroski 560d941885 Island: Add terminate field to Simulation model 2022-09-23 12:50:48 -04:00
Ilija Lazoroski be30db885b Island: Add TERMINATE_AGENTS to IslandEventTopic 2022-09-23 12:49:41 -04:00
Kekoa Kaaikala 8ff817eed2 Island: Rename local_network_scan
local_network_scan -> scan_local_interfaces
2022-09-23 15:43:30 +00:00
Kekoa Kaaikala 4f4eea3d66 Agent: Use get_my_ip_address() to build master 2022-09-23 10:46:47 -04:00
Ilija Lazoroski 49e434d754 Common: Add SocketAddress type 2022-09-23 09:21:34 -04:00
Mike Salvatore 1716a2dddd
Merge pull request #2344 from guardicore/2325-ipv4address-in-island
2325 ipv4address in island
2022-09-23 09:09:07 -04:00
Mike Salvatore 0ca004795a Island: Remove Sequence[str] convention for "ip_addresses" 2022-09-23 08:46:16 -04:00
Mike Salvatore 0592e0a790 Island: Use IPv4Address in LocalMonkeyRunService 2022-09-23 08:45:48 -04:00
Mike Salvatore c2f3def33b Island: Use IPv4Address in resources.IPAddresses 2022-09-23 08:42:32 -04:00
Mike Salvatore 526fd6f941 Island: Use IPv4Address instead of str in server_setup.py 2022-09-23 08:35:29 -04:00
Mike Salvatore fc4c05405b Common: Add get_my_ip_addresses() -> Sequence[IPv4Address] 2022-09-23 08:16:11 -04:00
Mike Salvatore a89d76a4c5
Merge pull request #2339 from guardicore/2260-more-mypy-fixes
2260 more mypy fixes
2022-09-23 08:05:02 -04:00
vakarisz 52d0e6f655 Agent, Island: Rename get_my_ip_address to legacy 2022-09-23 14:03:10 +03:00
vakarisz 6ced730b53 UT: Remove monkey. part from imports in unit tests
No part of the codebase import with this longer syntax of `monkey.infection_monkey.something`, because `infection_monkey.something` is shorter and enough
2022-09-23 12:40:41 +03:00
vakarisz d48e8b3f3e Agent, Island: Add mypy to dev dependencies 2022-09-23 12:40:41 +03:00
vakarisz 39191d3344 Project: Remove __init__.py in monkey folder
Monkey is not a python package, it's a collection of packages. This also prevents mypy from searching monkey.infection_monkey... imports
2022-09-23 10:47:16 +03:00
vakarisz 978daf973b Agent: Fix mypy errors related to puppet 2022-09-23 10:45:23 +03:00
vakarisz 0d08ce467e Agent: Fix mypy issues in ransomware and encryption 2022-09-23 09:42:25 +03:00
vakarisz 3d7e9be150 Agent: Fix type hints mypy found in relay/utils.py 2022-09-22 17:33:00 +03:00
vakarisz 9749984640 Agent: Fix type hints mypy found in propagator.py 2022-09-22 17:09:32 +03:00
Mike Salvatore 2c4625eb1c Island: Add IAgentLogRepository 2022-09-22 09:59:01 -04:00
Kekoa Kaaikala 9c0ea39b6d
Merge pull request #2330 from guardicore/2260-fix-mypy-issues
2260 fix mypy issues
2022-09-22 09:49:42 -04:00
Kekoa Kaaikala 4226d9029f Island: Simplify T1065.get_tunnel_ports() 2022-09-22 13:38:45 +00:00
Kekoa Kaaikala 38d9ccc9f0 Agent: Remove stale comment 2022-09-22 13:11:08 +00:00
Shreya Malviya 7d996c100e Agent: Remove repeated code in http_island_api_client.handle_island_errors() 2022-09-22 17:47:50 +05:30
Mike Salvatore 444bf99e41
Merge pull request #2328 from guardicore/2290-import-config-bug
UI: Get derived state from props in AdvancedMultiSelect
2022-09-22 08:03:28 -04:00
Mike Salvatore fe2c1f29fa Agent: Catch requests.JSONDecodeError 2022-09-22 08:02:52 -04:00
Mike Salvatore 823829c001
Merge pull request #2331 from guardicore/2256-publish-agent-registration-data
2256 publish agent registration data
2022-09-22 07:46:19 -04:00
vakarisz 56af6fd2c4 UI: Don't use derived state for selected plugin names 2022-09-22 12:16:11 +03:00
Mike Salvatore 13f7301db9 Island: Add types-python-dateutil as dev dependency 2022-09-21 20:43:50 -04:00
Mike Salvatore f591f150fc Revert "Island: Fix mypy issues in exploit.py"
This reverts commit 9c49cdafa3.
2022-09-21 20:43:09 -04:00
Mike Salvatore 284f58afaf UT: Sort updated_machine.network_interfaces 2022-09-21 20:37:30 -04:00
Mike Salvatore 5b61767575 Project: Remove IslandEventTopics from vulture_allowlist 2022-09-21 20:34:30 -04:00
Kekoa Kaaikala 5e7689345f Island: Remove i_log_repository.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala 06965abe5d Island: Remove networkmap.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala bba6386efa Island: Fix mypy issues in segmentation.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala 1defad72fd Island: Fix mypy issues in networkmap.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala e478ba80e0 Island: Fix mypy issues in version.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala c0e98bc0d1 Island: Fix mypy issues in T1065.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala 5f3d757965 Island: Fix mypy issues in mongo_db_process.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala 0578219549 Island: Fix mypy issues in finding_service.py 2022-09-21 22:25:42 +00:00
Kekoa Kaaikala 85dbda8ba9 Island: Fix mypy issues in cred_exploit.py 2022-09-21 22:25:24 +00:00
Kekoa Kaaikala 22b12080b6 Island: Fix mypy issues in ransomware_report.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala 9c49cdafa3 Island: Fix mypy issues in exploit.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala b8230ffb73 Island: Fix mypy issues for encryptors 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala 421ed942fe Island: Fix mypy issues in AbstractResource.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala ecd2cbbe6e Island: Fix mypy issues in i_log_repository.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala 3e95ec6ee4 Island: Fix mypy issues in server_setup.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala 95839caf9c Island: Fix mypy issues in app.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala 97d53dba3c Agent: Fix mypy issues in ransomware_options.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala c78e6333f8 Agent: Fix mypy issues in pba.py 2022-09-21 22:23:14 +00:00
Kekoa Kaaikala 1621b494f4 Agent: Fix mypy issues in capture_output.py 2022-09-21 22:23:03 +00:00
Mike Salvatore bed684d7d0 Island: Rename IslandEventTopic.AGENT_{CONNECTED,REGISTERED} 2022-09-21 15:42:28 -04:00
Mike Salvatore 371e495f17 Island: Fix call to IIslandEventQueue.publish() 2022-09-21 15:42:12 -04:00
Mike Salvatore 71da0a559a Island: Register handle_agent_registration for AGENT_CONNECTED events 2022-09-21 15:05:47 -04:00
Mike Salvatore 271475570d Island: Modify machine with AgentRegistrationData
Since the Machine is passed to other methods, it should have the most up
to date data.
2022-09-21 15:05:47 -04:00
Mike Salvatore 4101f7509a Island: Handle IP address collisions when updating Machine on agent reg 2022-09-21 15:05:47 -04:00
Mike Salvatore c0870e6696 Island: Add new node communication on agent registration 2022-09-21 15:05:47 -04:00
Mike Salvatore 1e8a60c890 Island: Add new agent to repository on agent registration 2022-09-21 15:05:47 -04:00
Mike Salvatore c95c2ffdf9 Island: Add handle_agent_registration event handler
- Add handle_agent_registration callable class
- Add/Update machine to the repository
2022-09-21 15:05:47 -04:00
Mike Salvatore 41dbb92eef UT: Remove debug print statement 2022-09-21 15:05:47 -04:00
Mike Salvatore d514ac283c Island: Publish AgentRegistrationData from Agents resource 2022-09-21 15:05:47 -04:00
Mike Salvatore f811f91d73 Agent: Add missing `return` to convert_json_error_to_island_api_error() 2022-09-21 15:05:19 -04:00
Mike Salvatore 388b9fe4ed Agent: Add missing `return` to handle_island_api_errors() 2022-09-21 15:05:16 -04:00
Mike Salvatore 69c8d3a667 Agent: Remove errant line that sets `self._control_client = None` 2022-09-21 15:04:07 -04:00
Mike Salvatore fbb8e85b46 Agent: Pass server to InfectionMonkey._register_agent() 2022-09-21 14:56:53 -04:00
Kekoa Kaaikala ccfc41fc2f Agent: Fix mypy issues in IslandAPIClient 2022-09-21 17:54:33 +00:00
Kekoa Kaaikala fc82715262 Agent: Fix mypy issues in vuln_assessment.py 2022-09-21 17:49:04 +00:00
Kekoa Kaaikala 2fab84636e Agent: Fix mypy issues in exploit/tools/helpers.py 2022-09-21 17:47:56 +00:00
Kekoa Kaaikala 0a9d221ad8 Agent: Fix mypy issues in HostExploiter.py 2022-09-21 17:47:11 +00:00
Kekoa Kaaikala be4c5e7312 Agent: Fix mypy issues in propagation credentials
Updated aggregating_propagation_credentials_repository.py
2022-09-21 17:42:52 +00:00
Kekoa Kaaikala 60c1eb9cc1 Agent: Fix mypy errors in monkey.py 2022-09-21 17:09:06 +00:00
Kekoa Kaaikala 4f04cf1c18 Common: Fix mypy error in encoding.py 2022-09-21 17:07:11 +00:00
Mike Salvatore b4c8ac7242 Island: Accept any kwargs in IIslandEventQueue.publish() 2022-09-21 12:53:39 -04:00
Ilija Lazoroski 320364a7a2 UI: Get derived state from props in AdvancedMultiSelect 2022-09-21 16:48:47 +02:00
Mike Salvatore a76273fa0d
Merge pull request #2327 from guardicore/2266-replace-IslandModeService
Replace IslandModeService with event
2022-09-21 09:25:29 -04:00
Shreya Malviya a8fb05f2b8 Island: Simplify logic in test_island_mode.py with fixtures 2022-09-21 18:53:12 +05:30
Shreya Malviya 60db495cee UT: Use MagicMock to simulate internal server error in test_island_mode_post__invalid_mode() 2022-09-21 18:43:26 +05:30
Shreya Malviya 1afafd20dd UT: Simplify some logic in test_island_mode.py's flask_client fixture 2022-09-21 18:09:13 +05:30
Shreya Malviya 10e1177ef6 Island: Remove set_simulation_mode 2022-09-21 18:08:06 +05:30
Shreya Malviya 547637d151 Island: Subscribe ISimulationRepository.set_mode to IslandEventTopic.SET_ISLAND_MODE 2022-09-21 18:08:06 +05:30
Shreya Malviya add31fe397 Island: Rename IslandModeEnum.SET_ISLAND_MODE's subscribers' arguments from 'event' to 'mode' 2022-09-21 18:07:54 +05:30
Shreya Malviya c1e15f8be5 Island: Fix docstring in set_agent_configuration_per_island_mode 2022-09-21 17:41:54 +05:30
ilija-lazoroski 18ceb6c279
Merge pull request #2322 from guardicore/2181-credential-reuse-ete
2181 credential reuse ete
2022-09-21 13:58:12 +02:00
Shreya Malviya fb2165b2e8 UT: Fix broken IslandMode tests 2022-09-21 17:20:32 +05:30
Shreya Malviya 4e0f2c89ec UT: Remove test_island_mode_service.py 2022-09-21 16:39:24 +05:30
Shreya Malviya 6933d25768 Island: Remove IslandModeService 2022-09-21 16:38:57 +05:30
Shreya Malviya bc630e86e9 Island: Remove IslandModeService from IslandMode resource 2022-09-21 16:36:44 +05:30
Shreya Malviya d9d388d41c Island: Get Island mode from simulation repository in IslandMode's GET 2022-09-21 16:32:30 +05:30
Shreya Malviya 1f96ab5ea9 Island: Extract event topic to a variable in all Island event handler subscribe functions 2022-09-21 16:26:04 +05:30
Shreya Malviya 5a96d5b570 Island: Subscribe set_simulation_mode to IslandEventTopic.SET_ISLAND_MODE 2022-09-21 16:21:59 +05:30
Shreya Malviya b4c1879bf9 Island: Add set_simulation_mode Island event handler 2022-09-21 16:20:05 +05:30
Shreya Malviya 9ce652f1a5 Island: Rename IslandEventTopic.SET_MODE -> IslandEventTopic.SET_ISLAND_MODE 2022-09-21 16:15:33 +05:30
Shreya Malviya 822d9d6eec Island: Rename set_island_mode -> set_agent_configuration_per_island_mode 2022-09-21 16:13:33 +05:30
Shreya Malviya 8b87783998 Island: Subscribe set_island_mode to IslandEventTopic.SET_MODE 2022-09-21 16:07:00 +05:30
Shreya Malviya f20f11265b Island: Add set_island_mode Island event handler 2022-09-21 16:03:03 +05:30
Shreya Malviya 67e280fd7a Island: Publish SET_MODE event in IslandMode's PUT 2022-09-21 14:38:08 +05:30
Shreya Malviya 5675724843 Island: Add SET_MODE to IslandEventTopic 2022-09-21 14:33:16 +05:30
Mike Salvatore f8777cd37d
Merge pull request #2326 from guardicore/2256-initialize-i-machine-repository
2256 initialize i machine repository
2022-09-20 15:26:37 -04:00
Mike Salvatore 183b065ae6 Island: Set island=True on IMachineRepository initialization 2022-09-20 15:11:33 -04:00
Mike Salvatore a323441ffe Island: Add Machine.island field 2022-09-20 15:09:43 -04:00
Mike Salvatore f472963b78
Merge pull request #2324 from guardicore/2292-control-channel-client-api-client
2292 control channel client api client
2022-09-20 14:47:51 -04:00
Mike Salvatore 897d1e39ac Agent: Remove debug print from handle_island_api_errors() 2022-09-20 14:45:17 -04:00
Mike Salvatore aed9022a7a Island: Register reset_machine_repository for CLEAR_SIMULATION_DATA 2022-09-20 14:34:25 -04:00
Kekoa Kaaikala 53dc34f895 Agent: Fix typo in IIslandAPIClient 2022-09-20 18:34:04 +00:00
Mike Salvatore 35025ead18 Island: Add reset_machine_repository 2022-09-20 14:33:44 -04:00
Kekoa Kaaikala 2a1396c82d Agent: Use response.json() in HTTPIslandAPIClient 2022-09-20 18:33:05 +00:00
Kekoa Kaaikala 022630ddc1 Agent: Simplify error handling in ControlChannel 2022-09-20 18:32:20 +00:00
Mike Salvatore 36142774dd Island: Initialize IMachineRepository on Island start 2022-09-20 14:27:58 -04:00
Mike Salvatore ff0a57aa93 Island: Add initialize_machine_repository() 2022-09-20 14:27:32 -04:00
Kekoa Kaaikala 417d167026 Agent: Simplify error handling in HTTPIslandAPIClient 2022-09-20 18:27:17 +00:00
Kekoa Kaaikala 1c6ca24a47 Agent: Move register_agent out of ControlChannel 2022-09-20 18:21:55 +00:00
Kekoa Kaaikala 2f5bcff631 UT: Use island_api_client fixture 2022-09-20 18:04:16 +00:00
Mike Salvatore fca3a1357e Island: Add missing return type to _build_agent_binary_repository() 2022-09-20 13:48:50 -04:00
Kekoa Kaaikala 605e6ae496 UT: Add test for get_credentials_for_propagation 2022-09-20 17:47:10 +00:00
Kekoa Kaaikala 4c3a1ba89a UT: Add test for get_config 2022-09-20 17:47:10 +00:00
Kekoa Kaaikala fd08212763 UT: Add test for should_agent_stop 2022-09-20 17:47:10 +00:00
Kekoa Kaaikala 44d8dbeb5c Island: Get rid of server param in IslandAPIClient 2022-09-20 17:46:03 +00:00
Kekoa Kaaikala 8ebcd2ea33 Island: Update register_agent errors 2022-09-20 17:46:03 +00:00
Kekoa Kaaikala 2dc4871a7d Agent: Pass IslandAPIClient to the ControlChannel 2022-09-20 17:38:53 +00:00
Kekoa Kaaikala 3e96a30a09 UT: Parametrize errors in tests 2022-09-20 17:35:57 +00:00
Kekoa Kaaikala 51ce974c43 Agent: Reduce duplication due to error handling 2022-09-20 17:35:57 +00:00
Kekoa Kaaikala 42633c066f Agent: Reduce duplication due to error handling 2022-09-20 17:35:57 +00:00
Kekoa Kaaikala b260dcc5cb Agent: Add get_credentials_for_propagation to IslandAPIClient 2022-09-20 17:33:20 +00:00
Kekoa Kaaikala d6795492a4 Agent: Add get_config to IslandAPIClient 2022-09-20 17:32:10 +00:00
Kekoa Kaaikala 92e793c2cd Agent: Add should_agent_stop to IslandAPIClient 2022-09-20 17:30:13 +00:00
Kekoa Kaaikala 54ef77698c Agent: Add register_agent to IslandAPIClient 2022-09-20 17:28:36 +00:00
Ilija Lazoroski 3af38d7841 BB: Fix some minor configuration issue in CredentialsReuse 2022-09-20 18:06:12 +02:00
Ilija Lazoroski a2b8fceb28 BB: Add new CredentialReuse machines info to the Docs 2022-09-20 17:52:24 +02:00
Ilija Lazoroski 246c78e8c1 BB: Add the new machine to the Terraform scripts 2022-09-20 17:52:00 +02:00
Ilija Lazoroski 07d1062b80 BB: Add CredentialsReuse machines to test_machine_list 2022-09-20 17:51:39 +02:00
Ilija Lazoroski 6c11eb2a6b BB: Add new EtE test that reuses stolen ssh key to exploit a machine
Island --(password)--> A --(password)--> B --(A's SSH key)--> C
2022-09-20 17:49:55 +02:00
Ilija Lazoroski c13dcf464c BB: Export Credentials reuse with ssh key test configuration from
__init__
2022-09-20 17:49:01 +02:00
Ilija Lazoroski a9bec168b1 BB: Add Credentials Reuse with ssh key test configuration 2022-09-20 17:48:30 +02:00
Mike Salvatore dfa1709064
Merge pull request #2315 from guardicore/2180-encrypt-event-data
2180 encrypt event data
2022-09-20 11:46:53 -04:00
Kekoa Kaaikala b27dea54e7 Island: Fix typo in docstring 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala a83186f532 UT: Test that stored events are encrypted 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala dea7b4f74a UT: Use encryptor fixture in agent encryption tests 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala c0869aebba Island: Simplify agent encryption calls 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala 644f3628a5 UT: Move mongo functions into a module 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala 2d03e497e9 UT: Show seq and dict are encrypted in events 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala e0cebd144a UT: Use mock encryptor 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala 875a54aa8f Island: Remove stale comment 2022-09-20 15:32:59 +00:00
Kekoa Kaaikala 7038179711 UT: Add tests for event encryption exceptions 2022-09-20 15:32:18 +00:00
Kekoa Kaaikala ccadfccf5e Island: Remove duplicate encryption code 2022-09-20 15:32:18 +00:00
Kekoa Kaaikala f635c2cd5f BB: Removed unneccessary logs from ZerologonAnalyzer 2022-09-20 15:32:18 +00:00
Kekoa Kaaikala aa0d5f2e19 Island: Fix import ordering 2022-09-20 15:32:18 +00:00
Kekoa Kaaikala a9f7262582 UT: Fix formatting 2022-09-20 15:32:18 +00:00
Kekoa Kaaikala 2e63f47606 Island: Copy dict when encrypting event data 2022-09-20 15:32:18 +00:00
Mike Salvatore 7634e00737 Project: Remove MongoAgentEventRepository from vulture_allowlist.py 2022-09-20 15:32:18 +00:00
Mike Salvatore 3f8c40a92c Island: Rename MongoEventRepository -> MongoAgentEventRepository 2022-09-20 15:32:18 +00:00
Kekoa Kaaikala c704d4a37b Island: Remove StubbedEventRepository 2022-09-20 15:30:39 +00:00
Kekoa Kaaikala dc1eeefbc1 Island: Add MongoEventRepository to DI container 2022-09-20 15:30:39 +00:00
Kekoa Kaaikala 71110c61a7 Island: Add docstrings to agent event encryption 2022-09-20 15:28:00 +00:00
Kekoa Kaaikala c19e50b7f1 UT: Fix tests for event encryption 2022-09-20 15:28:00 +00:00
Kekoa Kaaikala 54fe2a6dca Island: Add encryption to MongoEventRepository 2022-09-20 15:28:00 +00:00
Kekoa Kaaikala 0d959e891a Island: Add functions to encrypt agent events 2022-09-20 15:28:00 +00:00
Mike Salvatore 930256f581 Agent: Take OperatingSystem in IIslandAPIClient.get_agent_binary() 2022-09-20 11:07:09 -04:00
Mike Salvatore 741d192eab Merge branch '2292-modify-agent-forwarder' into develop
PR #2320
2022-09-20 11:03:42 -04:00
Mike Salvatore 2281dde795
Merge pull request #2319 from guardicore/2292-HTTPIslandAPIClient-in-CachingAgentBinaryRepository
HTTPIslandAPIClient in CachingAgentBinaryRepository
2022-09-20 10:47:43 -04:00
Mike Salvatore 9807c23571 Agent: Add IIslandAPIClient.connect()
Different clients may have different dependencies in their constructors.
Use connect() instead of __init__() to connect to the Island. Add an
AbstractIslandAPIClientFactory and HTTPIslandAPIClientFactory to
facilitate this.
2022-09-20 10:23:21 -04:00
Mike Salvatore e9433ad23b Agent: Initialize _agent_event_serializer_registry in __init__() 2022-09-20 10:05:47 -04:00
Mike Salvatore eea7fc1ee2 Agent: Add AbstractIslandAPIClientFactory 2022-09-20 09:58:15 -04:00
Mike Salvatore 17cb77cfdd Agent: Move AbstractAgentEvent serialization to HTTPIslandAPIClient 2022-09-20 09:45:00 -04:00
Mike Salvatore 34a4d81336 Agent: Reraise IslandAPIError in handle_island_errors() 2022-09-20 09:39:20 -04:00
Shreya Malviya 7884f96a9c UT: Fix broken HTTPIslandAPIClient.get_agent_binary() tests 2022-09-20 18:45:39 +05:30
Shreya Malviya 2bd64a3175 Agent: Make variable `island_api_client` protected in InfectionMonkey 2022-09-20 18:38:09 +05:30
Shreya Malviya 9b3950e8eb Agent: Accept OperatingSystem instead of str in HTTPIslandAPIClientget_agent_binary() 2022-09-20 18:36:22 +05:30
Shreya Malviya 088e020fee Agent: Catch IslandAPIError and raise RetrievalError in CachingAgentBinaryRepository._download_binary_from_island() 2022-09-20 18:36:22 +05:30
Shreya Malviya 0e9397b283 Agent: Add RetrievalError to i_agent_binary_repository.py 2022-09-20 18:36:22 +05:30
Shreya Malviya e8ecaa2169 UT: Add tests for HTTPIslandAPIClient.get_agent_binary() 2022-09-20 18:36:22 +05:30
Shreya Malviya 30cf360e98 Agent: Fix URL in HTTPIslandAPIClient.get_agent_binary() 2022-09-20 18:36:22 +05:30
Shreya Malviya 2cebc19843 Agent: Add get_agent_binary() to the IIslandAPIClient interface 2022-09-20 18:36:22 +05:30
Shreya Malviya d84550ba23 Agent: Fix return type hint in CachingAgentBinaryRepository._download_binary_from_island() 2022-09-20 18:36:21 +05:30
Shreya Malviya 4605722874 Agent: Add logging in CachingAgentBinaryRepository._download_binary_from_island() 2022-09-20 18:36:21 +05:30
Shreya Malviya 3b3f39065d Agent: Remove comment no longer relevant from monkey.py 2022-09-20 18:36:19 +05:30
Shreya Malviya 8b52ba0686 Agent: Modify docstring in IIslandAPIClient.send_events() 2022-09-20 18:01:17 +05:30
Mike Salvatore e3adae03b0
Merge pull request #2321 from guardicore/2294-clear-repositories-on-clear-simulation
Clear repositories on CLEAR_SIMULATION_DATA event
2022-09-20 07:56:31 -04:00
Mike Salvatore e5a1a5dc67
Merge pull request #2316 from guardicore/2292-IslandAPIClient-in-ControlClient
Use HTTPIslandAPIClient in ControlClient
2022-09-20 07:53:14 -04:00
Shreya Malviya 5032588c23 Island: Initialize MongoDB connection before DI container so that repositories using mongo can be registered and subscribed 2022-09-20 17:07:28 +05:30
Shreya Malviya 638e4cd7ed Island: Simplify logic in island_event_handlers._subscribe_clear_simulation_data_events 2022-09-20 17:05:53 +05:30
Ilija Lazoroski 14592d964e Agent: Pass island_api_client when constructing AgentEventForwarder 2022-09-20 13:13:01 +02:00
Ilija Lazoroski b320fba2c8 Agent: Modify AgentEventForwarder to use IIslandAPIClient 2022-09-20 12:32:00 +02:00
Ilija Lazoroski f39007b0ce Agent: Implement send_events in HTTPIslandAPIClient 2022-09-20 12:30:08 +02:00
Ilija Lazoroski 9000a01d1d Agent: Add send_events to IIslandAPIClient 2022-09-20 12:28:50 +02:00
Shreya Malviya f93565b2cf Island: Subscribe repository reset functions to CLEAR_SIMULATION_DATA event 2022-09-20 15:50:43 +05:30
Shreya Malviya 51a9bad000 Island: Register instances of INodeRepository, IMachineRepository, IAgentRepository in DI container 2022-09-20 15:48:07 +05:30
Shreya Malviya e23c6de745 Agent: Remove no longer needed `island_url` parameter from CachingAgentBinaryRepository 2022-09-20 14:59:35 +05:30
Shreya Malviya 1355c038b5 Agent: Add and use HTTPIslandAPIClient.get_agent_binary() 2022-09-20 14:56:10 +05:30
Shreya Malviya 9da1ad4c46 Agent: Pass and accept island_api_client in CachingAgentBinaryRepository's constructor 2022-09-20 14:54:25 +05:30
Shreya Malviya 3100e6c010 Project: Remove outdated entried from Vulture allowlist 2022-09-20 12:37:05 +05:30
Shreya Malviya 1480203627 Agent: Modify docstrings in IIslandAPIClient 2022-09-20 12:35:21 +05:30
Ilija Lazoroski 1b4f834f46 UT: Add status code tests for HTTIslandAPIClient 2022-09-20 08:50:55 +02:00
Ilija Lazoroski 0c13298bbb UT: Add error handling tests for HTTPIslandAPIClient send_log and
get_pba_file
2022-09-20 07:52:48 +02:00
Mike Salvatore 107a15b5f0 Agent: Call raise_for_status() in HTTPIslandAPIClient 2022-09-19 20:05:19 -04:00
Mike Salvatore a724758caa Agent: Handle HTTPErrors in HTTPIslandAPIClient 2022-09-19 20:04:52 -04:00
Mike Salvatore cb8fda0bec Agent: Add HTTPIslandAPIClient._api_url attribute 2022-09-19 19:57:28 -04:00
Mike Salvatore 841183d8e7 Agent: Reimplement HTTPIslandAPIClient.get_pba_file() as a method 2022-09-19 19:55:07 -04:00
Mike Salvatore aa3c6c2f4d Agent: Add IIslandAPIClient.get_pba_file() 2022-09-19 19:52:58 -04:00
Mike Salvatore 92da3b78db Agent: Reimplement HTTPIslandAPIClient.send_log() as member, not static 2022-09-19 19:44:16 -04:00
Mike Salvatore aba342b3f2 Agent: Pass IIslandAPIClient to ControlClient.__init__() 2022-09-19 19:41:14 -04:00
Mike Salvatore 9936605242 Agent: Add IIslandAPIClient.send_log() 2022-09-19 19:39:00 -04:00
Shreya Malviya 393bec29e7 Agent: Remove comment from HTTPIslandAPIClient 2022-09-19 19:39:00 -04:00
Shreya Malviya 365376a190 Agent: Change exception handling and log message in ControlClient.get_pba_file() 2022-09-19 19:39:00 -04:00
Shreya Malviya d07760fe60 Agent: Make HTTPIslandAPIClient.send_log() and HTTPIslandAPIClient.get_pba_file() static 2022-09-19 19:39:00 -04:00
Shreya Malviya 8ab17a96e3 Agent: Fix functions defined in HTTPIslandAPIClient and use the handle_island_errors() decorator on them 2022-09-19 19:39:00 -04:00
Shreya Malviya fa9225370e Agent: Add handle_island_errors() decorator to http_island_api_client.py 2022-09-19 19:39:00 -04:00
Shreya Malviya d188b06980 Agent: Implement HTTPIslandAPIClient.get_pba_file and use in ControlClient 2022-09-19 19:39:00 -04:00
Shreya Malviya 1b92ec78fb Agent: Implement HTTPIslandAPIClient.send_log and use in ControlClient 2022-09-19 19:39:00 -04:00
Mike Salvatore e674f3ab24 Merge branch '2292-modify-find-server' into develop
PR #2314
2022-09-19 14:42:33 -04:00
Mike Salvatore b9576db426 UT: Fix broken tests for find_available_island_apis() 2022-09-19 14:21:17 -04:00
Mike Salvatore 753ac739b0 Agent: rename find_servers() -. find_available_island_apis() 2022-09-19 14:20:40 -04:00
Mike Salvatore 2ebb7621e3 Agent: Fix server selection logic 2022-09-19 14:05:34 -04:00
Mike Salvatore 9ea291a7fa Agent: Fix crash when connecting to IPv4Address
socket.connect() needs a string, not IPv4Address, otherwise the thread
will crash.
2022-09-19 14:01:51 -04:00
Mike Salvatore 51ecf52d4b Agent: Add an ID (int) to relay control message thread name 2022-09-19 14:01:08 -04:00
Mike Salvatore c6a5e294df Agent: Add a timeout to notify disconnect socket 2022-09-19 13:57:25 -04:00
Mike Salvatore 6563be8222 Agent: Remove unnecessary local variable 2022-09-19 12:16:20 -04:00
Mike Salvatore db75806a08 Agent: Rename _get_server() -> _connect_to_island_api() 2022-09-19 12:13:03 -04:00
Mike Salvatore 9a1b5b67b5 Agent: Default self._relay to None 2022-09-19 11:47:54 -04:00
Ilija Lazoroski bc19b5ea93 Agent: Modify find_server to return tuple of server and IIslandAPIClient 2022-09-19 17:24:00 +02:00
Ilija Lazoroski f4b47f8238 Agent: Use HTTPIslandAPIClient in find_server 2022-09-19 16:44:37 +02:00
Mike Salvatore 787af6ae1b Agent: Fix send relay disconnect to unneeded relays
Since `find_server()` is parallelized, the iterator was completely
exhausted when `send_remove_from_waitlist_control_message_to_relays()`
was called, making it effectively a NOOP.
2022-09-19 16:40:04 +02:00
Shreya Malviya 9456a30bd9 Agent: Remove unnecessary logic in _check_if_island_server() 2022-09-19 16:40:04 +02:00
Shreya Malviya 69b26287b6 UT: Fix Island API errors' import in network/relay/test_utils.py 2022-09-19 16:40:04 +02:00
Shreya Malviya 8a4666fba2 Agent: Fix Island API client import in network/relay/utils.py 2022-09-19 16:40:04 +02:00
Ilija Lazoroski 11da608fe6 Agent: Modify find_server to use IslandApiClient 2022-09-19 16:40:04 +02:00
Mike Salvatore 310b58392f
Merge pull request #2313 from guardicore/2292-island-api-client
2292 island api client
2022-09-19 10:25:29 -04:00
Mike Salvatore 9f697e57d2
Merge pull request #2317 from guardicore/fix-zerologon
Fix zerologon
2022-09-19 10:16:19 -04:00
Ilija Lazoroski 2857e70fa2 Island: Change credentials stolen event subscriber argument name 2022-09-19 15:52:44 +02:00
Ilija Lazoroski 0c6997c147 BB: Get the secret value from credentials in ZerologonAnalyzer 2022-09-19 15:52:04 +02:00
Shreya Malviya 9e79c7c6ef Project: Add IslandAPIRequestError to Vulture allowlist 2022-09-19 19:08:17 +05:30
Shreya Malviya 1b037c4b3a Agent: Add IslandAPIRequestError for errors that are the client's mistake 2022-09-19 19:08:15 +05:30
Mike Salvatore 04e82de641 Agent: Make language consistent in IIslandAPIClient docstrings 2022-09-19 09:25:56 -04:00
Mike Salvatore f4f9ca6317 Agent: Update island API client docstrings 2022-09-19 08:18:46 -04:00
Mike Salvatore 43d6ebcc15 Agent: Rename IslandAPIClient -> HTTPIslandAPIClient 2022-09-19 08:03:45 -04:00
Mike Salvatore 6d5503bd6e Agent: Move IslandAPIClient to island_api_client package 2022-09-19 08:00:00 -04:00
Mike Salvatore 184e54228d Agent: Use relative import for errors in IslandAPIClient 2022-09-19 07:56:34 -04:00
Mike Salvatore 0790952c47 Project: Fix IslandApiClient -> IslandAPIClient 2022-09-19 07:52:10 -04:00
Mike Salvatore ca1bc06c55 Agent: Add IIslandAPIClient 2022-09-19 07:51:50 -04:00
Shreya Malviya b432a9f567 Agent: Fix docstrings in IslandAPIClient 2022-09-19 17:16:10 +05:30
Shreya Malviya d53b3d5026 UT: Fix Island API errors' import 2022-09-19 17:11:14 +05:30
Shreya Malviya c3ecb1e2e8 Project: Fix Island API error import 2022-09-19 17:10:34 +05:30
Shreya Malviya f5279a6cb1 Agent: Import Island API errors in transport/__init__.py 2022-09-19 17:09:52 +05:30
Shreya Malviya 672fde0b94 UT: Change IslandApiClient -> IslandAPIClient 2022-09-19 17:06:41 +05:30
Shreya Malviya 94dc2288cd Project: Change IslandApiClient -> IslandAPIClient in Vulture allowlist 2022-09-19 17:06:27 +05:30
Shreya Malviya d217d30b2e Agent: Change IslandApiClient -> IslandAPIClient 2022-09-19 17:05:56 +05:30
ilija-lazoroski 8e88f81c36
Merge pull request #2304 from guardicore/fix-slow-ransomware-test
Agent: Make BatchingTelemetryMessenger sleep period configurable
2022-09-19 12:30:05 +02:00
vakarisz 8386a006d0 Agent: Implement IslandApiClient 2022-09-19 11:11:50 +02:00
Mike Salvatore 89b9e3cc2b
Merge pull request #2305 from guardicore/fix-bb-tests
Fix bb tests
2022-09-16 10:52:25 -04:00
Ilija Lazoroski 547c9f7028 BB: Fix tunneling ToC in documentation 2022-09-16 16:41:26 +02:00
vakarisz 0b0f039474 Agent: Add 4 IslandAPIErrors 2022-09-16 17:39:46 +03:00
Ilija Lazoroski 95741acdf4 BB: Shorten import of depth_4_a_test_configuration 2022-09-16 16:37:00 +02:00
Ilija Lazoroski ecbee6a3cb BB: Fix tunneling-13 ip address in the test_configuration 2022-09-16 16:36:26 +02:00
Ilija Lazoroski 8df35e0107 BB: Export depth_4_a_test_configuration from __init__ 2022-09-16 16:35:54 +02:00
Mike Salvatore f677096439 Agent: Make BatchingTelemetryMessenger sleep period configurable
The ransomware integration tests were sometimes painfully slow because
they were waiting for the BatchingTelemetryMessenger to stop its
internal thread. This commit surfaces the sleep period parameter to the
`build_ransomware()` function so that the unit tests can set it to a
very small value. This is somewhat of a hack, but
BatchingTelemetryMessenger is going away very soon, as Telemetry is
being replaced by Events.
2022-09-16 10:34:31 -04:00
Mike Salvatore 5233dfd2b5 Project: Run pytest with `--dist loadscope`
This option forces tests to be grouped by module and run by the same
worker. This avoids some race conditions that cause tests to fail when
they attempt to bind to the same port. This cannot be solved with any
kind of lock because the tests were being run by completely different
processes.
2022-09-16 10:13:40 -04:00
Shreya Malviya f6270400b6 Project: Undo accidental import change in Vulture allowlist 2022-09-16 19:17:27 +05:30
Shreya Malviya 2146985e51 Island: Undo accidental change to cc/repository/zero_trust/IEventRepository.py 2022-09-16 19:17:19 +05:30
Mike Salvatore 4e1ca659a9 Merge branch '2293-rename-event-serializers' into develop
PR #2300
2022-09-16 09:41:37 -04:00
Mike Salvatore 5669bdd8a2 Agent: Add a comment about locking bcrypt and cryptography 2022-09-16 09:36:26 -04:00
Ilija Lazoroski b50725b939 BB: Change zone of Depth4 machines 2022-09-16 15:36:11 +02:00
Mike Salvatore 9ec55f20ba
Merge pull request #2302 from guardicore/lock-cryptography
Lock cryptography and bcrypt
2022-09-16 09:34:30 -04:00
vakarisz 998c1d7a4f Agent: Rename EVENTS_API_URL to AGENT_EVENTS_API_URL 2022-09-16 16:20:58 +03:00
Mike Salvatore b02bc0ceb0
Merge pull request #2298 from guardicore/2216-redundant-ip-lookup
Island, Agent: Move local IP and interface retrieval to common
2022-09-16 09:12:26 -04:00
Mike Salvatore dd2ed50609 CHANGELOG: Fix `/api/agent-events` entry 2022-09-16 09:08:27 -04:00
vakarisz 77a23b7920 Island, Common: Delete the cached versions of ip retrieval 2022-09-16 16:05:56 +03:00
Mike Salvatore f0e8691bc4 UT: Rename common/events -> common/agent_events 2022-09-16 09:02:09 -04:00
Mike Salvatore 83279cb1b7 UT: Fix CredentialsStolenEvent event import 2022-09-16 08:59:28 -04:00
Shreya Malviya f8134e505e UT: Fix imports common.events -> common.agent_events 2022-09-16 08:58:02 -04:00
Shreya Malviya d93eb4565b Island: Fix imports common.events -> common.agent_events 2022-09-16 08:58:02 -04:00
Shreya Malviya c8d11cdfe7 Agent: Fix imports common.events -> common.agent_events 2022-09-16 08:58:02 -04:00
Shreya Malviya b5736fdd3e Common: Rename common/events/ -> common/agent_events/ 2022-09-16 08:58:02 -04:00
Shreya Malviya e2fed84985 Project: Fix import in Vulture allowlist 2022-09-16 08:58:02 -04:00
Shreya Malviya 89a8ed7a5e Island: Rename i_event_repository.py -> i_agent_event_repository.py 2022-09-16 08:58:02 -04:00
Shreya Malviya c7fef90cd5 Project: Fix Vulture allowlist entries 2022-09-16 08:58:02 -04:00
Shreya Malviya be612abb23 UT: Change IEventRepository -> IAgentEventRepository 2022-09-16 08:58:02 -04:00
Shreya Malviya 0dccbd32b6 Island: Rename IEventRepository -> IAgentEventRepository 2022-09-16 08:58:02 -04:00
Shreya Malviya f0d5545f28 Island: Rename cc/resources/events.py -> cc/resources/agent_events.py 2022-09-16 08:58:02 -04:00
Shreya Malviya ad30efcedd Chaneglog: Add entry for endpoint rename 2022-09-16 08:58:02 -04:00
Shreya Malviya 66eaccb698 Agent: `/api/agent-events` in place of `/api/events` 2022-09-16 08:58:02 -04:00
Shreya Malviya cfc0905d0c Island: Rename `/api/events` to `/api/agent-events` 2022-09-16 08:58:02 -04:00
Shreya Malviya 354d6624d3 UT: Use AgentEvents in place of Events in test_events.py 2022-09-16 08:58:02 -04:00
Shreya Malviya c37876cb97 Island: Rename resource Events -> AgentEvents 2022-09-16 08:58:02 -04:00
Shreya Malviya edce35efef Agent: Make log message more specific in agent_event_forwarder.py 2022-09-16 08:58:02 -04:00
Shreya Malviya 5ad5de9c4a UT: Change event_serializer_registry -> agent_event_serializer_registry in test_agent_event_serializer_registry.py 2022-09-16 08:58:02 -04:00
Shreya Malviya e6db64bf88 UT: Rename test_event_serializer_registry.py -> test_agent_event_serializer_registry.py 2022-09-16 08:58:02 -04:00
Shreya Malviya edb1c97e0a UT: Rename event_serializers/ -> agent_event_serializers/ 2022-09-16 08:58:02 -04:00
Shreya Malviya 7bfc2da539 UT: Fix import common.event_serializers -> common.agent_event_serializers 2022-09-16 08:58:02 -04:00
Shreya Malviya 91b973cfe3 Island: Fix import common.event_serializers -> common.agent_event_serializers 2022-09-16 08:58:02 -04:00
Shreya Malviya 922db9c583 Agent: Fix import common.event_serializers -> common.agent_event_serializers 2022-09-16 08:58:02 -04:00
Shreya Malviya d7327272a0 Common: Rename event_serializers/ -> agent_event_serializers/ 2022-09-16 08:58:02 -04:00
Shreya Malviya 2f748516a8 UT: Change pydantic_event_serializer -> pydantic_agent_event_serializer in test_pydantic_agent_event_serializer.py 2022-09-16 08:58:02 -04:00
Shreya Malviya d694591d1e UT: Rename test_pydantic_event_serializer.py -> test_pydantic_agent_event_serializer.py 2022-09-16 08:58:02 -04:00
Shreya Malviya f5a0b42319 Common: Rename pydantic_event_serializer.py -> pydantic_agent_event_serializer.py 2022-09-16 08:58:02 -04:00
Shreya Malviya d729b514e5 UT: Use PydanticAgentEventSerializer in place of PydanticEventSerializer 2022-09-16 08:58:02 -04:00
Shreya Malviya 43fd978ce4 Common: Rename PydanticEventSerializer -> PydanticAgentEventSerializer 2022-09-16 08:58:02 -04:00
Shreya Malviya bf5e32a252 Project: Remove irrelevant Vulture allowlist entries 2022-09-16 08:58:02 -04:00
Shreya Malviya 940b479ca2 Common: Rename event_serializer_registry.py -> agent_event_serializer_registry.py 2022-09-16 08:58:02 -04:00
Shreya Malviya 2568d52730 UT: Use AgentEventSerializerRegistry in place of EventSerializerRegistry 2022-09-16 08:58:02 -04:00
Shreya Malviya 4a23f5a95b Island: Use AgentEventSerializerRegistry in place of EventSerializerRegistry 2022-09-16 08:58:02 -04:00
Shreya Malviya 19a59bf3c2 Agent: Use AgentEventSerializerRegistry in place of EventSerializerRegistry 2022-09-16 08:58:02 -04:00
Shreya Malviya 6ced4af5dc Common: Rename EventSerializerRegistry -> AgentEventSerializerRegistry 2022-09-16 08:58:02 -04:00
Shreya Malviya c4ab5d99a9 Agent: Fix import in agent_event_forwarder.py 2022-09-16 08:58:02 -04:00
Shreya Malviya 3b22bf0cb4 Common:Rename i_event_serializer.py -> i_agent_event_serializer.py 2022-09-16 08:58:02 -04:00
Shreya Malviya 619dc68c0e UT: Use IAgentEventSerializer in place of IEventSerializer 2022-09-16 08:58:02 -04:00
Shreya Malviya 0e2b165c15 Agent: Rename IEventSerializer -> IAgentEventSerializer 2022-09-16 08:58:02 -04:00
Mike Salvatore c82ee2ce97 Common: Call get_network_interfaces() from get_my_ip_addresses() 2022-09-16 08:52:54 -04:00
vakarisz 247441663d Common: Rename "get_local_interfaces" to "get_network_interfaces" 2022-09-16 15:45:07 +03:00
vakarisz 135da9631d Common: Rename "get_local_ip_addresses" to "get_my_ip_addresses" 2022-09-16 15:45:07 +03:00
vakarisz 6bcf44da69 Agent: Remove unused propagation_credentials_repository parameter 2022-09-16 15:45:07 +03:00
vakarisz 11318dad14 Island, Agent: Move local IP and interface retrieval to common
Both, island and agent needs to get local IP's/interfaces. We should also consider merging them, since interfaces also contain IP's
2022-09-16 15:45:07 +03:00
Mike Salvatore ae073de766
Merge pull request #2301 from guardicore/2180-credentials-event-encoding
2180 credentials event encoding
2022-09-16 08:35:45 -04:00
Ilija Lazoroski 7c554ec157 Agent: Relock Pipfile on windows 2022-09-16 14:35:40 +02:00
Mike Salvatore ec40a9c6ad Common: Inherit from InfectionMonkeyModelConfig in CredsStolenEvent 2022-09-16 08:34:46 -04:00
Mike Salvatore 54f1bd2197 Agent: Add more well-known ports 2022-09-16 08:27:42 -04:00
Mike Salvatore 1b4f1dba4e Agent: Change the order of COMMON_PORTS
COMMON_PORTS should be ordered with the the most likely to succeed ports
first.
2022-09-16 08:16:46 -04:00
Ilija Lazoroski ecccace870 Agent: Lock bcrypt to 3.2.2 2022-09-16 13:45:29 +02:00
vakarisz 46f7390a05 Common: Use SecretEncodingConfig in credentials_stolen_events.py 2022-09-16 14:26:36 +03:00
vakarisz 9577c5569e Common, Agent: Extract credential encoding related methods 2022-09-16 14:26:31 +03:00
Kekoa Kaaikala 017cce22d6 Agent: Add cryptography dependency 2022-09-15 19:15:25 +00:00
Mike Salvatore 004a543310 Common: Make Credentials.Config a subclass of InfectionMonkeyModelConfig 2022-09-15 12:23:52 -04:00
Mike Salvatore 729d2beee8 UT: Add missing tests for MongoAgentRepository
Increases code coverage to 100%
2022-09-15 12:10:14 -04:00
Mike Salvatore cbbd10dd71 Merge branch 'improve-mongo-credentials-repo' into develop 2022-09-15 12:05:04 -04:00
Mike Salvatore deacd18cbe Island: Make ICredentialsRepository methods abstract 2022-09-15 12:03:38 -04:00
Mike Salvatore a7a2968a99 Island: Remove superfluous "pass" from ICredentialsRepository 2022-09-15 12:03:23 -04:00
Mike Salvatore 3fd27c6503 Island: Add ICredentialsRepository.reset() 2022-09-15 12:03:21 -04:00
Mike Salvatore 07815eed93 Island: Wrap drop() Exceptions with RemovalError 2022-09-15 11:56:58 -04:00
Mike Salvatore 84c8de6a7c UT: Test error conditions in MongoCredentialsRepository
Increases test coverage to 100% for MongoCredentialsRepository
2022-09-15 11:55:48 -04:00
Mike Salvatore 5aff1c62c3 Island: Use drop() to clear mongo credentials collections 2022-09-15 11:54:06 -04:00
Mike Salvatore 6e47d3272d Island: Use monkey_island database in MongoCredentialsRepository 2022-09-15 11:48:12 -04:00
Mike Salvatore ef821f75e2 Agent: Add agent source to CredentialsStolenEvent in ZerologonExploiter 2022-09-15 08:01:58 -04:00
Mike Salvatore 4884313cba
Merge pull request #2297 from guardicore/2182-remove-credentialstelem
Remove CredentialsTelem
2022-09-15 07:42:37 -04:00
Shreya Malviya 75dddb0861 BB: Remove usage of CredentialComponentType in Zerologon analyzer 2022-09-15 14:07:18 +05:30
Shreya Malviya cf48189a07 BB: Use keyword parameters when creating Username/Password/NTHash objects 2022-09-15 14:00:14 +05:30
Shreya Malviya f57dad05c1 BB: Use keyword parameters when creating Credentials objects 2022-09-15 13:55:49 +05:30
Shreya Malviya 0b2039fb76 UT: Remove test_credentials_telem.py 2022-09-15 12:30:39 +05:30
Shreya Malviya 08fc1c6d39 Common: Remove CREDENTIALS from TelemCategoryEnum 2022-09-15 12:30:06 +05:30
Shreya Malviya eba94293d4 Agent: Remove CredentialsTelem 2022-09-15 12:29:18 +05:30
Shreya Malviya 775b0e69eb Island: Remove usage of credential telemetry 2022-09-15 12:28:37 +05:30
Shreya Malviya b00e0ff427 Agent: Remove usage of CredentialsTelem from master 2022-09-15 12:11:55 +05:30
Shreya Malviya 0a73ca717c Agent: Fix some mypy issues in zerologon.py 2022-09-15 12:07:03 +05:30
Shreya Malviya 97dcbe6168 Agent: Remove usage of CredentialsTelem from Zerologon exploiter 2022-09-15 11:53:22 +05:30
Mike Salvatore 51d5176986 UT: Improve MongoNodeRepository test coverage
Setting the MagicMock members to lambda's did not work as expected. A
look at the code coverage report revealed that not all branches were
covered. Setting them to new MagicMock objects with the correct return
type added coverage to branches that were previously skipped.
2022-09-14 15:58:35 -04:00
Mike Salvatore 4f29326da9
Merge pull request #2295 from guardicore/2180-mongo-event-repository
2180 mongo event repository
2022-09-14 15:49:13 -04:00
Kekoa Kaaikala 25c3552061 UT: Clarify mongo repository reset test 2022-09-14 19:35:37 +00:00
Kekoa Kaaikala 9ec91ec97a Island: Remove unneccessary call to list() 2022-09-14 19:35:05 +00:00
Kekoa Kaaikala cd84280e79 Island: Simplify event query and deserialization 2022-09-14 19:14:35 +00:00
Kekoa Kaaikala 8311fc79a9 Island: Add message to error on save 2022-09-14 18:43:52 +00:00
Kekoa Kaaikala 5f44204583 UT: Clean up mongo fixture 2022-09-14 18:38:56 +00:00
Kekoa Kaaikala 7e96c11204 Island: Add docstring to MongoEventRepository 2022-09-14 18:35:18 +00:00
Mike Salvatore 2155e9681e UT: Double sleep time to prevent false failures 2022-09-14 14:17:19 -04:00
Mike Salvatore 0ea1f9576f
Merge pull request #2296 from guardicore/2181-store-stolen-credentials-in-repo
2181 store stolen credentials in repo
2022-09-14 14:14:54 -04:00
Mike Salvatore 5742681b13 Island: Rename agent_event_subscribers -> agent_event_handlers 2022-09-14 13:58:12 -04:00
Mike Salvatore 03c49fe4da Island: Shorten subscription code 2022-09-14 13:55:13 -04:00
Mike Salvatore b3e9bbe05f Island: Subscribe save_stolen_credentials_to_repository() 2022-09-14 13:54:38 -04:00
Mike Salvatore 4db251dd7d Island: Add save_stolen_credentials_to_repository 2022-09-14 13:52:29 -04:00
Mike Salvatore d5979fae16 Island: Fix typo and grammar in save_event_to_event_repository() 2022-09-14 13:48:55 -04:00
Kekoa Kaaikala 5c762930bf Island: Search UUID by string value 2022-09-14 17:45:44 +00:00
Kekoa Kaaikala 89954223e8 Island: Match type based on __name__ 2022-09-14 17:45:44 +00:00
Kekoa Kaaikala ad5bba9e2f Island: Use EventSerializerRegistry 2022-09-14 17:45:44 +00:00
Kekoa Kaaikala f5e398c175 Island: Add MongoEventRepository 2022-09-14 17:45:41 +00:00
Mike Salvatore 0b5dd3832b
Merge pull request #2291 from guardicore/2180-save-event-to-repository
2180 save event to repository
2022-09-14 13:40:19 -04:00
Mike Salvatore 6f4c3d4669 Island: Register StubbedEventRepository in DIContainer 2022-09-14 13:36:55 -04:00
Mike Salvatore f5711e2fab Island: Add StubbedEventRepository
A placeholder until MongoEventRepository is implemented
2022-09-14 13:35:49 -04:00
Mike Salvatore 9fc91239f2 Agent: Use private module variable for ID caching
mypy complains about setting an attribute on the function object. Using
`global _id` accomplishes the same thing and doesn't upset mypy
2022-09-14 12:59:44 -04:00
Mike Salvatore 8faf8de4dd Agent: Use HardwareID as the return type for get_machine_id() 2022-09-14 12:57:40 -04:00
Mike Salvatore f7ab5c5dd8 Common: Use MachineID instead of int in AbstractAgentEvent.target 2022-09-14 12:54:49 -04:00
Mike Salvatore 1b2b316e1f Island: Move MachineID to common 2022-09-14 12:53:42 -04:00
Mike Salvatore 99b0f5bcd6
Merge pull request #2279 from guardicore/2177-agent-all-events-subscriber
Subscriber to send all Agent events to Island
2022-09-14 12:12:26 -04:00
Mike Salvatore d179a5563f UT: Add note about potentially slow or racey tests 2022-09-14 12:11:51 -04:00
Mike Salvatore 996225deef Agent: Fix line length 2022-09-14 12:09:42 -04:00
Mike Salvatore fbd5bb9a9e Agent: Rename _agent_events_to_island_sender 2022-09-14 12:08:45 -04:00
Mike Salvatore 9471db378f UT: Reduce sleep time from 0.05 to 0.01 in test_agent_event_forwarder 2022-09-14 12:07:36 -04:00
Ilija Lazoroski 83f1e4cc2a Island: Use agent_event_handlers on island setup 2022-09-14 17:19:28 +02:00
Ilija Lazoroski 5a836daaa7 Island: Add agent_event_handlers 2022-09-14 17:18:55 +02:00
Ilija Lazoroski 26fc6fd5b9 Island: Add save_event_to_event_repository subscriber 2022-09-14 17:17:32 +02:00
Mike Salvatore ac4db7aaf6 CHANGELOG: Add entry for #2216 2022-09-14 11:03:06 -04:00
vakarisz b81f7ad69c Merge branch '2216-tcp-relay' into develop 2022-09-14 17:47:13 +03:00
Shreya Malviya 218363d40e UT: Reduce sleep time from 0.1 to 0.05 in test_agent_event_forwarder.py 2022-09-14 19:59:19 +05:30
Shreya Malviya 5c1613bc79 Agent: Add log statement when sending Agent events to Island 2022-09-14 19:54:36 +05:30
Shreya Malviya 7fed97530f UT: Use BatchingAgentEventForwarder instead of AgentEventsToIslandSender 2022-09-14 19:52:33 +05:30
Shreya Malviya c24fd9ddab Agent: Rename AgentEventsToIslandSender -> BatchingAgentEventForwarder 2022-09-14 19:52:10 +05:30
Shreya Malviya 83a828ada5 UT: Rename test_send_all_events_to_island.py -> test_agent_event_forwarder.py 2022-09-14 19:51:15 +05:30
Shreya Malviya 984ce2e8bc UT: Use agent_event_forwarder instead send_all_events_to_island in import 2022-09-14 19:50:33 +05:30
Shreya Malviya 04b1caeb4c Agent: Rename send_all_events_to_island.py -> agent_event_forwarder.py 2022-09-14 19:49:35 +05:30
Shreya Malviya 0775beda7a Agent: Rename SendAllAgentEventsToIsland -> AgentEventForwarder 2022-09-14 19:47:53 +05:30
Shreya Malviya 4eabf6e77b Agent: Use create_daemon_thread() instead of threading.Thread() in AgentEventsToIslandSender 2022-09-14 19:45:12 +05:30
vakarisz f3fd2fca8b Agent: Fix SSH exploiter to be able to exploit unknown OS
Previously if the agent couldn't detect the OS, agent failed with errors
2022-09-14 17:08:52 +03:00
Ilija Lazoroski bb0910371c Island: Refactor api/events to publish list of events
PR #2285
2022-09-14 09:48:16 -04:00
Mike Salvatore 2fe3a2ece3
Merge pull request #2287 from guardicore/2180-i-event-repository
Island: Add IEventRepository
2022-09-14 09:44:17 -04:00
Mike Salvatore c977d8c212 Island: Use TypeVar for IEventRepository.get_events_by_type() 2022-09-14 09:41:58 -04:00
Mike Salvatore 4bb914316f
Merge pull request #2283 from guardicore/2255-mongo-node-repository
2255 mongo node repository
2022-09-14 09:35:16 -04:00
Mike Salvatore f52f8eccd5 UT: Use sets for simpler sequence comparison 2022-09-14 09:19:56 -04:00
Mike Salvatore 1a8c285d8e UT: Use set.intersection() for simpler set comparison 2022-09-14 09:18:00 -04:00
Mike Salvatore 617a3273cd Merge branch 'omit-mongo-object-id' into 2255-mongo-node-repository 2022-09-14 09:10:12 -04:00
Mike Salvatore c2437464c6 Island: Omit the mongo object ID from Agent query results 2022-09-14 09:10:06 -04:00
Ilija Lazoroski 17e9c00180 UT: Add another test for AgentEventsToIslandSender 2022-09-14 15:09:00 +02:00
Mike Salvatore fa8736e2fe Island: Omit the mongo object ID from Machine query results 2022-09-14 09:05:42 -04:00
Mike Salvatore 3fb1ddaa74 Island: Omit the mongo object ID from Node query results 2022-09-14 09:02:21 -04:00
Mike Salvatore 5821d71ade Island: Omit the mongo object ID from credentials query results 2022-09-14 08:59:09 -04:00
Ilija Lazoroski c54d1b89ab Island: Add IEventRepository 2022-09-14 13:26:27 +02:00
Mike Salvatore d509ee7216 Build: Pull Python AppImage v3.7.14 2022-09-14 07:22:44 -04:00
Mike Salvatore 1e3e6c9052 Merge branch '2216-fix-connection-issues' into 2216-tcp-relay 2022-09-14 07:06:03 -04:00
Mike Salvatore e56d4c0ac7
Merge pull request #2284 from guardicore/2216-relay-bb-tests
2216 relay bb tests
2022-09-14 06:56:42 -04:00
Shreya Malviya 97a9f2d156 UT: Fix import in test_send_all_events_to_island.py 2022-09-14 16:14:53 +05:30
Shreya Malviya c72d34b7ad Agent: Fix import in monkey.py 2022-09-14 16:12:39 +05:30
Mike Salvatore 1affc3fe5e Common: Add "raises" docstrings to IEventSerializer.deserialize() 2022-09-14 06:33:31 -04:00
Shreya Malviya bb8b4742af Agent: Implement event serializer logic for SendAllAgentEventsToIsland 2022-09-14 16:00:56 +05:30
Shreya Malviya aeda96db06 UT: Add test for AgentEventsToIslandSender 2022-09-14 15:45:40 +05:30
Shreya Malviya 37c4362b60 Agent: Add default argument and type hint in send_all_events_to_island.py 2022-09-14 15:43:38 +05:30
Ilija Lazoroski b129833e57 Island: Remove ITelemtryRepository 2022-09-14 06:13:29 -04:00
vakarisz bc6da3d402 BB: Add documentation about changes to tunneling-11 2022-09-14 12:13:36 +03:00
vakarisz c281666504 BB: Remove tunneling-12 from depth-3 2022-09-14 12:10:06 +03:00
vakarisz 7a33802b7c BB: Add tunneling machines to the list of depth 3 test 2022-09-14 12:06:46 +03:00
Shreya Malviya fe63b28ee1 Agent: Restructure SendAllAgentEventsToIsland and _AgentEventsToIslandSender 2022-09-14 14:31:55 +05:30
Shreya Malviya 404f6d954f Agent: Replace SendAllAgentEventsToIsland's __call__() with send_event() 2022-09-14 13:46:45 +05:30
Shreya Malviya 8256322a29 Agent: Rename _batch_and_send_events_thread -> _BatchAndSendEventsThread 2022-09-14 13:34:34 +05:30
Shreya Malviya 1ad13db758 Agent: Rename send_all_events_to_island -> SendAllAgentEventsToIsland 2022-09-14 13:33:34 +05:30
Shreya Malviya 5152b9a3cc Agent: Use threading.Event instead of flag in send_all_events_to_island.py 2022-09-14 12:29:07 +05:30
Shreya Malviya a561195508 Agent: Use `json` instead of `data` in POST request in send_all_events_to_island.py 2022-09-14 12:14:25 +05:30
Shreya Malviya 4381716e54 Agent: Remove unused variables in send_all_events_to_island.py 2022-09-14 12:14:25 +05:30
Shreya Malviya 39a7ae0964 Agent: Rename DEFAULT_TIME_PERIOD -> DEFAULT_TIME_PERIOD_SECONDS in send_all_events_to_island.py 2022-09-14 12:14:25 +05:30
Shreya Malviya 5ecc3e992a Agent: Remove send_all_events_to_island's dependency on pubsub 2022-09-14 12:14:25 +05:30
Shreya Malviya 83c7f10859 Agent: Simplify batching and sending logic in send_all_events_to_island.py 2022-09-14 12:14:25 +05:30
Shreya Malviya 1d60cb160b Agent: Clear event batches set and use correct variable name in send_all_events_to_island.py 2022-09-14 12:14:25 +05:30
Shreya Malviya 239b2e2550 Agent: Extract API URL to variable EVENTS_API_URL in send_all_events_to_island.py 2022-09-14 12:14:25 +05:30
Shreya Malviya 39f8bafd46 Agent: Add docstrings in send_all_events_to_island.py 2022-09-14 12:14:25 +05:30
Shreya Malviya de68f21fdf Agent: Subscribe `send_all_events_to_island` to all events 2022-09-14 12:14:25 +05:30
Shreya Malviya 1abf323b14 Agent: Add type annotation for `send_all_events_to_island._batch_and_send_events_thread._event_batch` 2022-09-14 12:14:25 +05:30
Shreya Malviya 8f4aefda74 Agent: Rename some variables in `send_all_events_to_island` 2022-09-14 12:14:25 +05:30
Shreya Malviya 6520fe2c90 Agent: Rename push_events_to_island.py -> send_all_events_to_island.py for consistency 2022-09-14 12:14:25 +05:30
Shreya Malviya 9475c86fba Agent: Rename `push_all_events_to_island` -> `send_all_events_to_island` for consistency 2022-09-14 12:14:25 +05:30
Shreya Malviya 5542f67ceb Agent: Finish implementing threading/batching in `push_all_events_to_island` 2022-09-14 12:14:25 +05:30
Shreya Malviya e51a717bdf Agent: Add a very crude outline of using a queue and threading in `push_all_events_to_island` 2022-09-14 12:14:25 +05:30
Shreya Malviya a06c6a622e Agent: Add log statements in class `push_all_events_to_island`'s `__call__()` 2022-09-14 12:14:25 +05:30
Shreya Malviya 1462e832b0 Agent: Add subscriber to push all events to the Island 2022-09-14 12:14:25 +05:30
Mike Salvatore cd6a46a304 Island: Add MongoNodeRepository 2022-09-13 20:43:24 -04:00
Mike Salvatore 76b51d25b9 Island: Use frozenset instead of tuple for communication types 2022-09-13 20:42:37 -04:00
Mike Salvatore 6cc8948ebf Island: Add INodeRepository.reset() 2022-09-13 19:09:55 -04:00
Mike Salvatore ed0e8c4870 Common: Add event type to serialized agent events 2022-09-13 17:15:52 -04:00
Mike Salvatore 03989e1964 Common: Add EVENT_TYPE_FIELD 2022-09-13 17:04:44 -04:00
Mike Salvatore 010a630c4f
Merge pull request #2282 from guardicore/2179-register-credentials-stolen-event-serializer
2179 register credentials stolen event serializer
2022-09-13 17:02:25 -04:00
Kekoa Kaaikala e7bb5ce535 BB: Add interface to tunneling-11 2022-09-13 19:52:04 +00:00
Kekoa Kaaikala b865c13a3b BB: Revert depth_3_a test 2022-09-13 19:45:57 +00:00
Mike Salvatore d30dfd3396 Agent: Setup EventSerializerRegistry 2022-09-13 15:16:27 -04:00
Mike Salvatore ca23c94c8e Island: Setup EventSerializerRegistry 2022-09-13 15:12:07 -04:00
Mike Salvatore 905fb3563e
Merge pull request #2281 from guardicore/2216-prevent-port-collisions
Agent: Add TCPPortSelector
2022-09-13 15:08:56 -04:00
Mike Salvatore 0f0f50208d
Agent: Add missing "param" in docstring
Co-authored-by: Kekoa Kaaikala <kekoa.kaaikala@gmail.com>
2022-09-13 15:07:25 -04:00
Mike Salvatore 5905d3bf5b Common: Add register_common_agent_event_serializers() 2022-09-13 15:04:45 -04:00
Mike Salvatore ad01003480 Common: Rename i_event_serialize{,r}.py 2022-09-13 14:58:15 -04:00
Mike Salvatore 1c742c3f96
Merge pull request #2280 from guardicore/2179-credentialsstolenevent-pydantic
2179 credentialsstolenevent pydantic
2022-09-13 14:47:10 -04:00
Mike Salvatore 1503c3f0ba Common: Switch AbstractAgentEvent.source from int to AgentID 2022-09-13 13:25:47 -04:00
Mike Salvatore 80cd5a05a1 Common: Move AgentID definition to common 2022-09-13 13:25:45 -04:00
Mike Salvatore 1998d492eb Agent: Remove disused credential_collectors.credential_components pkg 2022-09-13 13:17:02 -04:00
Mike Salvatore 04d79a0a35 Agent: Add TCPPortSelector 2022-09-13 12:24:14 -04:00
Ilija Lazoroski 31f3c1a4d6 UT: Fix all unit tests that we creating events to use pydantic 2022-09-13 17:53:58 +02:00
Ilija Lazoroski 1799f1253c Common: Make AbstractAgentEvent to be a pydantic modell
In this way we are saying that every event needs to be a pydantic model
for which we may pay the price later on.
2022-09-13 17:45:48 +02:00
Ilija Lazoroski a68a765722 Common: Make CredentialsStolenEvent to be a class 2022-09-13 17:45:48 +02:00
Kekoa Kaaikala 1a96e9fd8d Common: Make CredentialsStolenEvent a pydantic model 2022-09-13 17:45:48 +02:00
Kekoa Kaaikala 78d5094f90 Common: Use int instead of UUID in AbstractAgentEvent 2022-09-13 17:45:48 +02:00
Kekoa Kaaikala 69063de627 Agent: Add note about unintentional disconnect 2022-09-13 15:38:19 +00:00
Kekoa Kaaikala 4ba4cb583a Agent: Add thread ID to SocketsPipe thread name 2022-09-13 15:32:15 +00:00
Mike Salvatore bde44f74f5
Merge pull request #2275 from guardicore/2179-implement-pydantic-event-serializer
2179 implement pydantic event serializer
2022-09-13 09:56:57 -04:00
Mike Salvatore 69e11d6b50 Common: Ignore mypy cyclical definition warning for JSONSerializable 2022-09-13 09:22:24 -04:00
Ilija Lazoroski d3a4f255f0 Common: Use isinstance in PydanticEventSerializer 2022-09-13 14:09:54 +02:00
Mike Salvatore ef2bac6de2
Merge pull request #2278 from guardicore/2234-remove-repository-service
Island: Remove RepositoryService
2022-09-13 08:01:36 -04:00
Mike Salvatore 6c0b63aa29 Common: Don't hide AttributeError from the caller 2022-09-13 07:55:15 -04:00
Mike Salvatore 780595cf19 Common: Use `simplify=True` in PydanticEventSerializer 2022-09-13 07:53:30 -04:00
Mike Salvatore 34e843f7f3 Common: Make PydanticEventSerializer generic 2022-09-13 07:50:38 -04:00
Ilija Lazoroski dcd9cab0f4 Project: Remove clear_simulation_data entry from vulture_allowlist 2022-09-13 13:40:54 +02:00
Ilija Lazoroski 62ab6e5a77 Common: Add generic events to PydanticEventSerializer 2022-09-13 13:38:41 +02:00
Ilija Lazoroski 88d65f40ae Project: Add PydanticEventSerializer to vulture_allowlist 2022-09-13 13:38:41 +02:00
Ilija Lazoroski 9e9160304c UT: Add unit tests for PydanticEventSerializer 2022-09-13 13:38:41 +02:00
Ilija Lazoroski 1755d72ae7 Common: Export PydanticEventSerializer from __init__ 2022-09-13 13:38:33 +02:00
Ilija Lazoroski e756e0dbc3 Common: Implement EventSerializer for pydantic objects 2022-09-13 13:38:26 +02:00
Mike Salvatore d58d8bb87b Island: Remove RepositoryService
Issue #2234
2022-09-13 07:26:13 -04:00
Mike Salvatore b226c84b6c
Merge pull request #2277 from guardicore/2234-refactor-clear-simulation-data
2234 refactor clear simulation data
2022-09-13 07:25:49 -04:00
Mike Salvatore 7c86bfc182 Island: Rename _handle_*_events() -> _subscribe_*_events() 2022-09-13 07:24:25 -04:00
Ilija Lazoroski f944347644 UT: Test ResetAgentConfiguration endpoint 2022-09-13 11:41:08 +02:00
Ilija Lazoroski f87fb39b0f Project: Add clear_simulation_data to vulture_allowlist
Remove once #2277 is closed
2022-09-13 11:30:13 +02:00
Mike Salvatore 4e49e59447 Island: Rename local event_queue -> island_event_queue
Disambiguate Island event queues from Agent event queues
2022-09-13 11:07:35 +02:00
Mike Salvatore 6d297dc201 Island: Subscribe legacy Database.reset_db to CLEAR_SIMULATION_DATA 2022-09-13 11:07:35 +02:00
Mike Salvatore 9479b56722 Island: Subscribe ICredentialsRepository to CLEAR_SIMULATION_DATA 2022-09-13 11:07:35 +02:00
Mike Salvatore 745027bf93 Island: Wrap island event handler setup in separate function 2022-09-13 11:07:35 +02:00
Mike Salvatore 7f29e0342d Island: Use interface instead of concrete in island_event_handlers 2022-09-13 11:07:35 +02:00
Mike Salvatore ba724db969 Island: Publish IslandEventTopic.CLEAR_SIMULATION_DATA from resource 2022-09-13 11:07:35 +02:00
Mike Salvatore 2c750acc7a Island: Return 204 No Content from ClearSimulationData POST 2022-09-13 11:07:35 +02:00
ilija-lazoroski e0fb651c69
Merge pull request #2276 from guardicore/2234-refactor-reset-agent-config
2234 refactor reset agent config
2022-09-13 10:55:47 +02:00
Ilija Lazoroski afa6c6b159 Island: Rename event_queue to island_event_queue 2022-09-13 10:44:52 +02:00
Ilija Lazoroski 2bfb85a652 UT: Add typehints to test_reset_agent_configuration 2022-09-13 09:33:48 +02:00
Ilija Lazoroski 599c753cf7 Island: Add docstrings to reset_agent_configuration event handler 2022-09-13 09:31:38 +02:00
Mike Salvatore 70978f9b30 Merge branch '2216-find-servers-concurrently' into 2216-fix-connection-issues 2022-09-12 16:49:07 -04:00
Kekoa Kaaikala 3dd2052dc5 Agent: Add debug logging to TCPRelay 2022-09-12 20:45:37 +00:00
Mike Salvatore c532cdec72 Agent: Detect closed socket in SocketsPipe
When a socket is closed, select.select() returns the socket in the
read_list. A closed socket can be detected by attempting to read from
it. If 0 data is read, then the socket is closed.

See below for more details:
> If a socket is in the output readable list, you can be
  as-close-to-certain-as-we-ever-get-in-this-business that a recv on
  that socket will return something.
https://docs.python.org/3/howto/sockets.html#non-blocking-sockets
https://stackoverflow.com/questions/17386487/python-detect-when-a-socket-disconnects-for-any-reason
https://stackoverflow.com/questions/17705239/is-there-a-way-to-detect-that-tcp-socket-has-been-closed-by-the-remote-peer-wit
2022-09-12 16:35:36 -04:00
Mike Salvatore fe954bb659 Agent: Call pipe.start(), not run()
run() blocks, start() starts the run method on a different thread.
2022-09-12 16:31:03 -04:00
Mike Salvatore 9002c47d56 Agent: Add a timeout on TCPPipeSpawner dest socket 2022-09-12 16:29:19 -04:00
Mike Salvatore 77c97062eb Agent: Wrap relay stop logic in a method 2022-09-12 14:53:19 -04:00
Mike Salvatore 27cb2009fc Agent: Let relay run indefinitely if user hasn't forced a stop 2022-09-12 14:46:42 -04:00
Mike Salvatore ea47fc326a Island: Remove extra newline from server_setup.py 2022-09-12 14:15:08 -04:00
Mike Salvatore 0e112cc31a Island: Wire up event handlers before starting the island server
_start_island_server() blocks, so event handlers need to be
wired/subscribed before the server starts.
2022-09-12 14:12:30 -04:00
Mike Salvatore ecab1be70e Island: Change IslandEventTopic definition from dynamic to static
My code completion tool doesn't play well with dynamically defined
Enums.
2022-09-12 13:35:47 -04:00
Mike Salvatore 8b49554cb5 Island: Add island_event_handlers package 2022-09-12 12:00:05 -04:00
Mike Salvatore 3e67f5696c Island: Move setup_island_event_handlers to monkey_island.cc.setup 2022-09-12 11:56:34 -04:00
Mike Salvatore c02f87add0 Merge branch '2234-extract-network-utils-from-services' into 2234-refactor-reset-agent-config 2022-09-12 11:53:19 -04:00
Mike Salvatore ad3dd6ba36 Island: Move network_utils from services/ -> server_utils/ 2022-09-12 11:52:53 -04:00
Mike Salvatore 285e6aaa35 Island: Remove disused local_ips() functions 2022-09-12 11:48:36 -04:00
Mike Salvatore 4bc9f735be Island: Rename setup_island_event_{subscribers,handlers} 2022-09-12 11:25:58 -04:00
Mike Salvatore fd7a00a225 Island: Rename subscribe_to_topics() -> setup_island_event_subscribers() 2022-09-12 11:20:17 -04:00
vakaris_zilius c2c2993ff7 Agent: Fix a bug(peeking socket consumes data)
sock.recv takes two parameters instead of one
2022-09-12 15:01:21 +00:00
Mike Salvatore a01785838d Agent: Pass keep_tunnel_open timeout as new_client_timeout 2022-09-12 10:24:26 -04:00
Mike Salvatore 67893b7825 Agent: Find/check island servers concurrently 2022-09-12 10:16:54 -04:00
Mike Salvatore a9edbb2874 Agent: Add ThreadSafeIterator 2022-09-12 10:16:51 -04:00
Ilija Lazoroski 0ca13eb93d Island: Add subscribe_to_topics on server setup 2022-09-12 15:59:58 +02:00
Ilija Lazoroski b834bfe7f7 Island: Publish RESET_AGENT_CONFIGURATION from endpoint 2022-09-12 15:22:09 +02:00
Mike Salvatore 191ee1a5f9 Agent: Change order of spawn pipe and add relay user
If we were unsuccessful in starting the pipe, we don't want to sit
around and wait for a relay user to connect.
2022-09-12 08:12:17 -04:00
vakarisz 7ff61423dc Agent: Log uncaught errors in tcp_connection_handler.py thread
If there's an uncaught error in the thread, the error won't propagate to the caller and we wouldn't know what went wrong from the logs. This fixes things and all uncaught errors get logged
2022-09-12 12:02:34 +00:00
Kekoa Kaaikala 9ff92d2128 Agent: Fix ident not available in constructor 2022-09-12 11:59:22 +00:00
Kekoa Kaaikala 756bfe488b Agent: Provide address as string to connect() 2022-09-12 11:59:22 +00:00
Ilija Lazoroski f9b1c5ebd2 Island: Export reset_agent_configuration from __init__ 2022-09-12 13:21:52 +02:00
Ilija Lazoroski e50b034324 Island: Create callable reset_agent_configuration class 2022-09-12 13:21:44 +02:00
Mike Salvatore bc769ee6b8 Common: Define del_key() in terms of MutableMapping.pop() 2022-09-11 22:59:58 -04:00
vakarisz c756c7ace2 BB: Add tunneling test diagrams 2022-09-09 17:51:37 +03:00
vakarisz 46152c0cd2 Island, Agent: Update pydantic to 1.10
Without this update SecretStr is of an unhashable type
2022-09-09 17:04:47 +03:00
Ilija Lazoroski e690eb7c61 Project: Lock the windows pipenv version to 2022.7.4 2022-09-09 09:16:45 -04:00
Ilija Lazoroski a4b6e2157b Agent: Cast cmd_island_port to int 2022-09-09 14:28:14 +02:00
Ilija Lazoroski 2b4b462c1a Agent: Relock Pipfile 2022-09-09 08:23:00 -04:00
Ilija Lazoroski 867a3a83e7 Agent: Use get_plaintext in SSHExploiter login with password 2022-09-09 08:22:56 -04:00
Ilija Lazoroski 6171b66282 Agent: Fix SSHCollector to publish list of Credentials
Previously it was publish list of lists of Credentials
2022-09-09 08:22:53 -04:00
Kekoa Kaaikala 093e2c79dc Agent: Add relay to servers list for exploited hosts 2022-09-09 08:19:56 -04:00
Mike Salvatore 20649b5e3c Merge pull request #2263 from guardicore/2216-remove-unused-code
2216 remove unused code
2022-09-09 08:19:56 -04:00
Mike Salvatore 0246f6b981 Agent: Convert _cmd_island_port to int in one place 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala 4a2297b097 Island: Remove TunnelTelem 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala 3516fa1fec Agent: Fix: Pass port as int 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala cb45cd8873 Agent: Remove TunnelTelem 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala d335c4081a Agent: Fix TCPRelay missing _interrupted member 2022-09-09 08:19:56 -04:00
Shreya Malviya 7530a89152 Agent: Remove usage of proxies 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala 6051cfa29a Agent: Fix log call exhausting iterator 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala 1c805184fe Agent: Remove unused proxy classes 2022-09-09 08:19:56 -04:00
Mike Salvatore 2fadfd1b31 Merge pull request #2257 from guardicore/2216-notify-relay-when-finished
2216 notify relay when finished
2022-09-09 08:19:56 -04:00
Kekoa Kaaikala d7cabc2f5e Agent: Get rid of default_tunnel 2022-09-09 08:19:56 -04:00
Mike Salvatore 1d58ce36e7 Agent: Use a finally clause to ensure singleton is always unlocked 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala dcb77d6285 Agent: Remove MonkeyTunnel 2022-09-09 08:19:56 -04:00
Kekoa Kaaikala 6c2cab9950 Agent: Disconnect from upstream relay 2022-09-09 08:19:41 -04:00
Kekoa Kaaikala baeb0c9460 Agent: Add function to disconnect from relay 2022-09-09 08:18:17 -04:00
Mike Salvatore 5366bba389 Merge branch '2216-modify-controlclient-find-server' into 2216-tcp-relay
PR #2250
2022-09-09 08:18:14 -04:00
Mike Salvatore f3ff4176b2 Merge pull request #2251 from guardicore/2216-use-tcprelay-in-agent
2216 use tcprelay in agent
2022-09-09 08:13:02 -04:00
Shreya Malviya e1759a7906 UT: Simplify parametrize logic in test_find_server() 2022-09-09 08:13:02 -04:00
Mike Salvatore 9f5aa5a055 Agent: Drop DEFAULT_DISCONNECT_TIMEOUT to 2 minutes
Agents should be sending data back to the island very frequently. 2
minutes should be plenty.

Consider adding a heartbeat and reducing this timeout further.
2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 0398b31ece Agent: Use set in get_free_tcp_port() 2022-09-09 08:13:02 -04:00
Shreya Malviya fac179bbda UT: Simplify test logic in test_find_server() 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 0b27e12b0f Merge pull request #2249 from guardicore/2216-wait-for-relay-users-to-disconnect
Agent: Wait for relay users to disconnect
2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 33da121465 Agent: Use 'relay_port' for relay local port 2022-09-09 08:13:02 -04:00
Shreya Malviya 45d1cc78c1 UT: Use requests_mock in test_find_server 2022-09-09 08:13:02 -04:00
Mike Salvatore 5a83401a02 Agent: Add RelayUserHandler._remove_expired_users() 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala b74c42ff07 Agent: Add join timeout for the relay thread 2022-09-09 08:13:02 -04:00
Shreya Malviya 451d2d0694 UT: Use RELAY_CONTROL_MESSAGE_REMOVE_FROM_WAITLIST in place of RELAY_CONTROL_MESSAGE 2022-09-09 08:13:02 -04:00
Mike Salvatore e2736a9273 Agent: Lock RelayUserHandler.has_*_users() 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 33aac19831 Agent: Try well-known ports before other ports 2022-09-09 08:13:02 -04:00
Shreya Malviya aa1c31efb2 Agent: Rename RELAY_CONTROL_MESSAGE -> RELAY_CONTROL_MESSAGE_REMOVE_FROM_WAITLIST 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 90dcb0a91e Agent: Wait for relay users to disconnect 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 4c795343d0 Agent: Fix maximum_depth_reached() 2022-09-09 08:13:02 -04:00
Shreya Malviya cb4af415c1 Agent: Rename _open_socket_to_server -> _send_remove_from_waitlist_control_message_to_relay 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 526139bef1 Agent: Remove connect() 2022-09-09 08:13:02 -04:00
Shreya Malviya 7661027c6c Agent: Don't catch TimeoutError in _open_socket_to_server() since OSError is already being caught 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 28f555498f Agent: No need to check relay existence 2022-09-09 08:13:02 -04:00
Shreya Malviya 6bfe6bc79d Common: Rename SendControlRelayMessageThread -> SendRemoveFromWaitlistControlMessageToRelaysThread 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala aac0bfe90b Agent: Use addres_to_ip_port in connect() 2022-09-09 08:13:02 -04:00
Shreya Malviya 78d32053a2 Agent: Rename send_relay_control_message -> send_remove_from_waitlist_control_message_to_relays 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala f212425842 Agent: Pass server list to connect() 2022-09-09 08:13:02 -04:00
Shreya Malviya f436bf7b8c Agent: Remove irrelevant comment from InfectionMonkey._get_server() 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala bbdc378a0d Agent: Hand TCPRelay build it's own dependencies 2022-09-09 08:13:02 -04:00
Shreya Malviya fb1554840a Agent: Fix log message in InfectionMonkey._get_server() 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 5c7c54e450 Agent: Use timeout in build_tcprelay_deps() 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 6ee15e22b8 Agent: Rework call of find_server in monkey.py 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 732751f007 Project: Fix vulture warnings 2022-09-09 08:13:02 -04:00
Ilija Lazoroski b89ba06fd1 UT: Rename test_find_server__no_available_relays to test_find_server 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala 2fd99318ba Agent: Replace MonkeyTunnel with TCPRelay 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 20172230f1 Agent: Rework send_control_relay_message a bit 2022-09-09 08:13:02 -04:00
Kekoa Kaaikala a0f566ef49 Agent: Add network utilities for connections 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 60f9aa6a4e Agent: Rework relay.utils.find_server a bit 2022-09-09 08:13:02 -04:00
Ilija Lazoroski e539495545 Agent: Find server and send control relay message to all other servers 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 65226d5a9c UT: Move test_find_server under network.relay.utils 2022-09-09 08:13:02 -04:00
Ilija Lazoroski bb2b4aaf6c Agent: Separate responsibilites in network.relay.utils.find_server 2022-09-09 08:13:02 -04:00
Shreya Malviya c6c6cf1e79 Agent: Add TODO about variable naming in `InfectionMonkey` 2022-09-09 08:13:02 -04:00
Shreya Malviya 94dc8cf377 Agent: Use `find_servers` to pass valid server to `ControlClient` 2022-09-09 08:13:02 -04:00
Shreya Malviya 18659b654f Agent: Return server to connect to or None from `find_server` 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 789d6b8441 Agent: Move ControlClient.find_server in network/relay/utls.py 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 178b296f75 Agent: Use iterator in ControlClient.find_server 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 02a919123b Agent: Remove thread join in find_server 2022-09-09 08:13:02 -04:00
Shreya Malviya cd91b3e42a UT: Rename RequestsGetArgument -> MockRequestsGetResponsePerServerArgument 2022-09-09 08:13:02 -04:00
Shreya Malviya 0239a1be6b UT: Simplify test logic in test_control_find_server__control_message_sent_to_necessary_relays 2022-09-09 08:13:02 -04:00
Shreya Malviya 47f838cf9f UT: Rename test_control_find_server_socket -> test_control_find_server__control_message_sent_to_necessary_relays 2022-09-09 08:13:02 -04:00
Shreya Malviya f847757a9a UT: Rename test_control_find_server_any_exception -> test_control_find_server__no_available_relays 2022-09-09 08:13:02 -04:00
Shreya Malviya a39917d9aa UT: Fix test_control_find_server_socket to check call parameters 2022-09-09 08:13:02 -04:00
Ilija Lazoroski 804bd4eadb Agent: Modify find_server to accept list of servers 2022-09-09 08:13:02 -04:00
Ilija Lazoroski ac058c7788 Agent: Add TODO to rework address_to_ip_port to use list of servers 2022-09-09 08:13:02 -04:00
Mike Salvatore 4bff110f35 Merge branch '2216-add-tcprelay' into tcp-relay
PR #2231
2022-09-09 08:12:50 -04:00
Mike Salvatore ee262778de Merge pull request #2243 from guardicore/2216-pass-servers-to-exploiters
2216 pass servers to exploiters
2022-09-09 08:07:24 -04:00
Mike Salvatore f16f111543 Merge pull request #2242 from guardicore/2216-modify-agent-build-commands
2216 modify agent build commands
2022-09-09 08:07:24 -04:00
Ilija Lazoroski 4fca8ccf5d UT: Fix credentials passed to exploiter test 2022-09-09 08:07:24 -04:00
Mike Salvatore 579616dd91 Merge pull request #2241 from guardicore/2216-modify-agent-command-line-arguments
Agent: Modify command line arguments to accept list of servers
2022-09-09 08:07:24 -04:00
Ilija Lazoroski 067d50f3c4 Agent: Modify agent build command line to accept list of servers 2022-09-09 08:07:24 -04:00
Ilija Lazoroski f93125f671 Agent: Pass servers when running exploits in Puppet 2022-09-09 08:07:24 -04:00
Ilija Lazoroski e842c45e42 Agent: Add list of servers to dropper 2022-09-09 08:07:24 -04:00
Ilija Lazoroski ddc4f4d836 Agent: Remove tunnel from aget build command functions 2022-09-09 08:07:24 -04:00
Ilija Lazoroski c51217507a Agent: Pass servers to exploit_host in ExploiterWrapper.Inner 2022-09-09 08:07:24 -04:00
Ilija Lazoroski 33f20c7da0 Agent: Remove tunnel argument from dropper 2022-09-09 08:07:24 -04:00
Ilija Lazoroski 4ad2c35c94 UT: Remove tunnel from build_monkey_commandline 2022-09-09 08:07:24 -04:00
Ilija Lazoroski 8fc0d52b8b Agent: Pass list of servers in HostExploiter.exploit_host 2022-09-09 08:07:24 -04:00
Ilija Lazoroski 0f73cc91f2 Changelog: Add entry for changing "-s/--server" to "-s/--servers" 2022-09-09 08:07:24 -04:00
Ilija Lazoroski b2f0b54d37 Agent: Add list of server when propagating 2022-09-09 08:07:24 -04:00
Mike Salvatore 1776b3b0b7 Agent: Modify exception message when server connection fails 2022-09-09 08:07:24 -04:00
Ilija Lazoroski f104f31dcd Agent: Pass list of servers to Exploiter.exploit_hosts 2022-09-09 08:07:24 -04:00
Ilija Lazoroski c9a9367dd1 Changelog: Change -s/--servers to accept list of servers 2022-09-09 08:07:24 -04:00
Ilija Lazoroski 8b2107d197 Agent: Accept list of servers in AutomatedMaster 2022-09-09 08:07:24 -04:00
Ilija Lazoroski c44a0406ee Changelog: Add entry for removing -t/--tunnel from agent command line arguments 2022-09-09 08:07:24 -04:00
Ilija Lazoroski a79b579cdc Agent: Construct AutomatedMaster with list of servers 2022-09-09 08:07:24 -04:00
Ilija Lazoroski ba187ed830 Agent: Modify command line arguments to accept list of servers
Removes tunnel argument
2022-09-09 08:07:24 -04:00
Ilija Lazoroski e6b0e43580 UT: Fix Powershell unit tests to accept list of servers 2022-09-09 08:07:24 -04:00
Ilija Lazoroski 42de7140f3 Agent: Modify exploiters to use list of servers 2022-09-09 08:07:24 -04:00
Ilija Lazoroski 95ea5e481e Agent: Accept list of servers in HostExploiter 2022-09-09 08:07:24 -04:00
Ilija Lazoroski e4d49f5a12 Agent: Add servers list to ExploiterWrapper 2022-09-09 08:07:24 -04:00
vakarisz 72c76319d1 BB: Move tunneling to depth 4a test suite 2022-09-08 16:58:14 +03:00
vakarisz b6588925e2 BB: Add tunneling-13 machine 2022-09-08 16:56:32 +03:00
Mike Salvatore d009bc458c Island: Import TypeAlias from typing_extensions in node.py 2022-09-07 11:15:07 -04:00
Mike Salvatore fa8a72dc86 Island: Remove unused import from node.py 2022-09-07 11:13:06 -04:00
Mike Salvatore 0310c737d7 UT: Remove unused imports from test_node.py 2022-09-07 11:12:30 -04:00
Mike Salvatore 588b740970
Merge pull request #2253 from guardicore/2217-remove-marshmallow
2217 remove marshmallow
2022-09-07 10:57:29 -04:00
Mike Salvatore 68bc73d86a Merge branch 'i-node-repository' into develop 2022-09-07 10:25:00 -04:00
Mike Salvatore 4e4e4cf97d Island: Export INodeRepository from monkey_island.cc.repository 2022-09-07 10:22:54 -04:00
Mike Salvatore 5f874356b1 Island: Remove INetworkMapRepository
Replaced by monkey_island.cc.models.Node and INodeRepository
2022-09-07 10:22:54 -04:00
Mike Salvatore 8c69780f4e Island: Add INodeRepository 2022-09-07 10:22:54 -04:00
Mike Salvatore 35ecdb11ab Island: Add docstrings to Node model 2022-09-07 10:22:52 -04:00
Mike Salvatore 094a0b1a8d Island: Use Mapping for tracking node connections 2022-09-07 10:21:51 -04:00
VakarisZ 6891c82a46
Merge pull request #2252 from guardicore/2217-remove-unused-code
2217 remove unused code
2022-09-07 16:58:42 +03:00
vakaris_zilius f0b50b254e Island: Refactor simulation to use pydantic 2022-09-07 13:48:19 +00:00
Ilija Lazoroski 6fe501195b Island: Remove marshmallow-enum from Pipfile 2022-09-07 15:33:09 +02:00
Ilija Lazoroski 6fb77694ef Island: Remove marshmallow from Pipfile 2022-09-07 15:31:51 +02:00
Ilija Lazoroski 62982459b0 Agent: Remove marshmallow-enum from Pipfile 2022-09-07 15:30:17 +02:00
Ilija Lazoroski 8aad9701cd Agent: Remove marshmallow for Pipfile 2022-09-07 15:28:18 +02:00
vakaris_zilius 895de8c720 Common: Delete IJSONSerializable.py
This interface is no longer used (replaced by pydantic objects)
2022-09-07 13:19:39 +00:00
vakaris_zilius b7e6435ced UI: Delete InternalConfig.js
This is no longer used, advanced tab only contains a couple of fields now
2022-09-07 13:17:01 +00:00
vakaris_zilius c73fe7a3a9 Island: Remove unused CustomJSONEncoder
This is replaced by APIEncoder in representations.py
2022-09-07 13:16:57 +00:00
Mike Salvatore d39d6ea10f
Merge pull request #2240 from guardicore/2217-pydantic-credentials
2217 pydantic credentials
2022-09-07 09:10:56 -04:00
vakaris_zilius d7dde14cae Agent, Island: Update pydantic version to 1.10.2 from 1.9.2 2022-09-07 13:01:46 +00:00
vakaris_zilius adca1683c8 UI: Improve style in ReformatHook.js 2022-09-07 13:01:46 +00:00
Mike Salvatore 1fc0718554 Agent: Use isinstance() to check if identity is Username 2022-09-07 07:50:39 -04:00
vakaris_zilius c8f131e6b0 Common: Small style improvements in credentials.py 2022-09-07 11:48:34 +00:00
vakaris_zilius 5608bb3f11 Common, Agent: Rename get_plain_text to get_plaintext 2022-09-07 11:48:34 +00:00
vakaris_zilius 6e254c71d7 Common: Fix failing UT and add more for get_plain_text 2022-09-07 11:48:34 +00:00
vakaris_zilius dc8e644bc5 UT: Fix some of powershell UT's 2022-09-07 11:48:33 +00:00
vakaris_zilius ece4d9383e Agent, Common: Refactor pydantic credentials to use SecretStr 2022-09-07 11:48:33 +00:00
Mike Salvatore 17e3b3d205 UT: Add `simplify=True` to Credentials serialization 2022-09-07 11:48:33 +00:00
Mike Salvatore 646b3a1b46 BB: Add `simplify=True` to Credentials serialization 2022-09-07 11:48:33 +00:00
Mike Salvatore 8fd226cd23 UT: Add safety test since we will switch to pydantic.SecretType 2022-09-07 11:48:33 +00:00
vakaris_zilius b08097b131 Island, Common: Small style improvements 2022-09-07 11:48:33 +00:00
vakaris_zilius 16a59a3f5a UT: Fix typehint in credentials conftest.py 2022-09-07 11:48:33 +00:00
vakaris_zilius 233090942a Agent: Use issintance instead of type comparison in credential repo 2022-09-07 11:48:32 +00:00
vakaris_zilius 792895a25c UI: Improve the naming/handling of credential types in the UI 2022-09-07 11:48:32 +00:00
vakaris_zilius 9fb2804202 Agent: Use SecretStr and SecretBytes instead of SecretField
SecretField is a base type for secrets, but it doesn't seem to be exported. When the agent is ran, this import fails
2022-09-07 11:48:32 +00:00
vakaris_zilius 472ca382f1 Island, BB: Fix credential conversion to dict bugs 2022-09-07 11:48:32 +00:00
vakaris_zilius e5574240e9 Island, Agent: Change json encryptors to handle pydantic models 2022-09-07 11:48:32 +00:00
vakaris_zilius 7dba3c4fed UI: Remove duplicate credentials from report 2022-09-07 11:48:31 +00:00
vakaris_zilius 9cc11f6a09 Island: Remove misleading comment 2022-09-07 11:48:31 +00:00
vakaris_zilius f1b8ad373b Island: Fix bug in credentials_parser.py 2022-09-07 11:48:31 +00:00
vakaris_zilius ed24108bfa Project: Add temporary IJSONSerializable ignore 2022-09-07 11:48:28 +00:00
vakaris_zilius d347521a29 Island, Agent: Fix bugs in credential object creation 2022-09-07 11:47:56 +00:00
vakarisz 7149c704a2 Island, Agent: Fix credential parsing to match pydantic syntax 2022-09-07 11:47:56 +00:00
vakarisz d73cbee591 Agent, Island: Use pydantic credentials and methods
Since the interface of credential serialization changed, code was modified to use the new interface
2022-09-07 11:47:56 +00:00
vakarisz f018b85f56 UT: Add nt/lm hash unit test and data 2022-09-07 11:47:55 +00:00
vakarisz 12bc514a92 Agent: Remove unused ransomware directory 2022-09-07 11:47:55 +00:00
vakarisz f868f03ea7 Common: Refactor credentials from marshmallow to pydantic 2022-09-07 11:47:53 +00:00
vakarisz 3ac60988a8 Common: Replace credentials dataclasses with pydantic dataclasses
For pydantic to work properly, the models need to either use pydantic version of dataclass or inherit BaseModel, but not both. https://pydantic-docs.helpmanual.io/usage/dataclasses/
2022-09-07 11:46:38 +00:00
Kekoa Kaaikala 1e0b26af8b Agent: Add docstring to SocketsPipe 2022-09-06 19:55:25 +00:00
Kekoa Kaaikala 7ebc403029 Agent: Add docstrings to RelayConnectionHandler 2022-09-06 19:54:53 +00:00
Mike Salvatore 5972f87391
Merge pull request #2245 from guardicore/2233-island-event-queue
Add IIslandEventQueue
2022-09-06 15:34:49 -04:00
Kekoa Kaaikala efac1dae98 Agent: Pass correct type to add_potential_user() 2022-09-06 19:33:03 +00:00
Kekoa Kaaikala bdc8de026e Agent: Move TCPRelay into network.relay package 2022-09-06 19:26:26 +00:00
Kekoa Kaaikala 813c5f9d3b Agent: Clarify exceptions in SocketsPipe._pipe() 2022-09-06 19:16:49 +00:00
Mike Salvatore 205848f2a5 Project: Remove PyPubSubIslandEventQueue from vulture_allowlist.py 2022-09-06 15:13:35 -04:00
Mike Salvatore 166588d00d Project: Remove PyPubSubAgentEventQueue from vulture_allowlist.py 2022-09-06 15:12:37 -04:00
Mike Salvatore aee4887b64 Island: Fix island event queue import 2022-09-06 15:11:02 -04:00
Mike Salvatore 84aa993a8b Island: Improve `event` docstring in IIslandEventQueue 2022-09-06 15:08:50 -04:00
Mike Salvatore 01ff1711c6
Merge pull request #2246 from guardicore/2233-pypubsubislandeventqueue
Add PyPubSubIslandEventQueue
2022-09-06 15:06:08 -04:00
Mike Salvatore 4e4331c5c3 Common: s/event/kwargs in PyPubSubPublisherWrapper comment 2022-09-06 15:05:29 -04:00
Mike Salvatore 1036189fcc Island: Rename _pypubsub_publisher_wrappe{d,r} 2022-09-06 15:01:10 -04:00
Mike Salvatore b16d19e0ed Common: Rename _pypubsub_publisher_wrappe{d,r} 2022-09-06 15:00:24 -04:00
Mike Salvatore 76fe0be990 Agent: Address addr type TODO in RelayConnectionHandler 2022-09-06 14:54:13 -04:00
Mike Salvatore 1cd544e227 Agent: Call mixin constructor in TCPConnectionHandler 2022-09-06 14:50:42 -04:00
Mike Salvatore 7edb15d825 Agent: Fix host/port initialization in TCPConnectionHandler 2022-09-06 14:43:23 -04:00
Mike Salvatore 17356ca079 Agent: Fix del_key() import in relay_user_handler.py 2022-09-06 14:42:53 -04:00
Mike Salvatore 017aabe8f7 Agent: Change relay__user_handler.DEFAULT_NEW_CLIENT_TIMEOUT 2022-09-06 14:35:49 -04:00
Kekoa Kaaikala 65f4edc625 Agent: Add InterruptableThreadMixin 2022-09-06 18:30:41 +00:00
Kekoa Kaaikala 066947c59f Agent: Remove closed pipes from TCPPipeSpawner 2022-09-06 18:04:56 +00:00
Mike Salvatore 83cc5fc336 Agent: Fix Pipfile.lock
`pipenv install` was run on Linux without `--keep-outdated`, which
removed Windows-only dependencies. This commit fixes that.
2022-09-06 14:03:36 -04:00
Mike Salvatore 377bb293fe UT: Use `self` instead of class name 2022-09-06 13:00:41 -04:00
Mike Salvatore 59c58b3115 UT: Replace fn() with SubscriberSpy callable 2022-09-06 12:59:22 -04:00
Mike Salvatore e1e119c27a Common: Add missing type hint for PyPubSubPublisherWrapper._refs 2022-09-06 12:57:24 -04:00
Mike Salvatore ba52eae8ed Common: Decouple PyPubSubPublisherWrapper from events 2022-09-06 12:56:49 -04:00
Kekoa Kaaikala c601f2214a Agent: Use del_key instead of del 2022-09-06 16:39:41 +00:00
Kekoa Kaaikala 14de4db9fa UT: Use more specific assert in test_connection_spawns_pipe 2022-09-06 16:25:37 +00:00
Kekoa Kaaikala c021d54c05 Agent: Reduce relay shutdown responsiveness 2022-09-06 14:57:10 +00:00
Kekoa Kaaikala e438a8b9c7 Agent: Use EggTimer 2022-09-06 14:41:17 +00:00
Kekoa Kaaikala 3ad96a7e6b Agent: Simplify RELAY_CONTROL_MESSAGE import 2022-09-06 14:21:07 +00:00
Kekoa Kaaikala b5345a38d9 Agent: Rename TCPConnectionHandler parameters
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2022-09-06 14:20:11 +00:00
Mike Salvatore a74266464b
Merge pull request #2247 from guardicore/2217-fix-bb-tests
2217 fix bb tests
2022-09-06 10:14:37 -04:00
Shreya Malviya c16c6456aa Island: Remove unneeded comments from PyPubSubIslandEventQueue 2022-09-06 19:41:59 +05:30
Shreya Malviya 69813f8cd4 Common: Add explanatory comments about pypubsub's internal working in PyPubSubPublisherWrapper 2022-09-06 19:41:42 +05:30
Mike Salvatore ce6d5cc705 BB: Add contained type to _propagation_credentials type hint 2022-09-06 10:10:08 -04:00
Shreya Malviya 70468c37fb Island: Use PyPubSubPublisherWrapper in PyPubSubIslandEventQueue 2022-09-06 19:38:48 +05:30
Shreya Malviya 3c71211b79 Common: Use PyPubSubPublisherWrapper in PyPubSubAgentEventQueue 2022-09-06 19:38:16 +05:30
Shreya Malviya 3cf332a079 Common: Add PyPubSubPublisherWrapper 2022-09-06 19:37:35 +05:30
Kekoa Kaaikala d7398e1014 Agent: Move keep_connection into the run() method 2022-09-06 14:03:17 +00:00
Ilija Lazoroski eee6291a3e BB: Set deep copy when copying agent_configuration 2022-09-06 15:49:02 +02:00
Ilija Lazoroski b5bd0532b7 BB: Fix type annotation in noop_test_configuration 2022-09-06 15:41:54 +02:00
Shreya Malviya 38c6d53cc5 UT: Move test_pypubsub_island_event_queue.py out of common/ and in to monkey_island/ 2022-09-06 19:05:50 +05:30
Shreya Malviya 8f35a43591 Project: Fix import path in Vulture allowlist 2022-09-06 19:05:14 +05:30
Shreya Malviya f2e7a3d66f Island: Add Island event queue stuff to monkey_island/ 2022-09-06 19:05:09 +05:30
Shreya Malviya 502a875fdd Common: Move Island event queue stuff out of common/ 2022-09-06 19:04:41 +05:30
Kekoa Kaaikala 333e587aab Agent: Use is_set() of threading.Event 2022-09-06 13:20:19 +00:00
Kekoa Kaaikala 906edf3662 Agent: Remove unneccessary call in SocketsPipe 2022-09-06 12:52:00 +00:00
Kekoa Kaaikala 311807cf31 Agent: Update RelayUserHandler docstrings 2022-09-06 12:48:19 +00:00
Shreya Malviya 5da8b424b5 UT: Use IslandEventTopic enum's names for pypubsub topics 2022-09-06 18:13:25 +05:30
Shreya Malviya 004337583a Common: Use IslandEventTopic enum's names for pypubsub topics 2022-09-06 18:11:08 +05:30
Shreya Malviya 1a09f26fd9 Common: Modify IslandEventTopic enum to not have values 2022-09-06 18:07:25 +05:30
Mike Salvatore e7aca8326e Island: Remove CC_TUNNEL from CommunicationType
This is no longer needed after #2216.
2022-09-06 08:34:14 -04:00
Mike Salvatore b33fd7f436 Island: Add ConnectionTarget TypeAlias 2022-09-06 08:33:49 -04:00
Shreya Malviya 27c8a1019b Island: Register IIslandEventQueue instance in DI container 2022-09-06 17:59:17 +05:30
Kekoa Kaaikala 7a7ea96dbb Agent: Set daemon thread in superclass constructor 2022-09-06 12:27:07 +00:00
Shreya Malviya 237f6d01b6 UT: Add tests for PyPubSubIslandEventQueue 2022-09-06 17:53:36 +05:30
Shreya Malviya 71c7a9a533 Common: Change parameter name event_data -> event in Island event queue 2022-09-06 17:47:01 +05:30
Kekoa Kaaikala 483bd943bd Agent: Rename tcp.py to sockets_pipe.py 2022-09-06 12:14:52 +00:00
vakaris_zilius 3b2954ec02 UI: Fix missing default brute-forcer options in config schema
If we don't provide default options in config schema AdvancedMultiSelect doesn't know what to reset it back to. Essentially we need two states, one for the actual value of configuration and one for the default. When we disable SMB, the SMB value with all it's options are deleted. When we enable it, we need to pull its options from somewhere.
2022-09-06 08:51:22 +00:00
Shreya Malviya 265e083571 UT: Rename test_pypubsub_event_queue.py -> test_pypubsub_agent_event_queue.py 2022-09-06 13:33:36 +05:30
Shreya Malviya ac2217ce8a Common: Add IslandEventSubecriber type 2022-09-06 13:30:45 +05:30
Shreya Malviya fb4bfb7be1 Project: Fix PyPubSubIslandEventQueue entries to Vulture allowlist 2022-09-06 13:25:59 +05:30
Shreya Malviya 342a4959b3 Common: Import PyPubSubIslandEventQueue in common/event_queue/__init__.py 2022-09-06 13:20:53 +05:30
Shreya Malviya 4219b6cbd4 Common: Rename IslandEventTopics -> IslandEventTopic 2022-09-06 13:19:53 +05:30
Shreya Malviya c9500cd04f Common: Add PyPubSubIslandEventQueue 2022-09-06 13:17:26 +05:30
Shreya Malviya 71e9f68fe6 Common: Fix IslandEventTopics enum values 2022-09-06 13:05:35 +05:30
Shreya Malviya 3dba1bc7d5 Common: Import IIslandEventQueue, IslandEventTopics in common/event_queue/__init__.py 2022-09-06 13:04:51 +05:30
Shreya Malviya eef72b245f UT: Use AgentEventSubscriber in place of EventSubscriber 2022-09-06 12:10:29 +05:30
Shreya Malviya 86018be736 Common: Rename EventSubscriber -> AgentEventSubscriber 2022-09-06 12:09:48 +05:30
Shreya Malviya 122e09426e Project: Add IIslandEventQueue entries to Vulture allowlist 2022-09-06 12:08:06 +05:30
Shreya Malviya f4a0b89e87 Common: Add IIslandEventQueue 2022-09-06 11:44:34 +05:30
Shreya Malviya 9bc4d8c241 Common: Fix docstring in IAgentEventQueue.publish 2022-09-06 11:44:10 +05:30
Mike Salvatore 6abcaa9bd6 Agent: Remove extra newline in RelayConnectionHandler 2022-09-05 20:03:17 -04:00
Shreya Malviya d6df50e323 Common: Make docstring in IAgentEventQueue more specific 2022-09-05 19:36:39 +05:30
Shreya Malviya e1e4b054cf Project: Use correct file path in Vulture allowlist 2022-09-05 19:30:32 +05:30
Shreya Malviya 612132a906 Common: Rename pypubsub_event_queue.py -> pypubsub_agent_event_queue.py 2022-09-05 19:30:28 +05:30
Shreya Malviya 21815291a0 Project: Use correct variable in Vulture allowlist 2022-09-05 19:29:37 +05:30
Shreya Malviya 331c11751f UT: Use PyPubSubAgentEventQueue in place of PyPubSubEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya de74b866bb Island: Rename PyPubSubEventQueue -> PyPubSubAgentEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya 5b7d3bfb70 Agent: Rename PyPubSubEventQueue -> PyPubSubAgentEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya a83446e0f2 Common: Rename PyPubSubEventQueue -> PyPubSubAgentEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya cb9200b3c0 Common: Rename i_event_queue.py -> i_agent_event_queue.py 2022-09-05 19:29:37 +05:30
Shreya Malviya e14c1ea5f3 Project: Use correct file path in Vulture allowlist 2022-09-05 19:29:37 +05:30
Shreya Malviya 28cf860aeb UT: Use IAgentEventQueue in place of IEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya acb049f1f1 Island: Rename IEventQueue -> IAgentEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya 74e17ef006 Agent: Rename IEventQueue -> IAgentEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya 903d43fe26 Common: Rename IEventQueue -> IAgentEventQueue 2022-09-05 19:29:37 +05:30
Shreya Malviya f577e48d72 UT: Use AbstractAgentEvent in place of AbstractEvent 2022-09-05 19:29:37 +05:30
Shreya Malviya ce43a46a9c Common: Rename abstract_event.py -> abstract_agent_event.py 2022-09-05 19:29:32 +05:30
Shreya Malviya 76cf34b5f0 Common: Rename AbstractEvent -> AbstractAgentEvent 2022-09-05 19:00:20 +05:30
Kekoa Kaaikala 5a8d8ccad5 Agent: Add name to SocketsPipe thread 2022-09-02 20:07:22 +00:00
Kekoa Kaaikala 72144faefc Agent: Update TCPRelay to separate responsbilities 2022-09-02 19:58:01 +00:00
Kekoa Kaaikala bbc9cf16e6 Agent: Add RelayConnectionHandler 2022-09-02 19:17:43 +00:00
Mike Salvatore de5da88c22
Merge pull request #2238 from guardicore/agent-repository
Agent repository
2022-09-02 15:04:16 -04:00
Kekoa Kaaikala b179f602c4 Agent: Give TCPConnectionHandler thread a name 2022-09-02 15:05:19 +00:00
Mike Salvatore bfcab0f6d9 Agent: Make parent `None` for now
Fixes #2235
Fixes #2236
2022-09-02 08:12:23 -04:00
Shreya Malviya 3ced1d97d9
Merge pull request #2229 from guardicore/2217-pydantic-for-agent-configuration
Agent configuration with pydantic
2022-09-02 12:32:31 +05:30
Shreya Malviya 4017f094cf Project: Add entries to Vulture allowlist 2022-09-02 12:25:08 +05:30
Shreya Malviya c985337df0 BB: Fix configuration modification logic in all test configurations since TestConfiguration is a dataclass 2022-09-02 12:05:30 +05:30
Shreya Malviya daec8843af BB: Use positional arguments for PluginConfiguration object creation where missed in depth_1_a.py 2022-09-02 12:05:30 +05:30
Shreya Malviya 6cf62d48cb BB: Use `replace_agent_configuration()` and `replace_propagation_credentials()` for all test configuration modifications 2022-09-02 12:05:30 +05:30
Shreya Malviya 2352bb0d5e BB: Fix configuration modification logic in zerologon.py 2022-09-02 12:05:30 +05:30
Shreya Malviya ad6449507d BB: Fix configuration modification logic in wmi_mimikatz.py 2022-09-02 12:05:30 +05:30
Shreya Malviya a0d0f127f9 BB: Fix configuration modification logic in smb_pth.py 2022-09-02 12:05:30 +05:30
Shreya Malviya e564bd1072 BB: Fix configuration modification logic in powershell_credentials_reuse.py 2022-09-02 12:05:30 +05:30
Shreya Malviya 15fd1f9f72 BB: Fix configuration modification logic in depth_3_a.py 2022-09-02 12:05:30 +05:30
Shreya Malviya 0392cd5794 BB: Fix configuration modification logic in depth_2_a.py 2022-09-02 12:05:30 +05:30
Shreya Malviya a2b8338ac7 BB: Fix configuration modification logic in depth_1_a.py 2022-09-02 12:05:30 +05:30
Shreya Malviya 1abf2b7f03 BB: Add `simplify=True` when converting test agent configuration to dict in MonkeyIslandClient 2022-09-02 12:05:30 +05:30
Shreya Malviya 637023c568 BB: Create copy of agent configuration when updating it for different tests 2022-09-02 12:05:30 +05:30
Shreya Malviya 446524b5b8 BB: Use keyword arguments where missing in configuration objects' creation 2022-09-02 12:05:30 +05:30
Shreya Malviya c7ee48fff1 BB: Remove unneeded configuration replacing functions 2022-09-02 12:05:30 +05:30
Shreya Malviya a65415588f BB: Simplify logic in BB tests' configurations 2022-09-02 12:05:30 +05:30
Shreya Malviya ff52fbefe4 BB: Fix AgentConfiguration logic in MonkeyIslandClient 2022-09-02 12:05:30 +05:30
Shreya Malviya f841bc041b Agent: Fix AgentConfiguration object creation logic in ControlChannel.get_config() 2022-09-02 12:05:30 +05:30
Mike Salvatore 0f21ad2e09 Common: Allow 0 for keep_tunnel_open_time 2022-09-02 12:05:30 +05:30
Mike Salvatore 326d128be8 Common: Allow 0 for maximum_depth 2022-09-02 12:05:30 +05:30
Mike Salvatore 8d991f462f UT: Use kwargs instead of **dict in test_agent_configuration.py 2022-09-02 12:05:30 +05:30
Mike Salvatore 1444ce10c3 Common: Remove unneeded `import annotations` from agent_configuration 2022-09-02 12:05:30 +05:30
Shreya Malviya 46ee6de13e UT: Remove unneeded function `convert_all_lists_to_tuples_in_mapping()` 2022-09-02 12:05:30 +05:30
Shreya Malviya 9db1a19ad3 UT: Simplify assertion logic in common/agent_configuration/test_agent_configuration.py 2022-09-02 12:05:29 +05:30
Shreya Malviya 6460639f91 UT: Use `simplify=True` when converting configuration to dict 2022-09-02 12:05:29 +05:30
Shreya Malviya d5ee4c7f27 Island: Use `simplify=True` when converting configuration to dict 2022-09-02 12:05:29 +05:30
Shreya Malviya fa1620ebb9 UT: Add tests for checking that validators in ScanTargetConfiguration work 2022-09-02 12:05:29 +05:30
Shreya Malviya f7f0047868 UT: Simplify assertion logic in test_agent_configuration_endpoint 2022-09-02 12:05:29 +05:30
Shreya Malviya 5b1558ce53 Project: Include classes in Vulture allowlist 2022-09-02 12:05:29 +05:30
Shreya Malviya 6234263746 Island: Simplify configuration updating logic in PBAFileUpload 2022-09-02 12:05:29 +05:30
Shreya Malviya 4f599c3118 UT: Rename `convert_lists_to_tuples` -> `convert_all_lists_to_tuples_in_mapping` 2022-09-02 12:05:29 +05:30
Shreya Malviya 82d8f5bacd Island: Simplify JSON logic inFileAgentConfigurationRepository 2022-09-02 12:05:29 +05:30
Shreya Malviya eb207de919 UT: Convert lists to tuples before comparing values in configuration tests
Probably not the best way to do this
2022-09-02 12:05:29 +05:30
Shreya Malviya 1f77fd468a UT: Add function `convert_lists_to_tuples` to utils 2022-09-02 12:05:29 +05:30
Shreya Malviya 9b924c55b6 Common: Remove utils.InvalidConfigurationError 2022-09-02 12:05:29 +05:30
Shreya Malviya fe3706c0b4 Common: Remove agent_configuration.InvalidConfigurationError 2022-09-02 12:05:29 +05:30
Shreya Malviya dda79c0809 Common: Remove unneeded code for freezing lists to tuples 2022-09-02 12:05:29 +05:30
Shreya Malviya f11e2dc8a1 UT: Fix configuration logic to work with pydantic in `agent_configuration` fixture 2022-09-02 12:05:29 +05:30
Shreya Malviya 016cf80cdd UT: Fix AgentConfiguration object creation logic FileAgentConfigurationRepository tests 2022-09-02 12:05:29 +05:30
Shreya Malviya f4e3bc2a89 Island: Fix AgentConfiguration logic in FileAgentConfigurationRepository 2022-09-02 12:05:29 +05:30
Shreya Malviya a9a006a9fd Agent: Replace fields in configuration using pydantic syntax in PBA file upload resource 2022-09-02 12:05:29 +05:30
Shreya Malviya 163c54a8c3 Agent: Replace fields in configuration using pydantic syntax in propagator 2022-09-02 12:05:26 +05:30
Shreya Malviya 45c6fda8b2 UT: Use keyword arguments when using configurations 2022-09-02 12:05:08 +05:30
Shreya Malviya 2b11fde827 Agent: Use keyword arguments when using PluginConfiguration in Master 2022-09-02 12:05:08 +05:30
Shreya Malviya e68a5391c8 UT: Fix POST request in test_agent_configuration_endpoint to use new pydantic model AgentConfiguration 2022-09-02 12:05:08 +05:30
Shreya Malviya fe792ffc6f Island: Catch ValueError and TypeError instead of InvalidConfigurationError in resource AgentConfiguration's PUT 2022-09-02 12:05:08 +05:30
Shreya Malviya 433e154cd1 Island: Modify AgentConfiguration endpoint to use new pydantic model 2022-09-02 12:05:08 +05:30
Shreya Malviya c79b3c4497 UT: Check that ValueError is raised instead of marshmallow.ValidationError in configuration tests 2022-09-02 12:05:08 +05:30
Shreya Malviya a1b8bb24b4 Common: Raise ValueError instead of marshmallow.ValidationError in validators 2022-09-02 12:05:08 +05:30
Shreya Malviya b20ad194ff Common: Modify default configurations to work with new pydantic models 2022-09-02 12:05:08 +05:30
Shreya Malviya 96f213d4ee Project: Add pydantic validators to Vulture allowlist 2022-09-02 12:05:08 +05:30
Shreya Malviya 430885ebd4 UT: Fix new pydantic configuration class names 2022-09-02 12:05:08 +05:30
Shreya Malviya 0d6e3809d7 Common: Rename all new pydantic configurations appropriately 2022-09-02 12:05:08 +05:30
Shreya Malviya 41e7cfb768 Common: Remove agent sub-configuration schemas 2022-09-02 12:05:08 +05:30
Shreya Malviya f2c9952685 Common: Remove old sub-configurations using marshmallow 2022-09-02 12:05:08 +05:30
Shreya Malviya 1311fd5d27 Common: Remove old AgentConfiguration using marshmallow 2022-09-02 12:05:08 +05:30
Shreya Malviya 6d29829808 UT: Modify tests to use new pydantic configurations
TODO: Fix error handling and some assertions (tuple/list stuff)
2022-09-02 12:05:08 +05:30
Shreya Malviya 275237c3f7 Common: Inherit from MutableInfectionMonkeyBaseModel where missing in new pydantic configurations 2022-09-02 12:05:08 +05:30
Shreya Malviya 2f05d22780 Common: Create AgentConfiguration using pydantic 2022-09-02 12:05:08 +05:30
Shreya Malviya b8914101a6 Common: Remove unused imports in agent_sub_configurations.py 2022-09-02 12:05:08 +05:30
Shreya Malviya 501f752248 Common: Create PropagationConfiguration using pydantic 2022-09-02 12:05:08 +05:30
Shreya Malviya 602604e408 Common: Create ExploitationConfiguration using pydantic 2022-09-02 12:05:08 +05:30
Shreya Malviya b74f90fe9b Common: Create ExploitationOptionsConfiguration using pydantic 2022-09-02 12:05:08 +05:30
Shreya Malviya 153c3e9b9f Common: Create NetworkScanConfiguration using pydantic 2022-09-02 12:05:08 +05:30
Shreya Malviya 63a8e81c74 Common: Create TCPScanConfiguration using pydantic 2022-09-02 12:05:07 +05:30
Shreya Malviya 858b7650ac Common: Create ICMPScanConfiguration using pydantic 2022-09-02 12:05:07 +05:30
Shreya Malviya e7b0e6babf Common: Create ScanTargetConfiguration using pydantic 2022-09-02 12:05:07 +05:30
Shreya Malviya 520183f42d Common: Create PluginConfiguration using pydantic 2022-09-02 12:05:07 +05:30
Shreya Malviya 554a180fbd Common: Create CustomPBAConfiguration using pydantic 2022-09-02 12:05:07 +05:30
Mike Salvatore 765ce858fb Agent: Rename IAgentRepository -> IAgentBinaryRepository
PR #2239
2022-09-01 19:03:37 -04:00
Kekoa Kaaikala 62e4fb89bb Agent: Inject dependencies into TCPRelay 2022-09-01 19:28:06 +00:00
Kekoa Kaaikala 46573c9f2d UT: Add tests for RelayUserHandler 2022-09-01 19:24:13 +00:00
Kekoa Kaaikala b1c1d2bd39 Agent: Allow callback registration on TCPConnectionHandler 2022-09-01 19:19:05 +00:00
Kekoa Kaaikala ef39a8afd1 Agent: Add TCPPipeSpawner class 2022-09-01 19:15:23 +00:00
Mike Salvatore ccffd1eaee Project: Update vulture_allowlist.py for IAgentRepository changes 2022-09-01 12:43:45 -04:00
Mike Salvatore 3ab800f119 Island: Add docstrings to the Agent model 2022-09-01 12:25:29 -04:00
Mike Salvatore 693ce9e486 Island: Implement MongoAgentRepository.reset() 2022-09-01 12:25:29 -04:00
Mike Salvatore d854eb7576 Island: Implement MongoAgentRepository.upsert_agent() 2022-09-01 12:13:01 -04:00
Kekoa Kaaikala 0e869462b5 Agent: Refactor TCPRelay
Integrate TCPConnectionHandler and RelayUserHandler into TCPRelay
Remove TCPProxy
2022-09-01 15:06:47 +00:00
Kekoa Kaaikala d6931a6414 Agent: Clean up RelayUserHandler
Add get_potential_users and remove pipe handling
2022-09-01 15:03:16 +00:00
Mike Salvatore 1745b76122 Island: Implement MongoAgentRepository.get_running_agents() 2022-09-01 10:38:01 -04:00
Mike Salvatore ba228e56b6 Island: Implement MongoAgentRepository.get_agent_by_id() 2022-09-01 10:21:40 -04:00
Mike Salvatore 6f285ba80c Island: Rename `id` parameter to `agent_id` in IAgentRepository 2022-09-01 10:21:40 -04:00
Mike Salvatore f00268c4a1 Island: Add IAgentRepository.reset() 2022-09-01 10:21:40 -04:00
Mike Salvatore 1eefbdb2b1 Island: Allow Agent.parent_id to be None 2022-09-01 10:21:40 -04:00
Mike Salvatore 22701fc0a3 Island: Redefine IAgentRepository 2022-09-01 10:21:40 -04:00
Mike Salvatore f79d2fd8a6 Island: Add AgentID type alias 2022-09-01 10:21:40 -04:00
Ilija Lazoroski 15dee35aa4 Agent: Add RelayUserHandler 2022-09-01 16:02:27 +02:00
Kekoa Kaaikala 1f723b174e Agent: Add TCPConnectionHandler 2022-09-01 13:54:17 +00:00
Kekoa Kaaikala 2e7be823a1 Agent: Revert old TcpProxy and create a new one 2022-09-01 13:14:07 +00:00
Ilija Lazoroski c9b7f924a3 UT: Fix ExploitingInterceptingTelemetryMessenger tests 2022-09-01 13:58:14 +02:00
Ilija Lazoroski eee06467f6 Agent: Add TODO to rethink on_user_disconnected 2022-09-01 13:44:39 +02:00
Ilija Lazoroski 508b811939 Agent: Rename on_user_connected to add_relay_user 2022-09-01 13:41:50 +02:00
Ilija Lazoroski 43a1ddb714 Agent: Rename on_potential_new_user to add_potential_user 2022-09-01 13:38:31 +02:00
Ilija Lazoroski a754963222 Agent: Remove on_user_disconnected in TCPRelay 2022-09-01 13:32:07 +02:00
Ilija Lazoroski 6e0dc0ca13 Agent: Use super().__init__(...) in TCPRelay 2022-09-01 13:27:40 +02:00
Ilija Lazoroski 9fae6cca20 Agent: Use dictionary for relay and potential users in TCPRelay 2022-09-01 12:56:26 +02:00
Ilija Lazoroski 9a3afb051d Agent: Use IPv4Address for RelayUser.address 2022-09-01 12:10:21 +02:00
Ilija Lazoroski 1d394bbd2e Agent: Fix docstrings in TCPRelay 2022-09-01 11:39:25 +02:00
Ilija Lazoroski d478e99227 Agent: Make TCPRelay non-optional in ExploitInterceptingTelemetryMessenger 2022-09-01 11:29:03 +02:00
Ilija Lazoroski ecdf04a85e Agent: Change relay control message
'-' to 'infection-monkey-relay-control-message: -'
2022-09-01 10:35:29 +02:00
Ilija Lazoroski 94fba0fdf0 Agent: Rename RelayUser.time to last_update_time 2022-09-01 10:17:13 +02:00
Ilija Lazoroski 302cdaac70 Agent: Use event.wait() when running TCPRelay 2022-09-01 09:57:46 +02:00
Mike Salvatore 453f45e403
Merge pull request #2232 from guardicore/2218-get-network-interfaces
2218 get network interfaces
2022-08-31 15:54:13 -04:00
Kekoa Kaaikala a954df3ed8 Agent: Replace get_local_network_interfaces
Replaced get_local_network_interfaces() with get_network_interfaces()
2022-08-31 19:25:42 +00:00
Mike Salvatore 973a82e087 Merge branch 'machine-repository' into develop
PR #2228
2022-08-31 10:54:54 -04:00
Mike Salvatore ba7dab26d7 Island: Refactor how Machine objects are managed by IMachineRepository
- Replace `create_machine()` with `get_new_id()`
- Replace `update_machine()` with `upsert_machine()`

Benefits:
    The repository doesn't store Machine objects that only have the ID
    populated (unless that is the caller's desire).

    Upsert instead of update allows the interface to be more permissive.
2022-08-31 10:17:20 -04:00
Kekoa Kaaikala 31ff85ad3c Agent: Add timeout to wait for pending clients 2022-08-31 13:51:54 +00:00
Kekoa Kaaikala 4b5d93beb0 Agent: Add disconnect protocol to TCPRelay 2022-08-31 12:06:13 +00:00
Kekoa Kaaikala cd0b3077cf Agent: Notify TCPRelay of exploit 2022-08-30 21:31:06 +00:00
Kekoa Kaaikala 9425a9463a Agent: Track relay users in TCPRelay 2022-08-30 20:53:16 +00:00
Kekoa Kaaikala 79d5b8bed1 Agent: Add TCPRelay class 2022-08-30 20:08:54 +00:00
Kekoa Kaaikala b10327af5c Agent: Register agent interfaces 2022-08-30 15:36:30 +00:00
Mike Salvatore 4cbefedad2
Merge pull request #2222 from guardicore/2135-use-ipaddress
2135 use ipaddress
2022-08-30 10:04:21 -04:00
Kekoa Kaaikala 70a9251c5b Agent: Fix type hints 2022-08-30 13:44:32 +00:00
Mike Salvatore 81128a4842 Island: Don't use Field() for simple defaults in Machine 2022-08-30 09:34:17 -04:00
Mike Salvatore b538842e84 Island: Remove display_name from MongoMachineRepository._find_one() 2022-08-30 09:32:47 -04:00
Kekoa Kaaikala fedfe4e45d Agent: Use str(interface) instead of building string 2022-08-30 11:58:57 +00:00
Kekoa Kaaikala e6663747eb Agent: Use IPv4Interface's string 2022-08-30 11:36:51 +00:00
Kekoa Kaaikala 2b55c35a65 Agent: Use str() instead of .compressed 2022-08-30 11:36:51 +00:00
Kekoa Kaaikala 01c508e248 Agent: Replace NetworkInterface with IPv4Interface 2022-08-30 11:36:51 +00:00
Kekoa Kaaikala f31ba824c6 UT: Fix tests 2022-08-30 11:36:51 +00:00
Kekoa Kaaikala d8beba17fd Agent: Update NetworkInterface to be IPv4Interface 2022-08-30 11:36:51 +00:00
Kekoa Kaaikala 75ba889f57 Agent: Fix typing issues 2022-08-30 11:36:51 +00:00
Kekoa Kaaikala 06ae6a8b90 Project: Add ipaddress types for mypy 2022-08-30 11:36:51 +00:00
Mike Salvatore bf5e54ebc9 Island: Raise RemovalError from IMachineRepository.reset() 2022-08-30 07:34:20 -04:00
Mike Salvatore 383cfdfefe Island: Rename `id_` parameter to `machine_id` in IMachineRepository 2022-08-30 07:30:41 -04:00
Mike Salvatore 0adf9d8467 Island: Add MongoMachineRepository 2022-08-30 05:03:47 -04:00
Mike Salvatore 1383332d33 Merge branch 'machine-model-defaults' into machine-repository 2022-08-29 20:31:44 -04:00
Mike Salvatore 5713d1c99b UT: Add test_hardware_id_default() 2022-08-29 20:30:07 -04:00
Mike Salvatore ac1cda40a8 Island: Add default value for Machine.hostname 2022-08-29 20:27:57 -04:00
Mike Salvatore 5d51b40475 Island: Add default value for Machine.operating_system_version 2022-08-29 20:26:11 -04:00
Mike Salvatore 3e2244cd62 UT: Add test_operating_system_default_value() 2022-08-29 20:26:11 -04:00
Mike Salvatore 40601b955c Island: Add default value for Machine.network_interfaces 2022-08-29 20:26:05 -04:00
Mike Salvatore da8ed9e6db Island: Fix ICredentialsRepository import in MongoCredentialsRepository 2022-08-29 19:35:04 -04:00
Mike Salvatore 10d8d8e756 Island: Use MONGO_OBJECT_ID_KEY in MongoCredentialsRepository 2022-08-29 19:32:40 -04:00
Mike Salvatore bf6125dd55 Island: Add MONGO_OBJECT_ID_KEY 2022-08-29 19:31:35 -04:00
Mike Salvatore 3eda8d640d Island: Export IMachineRepository from repository package 2022-08-29 19:27:17 -04:00
Mike Salvatore da752e041b Project: Exclude vulture_allowlist.py from mypy checks 2022-08-29 19:27:17 -04:00
Mike Salvatore eb3fe21b11 Island: Redefine IMachineRepository 2022-08-29 19:27:14 -04:00
Mike Salvatore 4c03c8aae9 Island: Import TypeAlias from typing_extensions 2022-08-29 19:13:23 -04:00
Mike Salvatore c73a29c1b7 Common: Import TypeAlias from typing_extensions 2022-08-29 19:13:03 -04:00
Mike Salvatore e98086e3d1 Project: Exclude vulture_allowlist.py from mypy checks 2022-08-29 15:46:29 -04:00
Mike Salvatore 6b083ca61b Island: Remove superfluous "pass" from repository.errors 2022-08-29 15:15:49 -04:00
Mike Salvatore 1de552ea94 Island: Add UnknownRecordError to repository.errors 2022-08-29 15:14:42 -04:00
Mike Salvatore 694cdca883 Island: Make Machine.operating_system Optional 2022-08-29 15:00:45 -04:00
Mike Salvatore ebcfe5a9fc Island: Add docstrings to Machine 2022-08-29 14:35:45 -04:00
Mike Salvatore 43a53112fc Island: Use monkey_island.cc.models.Machine in IMachineRepository 2022-08-29 14:35:10 -04:00
Mike Salvatore cff363597a Common: Annotate HardwareID as a TypeAlias 2022-08-29 14:34:28 -04:00
Mike Salvatore b1f15b59f7 Common: Ignore arg-type error in DIContainer.register() 2022-08-29 14:28:48 -04:00
Mike Salvatore 599676c496 Project: Add mypy configuration to pyproject.toml 2022-08-29 14:16:43 -04:00
Mike Salvatore 4662dd8bed Island: Annotate MachineID as a TypeAlias
See https://mypy.readthedocs.io/en/stable/common_issues.html#variables-vs-type-aliases
2022-08-29 13:50:12 -04:00
Ilija Lazoroski 1deb03b6d7 Island: Fix type annotation in AWSService 2022-08-29 12:46:34 -04:00
Ilija Lazoroski 6adacf702e Island: Don't drop collections that starts with "config"
Fixes #2210
PR #2227
2022-08-29 12:46:20 -04:00
Mike Salvatore 4af38f6e8a Project: Add .DS_Store to .gitignore 2022-08-29 12:32:15 -04:00
Mike Salvatore 797c2ea294 Merge branch 'v1.13.0-documentation-updates' into documentation-updates 2022-08-29 12:30:36 -04:00
Mike Salvatore e9bfbbd08e
Merge pull request #2224 from ybasford/v1.13.0-documentation-updates
Changed punctuation
2022-08-29 12:24:03 -04:00
ybasford 7dd4fe820d Docs: Fixed spelling 2022-08-29 12:16:10 -04:00
ybasford 4d723b07fa Docs: Corrected the number of reports 2022-08-29 12:16:07 -04:00
ybasford d9eb867a2d Docs: Corrected grammatical error 2022-08-29 12:16:06 -04:00
ybasford 2783db69b9 Docs: No need for capitalization 2022-08-29 12:15:48 -04:00
ybasford 159eb2b45b Docs: Capital letters and changed a word 2022-08-29 12:15:46 -04:00
ybasford 5bc2b1ba5a Docs: Turned into singular because there is only one note 2022-08-29 12:15:30 -04:00
ybasford 99cd35aae5 Docs: Removed redundant word 2022-08-29 12:15:24 -04:00
ybasford c98a55bcd4 Docs: Changed punctuation
Used a colon because it precedes a list
2022-08-29 12:15:20 -04:00
ybasford aae513ce00 Docs: Added a word 2022-08-29 12:15:16 -04:00
ybasford bc66b6defa Docs: Changed punctuation 2022-08-29 12:15:11 -04:00
ybasford 43c8778c7c Docs: Capitalized heading 2022-08-29 12:15:09 -04:00
ybasford 4e5e800222 Docs: Corrected typo 2022-08-29 12:15:06 -04:00
ybasford 6bcd5816ee Docs: Corrected grammar 2022-08-29 12:13:44 -04:00
ybasford 8794d2a3c1 Docs: Update aws-run-on-ec2-machine.md
Changed wording
2022-08-29 12:12:36 -04:00
ybasford 4ca7fdeae9 Docs: Changed to US spelling 2022-08-29 12:12:32 -04:00
ybasford 9dbe0016e1 Docs: Deleted extra word 2022-08-29 12:12:18 -04:00
Kekoa Kaaikala b622cb18bc Project: Add ShellCheck to pre-commit hooks
PR #2219
2022-08-29 11:10:09 -04:00
Mike Salvatore fd502a832a
Merge pull request #2220 from guardicore/add-mypy-precommit-hook
Project: Add mypy pre-commit check
2022-08-29 10:58:34 -04:00
Kekoa Kaaikala cea2d0842b Project: Include unit tests in mypy checks 2022-08-29 14:54:06 +00:00
Mike Salvatore 40d4f7f50c Island: Remode disused deb-package/ 2022-08-29 10:31:18 -04:00
Mike Salvatore 3000304d28 Island: Remove disused and empty `environment` subpackage 2022-08-29 10:30:01 -04:00
Mike Salvatore 9a95cfbc8b Project: Add machine_hardware_id to vulture_allowlist.py 2022-08-25 11:51:17 -04:00
Mike Salvatore def1dce86b Common: Rename MutableBaseModel -> MutableInfectionMonkeyBaseModel 2022-08-25 11:50:12 -04:00
Kekoa Kaaikala 47bb7b207f Project: Add mypy pre-commit check 2022-08-25 15:15:21 +00:00
Mike Salvatore be2a683732 Merge branch 'release/1.13.0' 2022-01-25 09:58:01 -05:00
Mike Salvatore 67c87e044b Merge branch 'release/1.12.0' 2021-10-29 09:01:22 -04:00
Mike Salvatore 07730160d7 Release Infection Monkey v1.11.0 2021-08-16 14:41:13 -04:00
Mike Salvatore cbd803acae Update release 1.11.0 date in changelog 2021-08-13 08:38:05 -04:00
Mike Salvatore 2d7919c60c
Merge pull request #1074 from guardicore/release/1.10.0
Release Infection Monkey v1.10.0
2021-04-06 07:00:02 -04:00
VakarisZ ab01917812
Merge pull request #769 from guardicore/release/1.9.0
Release/1.9.0
2020-08-05 21:58:57 +03:00
473 changed files with 12879 additions and 6253 deletions

3
.gitignore vendored
View File

@ -104,3 +104,6 @@ venv/
# mypy
.mypy_cache
# MacOS
.DS_Store

View File

@ -35,6 +35,17 @@ repos:
hooks:
- id: eslint
args: ["monkey/monkey_island/cc/ui/src/", "--fix", "--max-warnings=0"]
- repo: https://github.com/pre-commit/mirrors-mypy
rev: v0.971
hooks:
- id: mypy
additional_dependencies: [types-ipaddress, types-paramiko, types-python-dateutil, types-requests]
exclude: "vulture_allowlist.py"
args: [--ignore-missing-imports]
- repo: https://github.com/koalaman/shellcheck-precommit
rev: v0.7.2
hooks:
- id: shellcheck
- repo: local
hooks:
- id: pytest

View File

@ -35,7 +35,7 @@ jobs:
# Python
- nproc
- pip install pip --upgrade
- pipenv --version
# Install island and monkey requirements as they are needed by UT's
- pushd monkey/monkey_island
- pipenv sync --dev # This installs dependencies from lock
@ -76,7 +76,7 @@ jobs:
## run unit tests and generate coverage data
- cd monkey # this is our source dir
- pip install pytest-xdist
- python -m pytest -n auto --cov=. # have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
- python -m pytest -n auto --dist loadscope --cov=. # have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
# check js code. the npm install must happen after the flake8 because the node_modules folder will cause a lot of errors.
- cd monkey_island/cc/ui
@ -120,7 +120,7 @@ jobs:
install:
# Python
- nproc
- pip install pipenv --upgrade
- pip install pipenv==2022.7.4
# Install island and monkey requirements as they are needed by UT's
- pushd monkey/monkey_island
- pipenv sync --dev # This installs dependencies from lock
@ -133,7 +133,7 @@ jobs:
## run unit tests and generate coverage data
- cd monkey # this is our source dir
- pip install pytest-xdist
- python -m pytest -n auto
- python -m pytest -n auto --dist loadscope
notifications:

View File

@ -20,10 +20,13 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
- `/api/clear-simulation-data` endpoint. #2036
- `/api/registration-status` endpoint. #2149
- authentication to `/api/island/version`. #2109
- `/api/events` endpoint. #2155
- `/api/agent-events` endpoint. #2155, #2300
- The ability to customize the file extension used by ransomware when
encrypting files. #1242
- `/api/agents` endpoint.
- `/api/agents` endpoint. #2362
- `/api/agent-signals` endpoint. #2261
- `/api/agent-logs/<uuid:agent_id>` endpoint. #2274
- `/api/machines` endpoint. #2362
### Changed
- Reset workflow. Now it's possible to delete data gathered by agents without
@ -59,6 +62,13 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
- `/api/registration` endpoint to `/api/register`. #2105
- `/api/file-upload` endpoit to `/api/pba/upload`. #2154
- Improved the speed of ransomware encryption by 2-3x. #2123
- "-s/--server" to "-s/--servers". #2216
- "-s/--servers" accepts list of servers separated by comma. #2216
- Tunneling to relays to provide better firewall evasion, faster Island
connection times, unlimited hops, and a more resilient way for agents to call
home. #2216, #1583
- "/api/monkey-control/stop-all-agents" to "/api/agent-signals/terminate-all-agents". #2261
- "Local network scan" option to "Scan Agent's networks". #2299
### Removed
- VSFTPD exploiter. #1533
@ -103,6 +113,10 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
- "/api/configuration/import" endpoint. #2002
- "/api/configuration/export" endpoint. #2002
- "/api/island-configuration" endpoint. #2003
- "-t/--tunnel" from agent command line arguments. #2216
- "/api/monkey-control/neets-to-stop". #2261
- "GET /api/test/monkey" endpoint. #2269
- "GET /api/test/log" endpoint. #2269
### Fixed
- A bug in network map page that caused delay of telemetry log loading. #1545

View File

@ -29,7 +29,7 @@ Monkey on our [website](https://www.akamai.com/infectionmonkey).
For more information, or to apply, see the official job post:
- [Israel](https://akamaicareers.inflightcloud.com/jobdetails/aka_ext/028224?section=aka_ext&job=028224)
test1111
## Screenshots

View File

@ -1,7 +1,7 @@
#!/bin/bash
LINUXDEPLOY_URL="https://github.com/linuxdeploy/linuxdeploy/releases/download/continuous/linuxdeploy-x86_64.AppImage"
PYTHON_VERSION="3.7.13"
PYTHON_VERSION="3.7.14"
PYTHON_APPIMAGE_URL="https://github.com/niess/python-appimage/releases/download/python3.7/python${PYTHON_VERSION}-cp37-cp37m-manylinux1_x86_64.AppImage"
APPIMAGE_DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")")
APPDIR="$APPIMAGE_DIR/squashfs-root"

13
c/test_dumps.py Normal file
View File

@ -0,0 +1,13 @@
import json
data = {
'name' : 'myname',
'age' : 100,
}
# separators:是分隔符的意思参数意思分别为不同dict项之间的分隔符和dict项内key和value之间的分隔符后面的空格都除去了.
# dumps 将python对象字典转换为json字符串
json_str = json.dumps(data, separators=(',', ':'))
print(type(json_str), json_str)
# loads 将json字符串转化为python对象字典
pyton_obj = json.loads(json_str)
print(type(pyton_obj), pyton_obj)

1
ces.txt Normal file
View File

@ -0,0 +1 @@
是分为氛围

1
ces11.txt Normal file
View File

@ -0,0 +1 @@
123456

View File

@ -38,6 +38,6 @@ We always want to improve the core Infection Monkey code to make it smaller, fas
### Documentation 📚
Every project requires excellent documentation. The Infection Monkey is no different. Please feel free to open pull requests with suggestions, improvements or issues and asking us to document various parts of the Monkey.
Every project requires excellent documentation. The Infection Monkey is no different. Please feel free to open pull requests with suggestions, improvements or issues and ask us to document various parts of the Monkey.
The Infection Monkey's documentation is stored in the `/docs/content` directory.

View File

@ -14,11 +14,11 @@ The Infection Monkey has development tutorials that use [`swimm.io`](https://swi
First, [sign up for swimm's beta](https://swimm.io/sign-beta). `swimm` is free for open-source projects, but as they're still in beta you'll need to sign up in order to download it.
After you've downloaded and installed `swimm`, open a shell in the Infeciton Monkey repo folder and run:
After you've downloaded and installed `swimm`, open a shell in the Infection Monkey repo folder and run:
```shell script
swimm start
```
```
A local web server with the currently available tutorials should show up, and will look something like this:

View File

@ -4,11 +4,11 @@ date = 2020-05-26T20:55:04+03:00
weight = 30
chapter = true
pre = '<i class="fas fa-layer-group"></i> '
tags = ["reference"]
tags = ["reference"]
+++
# Reference
Find detailed information about the Infection Monkey.
Find detailed information about the Infection Monkey:
{{% children %}}

View File

@ -23,7 +23,7 @@ The location of the data directory is set in the `data_dir` field in the
`server_config.json` file.
1. [Create a custom server_config.json file](../server_configuration) and set the `data_dir` field. Its
contents will look like:
contents will look like this:
```json
{

View File

@ -7,4 +7,4 @@ tags: ["exploit", "windows"]
### Description
For this exploit, the Infection Monkey will try to brute force into a MsSQL server and use an insecure configuration to execute commands on the server.
For this exploit, the Infection Monkey will try to brute force into an MsSQL server and use an insecure configuration to execute commands on the server.

View File

@ -22,8 +22,7 @@ The PowerShell exploiter can be run from both Linux and Windows attackers. On
Windows attackers, the exploiter has the ability to use the cached username
and/or password from the current user. On both Linux and Windows attackers, the
exploiter uses all combinations of the [user-configured usernames and
passwords]({{< ref "/usage/configuration/basic-credentials" >}}), as well as
and LM or NT hashes that have been collected. Different combinations of
passwords]({{< ref "/usage/configuration/basic-credentials" >}}), as well as LM or NT hashes that have been collected. Different combinations of
credentials are attempted in the following order:
1. **Cached username and password (Windows attacker only)** - The exploiter will

View File

@ -21,10 +21,10 @@ is, therefore, **not** enabled by default.
During successful exploitation, the Zerologon exploiter:
* will temporarily change the target domain controller's password.
* may break the target domain controller's communication with other systems in the network, affecting functionality.
* may change the administrator's password.
* will *attempt* to revert all changes.
* Will temporarily change the target domain controller's password.
* May break the target domain controller's communication with other systems in the network, affecting functionality.
* May change the administrator's password.
* Will *attempt* to revert all changes.
While the Zerologon exploiter is usually successful in reverting its changes
and restoring the original passwords, it sometimes fails. Restoring passwords
@ -58,17 +58,17 @@ to regain access to the system.
#### Use Reset-ComputerMachinePassword
If you are able to login as the administrator, you can use the
If you are able to log in as the administrator, you can use the
[Reset-ComputerMachinePassword](https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.management/reset-computermachinepassword?view=powershell-5.1)
powershell command to restore the domain controller's password.
#### Try a zerologon password restoration tool
#### Try a Zerologon password restoration tool
If all other approaches fail, you can try the tools and steps found
[here](https://github.com/risksense/zerologon).
### Notes
### Note
* The Infection Monkey exploiter implementation is based on implementations by [@dirkjanm](https://github.com/dirkjanm/CVE-2020-1472/) and [@risksense](https://github.com/risksense/zerologon).

View File

@ -9,7 +9,7 @@ tags = ["reference", "exploit"]
# Exploiters
The Infection Monkey uses various remote code execution (RCE) exploiters. To our best knowledge, most of these pose no risk to performance or services on victim machines. This documentation serves as a quick introduction to the exploiters currently implemented and the vulnerabilities they use.
The Infection Monkey uses various remote code execution (RCE) exploiters. To our best knowledge, most of these pose no risk to performance or services on victim machines. This documentation serves as a quick introduction to the exploiters currently implemented and the vulnerabilities they use:
{{% children %}}

View File

@ -8,6 +8,6 @@ pre = "<i class='fas fa-scroll'></i> "
# Infection Monkey's Reports
The Infection Monkey offers three reports:
The Infection Monkey offers four reports:
{{% children description=true style="p"%}}

View File

@ -18,7 +18,7 @@ Watch the overview video:
## How to use the report
The MITRE ATT&CK report is centred around the ATT&CK matrix:
The MITRE ATT&CK report is centered around the ATT&CK matrix:
![MITRE Report](/images/usage/reports/mitre-report-0.png "MITRE Report")

View File

@ -27,7 +27,7 @@ This diagram provides you with a quick glance at how your organization scores on
![Zero Trust Report summary](/images/usage/reports/ztreport1.png "Zero Trust Report summary")
## Test Results
## Test results
This section shows how your network fared against each of the tests the Infection Monkey ran. The tests are ordered by Zero Trust pillar, so you can quickly navigate to the category you want to prioritize.

View File

@ -8,5 +8,7 @@ description: "Configure settings related to the Monkey's network activity."
Here you can control multiple important settings, such as:
* Network propagation depth - How many hops from the base machine will the Infection Monkey spread?
* Local network scan - Should the Infection Monkey attempt to attack any machine in its subnet?
* Scan Agent's networks - Should the Infection Monkey attempt to attack any machine in its subnet?
_Be careful when using this option. If a machine is connected to a public network, then the agent will scan the public network!_
* Scanner IP/subnet list - Which specific IP ranges should the Infection Monkey should try to attack?

View File

@ -28,7 +28,7 @@ In order for the Infection Monkey to successfully view your instances, you'll ne
#### Creating a custom IAM role
Go to the [AWS IAM roles dashboard](https://console.aws.amazon.com/iam/home?#/roles) and create a new IAM role for EC2. The role will need to have some specific permissions (see Appendix A), but you can just create a role with the `AmazonEC2RoleforSSM`, `AWSSecurityHubFullAccess` and `AmazonSSMFullAccess` pre-made permissions. In the end it should like something like this:
Go to the [AWS IAM roles dashboard](https://console.aws.amazon.com/iam/home?#/roles) and create a new IAM role for EC2. The role will need to have some specific permissions (see Appendix A), but you can just create a role with the `AmazonEC2RoleforSSM`, `AWSSecurityHubFullAccess` and `AmazonSSMFullAccess` pre-made permissions. In the end it should look something like this:
![Creating a custom IAM role](/images/usage/integrations/monkey-island-aws-screenshot-3.png "Creating a custom IAM role")
@ -72,7 +72,7 @@ After you click on **Run on AWS machine of your choice** you can choose one of t
## Notes
- The machines which can use IAM roles and be listed MUST be internet connected (or you can set up a proxy for IAM). This is standard AWS practice and you can read about it (and about how to set up the required proxy machines) in the AWS IAM documentation.
- The machines that can use IAM roles and be listed MUST be internet connected (or you can set up a proxy for IAM). This is standard AWS practice and you can read about it (and about how to set up the required proxy machines) in the AWS IAM documentation.
- You can view the Infection Monkey in [the AWS marketplace](https://aws.amazon.com/marketplace/pp/B07B3J7K6D).
### Appendix A: Specific policy permissions required

View File

@ -16,9 +16,9 @@ where bad actors can reuse these credentials in your network.
## Configuration
- **Exploits -> Credentials** After setting up the Monkey Island, add your users' **real** credentials
- **Propagation -> Credentials** After setting up the Monkey Island, add your users' **real** credentials
(usernames and passwords) here. Don't worry; this sensitive data is not accessible, distributed or used in any way other than being sent to the Infection Monkey agents. You can easily eliminate it by resetting the configuration of your Monkey Island.
- **Internal -> Exploits -> SSH keypair list** When enabled, the Infection Monkey automatically gathers SSH keys on the current system.
- **Propagation -> Credentials -> SSH key pairs list** When enabled, the Infection Monkey automatically gathers SSH keys on the current system.
For this to work, the Monkey Island or initial agent needs to access SSH key files.
To make sure SSH keys were gathered successfully, refresh the page and check this configuration value after you run the Infection Monkey
(content of keys will not be displayed, it will appear as `<Object>`).

View File

@ -15,17 +15,14 @@ Infection Monkey will help you assess the impact of a future breach by attemptin
## Configuration
- **Exploits -> Exploits** Here you can review the exploits the Infection Monkey will be using. By default all
- **Propagation -> Exploiters** Here you can review the exploits the Infection Monkey will be using. By default all
safe exploiters are selected.
- **Exploits -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times.
- **Network -> Scope** Make sure to properly configure the scope of the scan. You can select **Local network scan**
- **Propagation -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times.
- **Propagation -> Network analysis -> Network** Make sure to properly configure the scope of the scan. You can select **Scan Agent's networks**
and allow Monkey to propagate until maximum **Scan depth**(hop count) is reached, or you can fine tune it by providing
specific network ranges in **Scan target list**. Scanning a local network is more realistic, but providing specific
targets will make the scanning process substantially faster.
- **(Optional) Internal -> Network -> TCP scanner** Here you can add custom ports your organization is using.
- **(Optional) Monkey -> Post-Breach Actions** If you only want to test propagation in the network, you can turn off
all post-breach actions. These actions simulate an attacker's behavior after getting access to a new system but in no
way helps the Infection Monkey exploit new machines.
- **(Optional) Propagation -> Network Analysis -> TCP scanner** Here you can add custom ports your organization is using.
![Exploiter selector](/images/usage/use-cases/network-breach.PNG "Exploiter selector")

View File

@ -17,18 +17,17 @@ You can use the Infection Monkey's cross-segment traffic feature to verify that
## Configuration
- **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define
- **Propagation -> Network analysis -> Network segmentation testing** This configuration setting allows you to define
subnets that should be segregated from each other. If any of the provided networks can reach each other, you'll see it
in the security report.
- **(Optional) Network -> Scope** You can disable **Local network scan** and leave all other options at the default setting if you only want to test for network segmentation without any lateral movement.
- **(Optional) Monkey -> Post-Breach Actions** If you only want to test segmentation in the network, you can turn off all post-breach actions. These actions simulate an attacker's behavior after getting access to a new system, so they might trigger your defense solutions and interrupt the segmentation test.
- **(Optional) Propagation -> Network analysis -> Network** You can disable **Scan Agent's networks** and leave all other options at the default setting if you only want to test for network segmentation without any lateral movement.
## Suggested run mode
Execute The Infection Monkey on machines in different subnetworks using the “Manual” run option.
Note that if the Infection Monkey can't communicate to the Monkey Island, it will
not be able to send scan results, so make sure all machines can reach the the Monkey Island.
not be able to send scan results, so make sure all machines can reach the Monkey Island.
![How to configure network segmentation testing](/images/usage/scenarios/segmentation-config.png "How to configure network segmentation testing")

View File

@ -9,37 +9,26 @@ weight: 100
## Overview
This page provides additional information about configuring the Infection Monkey, tips and tricks and creative usage scenarios.
## Custom behaviour
If you want the Infection Monkey to run a specific script or tool after it breaches a machine, you can configure it in
**Configuration -> Monkey -> Post-breach**. Input commands you want to execute in the corresponding fields.
You can also upload files and call them through the commands you entered.
## Accelerate the test
To improve scanning speed you could **specify a subnet instead of scanning all of the local network**.
The following configuration values also have an impact on scanning speed:
- **Credentials** - The more usernames and passwords you input, the longer it will take the Infection Monkey to scan machines that have
- **Propagation -> Credentials** - The more usernames and passwords you input, the longer it will take the Infection Monkey to scan machines that have
remote access services. The Infection Monkey agents try to stay elusive and leave a low impact, and thus brute-forcing takes longer than with loud conventional tools.
- **Network scope** - Scanning large networks with a lot of propagations can become unwieldy. Instead, try to scan your
- **Propagation -> Network analysis -> Network** - Scanning large networks with a lot of propagations can become unwieldy. Instead, try to scan your
networks bit by bit with multiple runs.
- **Post-breach actions** - If you only care about propagation, you can disable most of these.
- **Internal -> TCP scanner** - Here you can trim down the list of ports the Infection Monkey tries to scan, improving performance.
- **Propagation -> Network analysis -> TCP scanner** - Here you can trim down the list of ports the Infection Monkey tries to scan, improving performance.
## Combining different scenarios
The Infection Monkey is not limited to the scenarios mentioned in this section. Once you get the hang of configuring it, you might come up with your own use case or test all of the suggested scenarios at the same time! Whatever you do, the Infection Monkey's Security, ATT&CK and Zero Trust reports will be waiting for you with your results!
## Persistent scanning
Use **Monkey -> Persistent** scanning configuration section to either run periodic scans or increase the reliability of exploitations by running consecutive scans with the Infection Monkey.
## Credentials
Every network has its old "skeleton keys" that it should have long discarded. Configuring the Infection Monkey with old and stale passwords will enable you to ensure they were really discarded.
To add the old passwords, go to the Monkey Island's **Exploit password list** under **Basic - Credentials** and use the "+" button to add the old passwords to the configuration. For example, here we added a few extra passwords (and a username as well) to the configuration:
To add the old passwords, go to the Monkey Island's **Exploit password list** under **Propagation -> Credentials** and use the "+" button to add the old passwords to the configuration. For example, here we added a few extra passwords (and a username as well) to the configuration:
![Exploit password and user lists](/images/usage/scenarios/user-password-lists.png "Exploit password and user lists")

View File

@ -13,9 +13,9 @@ Want to assess your progress in achieving a Zero Trust network? The Infection Mo
## Configuration
- **Exploits -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times.
- **Network -> Scope** Disable “Local network scan” and instead provide specific network ranges in the “Scan target list.”
- **Network -> Network analysis -> Network segmentation testing** This configuration setting allows you to define
- **Propagation -> Credentials** This configuration value will be used for brute-forcing. The Infection Monkey uses the most popular default passwords and usernames, but feel free to adjust it according to the default passwords common in your network. Keep in mind a longer list means longer scanning times.
- **Propagation -> Network analysis -> Network** Disable “Scan Agent's networks” and instead provide specific network ranges in the “Scan target list.”
- **Propagation -> Network analysis -> Network segmentation testing** This configuration setting allows you to define
subnets that should be segregated from each other.
In general, other configuration value defaults should be good enough, but feel free to see the “Other” section for tips and tricks about more features and in-depth configuration parameters you can use.

View File

@ -1,4 +1,5 @@
from typing import Iterable
from ipaddress import IPv4Address
from typing import Collection, Iterable
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
from envs.monkey_zoo.blackbox.analyzers.analyzer_log import AnalyzerLog
@ -13,15 +14,22 @@ class CommunicationAnalyzer(Analyzer):
def analyze_test_results(self):
self.log.clear()
all_monkeys_communicated = True
for machine_ip in self.machine_ips:
if not self.did_monkey_communicate_back(machine_ip):
self.log.add_entry("Monkey from {} didn't communicate back".format(machine_ip))
all_monkeys_communicated = False
else:
self.log.add_entry("Monkey from {} communicated back".format(machine_ip))
return all_monkeys_communicated
all_agents_communicated = True
agent_ips = self._get_agent_ips()
def did_monkey_communicate_back(self, machine_ip: str):
query = {"ip_addresses": {"$elemMatch": {"$eq": machine_ip}}}
return len(self.island_client.find_monkeys_in_db(query)) > 0
for machine_ip in self.machine_ips:
if self._agent_communicated_back(machine_ip, agent_ips):
self.log.add_entry("Agent from {} communicated back".format(machine_ip))
else:
self.log.add_entry("Agent from {} didn't communicate back".format(machine_ip))
all_agents_communicated = False
return all_agents_communicated
def _get_agent_ips(self) -> Collection[IPv4Address]:
agents = self.island_client.get_agents()
machines = self.island_client.get_machines()
return {i.ip for a in agents for i in machines[a.machine_id].network_interfaces}
def _agent_communicated_back(self, machine_ip: str, agent_ips: Collection[IPv4Address]) -> bool:
return IPv4Address(machine_ip) in agent_ips

View File

@ -1,7 +1,7 @@
from pprint import pformat
from typing import List
from common.credentials import CredentialComponentType, Credentials
from common.credentials import Credentials, LMHash, NTHash, Username
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
from envs.monkey_zoo.blackbox.analyzers.analyzer_log import AnalyzerLog
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
@ -34,14 +34,13 @@ class ZerologonAnalyzer(Analyzer):
@staticmethod
def _get_relevant_credentials(propagation_credentials: Credentials) -> List[str]:
credentials_on_island = set()
for credentials in propagation_credentials:
if credentials.identity.credential_type is CredentialComponentType.USERNAME:
if isinstance(credentials.identity, Username):
credentials_on_island.update([credentials.identity.username])
if credentials.secret.credential_type is CredentialComponentType.NT_HASH:
credentials_on_island.update([credentials.secret.nt_hash])
if credentials.secret.credential_type is CredentialComponentType.LM_HASH:
credentials_on_island.update([credentials.secret.lm_hash])
if isinstance(credentials.secret, NTHash):
credentials_on_island.update([credentials.secret.nt_hash.get_secret_value()])
if isinstance(credentials.secret, LMHash):
credentials_on_island.update([credentials.secret.lm_hash.get_secret_value()])
return list(credentials_on_island)

View File

@ -18,12 +18,6 @@ def pytest_addoption(parser):
default=False,
help="Use for no interaction with the cloud.",
)
parser.addoption(
"--skip-powershell-reuse",
action="store_true",
default=False,
help="Use to run PowerShell credentials reuse test.",
)
@pytest.fixture(scope="session")
@ -48,13 +42,3 @@ def gcp_machines_to_start(request: pytest.FixtureRequest) -> Mapping[str, Collec
machines_to_start.setdefault(zone, set()).update(machines)
return machines_to_start
def pytest_runtest_setup(item):
if "skip_powershell_reuse" in item.keywords and item.config.getoption(
"--skip-powershell-reuse"
):
pytest.skip(
"Skipping powershell credentials reuse test because "
"--skip-powershell-cached flag isn't specified."
)

View File

@ -11,13 +11,18 @@ GCP_TEST_MACHINE_LIST = {
"tunneling-10",
"tunneling-11",
"tunneling-12",
"tunneling-13",
"zerologon-25",
],
"europe-west1-b": [
"powershell-3-44",
"powershell-3-45",
"powershell-3-46",
"powershell-3-47",
"powershell-3-48",
"credentials-reuse-14",
"credentials-reuse-15",
"credentials-reuse-16",
"log4j-logstash-55",
"log4j-logstash-56",
"log4j-solr-49",
@ -31,7 +36,11 @@ DEPTH_2_A = {
"europe-west3-a": [
"sshkeys-11",
"sshkeys-12",
]
],
"europe-west1-b": [
"powershell-3-46",
"powershell-3-44",
],
}
@ -52,21 +61,22 @@ DEPTH_3_A = {
"tunneling-9",
"tunneling-10",
"tunneling-11",
"tunneling-12",
"mimikatz-15",
],
"europe-west1-b": [
"powershell-3-45",
"powershell-3-46",
"powershell-3-47",
"powershell-3-48",
],
}
POWERSHELL_EXPLOITER_REUSE = {
"europe-west1-b": [
"powershell-3-46",
]
DEPTH_4_A = {
"europe-west3-a": [
"tunneling-9",
"tunneling-10",
"tunneling-12",
"tunneling-13",
],
}
ZEROLOGON = {
@ -75,6 +85,14 @@ ZEROLOGON = {
],
}
CREDENTIALS_REUSE_SSH_KEY = {
"europe-west1-b": [
"credentials-reuse-14",
"credentials-reuse-15",
"credentials-reuse-16",
],
}
WMI_AND_MIMIKATZ = {
"europe-west3-a": [
"mimikatz-14",
@ -88,8 +106,9 @@ GCP_SINGLE_TEST_LIST = {
"test_depth_2_a": DEPTH_2_A,
"test_depth_1_a": DEPTH_1_A,
"test_depth_3_a": DEPTH_3_A,
"test_powershell_exploiter_credentials_reuse": POWERSHELL_EXPLOITER_REUSE,
"test_depth_4_a": DEPTH_4_A,
"test_zerologon_exploiter": ZEROLOGON,
"test_credentials_reuse_ssh_key": CREDENTIALS_REUSE_SSH_KEY,
"test_wmi_and_mimikatz_exploiters": WMI_AND_MIMIKATZ,
"test_smb_pth": SMB_PTH,
}

View File

@ -1,19 +1,21 @@
import json
import logging
import time
from typing import Sequence, Union
from typing import List, Mapping, Sequence, Union
from bson import json_util
from common.agent_configuration import AgentConfiguration
from common.credentials import Credentials
from common.types import AgentID, MachineID
from envs.monkey_zoo.blackbox.island_client.monkey_island_requests import MonkeyIslandRequests
from envs.monkey_zoo.blackbox.test_configurations.test_configuration import TestConfiguration
from monkey_island.cc.models import Agent, Machine
SLEEP_BETWEEN_REQUESTS_SECONDS = 0.5
MONKEY_TEST_ENDPOINT = "api/test/monkey"
GET_AGENTS_ENDPOINT = "api/agents"
GET_LOG_ENDPOINT = "api/agent-logs"
GET_MACHINES_ENDPOINT = "api/machines"
TELEMETRY_TEST_ENDPOINT = "api/test/telemetry"
LOG_TEST_ENDPOINT = "api/test/log"
LOGGER = logging.getLogger(__name__)
@ -31,7 +33,7 @@ class MonkeyIslandClient(object):
def get_propagation_credentials(self) -> Sequence[Credentials]:
response = self.requests.get("api/propagation-credentials")
return [Credentials.from_mapping(credentials) for credentials in response.json()]
return [Credentials(**credentials) for credentials in response.json()]
@avoid_race_condition
def import_config(self, test_configuration: TestConfiguration):
@ -51,7 +53,7 @@ class MonkeyIslandClient(object):
def _import_config(self, test_configuration: TestConfiguration):
response = self.requests.put_json(
"api/agent-configuration",
json=AgentConfiguration.to_mapping(test_configuration.agent_configuration),
json=test_configuration.agent_configuration.dict(simplify=True),
)
if response.ok:
LOGGER.info("Configuration is imported.")
@ -60,9 +62,9 @@ class MonkeyIslandClient(object):
assert False
@avoid_race_condition
def _import_credentials(self, propagation_credentials: Credentials):
def _import_credentials(self, propagation_credentials: List[Credentials]):
serialized_propagation_credentials = [
Credentials.to_mapping(credentials) for credentials in propagation_credentials
credentials.dict(simplify=True) for credentials in propagation_credentials
]
response = self.requests.put_json(
"/api/propagation-credentials/configured-credentials",
@ -89,8 +91,9 @@ class MonkeyIslandClient(object):
@avoid_race_condition
def kill_all_monkeys(self):
# TODO change this request, because monkey-control resource got removed
response = self.requests.post_json(
"api/monkey-control/stop-all-agents", json={"kill_time": time.time()}
"api/agent-signals/terminate-all-agents", json={"terminate_time": time.time()}
)
if response.ok:
LOGGER.info("Killing all monkeys after the test.")
@ -135,14 +138,6 @@ class MonkeyIslandClient(object):
LOGGER.error("Failed to reset island mode")
assert False
def find_monkeys_in_db(self, query):
if query is None:
raise TypeError
response = self.requests.get(
MONKEY_TEST_ENDPOINT, MonkeyIslandClient.form_find_query_for_request(query)
)
return MonkeyIslandClient.get_test_query_results(response)
def find_telems_in_db(self, query: dict):
if query is None:
raise TypeError
@ -151,17 +146,21 @@ class MonkeyIslandClient(object):
)
return MonkeyIslandClient.get_test_query_results(response)
def get_all_monkeys_from_db(self):
response = self.requests.get(
MONKEY_TEST_ENDPOINT, MonkeyIslandClient.form_find_query_for_request(None)
)
return MonkeyIslandClient.get_test_query_results(response)
def get_agents(self) -> Sequence[Agent]:
response = self.requests.get(GET_AGENTS_ENDPOINT)
def find_log_in_db(self, query):
response = self.requests.get(
LOG_TEST_ENDPOINT, MonkeyIslandClient.form_find_query_for_request(query)
)
return MonkeyIslandClient.get_test_query_results(response)
return [Agent(**a) for a in response.json()]
def get_machines(self) -> Mapping[MachineID, Machine]:
response = self.requests.get(GET_MACHINES_ENDPOINT)
machines = (Machine(**m) for m in response.json())
return {m.id: m for m in machines}
def get_agent_log(self, agent_id: AgentID) -> str:
response = self.requests.get(f"{GET_LOG_ENDPOINT}/{agent_id}")
return response.json()
@staticmethod
def form_find_query_for_request(query: Union[dict, None]) -> dict:
@ -172,5 +171,5 @@ class MonkeyIslandClient(object):
return json.loads(response.content)["results"]
def is_all_monkeys_dead(self):
query = {"dead": False}
return len(self.find_monkeys_in_db(query)) == 0
agents = self.get_agents()
return all((a.stop_time is not None for a in agents))

View File

@ -1,38 +0,0 @@
import logging
import os
from bson import ObjectId
LOGGER = logging.getLogger(__name__)
class MonkeyLog(object):
def __init__(self, monkey, log_dir_path):
self.monkey = monkey
self.log_dir_path = log_dir_path
def download_log(self, island_client):
log = island_client.find_log_in_db({"monkey_id": ObjectId(self.monkey["_id"])})
if not log:
LOGGER.error("Log for monkey {} not found".format(self.monkey["ip_addresses"][0]))
return False
else:
self.write_log_to_file(log)
return True
def write_log_to_file(self, log):
with open(self.get_log_path_for_monkey(self.monkey), "w") as log_file:
log_file.write(MonkeyLog.parse_log(log))
@staticmethod
def parse_log(log):
log = log.strip('"')
log = log.replace("\\n", "\n ")
return log
@staticmethod
def get_filename_for_monkey_log(monkey):
return "{}.txt".format(monkey["ip_addresses"][0])
def get_log_path_for_monkey(self, monkey):
return os.path.join(self.log_dir_path, MonkeyLog.get_filename_for_monkey_log(monkey))

View File

@ -1,25 +1,65 @@
import logging
from pathlib import Path
from threading import Thread
from typing import List, Mapping
from envs.monkey_zoo.blackbox.log_handlers.monkey_log import MonkeyLog
from common.types import MachineID
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
from monkey_island.cc.models import Agent, Machine
LOGGER = logging.getLogger(__name__)
class MonkeyLogsDownloader(object):
def __init__(self, island_client, log_dir_path):
def __init__(self, island_client: MonkeyIslandClient, log_dir_path: str):
self.island_client = island_client
self.log_dir_path = log_dir_path
self.monkey_log_paths = []
self.log_dir_path = Path(log_dir_path)
self.monkey_log_paths: List[Path] = []
def download_monkey_logs(self):
LOGGER.info("Downloading each monkey log.")
all_monkeys = self.island_client.get_all_monkeys_from_db()
for monkey in all_monkeys:
downloaded_log_path = self._download_monkey_log(monkey)
if downloaded_log_path:
self.monkey_log_paths.append(downloaded_log_path)
try:
LOGGER.info("Downloading each monkey log.")
def _download_monkey_log(self, monkey):
log_handler = MonkeyLog(monkey, self.log_dir_path)
download_successful = log_handler.download_log(self.island_client)
return log_handler.get_log_path_for_monkey(monkey) if download_successful else None
agents = self.island_client.get_agents()
machines = self.island_client.get_machines()
download_threads: List[Thread] = []
# TODO: Does downloading logs concurrently still improve performance after resolving
# https://github.com/guardicore/monkey/issues/2383?
for agent in agents:
t = Thread(target=self._download_log, args=(agent, machines), daemon=True)
t.start()
download_threads.append(t)
for thread in download_threads:
thread.join()
except Exception as err:
LOGGER.exception(err)
def _download_log(self, agent: Agent, machines: Mapping[MachineID, Machine]):
log_file_path = self._get_log_file_path(agent, machines)
log_contents = self.island_client.get_agent_log(agent.id)
MonkeyLogsDownloader._write_log_to_file(log_file_path, log_contents)
self.monkey_log_paths.append(log_file_path)
def _get_log_file_path(self, agent: Agent, machines: Mapping[MachineID, Machine]) -> Path:
try:
machine_ip = machines[agent.machine_id].network_interfaces[0].ip
except IndexError:
LOGGER.error(f"Machine with ID {agent.machine_id} has no network interfaces")
machine_ip = "UNKNOWN"
start_time = agent.start_time.strftime("%Y-%m-%d_%H-%M-%S")
return self.log_dir_path / f"agent_{start_time}_{machine_ip}.log"
@staticmethod
def _write_log_to_file(log_file_path: Path, log_contents: str):
LOGGER.debug(f"Writing {len(log_contents)} bytes to {log_file_path}")
with open(log_file_path, "w") as f:
f.write(log_contents)

View File

@ -10,10 +10,11 @@ from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIs
from envs.monkey_zoo.blackbox.island_client.test_configuration_parser import get_target_ips
from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHandler
from envs.monkey_zoo.blackbox.test_configurations import (
credentials_reuse_ssh_key_test_configuration,
depth_1_a_test_configuration,
depth_2_a_test_configuration,
depth_3_a_test_configuration,
powershell_credentials_reuse_test_configuration,
depth_4_a_test_configuration,
smb_pth_test_configuration,
wmi_mimikatz_test_configuration,
zerologon_test_configuration,
@ -123,13 +124,9 @@ class TestMonkeyBlackbox:
island_client, depth_3_a_test_configuration, "Depth3A test suite"
)
# Not grouped because can only be ran on windows
@pytest.mark.skip_powershell_reuse
def test_powershell_exploiter_credentials_reuse(self, island_client):
def test_depth_4_a(self, island_client):
TestMonkeyBlackbox.run_exploitation_test(
island_client,
powershell_credentials_reuse_test_configuration,
"PowerShell_Remoting_exploiter_credentials_reuse",
island_client, depth_4_a_test_configuration, "Depth4A test suite"
)
# Not grouped because it's slow
@ -157,6 +154,11 @@ class TestMonkeyBlackbox:
log_handler=log_handler,
).run()
def test_credentials_reuse_ssh_key(self, island_client):
TestMonkeyBlackbox.run_exploitation_test(
island_client, credentials_reuse_ssh_key_test_configuration, "Credentials_Reuse_SSH_Key"
)
# Not grouped because conflicts with SMB.
# Consider grouping when more depth 1 exploiters collide with group depth_1_a
def test_wmi_and_mimikatz_exploiters(self, island_client):

View File

@ -2,7 +2,8 @@ from .test_configuration import TestConfiguration
from .depth_1_a import depth_1_a_test_configuration
from .depth_2_a import depth_2_a_test_configuration
from .depth_3_a import depth_3_a_test_configuration
from .powershell_credentials_reuse import powershell_credentials_reuse_test_configuration
from .depth_4_a import depth_4_a_test_configuration
from .smb_pth import smb_pth_test_configuration
from .wmi_mimikatz import wmi_mimikatz_test_configuration
from .zerologon import zerologon_test_configuration
from .credentials_reuse_ssh_key import credentials_reuse_ssh_key_test_configuration

View File

@ -0,0 +1,71 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, Password, Username
from .noop import noop_test_configuration
from .utils import (
add_credential_collectors,
add_exploiters,
add_subnets,
add_tcp_ports,
replace_agent_configuration,
replace_propagation_credentials,
set_keep_tunnel_open_time,
set_maximum_depth,
)
# Tests:
# SSHCollector steals key from machine A(10.2.3.14),
# then B(10.2.4.15) exploits C(10.2.5.16) with that key
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
brute_force = [
PluginConfiguration(name="SSHExploiter", options={}),
]
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
subnets = ["10.2.3.14", "10.2.4.15", "10.2.5.16"]
return add_subnets(agent_configuration, subnets)
def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration:
credential_collectors = [
PluginConfiguration(name="SSHCollector", options={}),
]
return add_credential_collectors(
agent_configuration, credential_collectors=credential_collectors
)
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
ports = [22]
return add_tcp_ports(agent_configuration, ports)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3)
test_agent_configuration = set_keep_tunnel_open_time(test_agent_configuration, 20)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_credential_collectors(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
CREDENTIALS = (
Credentials(identity=Username(username="m0nk3y"), secret=None),
Credentials(identity=None, secret=Password(password="u26gbVQe")),
Credentials(identity=None, secret=Password(password="5BuYHeVl")),
)
credentials_reuse_ssh_key_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=credentials_reuse_ssh_key_test_configuration,
agent_configuration=test_agent_configuration,
)
replace_propagation_credentials(
test_configuration=credentials_reuse_ssh_key_test_configuration,
propagation_credentials=CREDENTIALS,
)

View File

@ -1,3 +1,5 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, Password, Username
@ -60,7 +62,7 @@ def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration:
return add_credential_collectors(
agent_configuration, [PluginConfiguration("MimikatzCollector", {})]
agent_configuration, [PluginConfiguration(name="MimikatzCollector", options={})]
)
@ -76,22 +78,24 @@ def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfigurati
return add_http_ports(agent_configuration, HTTP_PORTS)
test_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_configuration = _add_exploiters(test_configuration)
test_configuration = _add_fingerprinters(test_configuration)
test_configuration = _add_subnets(test_configuration)
test_configuration = _add_tcp_ports(test_configuration)
test_configuration = _add_credential_collectors(test_configuration)
test_configuration = _add_http_ports(test_configuration)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_fingerprinters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
test_agent_configuration = _add_credential_collectors(test_agent_configuration)
test_agent_configuration = _add_http_ports(test_agent_configuration)
depth_1_a_test_configuration = replace_agent_configuration(
noop_test_configuration, test_configuration
)
CREDENTIALS = (
Credentials(Username("m0nk3y"), None),
Credentials(None, Password("Ivrrw5zEzs")),
Credentials(None, Password("Xk8VDTsC")),
Credentials(identity=Username(username="m0nk3y"), secret=None),
Credentials(identity=None, secret=Password(password="Ivrrw5zEzs")),
Credentials(identity=None, secret=Password(password="Xk8VDTsC")),
)
depth_1_a_test_configuration = replace_propagation_credentials(
depth_1_a_test_configuration, CREDENTIALS
depth_1_a_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=depth_1_a_test_configuration, agent_configuration=test_agent_configuration
)
replace_propagation_credentials(
test_configuration=depth_1_a_test_configuration, propagation_credentials=CREDENTIALS
)

View File

@ -1,9 +1,13 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, Password, Username
from .noop import noop_test_configuration
from .utils import (
add_exploiters,
add_fingerprinters,
add_http_ports,
add_subnets,
add_tcp_ports,
replace_agent_configuration,
@ -14,40 +18,60 @@ from .utils import (
# Tests:
# SSH password and key brute-force, key stealing (10.2.2.11, 10.2.2.12)
# Powershell credential reuse (logging in without credentials
# to an identical user on another machine)(10.2.3.44, 10.2.3.46)
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
brute_force = [
PluginConfiguration(name="SSHExploiter", options={}),
PluginConfiguration(name="PowerShellExploiter", options={}),
]
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
vulnerability = [
PluginConfiguration(name="Log4ShellExploiter", options={}),
]
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=vulnerability)
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
subnets = [
"10.2.2.11",
"10.2.2.12",
"10.2.3.44",
"10.2.3.46",
]
return add_subnets(agent_configuration, subnets)
def _add_fingerprinters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
fingerprinters = [PluginConfiguration(name="http", options={})]
return add_fingerprinters(agent_configuration, fingerprinters)
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
ports = [22]
ports = [22, 5985, 5986, 8080]
return add_tcp_ports(agent_configuration, ports)
test_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 2)
test_configuration = _add_exploiters(test_configuration)
test_configuration = _add_subnets(test_configuration)
test_configuration = _add_tcp_ports(test_configuration)
def _add_http_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
return add_http_ports(agent_configuration, [8080])
depth_2_a_test_configuration = replace_agent_configuration(
noop_test_configuration, test_configuration
)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 2)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_fingerprinters(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
test_agent_configuration = _add_http_ports(test_agent_configuration)
CREDENTIALS = (
Credentials(Username("m0nk3y"), None),
Credentials(None, Password("^NgDvY59~8")),
Credentials(identity=Username(username="m0nk3y"), secret=None),
Credentials(identity=None, secret=Password(password="^NgDvY59~8")),
)
depth_2_a_test_configuration = replace_propagation_credentials(
depth_2_a_test_configuration, CREDENTIALS
depth_2_a_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=depth_2_a_test_configuration, agent_configuration=test_agent_configuration
)
replace_propagation_credentials(
test_configuration=depth_2_a_test_configuration, propagation_credentials=CREDENTIALS
)

View File

@ -1,3 +1,5 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, NTHash, Password, Username
@ -14,7 +16,7 @@ from .utils import (
# Tests:
# Powershell (10.2.3.45, 10.2.3.46, 10.2.3.47, 10.2.3.48)
# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.11)
# Tunneling through grandparent agent (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.11)
# WMI pass the hash (10.2.2.15)
@ -32,11 +34,9 @@ def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
subnets = [
"10.2.2.9",
"10.2.3.45",
"10.2.3.46",
"10.2.3.47",
"10.2.3.48",
"10.2.1.10",
"10.2.0.12",
"10.2.0.11",
"10.2.2.15",
]
@ -48,28 +48,27 @@ def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguratio
return add_tcp_ports(agent_configuration, ports)
test_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3)
test_configuration = set_keep_tunnel_open_time(test_configuration, 20)
test_configuration = _add_exploiters(test_configuration)
test_configuration = _add_subnets(test_configuration)
test_configuration = _add_tcp_ports(test_configuration)
depth_3_a_test_configuration = replace_agent_configuration(
noop_test_configuration, test_configuration
)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3)
test_agent_configuration = set_keep_tunnel_open_time(test_agent_configuration, 20)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
CREDENTIALS = (
Credentials(Username("m0nk3y"), None),
Credentials(Username("m0nk3y-user"), None),
Credentials(None, Password("Passw0rd!")),
Credentials(None, Password("3Q=(Ge(+&w]*")),
Credentials(None, Password("`))jU7L(w}")),
Credentials(None, Password("t67TC5ZDmz")),
Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")),
Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")),
Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")),
Credentials(identity=Username(username="m0nk3y"), secret=None),
Credentials(identity=Username(username="m0nk3y-user"), secret=None),
Credentials(identity=None, secret=Password(password="Passw0rd!")),
Credentials(identity=None, secret=Password(password="3Q=(Ge(+&w]*")),
Credentials(identity=None, secret=Password(password="`))jU7L(w}")),
Credentials(identity=None, secret=NTHash(nt_hash="d0f0132b308a0c4e5d1029cc06f48692")),
Credentials(identity=None, secret=NTHash(nt_hash="5da0889ea2081aa79f6852294cba4a5e")),
Credentials(identity=None, secret=NTHash(nt_hash="50c9987a6bf1ac59398df9f911122c9b")),
)
depth_3_a_test_configuration = replace_propagation_credentials(
depth_3_a_test_configuration, CREDENTIALS
depth_3_a_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=depth_3_a_test_configuration, agent_configuration=test_agent_configuration
)
replace_propagation_credentials(
test_configuration=depth_3_a_test_configuration, propagation_credentials=CREDENTIALS
)

View File

@ -0,0 +1,65 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, Password, Username
from .noop import noop_test_configuration
from .utils import (
add_exploiters,
add_subnets,
add_tcp_ports,
replace_agent_configuration,
replace_propagation_credentials,
set_keep_tunnel_open_time,
set_maximum_depth,
)
# Tests:
# Tunneling (SSH brute force) (10.2.2.9, 10.2.1.10, 10.2.0.12, 10.2.0.13)
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
brute_force = [
PluginConfiguration(name="SSHExploiter", options={}),
PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}),
]
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
subnets = [
"10.2.2.9",
"10.2.1.10",
"10.2.0.12",
"10.2.0.13",
]
return add_subnets(agent_configuration, subnets)
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
ports = [22, 135, 5985, 5986]
return add_tcp_ports(agent_configuration, ports)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 4)
test_agent_configuration = set_keep_tunnel_open_time(test_agent_configuration, 20)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
CREDENTIALS = (
Credentials(identity=Username(username="m0nk3y"), secret=None),
Credentials(identity=None, secret=Password(password="3Q=(Ge(+&w]*")),
Credentials(identity=None, secret=Password(password="`))jU7L(w}")),
Credentials(identity=None, secret=Password(password="prM2qsroTI")),
Credentials(identity=None, secret=Password(password="t67TC5ZDmz")),
)
depth_4_a_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=depth_4_a_test_configuration, agent_configuration=test_agent_configuration
)
replace_propagation_credentials(
test_configuration=depth_4_a_test_configuration, propagation_credentials=CREDENTIALS
)

View File

@ -1,3 +1,5 @@
from typing import Tuple
from common.agent_configuration import (
AgentConfiguration,
CustomPBAConfiguration,
@ -9,15 +11,18 @@ from common.agent_configuration import (
ScanTargetConfiguration,
TCPScanConfiguration,
)
from common.credentials import Credentials
from . import TestConfiguration
_custom_pba_configuration = CustomPBAConfiguration("", "", "", "")
_custom_pba_configuration = CustomPBAConfiguration(
linux_command="", linux_filename="", windows_command="", windows_filename=""
)
_tcp_scan_configuration = TCPScanConfiguration(timeout=3.0, ports=[])
_icmp_scan_configuration = ICMPScanConfiguration(timeout=1.0)
_scan_target_configuration = ScanTargetConfiguration(
blocked_ips=[], inaccessible_subnets=[], local_network_scan=False, subnets=[]
blocked_ips=[], inaccessible_subnets=[], scan_my_networks=False, subnets=[]
)
_network_scan_configuration = NetworkScanConfiguration(
tcp=_tcp_scan_configuration,
@ -45,9 +50,9 @@ _agent_configuration = AgentConfiguration(
payloads=[],
propagation=_propagation_configuration,
)
_propagation_credentials = tuple()
_propagation_credentials: Tuple[Credentials, ...] = tuple()
# This is an empty, NOOP configuration from which other configurations can be built
noop_test_configuration = TestConfiguration(
noop_test_configuration: TestConfiguration = TestConfiguration(
agent_configuration=_agent_configuration, propagation_credentials=_propagation_credentials
)

View File

@ -1,40 +0,0 @@
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from .noop import noop_test_configuration
from .utils import (
add_exploiters,
add_subnets,
add_tcp_ports,
replace_agent_configuration,
set_maximum_depth,
)
def _add_exploiters(agent_configuration: AgentConfiguration) -> AgentConfiguration:
brute_force = [
PluginConfiguration(name="PowerShellExploiter", options={}),
]
return add_exploiters(agent_configuration, brute_force=brute_force, vulnerability=[])
def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
subnets = [
"10.2.3.46",
]
return add_subnets(agent_configuration, subnets)
def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguration:
ports = [5985, 5986]
return add_tcp_ports(agent_configuration, ports)
test_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_configuration = _add_exploiters(test_configuration)
test_configuration = _add_subnets(test_configuration)
test_configuration = _add_tcp_ports(test_configuration)
powershell_credentials_reuse_test_configuration = replace_agent_configuration(
noop_test_configuration, test_configuration
)

View File

@ -1,3 +1,5 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, NTHash, Password, Username
@ -33,27 +35,27 @@ def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguratio
return add_tcp_ports(agent_configuration, ports)
test_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3)
test_configuration = set_keep_tunnel_open_time(test_configuration, 20)
test_configuration = _add_exploiters(test_configuration)
test_configuration = _add_subnets(test_configuration)
test_configuration = _add_tcp_ports(test_configuration)
smb_pth_test_configuration = replace_agent_configuration(
noop_test_configuration, test_configuration
)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 3)
test_agent_configuration = set_keep_tunnel_open_time(test_agent_configuration, 20)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
CREDENTIALS = (
Credentials(Username("Administrator"), None),
Credentials(Username("m0nk3y"), None),
Credentials(Username("user"), None),
Credentials(None, Password("Ivrrw5zEzs")),
Credentials(None, Password("Password1!")),
Credentials(None, NTHash("d0f0132b308a0c4e5d1029cc06f48692")),
Credentials(None, NTHash("5da0889ea2081aa79f6852294cba4a5e")),
Credentials(None, NTHash("50c9987a6bf1ac59398df9f911122c9b")),
Credentials(identity=Username(username="Administrator"), secret=None),
Credentials(identity=Username(username="m0nk3y"), secret=None),
Credentials(identity=Username(username="user"), secret=None),
Credentials(identity=None, secret=Password(password="Ivrrw5zEzs")),
Credentials(identity=None, secret=Password(password="Password1!")),
Credentials(identity=None, secret=NTHash(nt_hash="d0f0132b308a0c4e5d1029cc06f48692")),
Credentials(identity=None, secret=NTHash(nt_hash="5da0889ea2081aa79f6852294cba4a5e")),
Credentials(identity=None, secret=NTHash(nt_hash="50c9987a6bf1ac59398df9f911122c9b")),
)
smb_pth_test_configuration = replace_propagation_credentials(
smb_pth_test_configuration, CREDENTIALS
smb_pth_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=smb_pth_test_configuration, agent_configuration=test_agent_configuration
)
replace_propagation_credentials(
test_configuration=smb_pth_test_configuration, propagation_credentials=CREDENTIALS
)

View File

@ -1,18 +1,8 @@
from dataclasses import replace
from typing import Sequence, Tuple
from common.agent_configuration import (
AgentConfiguration,
ExploitationConfiguration,
ExploitationOptionsConfiguration,
NetworkScanConfiguration,
PluginConfiguration,
PropagationConfiguration,
ScanTargetConfiguration,
)
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials
from . import TestConfiguration
from envs.monkey_zoo.blackbox.test_configurations.test_configuration import TestConfiguration
def add_exploiters(
@ -20,133 +10,91 @@ def add_exploiters(
brute_force: Sequence[PluginConfiguration] = [],
vulnerability: Sequence[PluginConfiguration] = [],
) -> AgentConfiguration:
exploitation_configuration = replace(
agent_configuration.propagation.exploitation,
brute_force=brute_force,
vulnerability=vulnerability,
)
return replace_exploitation_configuration(agent_configuration, exploitation_configuration)
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.propagation.exploitation.brute_force = brute_force
agent_configuration_copy.propagation.exploitation.vulnerability = vulnerability
return agent_configuration_copy
def add_fingerprinters(
agent_configuration: AgentConfiguration, fingerprinters: Sequence[PluginConfiguration]
) -> AgentConfiguration:
network_scan_configuration = replace(
agent_configuration.propagation.network_scan, fingerprinters=fingerprinters
)
return replace_network_scan_configuration(agent_configuration, network_scan_configuration)
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.propagation.network_scan.fingerprinters = fingerprinters
return agent_configuration_copy
def add_tcp_ports(
agent_configuration: AgentConfiguration, tcp_ports: Sequence[int]
) -> AgentConfiguration:
tcp_scan_configuration = replace(
agent_configuration.propagation.network_scan.tcp, ports=tuple(tcp_ports)
)
network_scan_configuration = replace(
agent_configuration.propagation.network_scan, tcp=tcp_scan_configuration
)
return replace_network_scan_configuration(agent_configuration, network_scan_configuration)
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.propagation.network_scan.tcp.ports = tuple(tcp_ports)
return agent_configuration_copy
def add_subnets(
agent_configuration: AgentConfiguration, subnets: Sequence[str]
) -> AgentConfiguration:
scan_target_configuration = replace(
agent_configuration.propagation.network_scan.targets, subnets=subnets
)
return replace_scan_target_configuration(agent_configuration, scan_target_configuration)
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.propagation.network_scan.targets.subnets = subnets
return agent_configuration_copy
def add_credential_collectors(
agent_configuration: AgentConfiguration, credential_collectors: Sequence[PluginConfiguration]
) -> AgentConfiguration:
return replace(agent_configuration, credential_collectors=tuple(credential_collectors))
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.credential_collectors = tuple(credential_collectors)
return agent_configuration_copy
def add_http_ports(
agent_configuration: AgentConfiguration, http_ports: Sequence[int]
) -> AgentConfiguration:
exploitation_options_configuration = agent_configuration.propagation.exploitation.options
exploitation_options_configuration = replace(
exploitation_options_configuration, http_ports=http_ports
)
return replace_exploitation_options_configuration(
agent_configuration, exploitation_options_configuration
)
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.propagation.exploitation.options.http_ports = http_ports
return agent_configuration_copy
def set_keep_tunnel_open_time(
agent_configuration: AgentConfiguration, keep_tunnel_open_time: int
) -> AgentConfiguration:
return replace(agent_configuration, keep_tunnel_open_time=keep_tunnel_open_time)
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.keep_tunnel_open_time = keep_tunnel_open_time
return agent_configuration_copy
def set_maximum_depth(
agent_configuration: AgentConfiguration, maximum_depth: int
) -> AgentConfiguration:
propagation_configuration = replace(
agent_configuration.propagation, maximum_depth=maximum_depth
)
return replace_propagation_configuration(agent_configuration, propagation_configuration)
agent_configuration_copy = agent_configuration.copy(deep=True)
agent_configuration_copy.propagation.maximum_depth = maximum_depth
def replace_exploitation_configuration(
agent_configuration: AgentConfiguration, exploitation_configuration: ExploitationConfiguration
) -> AgentConfiguration:
propagation_configuration = replace(
agent_configuration.propagation, exploitation=exploitation_configuration
)
return replace_propagation_configuration(agent_configuration, propagation_configuration)
def replace_scan_target_configuration(
agent_configuration: AgentConfiguration, scan_target_configuration: ScanTargetConfiguration
) -> AgentConfiguration:
network_scan_configuration = replace(
agent_configuration.propagation.network_scan, targets=scan_target_configuration
)
return replace_network_scan_configuration(agent_configuration, network_scan_configuration)
def replace_network_scan_configuration(
agent_configuration: AgentConfiguration, network_scan_configuration: NetworkScanConfiguration
) -> AgentConfiguration:
propagation_configuration = replace(
agent_configuration.propagation, network_scan=network_scan_configuration
)
return replace_propagation_configuration(agent_configuration, propagation_configuration)
def replace_propagation_configuration(
agent_configuration: AgentConfiguration, propagation_configuration: PropagationConfiguration
) -> AgentConfiguration:
return replace(agent_configuration, propagation=propagation_configuration)
def replace_exploitation_options_configuration(
agent_configuration: AgentConfiguration,
exploitation_options_configuration: ExploitationOptionsConfiguration,
) -> AgentConfiguration:
exploitation_configuration = agent_configuration.propagation.exploitation
exploitation_configuration = replace(
exploitation_configuration, options=exploitation_options_configuration
)
return replace_exploitation_configuration(agent_configuration, exploitation_configuration)
return agent_configuration_copy
def replace_agent_configuration(
test_configuration: TestConfiguration, agent_configuration: AgentConfiguration
) -> TestConfiguration:
return replace(test_configuration, agent_configuration=agent_configuration)
):
test_configuration.agent_configuration = agent_configuration
def replace_propagation_credentials(
test_configuration: TestConfiguration, propagation_credentials: Tuple[Credentials, ...]
):
return replace(test_configuration, propagation_credentials=propagation_credentials)
test_configuration.propagation_credentials = propagation_credentials

View File

@ -1,3 +1,5 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from common.credentials import Credentials, Password, Username
@ -31,7 +33,7 @@ def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
def _add_credential_collectors(agent_configuration: AgentConfiguration) -> AgentConfiguration:
return add_credential_collectors(
agent_configuration, [PluginConfiguration("MimikatzCollector", {})]
agent_configuration, [PluginConfiguration(name="MimikatzCollector", options={})]
)
@ -40,25 +42,25 @@ def _add_tcp_ports(agent_configuration: AgentConfiguration) -> AgentConfiguratio
return add_tcp_ports(agent_configuration, ports)
test_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_configuration = _add_exploiters(test_configuration)
test_configuration = _add_subnets(test_configuration)
test_configuration = _add_credential_collectors(test_configuration)
test_configuration = _add_tcp_ports(test_configuration)
test_configuration = _add_credential_collectors(test_configuration)
wmi_mimikatz_test_configuration = replace_agent_configuration(
noop_test_configuration, test_configuration
)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
test_agent_configuration = _add_credential_collectors(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
test_agent_configuration = _add_credential_collectors(test_agent_configuration)
CREDENTIALS = (
Credentials(Username("Administrator"), None),
Credentials(Username("m0nk3y"), None),
Credentials(Username("user"), None),
Credentials(None, Password("Ivrrw5zEzs")),
Credentials(None, Password("Password1!")),
Credentials(identity=Username(username="Administrator"), secret=None),
Credentials(identity=Username(username="m0nk3y"), secret=None),
Credentials(identity=Username(username="user"), secret=None),
Credentials(identity=None, secret=Password(password="Ivrrw5zEzs")),
Credentials(identity=None, secret=Password(password="Password1!")),
)
wmi_mimikatz_test_configuration = replace_propagation_credentials(
wmi_mimikatz_test_configuration, CREDENTIALS
wmi_mimikatz_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=wmi_mimikatz_test_configuration, agent_configuration=test_agent_configuration
)
replace_propagation_credentials(
test_configuration=wmi_mimikatz_test_configuration, propagation_credentials=CREDENTIALS
)

View File

@ -1,3 +1,5 @@
import dataclasses
from common.agent_configuration import AgentConfiguration, PluginConfiguration
from .noop import noop_test_configuration
@ -27,11 +29,12 @@ def _add_subnets(agent_configuration: AgentConfiguration) -> AgentConfiguration:
return add_subnets(agent_configuration, subnets)
test_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_configuration = _add_exploiters(test_configuration)
test_configuration = _add_tcp_ports(test_configuration)
test_configuration = _add_subnets(test_configuration)
test_agent_configuration = set_maximum_depth(noop_test_configuration.agent_configuration, 1)
test_agent_configuration = _add_exploiters(test_agent_configuration)
test_agent_configuration = _add_tcp_ports(test_agent_configuration)
test_agent_configuration = _add_subnets(test_agent_configuration)
zerologon_test_configuration = replace_agent_configuration(
noop_test_configuration, test_configuration
zerologon_test_configuration = dataclasses.replace(noop_test_configuration)
replace_agent_configuration(
test_configuration=zerologon_test_configuration, agent_configuration=test_agent_configuration
)

View File

@ -11,6 +11,9 @@ This document describes Infection Monkeys test network, how to deploy and use
[Nr. 3 Hadoop](#_Toc526517183)<br>
[Nr. 9 Tunneling M1](#_Toc536021462)<br>
[Nr. 10 Tunneling M2](#_Toc536021463)<br>
[Nr. 11 Tunneling M1](#_Toc536021464)<br>
[Nr. 12 Tunneling M2](#_Toc536021465)<br>
[Nr. 13 Tunneling M2](#_Toc536021466)<br>
[Nr. 11 SSH key steal](#_Toc526517190)<br>
[Nr. 12 SSH key steal](#_Toc526517191)<br>
[Nr. 13 RDP grinder](#_Toc526517192)<br>
@ -25,6 +28,9 @@ This document describes Infection Monkeys test network, how to deploy and use
[Nr. 3-46 Powershell](#_Toc536021480)<br>
[Nr. 3-47 Powershell](#_Toc536021481)<br>
[Nr. 3-48 Powershell](#_Toc536021482)<br>
[Nr. 14 Credentials Reuse](#_Toc536121480)<br>
[Nr. 15 Credentials Reuse](#_Toc536121481)<br>
[Nr. 16 Credentials Reuse](#_Toc536121482)<br>
[Nr. 3-49 Log4j Solr](#_Toc536021483)<br>
[Nr. 3-50 Log4j Solr](#_Toc536021484)<br>
[Nr. 3-51 Log4j Tomcat](#_Toc536021485)<br>
@ -303,7 +309,7 @@ Update all requirements using deployment script:<br>
</tr>
<tr class="even">
<td>Root password:</td>
<td>3Q=(Ge(+&amp;w]*</td>
<td>3Q=(Ge(+&w]*</td>
</tr>
<tr class="odd">
<td>Servers config:</td>
@ -319,7 +325,7 @@ Update all requirements using deployment script:<br>
<table>
<thead>
<tr class="header">
<th><p><span id="_Toc536021463" class="anchor"></span>Nr. <strong>11</strong> Tunneling M3</p>
<th><p><span id="_Toc536021464" class="anchor"></span>Nr. <strong>11</strong> Tunneling M3</p>
<p>(10.2.0.11)</p></th>
<th>(Exploitable)</th>
</tr>
@ -343,7 +349,10 @@ Update all requirements using deployment script:<br>
</tr>
<tr class="odd">
<td>Servers config:</td>
<td>Default</td>
<td>Contains firewall rules to block everything from 10.2.1.10 except ssh.
This prevents tunneling communication, but allows ssh exploitation.
Contains firewall rules to allow everything from 10.2.1.9 except ssh.
This prevents ssh exploitation, but allows tunneling.</td>
</tr>
<tr class="even">
<td>Notes:</td>
@ -355,7 +364,7 @@ Update all requirements using deployment script:<br>
<table>
<thead>
<tr class="header">
<th><p><span id="_Toc536021463" class="anchor"></span>Nr. <strong>12</strong> Tunneling M4</p>
<th><p><span id="_Toc536021465" class="anchor"></span>Nr. <strong>12</strong> Tunneling M4</p>
<p>(10.2.0.12)</p></th>
<th>(Exploitable)</th>
</tr>
@ -384,6 +393,38 @@ Update all requirements using deployment script:<br>
</tbody>
</table>
<table>
<thead>
<tr class="header">
<th><p><span id="_Toc536021466" class="anchor"></span>Nr. <strong>13</strong> Tunneling M5</p>
<p>(10.2.0.13)</p></th>
<th>(Exploitable)</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td>OS:</td>
<td><strong>Ubuntu 18 x64</strong></td>
</tr>
<tr class="odd">
<td>Default services port:</td>
<td>22</td>
</tr>
<tr class="even">
<td>Root password:</td>
<td>prM2qsroTI</td>
</tr>
<tr class="odd">
<td>Servers config:</td>
<td>Configured to disable traffic from/to 10.2.0.10 and 10.2.0.11(via ufw and iptables)</td>
</tr>
<tr class="even">
<td>Notes:</td>
<td>Accessible only through Nr.12</td>
</tr>
</tbody>
</table>
<table>
<thead>
<tr class="header">
@ -718,6 +759,38 @@ Update all requirements using deployment script:<br>
</tbody>
</table>
<table>
<thead>
<tr class="header">
<th><p><span id="_Toc536021479" class="anchor"></span>Nr. <strong>3-44 Powershell</strong></p>
<p>(10.2.3.44)</p></th>
<th>(Vulnerable)</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td>OS:</td>
<td><strong>Windows Server 2016 x64</strong></td>
</tr>
<tr class="even">
<td>Software:</td>
<td>WinRM service</td>
</tr>
<tr class="odd">
<td>Default servers port: 5985, 5986</td>
<td>-</td>
</tr>
<tr class="even">
<td>Notes:</td>
<td>User: m0nk3y, Password: nPj8rbc3<br>
Accessible using the same m0nk3y user from powershell-3-46,
in other words powershell exploiter can exploit
this machine without credentials as long as the user running the agent has
the same credentials on both machines</td>
</tr>
</tbody>
</table>
<table>
<thead>
<tr class="header">
@ -763,17 +836,17 @@ Accessibale through Island using m0nk3y-user.</td>
<tr class="even">
<td>Software:</td>
<td>WinRM service</td>
<td>Tomcat 8.0.36</td>
</tr>
<tr class="odd">
<td>Default servers port:</td>
<td>Default servers port:8080</td>
<td>-</td>
</tr>
<tr class="even">
<td>Notes:</td>
<td>User: m0nk3y, Password: nPj8rbc3<br>
Accessible using the same m0nk3y user from island, in other words powershell exploiter can exploit
this machine without credentials as long as the user running the agent is the same on both
machines</td>
Exploited from island via log4shell(tomcat). Then uses cached powershell credentials to
propagate to powershell-3-44</td>
</tr>
</tbody>
</table>
@ -836,6 +909,120 @@ Accessiable only through <strong>3-45 Powershell</strong> using credentials reus
</tbody>
</table>
<table>
<thead>
<tr class="header">
<th><p><span id="_Toc536121480" class="anchor"></span>Nr. <strong>14</strong> Credentials Reuse</p>
<p>(10.2.3.14, 10.2.4.14)</p></th>
<th>(Exploitable)</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td>OS:</td>
<td><strong>Ubuntu 16.04.05 x64</strong></td>
</tr>
<tr class="even">
<td>Software:</td>
<td>OpenSSL</td>
</tr>
<tr class="odd">
<td>Default services port:</td>
<td>22</td>
</tr>
<tr class="even">
<td>Credentials:</td>
<td>m0nk3y:u26gbVQe</td>
</tr>
<tr class="odd">
<td>Servers config:</td>
<td>VPC network that can only access Credentials Reuse 15 and Island.</td>
</tr>
<tr class="even">
<td>Notes:</td>
<td>Accessible from the Island with password authentication</td>
</tr>
</tbody>
</table>
<table>
<thead>
<tr class="header">
<th><p><span id="_Toc536121481" class="anchor"></span>Nr. <strong>15</strong> Credentials Reuse</p>
<p>(10.2.4.15, 10.2.5.15)</p></th>
<th>(Exploitable)</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td>OS:</td>
<td><strong>Ubuntu 16.04.05 x64</strong></td>
</tr>
<tr class="even">
<td>Software:</td>
<td>OpenSSL</td>
</tr>
<tr class="odd">
<td>Default services port:</td>
<td>22</td>
</tr>
<tr class="even">
<td>Credentials:</td>
<td>m0nk3y:5BuYHeVl</td>
</tr>
<tr class="odd">
<td>Servers config:</td>
<td>VPC network that can be only accessed by Credentials Reuse 14 and communicate to<br>
Credentials Reuse 16.
</td>
</tr>
<tr class="even">
<td>Notes:</td>
<td>Accessible from the Credentials Reuse 14 with password authentication</td>
</tr>
</tbody>
</table>
<table>
<thead>
<tr class="header">
<th><p><span id="_Toc536121482" class="anchor"></span>Nr. <strong>16</strong> Credentials Reuse</p>
<p>(10.2.3.16, 10.2.5.16)</p></th>
<th>(Exploitable)</th>
</tr>
</thead>
<tbody>
<tr class="odd">
<td>OS:</td>
<td><strong>Ubuntu 16.04.05 x64</strong></td>
</tr>
<tr class="even">
<td>Software:</td>
<td>OpenSSL</td>
</tr>
<tr class="odd">
<td>Default services port:</td>
<td>22</td>
</tr>
<tr class="even">
<td>Credentials:</td>
<td>m0nk3y:lIZl6vTR</td>
</tr>
<tr class="odd">
<td>Servers config:</td>
<td>VPC network that can be only accessed by Credentials Reuse 15 and communicate to<br>
the Island.
</td>
</tr>
<tr class="even">
<td>Notes:</td>
<td>Accessible from the Credentials Reuse 15 with passwordless ssh key authentication.<br>
We use the ssh key that was stolen from Credentials Reuse 16</td>
</tr>
</tbody>
</table>
<table>
<thead>
<tr class="header">

Binary file not shown.

After

Width:  |  Height:  |  Size: 13 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 22 KiB

View File

@ -0,0 +1 @@
<mxfile host="app.diagrams.net" modified="2022-09-23T15:01:54.105Z" agent="5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36" etag="spZrDzUM2aBFwquXRZY8" version="20.3.0" type="device"><diagram id="YCekmHjAy1LVhBsJn630" name="Page-1">7VjbjpswEP2aSO1DEGBIyOPmst1WqZRqpV6eVg444K3B1Di3/fraYC4OyXajJKKqKuWBGXuM58zxGZMemMS7Dwym0WcaINKzzWDXA9OebVuObffkzwz2hWc4cgpHyHCgJtWOR/yClNNU3jUOUKZN5JQSjlPd6dMkQT7XfJAxutWnrSjR35rCELUcjz4kbe83HPCo8HquWfsfEA6j8s2WqUZiWE5WjiyCAd02XGDWAxNGKS+e4t0EEQleiUsRd39itNoYQwl/S4CN5unz0yd7/JBEwfPw69MX8KuvVsn4vkwYBSJ/ZVLGIxrSBJJZ7R0zuk4CJFc1hVXPmVOaCqclnM+I870qJlxzKlwRj4kaFRtm++8qPjd+SMOw3dKe7pqj072yVpiQCSWU5VsFK89Hvi/8GWf0J2qMLD3XcWVEkZ7M6SRqJQR0zXz0ClSKyByyEPHXIHWq4opTgWiMRAoikCECOd7oG4GKnmE1T4XeMQb3jQkpxQnPGisvpENMUCfNBopm6pzZgwM2nDdfPBQ7OBE9PIh2R8ZIz6jAScVpCzdQqV05Wc8gbqkrG0jWCtI5DZ3HSMS+4zT2IX9/lNtzuBQSpfEREhwm4tkXnECCQeMNYhwLDbhTAzEOgoL6KMMvcJmvJ+mlqiIWd8c9d1oRTi6AdlqllUCp4FoWmlQ8fUTbdFKr98WxsSxPq8agsM4j3BGGaIv2HX0Bulpl6DalbVX2Y0ZgErTKqQvRNsIcPaYwP8Rb0Y30Ip8sTEsLTmI9OiC9U5F+W7eGqgFEjbbgmafR1+A7FyvQiX7vMM/l2zBLsxBwz1Vmrd/S2DeMBWJYpC6P2fTKAm05b1RouwuBBgNLYw+wLhFcYLYEt8DndoLrdntVMNzmZcH6m28KbyciuJCJF2lH2ScaQrugW8SyqAj2GQpE7hiSfEvrDP0bDbVg8kmVNw1rqHc+cFk/vX3HLAnXqGRaVbIP+o6o9IAITMZLJp5CnuN66LHEVcIAhjPovNGCwWGnNTvus2UODYRbKFUfeBKkAArwS8Qa6OgClNAEtdVqdu/d23IykUdrQTPMMT16nuYHE5aUi7vvkQPHpd62zyVdc4ITsZ3y41nuVuSRypTiXSi/6Y0NQjA24uxpi5Mg/6C+Ro0d57CjtWvsHCkxGBnerYo87KLFXbHxlFf2m9+ALoMZ/EGtnHPUyulcrSrV2eus7U6s2u3gv1hdtSFZtxQrYdb/ChZXhPq/VTD7DQ==</diagram></mxfile>

View File

@ -0,0 +1 @@
<mxfile host="app.diagrams.net" modified="2022-09-09T14:43:18.604Z" agent="5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36" etag="hR7zJg_PJGBkx010pojR" version="20.3.0" type="device"><diagram id="UsVsRtHn_Xg_yxI8nRbj" name="Page-1">7VrbbuM2EP0aP9aQRN38uLHsTYEtGiAo0jwFjMSV2KVEg6J86deXtEhbF1eWW9tSsEHyYM6MJHLOOcPRZQLm6fYrg6vkNxohMrGMaDsBwcSyTNuyJvLfiHalxZvZpSFmOFJBR8Mz/hspo6GsBY5QXgvklBKOV3VjSLMMhbxmg4zRTT3sOyX1q65gjFqG5xCStvUFRzwprb5jHO2PCMeJvrJpKE8KdbAy5AmM6KZiAosJmDNKefkr3c4RkcnTeSmPW/6L9zAxhjLe5wAneCPB79/gSxC+PT4t053Jlr94am58pxeMIrF+NaSMJzSmGSSLo/WB0SKLkDyrIUbHmG+UroTRFMa/EOc7BSYsOBWmhKdEedszV4vJacFC1DFdzQDIYsQ74hTp5FoqF1B5+YpoijjbiQCGCOR4XccaKsrEhzh16BfG4K4SsKI443nlzE/SIAIU+w/QK+6bbgOhy+LFj3IGelRZytG0R/0CBqhFryEpVBp+zQnMohYx6rBvEszR8wru4doI7feEeI0YR9tOUJTXbyRDS25zlOFBbElFgvq4UzBWUnl5pvyPpRWrp1bMUWpFbwB9tdKIv41WZkMwQADPdn+q4/eDVzmYWo4eB9uqN9ip0e2pA0ZBHdCsFF43dc7E34Y6VqvM8kJ0LARnsaSVS0SeH96Z+BXzPXZNiykQF38nYvcec9om570rtuWOrWTrLvKj1GzQU3j2KIRnzxp4n6nZZ+Jv1N9YP0nR7ssdZ5Tc0TXgWlwIXsHzDIePThy8sMfiD7i0uG51hqgGjXTfFmJrEESNBqLGmWrQHX+bagA6tmFZjXruw+b0VPDeZUxPbDr33olte3Q78YDa+y9Ssy+R2jWr6f/Kst1Fb/MSep8I1vRuIzk4vb2h2Q2GbTIqfcVr1Xn1JsPpKYtx3BnarlPjCbhLw2n/JA1nXy64o+CC12w3/O725Ez8bbjjdNVvq3f9FkW6fddz7yLtNB6zHJ4ODFelnY/Vg7g9BTaOOzrPrOMNzjwNOBN/G4G5XQIDlwisvePfW2CePTqBea30trKU/0A8TFSS9pxCbLFGklplZg7vSWVABPPkkNJK+nLO6A80p4QyYcloJqX6HROiTRMLBEt/bov8PRD4jsgTzTHHNBO+EMmLCofMNQ6FlhsB75RzmlYCvhAcSweXmn+AanQ4Dy24YJCYjn4HbZTrWMk1p9tYvhqfrhGCqTUVgcX2ShW2+b5w1iYAsNv4a9v18fc/8b8j/qBZAMyh8Z994j+g/r2B4dfT+YT/LvD7DfiB4Q6Mf/tbkjb+14J3sfSXljkueKdp/rbBWbT/6uwaELuNN6rAakvcPtHhgdnUvxhkMTx+jVY23Mdv+sDiHw==</diagram></mxfile>

View File

@ -23,6 +23,10 @@ data "google_compute_image" "tunneling-12" {
name = "tunneling-12"
project = local.monkeyzoo_project
}
data "google_compute_image" "tunneling-13" {
name = "tunneling-13"
project = local.monkeyzoo_project
}
data "google_compute_image" "sshkeys-11" {
name = "sshkeys-11"
project = local.monkeyzoo_project
@ -55,10 +59,26 @@ data "google_compute_image" "powershell-3-46" {
name = "powershell-3-46"
project = local.monkeyzoo_project
}
data "google_compute_image" "powershell-3-44" {
name = "powershell-3-44"
project = local.monkeyzoo_project
}
data "google_compute_image" "powershell-3-45" {
name = "powershell-3-45"
project = local.monkeyzoo_project
}
data "google_compute_image" "credentials-reuse-14" {
name = "credentials-reuse-14"
project = local.monkeyzoo_project
}
data "google_compute_image" "credentials-reuse-15" {
name = "credentials-reuse-15"
project = local.monkeyzoo_project
}
data "google_compute_image" "credentials-reuse-16" {
name = "credentials-reuse-16"
project = local.monkeyzoo_project
}
data "google_compute_image" "log4j-solr-49" {
name = "log4j-solr-49"
project = local.monkeyzoo_project

View File

@ -44,6 +44,18 @@ resource "google_compute_subnetwork" "tunneling2-main" {
network = google_compute_network.tunneling2.self_link
}
resource "google_compute_subnetwork" "credential-reuse" {
name = "${local.resource_prefix}credential-reuse"
ip_cidr_range = "10.2.4.0/24"
network = google_compute_network.credential-reuse.self_link
}
resource "google_compute_subnetwork" "credential-reuse2" {
name = "${local.resource_prefix}credential-reuse2"
ip_cidr_range = "10.2.5.0/24"
network = google_compute_network.credential-reuse2.self_link
}
resource "google_compute_instance_from_template" "hadoop-2" {
name = "${local.resource_prefix}hadoop-2"
source_instance_template = local.default_ubuntu
@ -127,6 +139,10 @@ resource "google_compute_instance_from_template" "tunneling-11" {
subnetwork="${local.resource_prefix}tunneling2-main"
network_ip="10.2.0.11"
}
network_interface{
subnetwork="${local.resource_prefix}tunneling-main"
network_ip="10.2.1.11"
}
}
resource "google_compute_instance_from_template" "tunneling-12" {
@ -144,6 +160,21 @@ resource "google_compute_instance_from_template" "tunneling-12" {
}
}
resource "google_compute_instance_from_template" "tunneling-13" {
name = "${local.resource_prefix}tunneling-13"
source_instance_template = local.default_ubuntu
boot_disk{
initialize_params {
image = data.google_compute_image.tunneling-13.self_link
}
auto_delete = true
}
network_interface{
subnetwork="${local.resource_prefix}tunneling2-main"
network_ip="10.2.0.13"
}
}
resource "google_compute_instance_from_template" "sshkeys-11" {
name = "${local.resource_prefix}sshkeys-11"
source_instance_template = local.default_ubuntu
@ -280,18 +311,18 @@ resource "google_compute_instance_from_template" "powershell-3-46" {
}
}
resource "google_compute_instance_from_template" "powershell-3-45" {
name = "${local.resource_prefix}powershell-3-45"
resource "google_compute_instance_from_template" "powershell-3-44" {
name = "${local.resource_prefix}powershell-3-44"
source_instance_template = local.default_windows
boot_disk{
initialize_params {
image = data.google_compute_image.powershell-3-45.self_link
image = data.google_compute_image.powershell-3-44.self_link
}
auto_delete = true
}
network_interface {
subnetwork="${local.resource_prefix}monkeyzoo-main"
network_ip="10.2.3.45"
subnetwork="${local.resource_prefix}monkeyzoo-main-1"
network_ip="10.2.3.44"
}
}
@ -305,11 +336,68 @@ resource "google_compute_instance_from_template" "powershell-3-45" {
auto_delete = true
}
network_interface {
subnetwork="${local.resource_prefix}monkeyzoo-main"
subnetwork="${local.resource_prefix}monkeyzoo-main-1"
network_ip="10.2.3.45"
}
}
resource "google_compute_instance_from_template" "credentials-reuse-14" {
name = "${local.resource_prefix}credentials-reuse-14"
source_instance_template = local.default_linux
boot_disk{
initialize_params {
image = data.google_compute_image.credentials-reuse-14.self_link
}
auto_delete = true
}
network_interface {
subnetwork="${local.resource_prefix}monkeyzoo-main-1"
network_ip="10.2.3.14"
}
network_interface {
subnetwork="${local.resource_prefix}credential-reuse"
network_ip="10.2.4.14"
}
}
resource "google_compute_instance_from_template" "credentials-reuse-15" {
name = "${local.resource_prefix}credentials-reuse-15"
source_instance_template = local.default_linux
boot_disk{
initialize_params {
image = data.google_compute_image.credentials-reuse-15.self_link
}
auto_delete = true
}
network_interface {
subnetwork="${local.resource_prefix}credential-reuse"
network_ip="10.2.4.15"
}
network_interface {
subnetwork="${local.resource_prefix}credential-reuse2"
network_ip="10.2.5.15"
}
}
resource "google_compute_instance_from_template" "credentials-reuse-16" {
name = "${local.resource_prefix}credentials-reuse-16"
source_instance_template = local.default_linux
boot_disk{
initialize_params {
image = data.google_compute_image.credentials-reuse-16.self_link
}
auto_delete = true
}
network_interface {
subnetwork="${local.resource_prefix}credential-reuse2"
network_ip="10.2.5.16"
}
network_interface {
subnetwork="${local.resource_prefix}monkeyzoo-main-1"
network_ip="10.2.3.16"
}
}
resource "google_compute_instance_from_template" "log4j-solr-49" {
name = "${local.resource_prefix}log4j-solr-49"
source_instance_template = local.default_linux

View File

@ -1,3 +1,6 @@
from ipaddress import IPv4Address
from typing import Collection
import pytest
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
@ -40,18 +43,17 @@ def island_client(island):
@pytest.mark.usefixtures("island_client")
# noinspection PyUnresolvedReferences
class TestOSCompatibility(object):
def test_os_compat(self, island_client):
def test_os_compat(self, island_client: MonkeyIslandClient):
print()
all_monkeys = island_client.get_all_monkeys_from_db()
ips_that_communicated = []
for monkey in all_monkeys:
for ip in monkey["ip_addresses"]:
if ip in machine_list:
ips_that_communicated.append(ip)
break
ips_that_communicated = self._get_agent_ips(island_client)
for ip, os in machine_list.items():
if ip not in ips_that_communicated:
if IPv4Address(ip) not in ips_that_communicated:
print("{} didn't communicate to island".format(os))
if len(ips_that_communicated) < len(machine_list):
assert False
def _get_agent_ips(self, island_client: MonkeyIslandClient) -> Collection[IPv4Address]:
agents = island_client.get_agents()
machines = island_client.get_machines()
return {i.ip for a in agents for i in machines[a.machine_id].network_interfaces}

View File

@ -7,3 +7,4 @@ from .operating_system import OperatingSystem
from . import types
from . import base_models
from .agent_registration_data import AgentRegistrationData
from .agent_signals import AgentSignals

View File

@ -1,4 +1,4 @@
from .agent_configuration import AgentConfiguration, InvalidConfigurationError
from .agent_configuration import AgentConfiguration
from .agent_sub_configurations import (
CustomPBAConfiguration,
PluginConfiguration,

View File

@ -1,17 +1,9 @@
from __future__ import annotations
from typing import Tuple
from dataclasses import dataclass
from typing import Any, Mapping, Tuple
from pydantic import confloat
from marshmallow import Schema, fields, validate
from marshmallow.exceptions import MarshmallowError
from common.base_models import MutableInfectionMonkeyBaseModel
from ..utils.code_utils import freeze_lists_in_mapping
from .agent_sub_configuration_schemas import (
CustomPBAConfigurationSchema,
PluginConfigurationSchema,
PropagationConfigurationSchema,
)
from .agent_sub_configurations import (
CustomPBAConfiguration,
PluginConfiguration,
@ -19,107 +11,10 @@ from .agent_sub_configurations import (
)
class InvalidConfigurationError(Exception):
def __init__(self, message: str):
self._message = message
def __str__(self) -> str:
return (
f"Cannot construct an AgentConfiguration object with the supplied, invalid data: "
f"{self._message}"
)
@dataclass(frozen=True)
class AgentConfiguration:
"""
A configuration for Infection Monkey agents
Attributes:
:param keep_tunnel_open_time: Maximum time in seconds to keep a tunnel open after
the last exploit
:param custom_pbas: Configuration for custom post-breach actions
:param post_breach_actions: Configuration for post-breach actions
:param credential_collectors: Configuration for credential collectors
:param payloads: Configuration for payloads
:param propagation: Configuration for propagation
"""
keep_tunnel_open_time: float
class AgentConfiguration(MutableInfectionMonkeyBaseModel):
keep_tunnel_open_time: confloat(ge=0) # type: ignore[valid-type]
custom_pbas: CustomPBAConfiguration
post_breach_actions: Tuple[PluginConfiguration, ...]
credential_collectors: Tuple[PluginConfiguration, ...]
payloads: Tuple[PluginConfiguration, ...]
propagation: PropagationConfiguration
def __post_init__(self):
# This will raise an exception if the object is invalid. Calling this in __post__init()
# makes it impossible to construct an invalid object
try:
AgentConfigurationSchema().dump(self)
except Exception as err:
raise InvalidConfigurationError(str(err))
@staticmethod
def from_mapping(config_mapping: Mapping[str, Any]) -> AgentConfiguration:
"""
Construct an AgentConfiguration from a Mapping
:param config_mapping: A Mapping that represents an AgentConfiguration
:return: An AgentConfiguration
:raises: InvalidConfigurationError if the provided Mapping does not represent a valid
AgentConfiguration
"""
try:
config_dict = AgentConfigurationSchema().load(config_mapping)
config_dict = freeze_lists_in_mapping(config_dict)
return AgentConfiguration(**config_dict)
except MarshmallowError as err:
raise InvalidConfigurationError(str(err))
@staticmethod
def from_json(config_json: str) -> AgentConfiguration:
"""
Construct an AgentConfiguration from a JSON string
:param config_json: A JSON string that represents an AgentConfiguration
:return: An AgentConfiguration
:raises: InvalidConfigurationError if the provided JSON does not represent a valid
AgentConfiguration
"""
try:
config_dict = AgentConfigurationSchema().loads(config_json)
config_dict = freeze_lists_in_mapping(config_dict)
return AgentConfiguration(**config_dict)
except MarshmallowError as err:
raise InvalidConfigurationError(str(err))
@staticmethod
def to_mapping(config: AgentConfiguration) -> Mapping[str, Any]:
"""
Serialize an AgentConfiguration to a Mapping
:param config: An AgentConfiguration
:return: A Mapping that represents the AgentConfiguration
"""
return AgentConfigurationSchema().dump(config)
@staticmethod
def to_json(config: AgentConfiguration) -> str:
"""
Serialize an AgentConfiguration to JSON
:param config: An AgentConfiguration
:return: A JSON string that represents the AgentConfiguration
"""
return AgentConfigurationSchema().dumps(config)
class AgentConfigurationSchema(Schema):
keep_tunnel_open_time = fields.Float(validate=validate.Range(min=0))
custom_pbas = fields.Nested(CustomPBAConfigurationSchema)
post_breach_actions = fields.List(fields.Nested(PluginConfigurationSchema))
credential_collectors = fields.List(fields.Nested(PluginConfigurationSchema))
payloads = fields.List(fields.Nested(PluginConfigurationSchema))
propagation = fields.Nested(PropagationConfigurationSchema)

View File

@ -1,112 +0,0 @@
from marshmallow import Schema, fields, post_load, validate
from .agent_sub_configurations import (
CustomPBAConfiguration,
ExploitationConfiguration,
ExploitationOptionsConfiguration,
ICMPScanConfiguration,
NetworkScanConfiguration,
PluginConfiguration,
PropagationConfiguration,
ScanTargetConfiguration,
TCPScanConfiguration,
)
from .utils import freeze_lists
from .validators import (
validate_ip,
validate_linux_filename,
validate_subnet_range,
validate_windows_filename,
)
class CustomPBAConfigurationSchema(Schema):
linux_command = fields.Str()
linux_filename = fields.Str(validate=validate_linux_filename)
windows_command = fields.Str()
windows_filename = fields.Str(validate=validate_windows_filename)
@post_load
def _make_custom_pba_configuration(self, data, **kwargs):
return CustomPBAConfiguration(**data)
class PluginConfigurationSchema(Schema):
name = fields.Str()
options = fields.Mapping()
@post_load
def _make_plugin_configuration(self, data, **kwargs):
return PluginConfiguration(**data)
class ScanTargetConfigurationSchema(Schema):
blocked_ips = fields.List(fields.Str(validate=validate_ip))
inaccessible_subnets = fields.List(fields.Str(validate=validate_subnet_range))
local_network_scan = fields.Bool()
subnets = fields.List(fields.Str(validate=validate_subnet_range))
@post_load
@freeze_lists
def _make_scan_target_configuration(self, data, **kwargs):
return ScanTargetConfiguration(**data)
class ICMPScanConfigurationSchema(Schema):
timeout = fields.Float(validate=validate.Range(min=0))
@post_load
def _make_icmp_scan_configuration(self, data, **kwargs):
return ICMPScanConfiguration(**data)
class TCPScanConfigurationSchema(Schema):
timeout = fields.Float(validate=validate.Range(min=0))
ports = fields.List(fields.Int(validate=validate.Range(min=0, max=65535)))
@post_load
@freeze_lists
def _make_tcp_scan_configuration(self, data, **kwargs):
return TCPScanConfiguration(**data)
class NetworkScanConfigurationSchema(Schema):
tcp = fields.Nested(TCPScanConfigurationSchema)
icmp = fields.Nested(ICMPScanConfigurationSchema)
fingerprinters = fields.List(fields.Nested(PluginConfigurationSchema))
targets = fields.Nested(ScanTargetConfigurationSchema)
@post_load
@freeze_lists
def _make_network_scan_configuration(self, data, **kwargs):
return NetworkScanConfiguration(**data)
class ExploitationOptionsConfigurationSchema(Schema):
http_ports = fields.List(fields.Int(validate=validate.Range(min=0, max=65535)))
@post_load
@freeze_lists
def _make_exploitation_options_configuration(self, data, **kwargs):
return ExploitationOptionsConfiguration(**data)
class ExploitationConfigurationSchema(Schema):
options = fields.Nested(ExploitationOptionsConfigurationSchema)
brute_force = fields.List(fields.Nested(PluginConfigurationSchema))
vulnerability = fields.List(fields.Nested(PluginConfigurationSchema))
@post_load
@freeze_lists
def _make_exploitation_options_configuration(self, data, **kwargs):
return ExploitationConfiguration(**data)
class PropagationConfigurationSchema(Schema):
maximum_depth = fields.Int(validate=validate.Range(min=0))
network_scan = fields.Nested(NetworkScanConfigurationSchema)
exploitation = fields.Nested(ExploitationConfigurationSchema)
@post_load
def _make_propagation_configuration(self, data, **kwargs):
return PropagationConfiguration(**data)

View File

@ -1,9 +1,19 @@
from dataclasses import dataclass
from typing import Dict, Tuple
from pydantic import PositiveFloat, conint, validator
@dataclass(frozen=True)
class CustomPBAConfiguration:
from common.base_models import MutableInfectionMonkeyBaseModel
from common.types import NetworkPort
from .validators import (
validate_ip,
validate_linux_filename,
validate_subnet_range,
validate_windows_filename,
)
class CustomPBAConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for custom post-breach actions
@ -24,9 +34,18 @@ class CustomPBAConfiguration:
windows_command: str
windows_filename: str
@validator("linux_filename")
def linux_filename_valid(cls, filename):
validate_linux_filename(filename)
return filename
@dataclass(frozen=True)
class PluginConfiguration:
@validator("windows_filename")
def windows_filename_valid(cls, filename):
validate_windows_filename(filename)
return filename
class PluginConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for plugins
@ -52,8 +71,7 @@ class PluginConfiguration:
options: Dict
@dataclass(frozen=True)
class ScanTargetConfiguration:
class ScanTargetConfiguration(MutableInfectionMonkeyBaseModel):
"""
Configuration of network targets to scan and exploit
@ -62,7 +80,8 @@ class ScanTargetConfiguration:
Example: ("1.1.1.1", "2.2.2.2")
:param inaccessible_subnets: Subnet ranges that shouldn't be accessible for the agent
Example: ("1.1.1.1", "2.2.2.2/24", "myserver")
:param local_network_scan: Whether or not the agent should scan the local network
:param scan_my_networks: If true the Agent will scan networks it belongs to
in addition to the provided subnet ranges
:param subnets: Subnet ranges to scan
Example: ("192.168.1.1-192.168.2.255", "3.3.3.3", "2.2.2.2/24",
"myHostname")
@ -70,12 +89,26 @@ class ScanTargetConfiguration:
blocked_ips: Tuple[str, ...]
inaccessible_subnets: Tuple[str, ...]
local_network_scan: bool
scan_my_networks: bool
subnets: Tuple[str, ...]
@validator("blocked_ips", each_item=True)
def blocked_ips_valid(cls, ip):
validate_ip(ip)
return ip
@dataclass(frozen=True)
class ICMPScanConfiguration:
@validator("inaccessible_subnets", each_item=True)
def inaccessible_subnets_valid(cls, subnet_range):
validate_subnet_range(subnet_range)
return subnet_range
@validator("subnets", each_item=True)
def subnets_valid(cls, subnet_range):
validate_subnet_range(subnet_range)
return subnet_range
class ICMPScanConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for ICMP scanning
@ -83,11 +116,10 @@ class ICMPScanConfiguration:
:param timeout: Maximum time in seconds to wait for a response from the target
"""
timeout: float
timeout: PositiveFloat
@dataclass(frozen=True)
class TCPScanConfiguration:
class TCPScanConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for TCP scanning
@ -96,12 +128,11 @@ class TCPScanConfiguration:
:param ports: Ports to scan
"""
timeout: float
ports: Tuple[int, ...]
timeout: PositiveFloat
ports: Tuple[NetworkPort, ...]
@dataclass(frozen=True)
class NetworkScanConfiguration:
class NetworkScanConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for network scanning
@ -118,8 +149,7 @@ class NetworkScanConfiguration:
targets: ScanTargetConfiguration
@dataclass(frozen=True)
class ExploitationOptionsConfiguration:
class ExploitationOptionsConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for exploitation options
@ -127,11 +157,10 @@ class ExploitationOptionsConfiguration:
:param http_ports: HTTP ports to exploit
"""
http_ports: Tuple[int, ...]
http_ports: Tuple[NetworkPort, ...]
@dataclass(frozen=True)
class ExploitationConfiguration:
class ExploitationConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for exploitation
@ -146,8 +175,7 @@ class ExploitationConfiguration:
vulnerability: Tuple[PluginConfiguration, ...]
@dataclass(frozen=True)
class PropagationConfiguration:
class PropagationConfiguration(MutableInfectionMonkeyBaseModel):
"""
A configuration for propagation
@ -159,6 +187,6 @@ class PropagationConfiguration:
:param exploitation: Configuration for exploitation
"""
maximum_depth: int
maximum_depth: conint(ge=0) # type: ignore[valid-type]
network_scan: NetworkScanConfiguration
exploitation: ExploitationConfiguration

View File

@ -1,5 +1,3 @@
import dataclasses
from . import AgentConfiguration
from .agent_sub_configurations import (
CustomPBAConfiguration,
@ -27,9 +25,9 @@ PBAS = (
CREDENTIAL_COLLECTORS = ("MimikatzCollector", "SSHCollector")
PBA_CONFIGURATION = tuple(PluginConfiguration(pba, {}) for pba in PBAS)
PBA_CONFIGURATION = tuple(PluginConfiguration(name=pba, options={}) for pba in PBAS)
CREDENTIAL_COLLECTOR_CONFIGURATION = tuple(
PluginConfiguration(collector, {}) for collector in CREDENTIAL_COLLECTORS
PluginConfiguration(name=collector, options={}) for collector in CREDENTIAL_COLLECTORS
)
RANSOMWARE_OPTIONS = {
@ -41,7 +39,7 @@ RANSOMWARE_OPTIONS = {
"other_behaviors": {"readme": True},
}
PAYLOAD_CONFIGURATION = tuple([PluginConfiguration("ransomware", RANSOMWARE_OPTIONS)])
PAYLOAD_CONFIGURATION = tuple([PluginConfiguration(name="ransomware", options=RANSOMWARE_OPTIONS)])
CUSTOM_PBA_CONFIGURATION = CustomPBAConfiguration(
linux_command="", linux_filename="", windows_command="", windows_filename=""
@ -71,35 +69,42 @@ TCP_SCAN_CONFIGURATION = TCPScanConfiguration(timeout=3.0, ports=TCP_PORTS)
ICMP_CONFIGURATION = ICMPScanConfiguration(timeout=1.0)
HTTP_PORTS = (80, 443, 7001, 8008, 8080, 8983, 9200, 9600)
FINGERPRINTERS = (
PluginConfiguration("elastic", {}),
PluginConfiguration(name="elastic", options={}),
# Plugin configuration option contents are not converted to tuples
PluginConfiguration("http", {"http_ports": list(HTTP_PORTS)}),
PluginConfiguration("mssql", {}),
PluginConfiguration("smb", {}),
PluginConfiguration("ssh", {}),
PluginConfiguration(name="http", options={"http_ports": list(HTTP_PORTS)}),
PluginConfiguration(name="mssql", options={}),
PluginConfiguration(name="smb", options={}),
PluginConfiguration(name="ssh", options={}),
)
SCAN_TARGET_CONFIGURATION = ScanTargetConfiguration(tuple(), tuple(), True, tuple())
SCAN_TARGET_CONFIGURATION = ScanTargetConfiguration(
blocked_ips=tuple(), inaccessible_subnets=tuple(), scan_my_networks=False, subnets=tuple()
)
NETWORK_SCAN_CONFIGURATION = NetworkScanConfiguration(
TCP_SCAN_CONFIGURATION, ICMP_CONFIGURATION, FINGERPRINTERS, SCAN_TARGET_CONFIGURATION
tcp=TCP_SCAN_CONFIGURATION,
icmp=ICMP_CONFIGURATION,
fingerprinters=FINGERPRINTERS,
targets=SCAN_TARGET_CONFIGURATION,
)
EXPLOITATION_OPTIONS_CONFIGURATION = ExploitationOptionsConfiguration(HTTP_PORTS)
EXPLOITATION_OPTIONS_CONFIGURATION = ExploitationOptionsConfiguration(http_ports=HTTP_PORTS)
BRUTE_FORCE_EXPLOITERS = (
PluginConfiguration("MSSQLExploiter", {}),
PluginConfiguration("PowerShellExploiter", {}),
PluginConfiguration("SSHExploiter", {}),
PluginConfiguration("SmbExploiter", {"smb_download_timeout": 30}),
PluginConfiguration("WmiExploiter", {"smb_download_timeout": 30}),
PluginConfiguration(name="MSSQLExploiter", options={}),
PluginConfiguration(name="PowerShellExploiter", options={}),
PluginConfiguration(name="SSHExploiter", options={}),
PluginConfiguration(name="SmbExploiter", options={"smb_download_timeout": 30}),
PluginConfiguration(name="WmiExploiter", options={"smb_download_timeout": 30}),
)
VULNERABILITY_EXPLOITERS = (
PluginConfiguration("Log4ShellExploiter", {}),
PluginConfiguration("HadoopExploiter", {}),
PluginConfiguration(name="Log4ShellExploiter", options={}),
PluginConfiguration(name="HadoopExploiter", options={}),
)
EXPLOITATION_CONFIGURATION = ExploitationConfiguration(
EXPLOITATION_OPTIONS_CONFIGURATION, BRUTE_FORCE_EXPLOITERS, VULNERABILITY_EXPLOITERS
options=EXPLOITATION_OPTIONS_CONFIGURATION,
brute_force=BRUTE_FORCE_EXPLOITERS,
vulnerability=VULNERABILITY_EXPLOITERS,
)
PROPAGATION_CONFIGURATION = PropagationConfiguration(
@ -117,6 +122,6 @@ DEFAULT_AGENT_CONFIGURATION = AgentConfiguration(
propagation=PROPAGATION_CONFIGURATION,
)
DEFAULT_RANSOMWARE_AGENT_CONFIGURATION = dataclasses.replace(
DEFAULT_AGENT_CONFIGURATION, post_breach_actions=tuple()
DEFAULT_RANSOMWARE_AGENT_CONFIGURATION = DEFAULT_AGENT_CONFIGURATION.copy(
update={"post_breach_actions": tuple()}
)

View File

@ -1,13 +0,0 @@
from functools import wraps
from typing import Callable
from common.utils.code_utils import freeze_lists_in_mapping
def freeze_lists(function: Callable):
@wraps(function)
def wrapper(self, data, **kwargs):
data = freeze_lists_in_mapping(data)
return function(self, data, **kwargs)
return wrapper

View File

@ -1,24 +1,22 @@
import re
from pathlib import PureWindowsPath
from marshmallow import ValidationError
_valid_windows_filename_regex = re.compile(r"^[^<>:\"\\\/|?*]*[^<>:\"\\\/|?* \.]+$|^$")
_valid_linux_filename_regex = re.compile(r"^[^\0/]*$")
def validate_linux_filename(linux_filename: str):
if not re.match(_valid_linux_filename_regex, linux_filename):
raise ValidationError(f"Invalid Unix filename {linux_filename}: illegal characters")
raise ValueError(f"Invalid Unix filename {linux_filename}: illegal characters")
def validate_windows_filename(windows_filename: str):
_validate_windows_filename_not_reserved(windows_filename)
if not re.match(_valid_windows_filename_regex, windows_filename):
raise ValidationError(f"Invalid Windows filename {windows_filename}: illegal characters")
raise ValueError(f"Invalid Windows filename {windows_filename}: illegal characters")
def _validate_windows_filename_not_reserved(windows_filename: str):
# filename shouldn't start with any of these and be followed by a period
if PureWindowsPath(windows_filename).is_reserved():
raise ValidationError(f"Invalid Windows filename {windows_filename}: reserved name used")
raise ValueError(f"Invalid Windows filename {windows_filename}: reserved name used")

View File

@ -1,38 +1,36 @@
import re
from ipaddress import AddressValueError, IPv4Address, IPv4Network, NetmaskValueError
from marshmallow import ValidationError
def validate_subnet_range(subnet_range: str):
try:
return validate_ip(subnet_range)
except ValidationError:
except ValueError:
pass
try:
return validate_ip_range(subnet_range)
except ValidationError:
except ValueError:
pass
try:
return validate_ip_network(subnet_range)
except ValidationError:
except ValueError:
pass
try:
return validate_hostname(subnet_range)
except ValidationError:
raise ValidationError(f"Invalid subnet range {subnet_range}")
except ValueError:
raise ValueError(f"Invalid subnet range {subnet_range}")
def validate_hostname(hostname: str):
# Based on hostname syntax: https://www.rfc-editor.org/rfc/rfc1123#page-13
hostname_segments = hostname.split(".")
if any((part.endswith("-") or part.startswith("-") for part in hostname_segments)):
raise ValidationError(f"Hostname segment can't start or end with a hyphen: {hostname}")
raise ValueError(f"Hostname segment can't start or end with a hyphen: {hostname}")
if not any((char.isalpha() for char in hostname_segments[-1])):
raise ValidationError(f"Last segment of a hostname must contain a letter: {hostname}")
raise ValueError(f"Last segment of a hostname must contain a letter: {hostname}")
valid_characters_pattern = r"^[A-Za-z0-9\-]+$"
valid_characters_regex = re.compile(valid_characters_pattern)
@ -41,21 +39,21 @@ def validate_hostname(hostname: str):
)
if not all(matches):
raise ValidationError(f"Hostname contains invalid characters: {hostname}")
raise ValueError(f"Hostname contains invalid characters: {hostname}")
def validate_ip_network(ip_network: str):
try:
IPv4Network(ip_network, strict=False)
except (NetmaskValueError, AddressValueError):
raise ValidationError(f"Invalid IPv4 network {ip_network}")
raise ValueError(f"Invalid IPv4 network {ip_network}")
def validate_ip_range(ip_range: str):
ip_range = ip_range.replace(" ", "")
ips = ip_range.split("-")
if len(ips) != 2:
raise ValidationError(f"Invalid IP range {ip_range}")
raise ValueError(f"Invalid IP range {ip_range}")
validate_ip(ips[0])
validate_ip(ips[1])
@ -64,4 +62,4 @@ def validate_ip(ip: str):
try:
IPv4Address(ip)
except AddressValueError:
raise ValidationError(f"Invalid IP address {ip}")
raise ValueError(f"Invalid IP address {ip}")

View File

@ -0,0 +1,5 @@
from .consts import EVENT_TYPE_FIELD
from .i_agent_event_serializer import IAgentEventSerializer
from .agent_event_serializer_registry import AgentEventSerializerRegistry
from .pydantic_agent_event_serializer import PydanticAgentEventSerializer
from .register import register_common_agent_event_serializers

View File

@ -1,15 +1,15 @@
from typing import Type, Union
from common.event_serializers import IEventSerializer
from common.events import AbstractEvent
from common.agent_event_serializers import IAgentEventSerializer
from common.agent_events import AbstractAgentEvent
class EventSerializerRegistry:
class AgentEventSerializerRegistry:
"""
Registry for event serializers using event class.
Example:
event_serializer_registry = EventSerializerRegistry()
event_serializer_registry = AgentEventSerializerRegistry()
event_serializer_registry[MyEvent] = MyEventSerializer()
my_event_dict = {"type": "MyEvent", "data": "123"}
@ -21,20 +21,24 @@ class EventSerializerRegistry:
def __init__(self):
self._registry = {}
def __setitem__(self, event_class: Type[AbstractEvent], event_serializer: IEventSerializer):
if not issubclass(event_class, AbstractEvent):
raise TypeError(f"Event class must be of type: {AbstractEvent.__name__}")
def __setitem__(
self, event_class: Type[AbstractAgentEvent], event_serializer: IAgentEventSerializer
):
if not issubclass(event_class, AbstractAgentEvent):
raise TypeError(f"Event class must be of type: {AbstractAgentEvent.__name__}")
if not isinstance(event_serializer, IEventSerializer):
raise TypeError(f"Event serializer must be of type: {IEventSerializer.__name__}")
if not isinstance(event_serializer, IAgentEventSerializer):
raise TypeError(f"Event serializer must be of type: {IAgentEventSerializer.__name__}")
self._registry[event_class] = event_serializer
self._registry[event_class.__name__] = event_serializer
def __getitem__(self, event_class: Union[str, Type[AbstractEvent]]) -> IEventSerializer:
if not (isinstance(event_class, str) or issubclass(event_class, AbstractEvent)):
def __getitem__(
self, event_class: Union[str, Type[AbstractAgentEvent]]
) -> IAgentEventSerializer:
if not (isinstance(event_class, str) or issubclass(event_class, AbstractAgentEvent)):
raise TypeError(
f"Registry get key {event_class} must be of type: {AbstractEvent.__name__} or "
f"Registry get key {event_class} must be of type: {AbstractAgentEvent.__name__} or "
f"{str.__name__}"
)

View File

@ -0,0 +1 @@
EVENT_TYPE_FIELD = "type"

View File

@ -1,20 +1,16 @@
from abc import ABC, abstractmethod
from typing import Dict, List, Union
from common.events import AbstractEvent
JSONSerializable = Union[
Dict[str, "JSONSerializable"], List["JSONSerializable"], int, str, float, bool, None
]
from common.agent_events import AbstractAgentEvent
from common.types import JSONSerializable
class IEventSerializer(ABC):
class IAgentEventSerializer(ABC):
"""
Manages serialization and deserialization of events
"""
@abstractmethod
def serialize(self, event: AbstractEvent) -> JSONSerializable:
def serialize(self, event: AbstractAgentEvent) -> JSONSerializable:
"""
Serializes an event
@ -24,11 +20,14 @@ class IEventSerializer(ABC):
pass
@abstractmethod
def deserialize(self, serialized_event: JSONSerializable) -> AbstractEvent:
def deserialize(self, serialized_event: JSONSerializable) -> AbstractAgentEvent:
"""
Deserializes an event
:param serialized_event: Serialized event to deserialize
:return: Deserialized event
:raises TypeError: If one or more of the serialized fields contains data of an incompatible
type
:raises ValueError: If one or more of the serialized fields contains an incompatible value
"""
pass

View File

@ -0,0 +1,38 @@
import logging
from typing import Generic, Type, TypeVar
from common.agent_events import AbstractAgentEvent
from common.types import JSONSerializable
from common.utils.code_utils import del_key
from . import EVENT_TYPE_FIELD, IAgentEventSerializer
logger = logging.getLogger(__name__)
T = TypeVar("T", bound=AbstractAgentEvent)
class PydanticAgentEventSerializer(IAgentEventSerializer, Generic[T]):
def __init__(self, event_class: Type[T]):
self._event_class = event_class
def serialize(self, event: T) -> JSONSerializable:
if not isinstance(event, self._event_class):
raise TypeError(f"Event object must be of type: {self._event_class.__name__}")
event_dict = event.dict(simplify=True)
event_dict[EVENT_TYPE_FIELD] = type(event).__name__
return event_dict
def deserialize(self, serialized_event: JSONSerializable) -> T:
if not isinstance(serialized_event, dict):
raise TypeError(
"Serialized pydantic events must be a dictionary, but got {type(serialized_event)}"
)
# pydantic serialized events will always be dicts with a copy() method
event_dict = serialized_event.copy() # type: ignore[union-attr]
del_key(event_dict, EVENT_TYPE_FIELD)
return self._event_class(**event_dict)

View File

@ -0,0 +1,21 @@
from common.agent_events import (
CredentialsStolenEvent,
ExploitationEvent,
PingScanEvent,
PropagationEvent,
TCPScanEvent,
)
from . import AgentEventSerializerRegistry, PydanticAgentEventSerializer
def register_common_agent_event_serializers(
event_serializer_registry: AgentEventSerializerRegistry,
):
event_serializer_registry[CredentialsStolenEvent] = PydanticAgentEventSerializer(
CredentialsStolenEvent
)
event_serializer_registry[PingScanEvent] = PydanticAgentEventSerializer(PingScanEvent)
event_serializer_registry[TCPScanEvent] = PydanticAgentEventSerializer(TCPScanEvent)
event_serializer_registry[PropagationEvent] = PydanticAgentEventSerializer(PropagationEvent)
event_serializer_registry[ExploitationEvent] = PydanticAgentEventSerializer(ExploitationEvent)

View File

@ -0,0 +1,6 @@
from .abstract_agent_event import AbstractAgentEvent
from .credentials_stolen_events import CredentialsStolenEvent
from .ping_scan_event import PingScanEvent
from .tcp_scan_event import TCPScanEvent
from .exploitation_event import ExploitationEvent
from .propagation_event import PropagationEvent

View File

@ -1,19 +1,21 @@
import time
from abc import ABC
from dataclasses import dataclass, field
from ipaddress import IPv4Address
from typing import FrozenSet, Union
from uuid import UUID, getnode
from pydantic import Field
from common.base_models import InfectionMonkeyBaseModel
from common.types import AgentID, MachineID
@dataclass(frozen=True)
class AbstractEvent(ABC):
class AbstractAgentEvent(InfectionMonkeyBaseModel, ABC):
"""
An event that was initiated or observed by an agent
Agents perform actions and collect data. These actions and data are represented as "events".
Subtypes of `AbstractEvent` will have additional properties that provide context and information
about the event.
Subtypes of `AbstractAgentEvent` will have additional properties that provide context and
information about the event.
Attributes:
:param source: The UUID of the agent that observed the event
@ -22,7 +24,7 @@ class AbstractEvent(ABC):
:param tags: The set of tags associated with the event
"""
source: UUID = field(default_factory=getnode)
target: Union[UUID, IPv4Address, None] = field(default=None)
timestamp: float = field(default_factory=time.time)
tags: FrozenSet[str] = field(default_factory=frozenset)
source: AgentID
target: Union[IPv4Address, MachineID, None] = Field(default=None)
timestamp: float = Field(default_factory=time.time)
tags: FrozenSet[str] = Field(default_factory=frozenset)

View File

@ -0,0 +1,23 @@
from typing import Sequence
from pydantic import Field
from common.base_models import InfectionMonkeyModelConfig
from common.credentials import Credentials
from ..credentials.encoding import SecretEncodingConfig
from . import AbstractAgentEvent
class CredentialsStolenEvent(AbstractAgentEvent):
"""
An event that occurs when an agent collects credentials from the victim
Attributes:
:param stolen_credentials: The credentials that were stolen by an agent
"""
stolen_credentials: Sequence[Credentials] = Field(default_factory=list)
class Config(SecretEncodingConfig, InfectionMonkeyModelConfig):
pass

View File

@ -0,0 +1,22 @@
from ipaddress import IPv4Address
from pydantic import Field
from . import AbstractAgentEvent
class ExploitationEvent(AbstractAgentEvent):
"""
An event that occurs when the Agent exploits a host
Attributes:
:param target: IP address of the exploited system
:param success: Status of the exploitation
:param exploiter_name: Name of the exploiter that triggered the event
:param error_message: Message if an error occurs during exploitation
"""
target: IPv4Address
success: bool
exploiter_name: str
error_message: str = Field(default="")

View File

@ -0,0 +1,21 @@
from ipaddress import IPv4Address
from typing import Optional
from common import OperatingSystem
from . import AbstractAgentEvent
class PingScanEvent(AbstractAgentEvent):
"""
An event that occurs when the agent performs a ping scan on its network
Attributes:
:param target: IP address of the pinged system
:param response_received: Indicates if target responded to the ping
:param os: Operating system type determined by ICMP fingerprinting
"""
target: IPv4Address
response_received: bool
os: Optional[OperatingSystem]

View File

@ -0,0 +1,22 @@
from ipaddress import IPv4Address
from pydantic import Field
from . import AbstractAgentEvent
class PropagationEvent(AbstractAgentEvent):
"""
An event that occurs when the Agent propagates on a host
Attributes:
:param target: IP address of the propagated system
:param success: Status of the propagation
:param exploiter_name: Name of the exploiter that propagated
:param error_message: Message if an error occurs during propagation
"""
target: IPv4Address
success: bool
exploiter_name: str
error_message: str = Field(default="")

View File

@ -0,0 +1,19 @@
from ipaddress import IPv4Address
from typing import Dict
from common.types import NetworkPort, PortStatus
from . import AbstractAgentEvent
class TCPScanEvent(AbstractAgentEvent):
"""
An event that occurs when the Agent performs a TCP scan on a host
Attributes:
:param target: IP address of the scanned system
:param ports: The scanned ports and their status (open/closed)
"""
target: IPv4Address
ports: Dict[NetworkPort, PortStatus]

View File

@ -7,7 +7,7 @@ from pydantic import validator
from .base_models import InfectionMonkeyBaseModel
from .transforms import make_immutable_sequence
from .types import HardwareID
from .types import HardwareID, SocketAddress
class AgentRegistrationData(InfectionMonkeyBaseModel):
@ -15,7 +15,7 @@ class AgentRegistrationData(InfectionMonkeyBaseModel):
machine_hardware_id: HardwareID
start_time: datetime
parent_id: Optional[UUID]
cc_server: str
cc_server: SocketAddress
network_interfaces: Sequence[IPv4Interface]
_make_immutable_sequence = validator("network_interfaces", pre=True, allow_reuse=True)(

View File

@ -0,0 +1,8 @@
from datetime import datetime
from typing import Optional
from .base_models import InfectionMonkeyBaseModel
class AgentSignals(InfectionMonkeyBaseModel):
terminate: Optional[datetime]

View File

@ -10,6 +10,11 @@ class InfectionMonkeyModelConfig:
extra = Extra.forbid
class MutableInfectionMonkeyModelConfig(InfectionMonkeyModelConfig):
allow_mutation = True
validate_assignment = True
class InfectionMonkeyBaseModel(BaseModel):
class Config(InfectionMonkeyModelConfig):
pass
@ -46,7 +51,6 @@ class InfectionMonkeyBaseModel(BaseModel):
return BaseModel.dict(self, **kwargs)
class MutableBaseModel(InfectionMonkeyBaseModel):
class Config(InfectionMonkeyModelConfig):
allow_mutation = True
validate_assignment = True
class MutableInfectionMonkeyBaseModel(InfectionMonkeyBaseModel):
class Config(MutableInfectionMonkeyModelConfig):
pass

View File

@ -1,11 +1,9 @@
class TelemCategoryEnum:
ATTACK = "attack"
AWS_INFO = "aws_info"
CREDENTIALS = "credentials"
EXPLOIT = "exploit"
FILE_ENCRYPTION = "file_encryption"
POST_BREACH = "post_breach"
SCAN = "scan"
STATE = "state"
TRACE = "trace"
TUNNEL = "tunnel"

View File

@ -1,12 +1,8 @@
from .credential_component_type import CredentialComponentType
from .i_credential_component import ICredentialComponent
from .validators import InvalidCredentialComponentError, InvalidCredentialsError
from .lm_hash import LMHash
from .nt_hash import NTHash
from .password import Password
from .ssh_keypair import SSHKeypair
from .username import Username
from .encoding import get_plaintext, SecretEncodingConfig
from .credentials import Credentials

View File

@ -1,20 +0,0 @@
from marshmallow import Schema, post_load, validate
from marshmallow_enum import EnumField
from common.utils.code_utils import del_key
from . import CredentialComponentType
class CredentialTypeField(EnumField):
def __init__(self, credential_component_type: CredentialComponentType):
super().__init__(
CredentialComponentType, validate=validate.Equal(credential_component_type)
)
class CredentialComponentSchema(Schema):
@post_load
def _strip_credential_type(self, data, **kwargs):
del_key(data, "credential_type")
return data

View File

@ -1,9 +0,0 @@
from enum import Enum, auto
class CredentialComponentType(Enum):
USERNAME = auto()
PASSWORD = auto()
NT_HASH = auto()
LM_HASH = auto()
SSH_KEYPAIR = auto()

View File

@ -1,190 +1,23 @@
from __future__ import annotations
from dataclasses import dataclass
from typing import Any, Mapping, Optional, Type
from typing import Optional, Union
from marshmallow import Schema, fields, post_load, pre_dump
from marshmallow.exceptions import MarshmallowError
from ..base_models import InfectionMonkeyBaseModel, InfectionMonkeyModelConfig
from . import LMHash, NTHash, Password, SSHKeypair, Username
from .encoding import SecretEncodingConfig
from ..utils import IJSONSerializable
from . import (
CredentialComponentType,
InvalidCredentialComponentError,
InvalidCredentialsError,
LMHash,
NTHash,
Password,
SSHKeypair,
Username,
)
from .i_credential_component import ICredentialComponent
from .lm_hash import LMHashSchema
from .nt_hash import NTHashSchema
from .password import PasswordSchema
from .ssh_keypair import SSHKeypairSchema
from .username import UsernameSchema
CREDENTIAL_COMPONENT_TYPE_TO_CLASS: Mapping[CredentialComponentType, Type[ICredentialComponent]] = {
CredentialComponentType.LM_HASH: LMHash,
CredentialComponentType.NT_HASH: NTHash,
CredentialComponentType.PASSWORD: Password,
CredentialComponentType.SSH_KEYPAIR: SSHKeypair,
CredentialComponentType.USERNAME: Username,
}
CREDENTIAL_COMPONENT_TYPE_TO_CLASS_SCHEMA: Mapping[CredentialComponentType, Schema] = {
CredentialComponentType.LM_HASH: LMHashSchema(),
CredentialComponentType.NT_HASH: NTHashSchema(),
CredentialComponentType.PASSWORD: PasswordSchema(),
CredentialComponentType.SSH_KEYPAIR: SSHKeypairSchema(),
CredentialComponentType.USERNAME: UsernameSchema(),
}
CredentialComponentMapping = Optional[Mapping[str, Any]]
CredentialsMapping = Mapping[str, CredentialComponentMapping]
Secret = Union[Password, LMHash, NTHash, SSHKeypair]
Identity = Username
class CredentialsSchema(Schema):
identity = fields.Mapping(allow_none=True)
secret = fields.Mapping(allow_none=True)
class Credentials(InfectionMonkeyBaseModel):
"""Represents a credential pair (an identity and a secret)"""
@post_load
def _make_credentials(
self,
credentials: CredentialsMapping,
**kwargs: Mapping[str, Any],
) -> Mapping[str, Optional[ICredentialComponent]]:
if not any(credentials.values()):
raise InvalidCredentialsError("At least one credentials component must be defined")
identity: Optional[Identity]
"""Identity part of credentials, like a username or an email"""
return {
key: CredentialsSchema._build_credential_component(credential_component_mapping)
for key, credential_component_mapping in credentials.items()
}
secret: Optional[Secret]
"""Secret part of credentials, like a password or a hash"""
@staticmethod
def _build_credential_component(
credential_component: CredentialComponentMapping,
) -> Optional[ICredentialComponent]:
if credential_component is None:
return None
try:
credential_component_type = CredentialComponentType[
credential_component["credential_type"]
]
except KeyError as err:
raise InvalidCredentialsError(f"Unknown credential component type {err}")
credential_component_class = CREDENTIAL_COMPONENT_TYPE_TO_CLASS[credential_component_type]
credential_component_schema = CREDENTIAL_COMPONENT_TYPE_TO_CLASS_SCHEMA[
credential_component_type
]
try:
return credential_component_class(
**credential_component_schema.load(credential_component)
)
except MarshmallowError as err:
raise InvalidCredentialComponentError(credential_component_class, str(err))
@pre_dump
def _serialize_credentials(self, credentials: Credentials, **kwargs) -> CredentialsMapping:
return {
"identity": CredentialsSchema._serialize_credential_component(credentials.identity),
"secret": CredentialsSchema._serialize_credential_component(credentials.secret),
}
@staticmethod
def _serialize_credential_component(
credential_component: Optional[ICredentialComponent],
) -> CredentialComponentMapping:
if credential_component is None:
return None
credential_component_schema = CREDENTIAL_COMPONENT_TYPE_TO_CLASS_SCHEMA[
credential_component.credential_type
]
return credential_component_schema.dump(credential_component)
@dataclass(frozen=True)
class Credentials(IJSONSerializable):
identity: Optional[ICredentialComponent]
secret: Optional[ICredentialComponent]
def __post_init__(self):
schema = CredentialsSchema()
try:
serialized_data = schema.dump(self)
# This will raise an exception if the object is invalid. Calling this in __post__init()
# makes it impossible to construct an invalid object
schema.load(serialized_data)
except Exception as err:
raise InvalidCredentialsError(err)
@staticmethod
def from_mapping(credentials: CredentialsMapping) -> Credentials:
"""
Construct a Credentials object from a Mapping
:param credentials: A mapping that represents a Credentials object
:return: A Credentials object
:raises InvalidCredentialsError: If the provided Mapping does not represent a valid
Credentials object
:raises InvalidCredentialComponentError: If any of the contents of `identities` or `secrets`
are not a valid ICredentialComponent
"""
try:
deserialized_data = CredentialsSchema().load(credentials)
return Credentials(**deserialized_data)
except (InvalidCredentialsError, InvalidCredentialComponentError) as err:
raise err
except MarshmallowError as err:
raise InvalidCredentialsError(str(err))
@classmethod
def from_json(cls, credentials: str) -> Credentials:
"""
Construct a Credentials object from a JSON string
:param credentials: A JSON string that represents a Credentials object
:return: A Credentials object
:raises InvalidCredentialsError: If the provided JSON does not represent a valid
Credentials object
:raises InvalidCredentialComponentError: If any of the contents of `identities` or `secrets`
are not a valid ICredentialComponent
"""
try:
deserialized_data = CredentialsSchema().loads(credentials)
return Credentials(**deserialized_data)
except (InvalidCredentialsError, InvalidCredentialComponentError) as err:
raise err
except MarshmallowError as err:
raise InvalidCredentialsError(str(err))
@staticmethod
def to_mapping(credentials: Credentials) -> CredentialsMapping:
"""
Serialize a Credentials object to a Mapping
:param credentials: A Credentials object
:return: A mapping representing a Credentials object
"""
return CredentialsSchema().dump(credentials)
@classmethod
def to_json(cls, credentials: Credentials) -> str:
"""
Serialize a Credentials object to JSON
:param credentials: A Credentials object
:return: A JSON string representing a Credentials object
"""
return CredentialsSchema().dumps(credentials)
class Config(SecretEncodingConfig, InfectionMonkeyModelConfig):
pass

View File

@ -0,0 +1,20 @@
from __future__ import annotations
from typing import Optional, Union
from pydantic import SecretBytes, SecretStr
def get_plaintext(secret: Union[SecretStr, SecretBytes, None, str]) -> Optional[Union[str, bytes]]:
if isinstance(secret, (SecretStr, SecretBytes)):
return secret.get_secret_value()
else:
return secret
class SecretEncodingConfig:
json_encoders = {
# This makes secrets dumpable to json, but not loggable
SecretStr: get_plaintext,
SecretBytes: get_plaintext,
}

View File

@ -1,10 +0,0 @@
from abc import ABC, abstractmethod
from . import CredentialComponentType
class ICredentialComponent(ABC):
@property
@abstractmethod
def credential_type(self) -> CredentialComponentType:
pass

View File

@ -1,23 +1,16 @@
from dataclasses import dataclass, field
import re
from marshmallow import fields
from pydantic import SecretStr, validator
from . import CredentialComponentType, ICredentialComponent
from .credential_component_schema import CredentialComponentSchema, CredentialTypeField
from .validators import credential_component_validator, ntlm_hash_validator
from ..base_models import InfectionMonkeyBaseModel
from .validators import ntlm_hash_regex
class LMHashSchema(CredentialComponentSchema):
credential_type = CredentialTypeField(CredentialComponentType.LM_HASH)
lm_hash = fields.Str(validate=ntlm_hash_validator)
class LMHash(InfectionMonkeyBaseModel):
lm_hash: SecretStr
@dataclass(frozen=True)
class LMHash(ICredentialComponent):
credential_type: CredentialComponentType = field(
default=CredentialComponentType.LM_HASH, init=False
)
lm_hash: str
def __post_init__(self):
credential_component_validator(LMHashSchema(), self)
@validator("lm_hash")
def validate_hash_format(cls, lm_hash):
if not re.match(ntlm_hash_regex, lm_hash.get_secret_value()):
raise ValueError("Invalid LM hash provided")
return lm_hash

View File

@ -1,23 +1,16 @@
from dataclasses import dataclass, field
import re
from marshmallow import fields
from pydantic import SecretStr, validator
from . import CredentialComponentType, ICredentialComponent
from .credential_component_schema import CredentialComponentSchema, CredentialTypeField
from .validators import credential_component_validator, ntlm_hash_validator
from ..base_models import InfectionMonkeyBaseModel
from .validators import ntlm_hash_regex
class NTHashSchema(CredentialComponentSchema):
credential_type = CredentialTypeField(CredentialComponentType.NT_HASH)
nt_hash = fields.Str(validate=ntlm_hash_validator)
class NTHash(InfectionMonkeyBaseModel):
nt_hash: SecretStr
@dataclass(frozen=True)
class NTHash(ICredentialComponent):
credential_type: CredentialComponentType = field(
default=CredentialComponentType.NT_HASH, init=False
)
nt_hash: str
def __post_init__(self):
credential_component_validator(NTHashSchema(), self)
@validator("nt_hash")
def validate_hash_format(cls, nt_hash):
if not re.match(ntlm_hash_regex, nt_hash.get_secret_value()):
raise ValueError("Invalid NT hash provided")
return nt_hash

View File

@ -1,19 +1,7 @@
from dataclasses import dataclass, field
from pydantic import SecretStr
from marshmallow import fields
from . import CredentialComponentType, ICredentialComponent
from .credential_component_schema import CredentialComponentSchema, CredentialTypeField
from ..base_models import InfectionMonkeyBaseModel
class PasswordSchema(CredentialComponentSchema):
credential_type = CredentialTypeField(CredentialComponentType.PASSWORD)
password = fields.Str()
@dataclass(frozen=True)
class Password(ICredentialComponent):
credential_type: CredentialComponentType = field(
default=CredentialComponentType.PASSWORD, init=False
)
password: str
class Password(InfectionMonkeyBaseModel):
password: SecretStr

View File

@ -1,23 +1,8 @@
from dataclasses import dataclass, field
from pydantic import SecretStr
from marshmallow import fields
from . import CredentialComponentType, ICredentialComponent
from .credential_component_schema import CredentialComponentSchema, CredentialTypeField
from ..base_models import InfectionMonkeyBaseModel
class SSHKeypairSchema(CredentialComponentSchema):
credential_type = CredentialTypeField(CredentialComponentType.SSH_KEYPAIR)
# TODO: Find a list of valid formats for ssh keys and add validators.
# See https://github.com/nemchik/ssh-key-regex
private_key = fields.Str()
public_key = fields.Str()
@dataclass(frozen=True)
class SSHKeypair(ICredentialComponent):
credential_type: CredentialComponentType = field(
default=CredentialComponentType.SSH_KEYPAIR, init=False
)
private_key: str
class SSHKeypair(InfectionMonkeyBaseModel):
private_key: SecretStr
public_key: str

View File

@ -1,19 +1,5 @@
from dataclasses import dataclass, field
from marshmallow import fields
from . import CredentialComponentType, ICredentialComponent
from .credential_component_schema import CredentialComponentSchema, CredentialTypeField
from ..base_models import InfectionMonkeyBaseModel
class UsernameSchema(CredentialComponentSchema):
credential_type = CredentialTypeField(CredentialComponentType.USERNAME)
username = fields.Str()
@dataclass(frozen=True)
class Username(ICredentialComponent):
credential_type: CredentialComponentType = field(
default=CredentialComponentType.USERNAME, init=False
)
class Username(InfectionMonkeyBaseModel):
username: str

View File

@ -1,50 +1,3 @@
import re
from typing import Type
from marshmallow import Schema, validate
from . import ICredentialComponent
_ntlm_hash_regex = re.compile(r"^[a-fA-F0-9]{32}$")
ntlm_hash_validator = validate.Regexp(regex=_ntlm_hash_regex)
class InvalidCredentialComponentError(Exception):
def __init__(self, credential_component_class: Type[ICredentialComponent], message: str):
self._credential_component_name = credential_component_class.__name__
self._message = message
def __str__(self) -> str:
return (
f"Cannot construct a {self._credential_component_name} object with the supplied, "
f"invalid data: {self._message}"
)
class InvalidCredentialsError(Exception):
def __init__(self, message: str):
self._message = message
def __str__(self) -> str:
return (
f"Cannot construct a Credentials object with the supplied, "
f"invalid data: {self._message}"
)
def credential_component_validator(schema: Schema, credential_component: ICredentialComponent):
"""
Validate a credential component
:param schema: A marshmallow schema used for validating the component
:param credential_component: A credential component to be validated
:raises InvalidCredentialComponent: if the credential_component contains invalid data
"""
try:
serialized_data = schema.dump(credential_component)
# This will raise an exception if the object is invalid. Calling this in __post__init()
# makes it impossible to construct an invalid object
schema.load(serialized_data)
except Exception as err:
raise InvalidCredentialComponentError(credential_component.__class__, err)
ntlm_hash_regex = re.compile(r"^[a-fA-F0-9]{32}$")

View File

@ -1,6 +1,6 @@
import inspect
from contextlib import suppress
from typing import Any, Sequence, Type, TypeVar
from typing import Any, Sequence, Type, TypeVar, no_type_check
from common.utils.code_utils import del_key
@ -15,6 +15,9 @@ class UnregisteredConventionError(ValueError):
pass
# Mypy doesn't handle cases where abstract class is passed as Type[...]
# https://github.com/python/mypy/issues/4717
# We are using typing.no_type_check to mitigate these errors
class DIContainer:
"""
A dependency injection (DI) container that uses type annotations to resolve and inject
@ -26,6 +29,7 @@ class DIContainer:
self._instance_registry = {}
self._convention_registry = {}
@no_type_check
def register(self, interface: Type[T], concrete_type: Type[T]):
"""
Register a concrete `type` that satisfies a given interface.
@ -35,10 +39,15 @@ class DIContainer:
:raises TypeError: If `concrete_type` is not a class, or not a subclass of `interface`
"""
if not inspect.isclass(concrete_type):
# Ignoring arg-type error because this if clause discovers that concrete_type is not the
# type that mypy expects.
formatted_type_name = DIContainer._format_type_name(
concrete_type.__class__ # type: ignore[arg-type]
)
raise TypeError(
"Expected a class, but received an instance of type "
f'"{DIContainer._format_type_name(concrete_type.__class__)}"; Pass a class, not an '
"instance, to register(), or use register_instance() instead"
f'"{formatted_type_name}"; Pass a class, not an instance, to register(), or use'
"register_instance() instead"
)
if not issubclass(concrete_type, interface):
@ -50,6 +59,7 @@ class DIContainer:
self._type_registry[interface] = concrete_type
del_key(self._instance_registry, interface)
@no_type_check
def register_instance(self, interface: Type[T], instance: T):
"""
Register a concrete instance that satisfies a given interface.
@ -68,6 +78,7 @@ class DIContainer:
self._instance_registry[interface] = instance
del_key(self._type_registry, interface)
@no_type_check
def register_convention(self, type_: Type[T], name: str, instance: T):
"""
Register an instance as a convention
@ -96,6 +107,7 @@ class DIContainer:
"""
self._convention_registry[(type_, name)] = instance
@no_type_check
def resolve(self, type_: Type[T]) -> T:
"""
Resolves all dependencies and returns a new instance of `type_` using constructor dependency

View File

@ -1,3 +1,5 @@
from .types import EventSubscriber
from .i_event_queue import IEventQueue
from .pypubsub_event_queue import PyPubSubEventQueue
from .types import AgentEventSubscriber
from .pypubsub_publisher_wrapper import PyPubSubPublisherWrapper
from .i_agent_event_queue import IAgentEventQueue
from .pypubsub_agent_event_queue import PyPubSubAgentEventQueue
from .locking_agent_event_queue_decorator import LockingAgentEventQueueDecorator

View File

@ -1,18 +1,18 @@
from abc import ABC, abstractmethod
from typing import Type
from common.events import AbstractEvent
from common.agent_events import AbstractAgentEvent
from . import EventSubscriber
from . import AgentEventSubscriber
class IEventQueue(ABC):
class IAgentEventQueue(ABC):
"""
Manages subscription and publishing of events
Manages subscription and publishing of events in the Agent
"""
@abstractmethod
def subscribe_all_events(self, subscriber: EventSubscriber):
def subscribe_all_events(self, subscriber: AgentEventSubscriber):
"""
Subscribes a subscriber to all events
@ -22,7 +22,9 @@ class IEventQueue(ABC):
pass
@abstractmethod
def subscribe_type(self, event_type: Type[AbstractEvent], subscriber: EventSubscriber):
def subscribe_type(
self, event_type: Type[AbstractAgentEvent], subscriber: AgentEventSubscriber
):
"""
Subscribes a subscriber to the specified event type
@ -33,7 +35,7 @@ class IEventQueue(ABC):
pass
@abstractmethod
def subscribe_tag(self, tag: str, subscriber: EventSubscriber):
def subscribe_tag(self, tag: str, subscriber: AgentEventSubscriber):
"""
Subscribes a subscriber to the specified event tag
@ -44,12 +46,11 @@ class IEventQueue(ABC):
pass
@abstractmethod
def publish(self, event: AbstractEvent):
def publish(self, event: AbstractAgentEvent):
"""
Publishes an event with the given data
:param event: Event to publish
:param data: Data to pass to subscribers with the event publish
"""
pass

View File

@ -0,0 +1,31 @@
from threading import Lock
from typing import Type
from common.agent_events import AbstractAgentEvent
from . import AgentEventSubscriber, IAgentEventQueue
class LockingAgentEventQueueDecorator(IAgentEventQueue):
"""
Makes an IAgentEventQueue thread-safe by locking publish()
"""
def __init__(self, agent_event_queue: IAgentEventQueue, lock: Lock):
self._lock = lock
self._agent_event_queue = agent_event_queue
def subscribe_all_events(self, subscriber: AgentEventSubscriber):
self._agent_event_queue.subscribe_all_events(subscriber)
def subscribe_type(
self, event_type: Type[AbstractAgentEvent], subscriber: AgentEventSubscriber
):
self._agent_event_queue.subscribe_type(event_type, subscriber)
def subscribe_tag(self, tag: str, subscriber: AgentEventSubscriber):
self._agent_event_queue.subscribe_tag(tag, subscriber)
def publish(self, event: AbstractAgentEvent):
with self._lock:
self._agent_event_queue.publish(event)

View File

@ -0,0 +1,66 @@
import logging
from typing import Type
from pubsub.core import Publisher
from common.agent_events import AbstractAgentEvent
from common.event_queue import PyPubSubPublisherWrapper
from . import AgentEventSubscriber, IAgentEventQueue
_ALL_EVENTS_TOPIC = "all_events_topic"
logger = logging.getLogger(__name__)
class PyPubSubAgentEventQueue(IAgentEventQueue):
def __init__(self, pypubsub_publisher: Publisher):
self._pypubsub_publisher_wrapper = PyPubSubPublisherWrapper(pypubsub_publisher)
def subscribe_all_events(self, subscriber: AgentEventSubscriber):
self._subscribe(_ALL_EVENTS_TOPIC, subscriber)
def subscribe_type(
self, event_type: Type[AbstractAgentEvent], subscriber: AgentEventSubscriber
):
# pypubsub.pub.subscribe needs a string as the topic/event name
event_type_topic = PyPubSubAgentEventQueue._get_type_topic(event_type)
self._subscribe(event_type_topic, subscriber)
def subscribe_tag(self, tag: str, subscriber: AgentEventSubscriber):
tag_topic = PyPubSubAgentEventQueue._get_tag_topic(tag)
self._subscribe(tag_topic, subscriber)
def _subscribe(self, topic: str, subscriber: AgentEventSubscriber):
self._pypubsub_publisher_wrapper.subscribe(topic, subscriber)
def publish(self, event: AbstractAgentEvent):
self._publish_to_all_events_topic(event)
self._publish_to_type_topic(event)
self._publish_to_tags_topics(event)
def _publish_to_all_events_topic(self, event: AbstractAgentEvent):
self._publish_event(_ALL_EVENTS_TOPIC, event)
def _publish_to_type_topic(self, event: AbstractAgentEvent):
event_type_topic = PyPubSubAgentEventQueue._get_type_topic(event.__class__)
self._publish_event(event_type_topic, event)
def _publish_to_tags_topics(self, event: AbstractAgentEvent):
for tag in event.tags:
tag_topic = PyPubSubAgentEventQueue._get_tag_topic(tag)
self._publish_event(tag_topic, event)
def _publish_event(self, topic: str, event: AbstractAgentEvent):
logger.debug(f"Publishing a {event.__class__.__name__} event to {topic}")
self._pypubsub_publisher_wrapper.publish(topic, event=event)
# Appending a unique string to the topics for type and tags prevents bugs caused by collisions
# between type names and tag names.
@staticmethod
def _get_type_topic(event_type: Type[AbstractAgentEvent]) -> str:
return f"{event_type.__name__}-type"
@staticmethod
def _get_tag_topic(tag: str) -> str:
return f"{tag}-tag"

View File

@ -1,92 +0,0 @@
import logging
from typing import Type
from pubsub.core import Publisher
from common.events import AbstractEvent
from . import EventSubscriber, IEventQueue
_ALL_EVENTS_TOPIC = "all_events_topic"
logger = logging.getLogger(__name__)
class PyPubSubEventQueue(IEventQueue):
def __init__(self, pypubsub_publisher: Publisher):
self._pypubsub_publisher = pypubsub_publisher
self._refs = []
def subscribe_all_events(self, subscriber: EventSubscriber):
self._subscribe(_ALL_EVENTS_TOPIC, subscriber)
def subscribe_type(self, event_type: Type[AbstractEvent], subscriber: EventSubscriber):
# pypubsub.pub.subscribe needs a string as the topic/event name
event_type_topic = PyPubSubEventQueue._get_type_topic(event_type)
self._subscribe(event_type_topic, subscriber)
def subscribe_tag(self, tag: str, subscriber: EventSubscriber):
tag_topic = PyPubSubEventQueue._get_tag_topic(tag)
self._subscribe(tag_topic, subscriber)
def _subscribe(self, topic: str, subscriber: EventSubscriber):
try:
subscriber_name = subscriber.__name__
except AttributeError:
subscriber_name = subscriber.__class__.__name__
logging.debug(f"Subscriber {subscriber_name} subscribed to {topic}")
self._pypubsub_publisher.subscribe(topicName=topic, listener=subscriber)
self._keep_subscriber_strongref(subscriber)
def _keep_subscriber_strongref(self, subscriber: EventSubscriber):
# NOTE: PyPubSub stores subscribers by weak reference. From the documentation:
# > PyPubSub holds listeners by weak reference so that the lifetime of the
# > callable is not affected by PyPubSub: once the application no longer
# > references the callable, it can be garbage collected and PyPubSub can clean up
# > so it is no longer registered (this happens thanks to the weakref module).
# > Without this, it would be imperative to remember to unsubscribe certain
# > listeners, which is error prone; they would end up living until the
# > application exited.
#
# https://pypubsub.readthedocs.io/en/v4.0.3/usage/usage_basic_tasks.html?#callable
#
# In our case, we're OK with subscribers living until the application exits. We don't
# provide an unsubscribe method (at this time) as subscriptions are expected to last
# for the life of the process.
#
# Specifically, if an instance object of a callable class is created and subscribed,
# we don't want that subscription to end if the callable instance object goes out of
# scope. Adding subscribers to self._refs prevents them from ever going out of scope.
self._refs.append(subscriber)
def publish(self, event: AbstractEvent):
self._publish_to_all_events_topic(event)
self._publish_to_type_topic(event)
self._publish_to_tags_topics(event)
def _publish_to_all_events_topic(self, event: AbstractEvent):
self._publish_event(_ALL_EVENTS_TOPIC, event)
def _publish_to_type_topic(self, event: AbstractEvent):
event_type_topic = PyPubSubEventQueue._get_type_topic(event.__class__)
self._publish_event(event_type_topic, event)
def _publish_to_tags_topics(self, event: AbstractEvent):
for tag in event.tags:
tag_topic = PyPubSubEventQueue._get_tag_topic(tag)
self._publish_event(tag_topic, event)
def _publish_event(self, topic: str, event: AbstractEvent):
logger.debug(f"Publishing a {event.__class__.__name__} event to {topic}")
self._pypubsub_publisher.sendMessage(topic, event=event)
# Appending a unique string to the topics for type and tags prevents bugs caused by collisions
# between type names and tag names.
@staticmethod
def _get_type_topic(event_type: Type[AbstractEvent]) -> str:
return f"{event_type.__name__}-type"
@staticmethod
def _get_tag_topic(tag: str) -> str:
return f"{tag}-tag"

View File

@ -0,0 +1,57 @@
import logging
from typing import Callable, List
from pubsub.core import Publisher
logger = logging.getLogger(__name__)
class PyPubSubPublisherWrapper:
def __init__(self, pypubsub_publisher: Publisher):
self._pypubsub_publisher = pypubsub_publisher
self._refs: List[Callable] = []
def subscribe(self, topic_name: str, subscriber: Callable):
try:
subscriber_name = subscriber.__name__
except AttributeError:
subscriber_name = subscriber.__class__.__name__
logging.debug(f"Subscriber {subscriber_name} subscribed to {topic_name}")
# NOTE: The subscriber's signature needs to match the MDS (message data specification) of
# the topic, otherwise, errors will arise. The MDS of a topic is set when the topic
# is created, which in our case is when a subscriber subscribes to a topic which
# is new (hasn't been subscribed to before). If the topic is being subscribed to by
# a subscriber for the first time, the topic's MDS will automatically be set
# according to that subscriber's signature.
self._pypubsub_publisher.subscribe(topicName=topic_name, listener=subscriber)
self._keep_subscriber_strongref(subscriber)
def _keep_subscriber_strongref(self, subscriber: Callable):
# NOTE: PyPubSub stores subscribers by weak reference. From the documentation:
# > PyPubSub holds listeners by weak reference so that the lifetime of the
# > callable is not affected by PyPubSub: once the application no longer
# > references the callable, it can be garbage collected and PyPubSub can clean up
# > so it is no longer registered (this happens thanks to the weakref module).
# > Without this, it would be imperative to remember to unsubscribe certain
# > listeners, which is error prone; they would end up living until the
# > application exited.
#
# https://pypubsub.readthedocs.io/en/v4.0.3/usage/usage_basic_tasks.html?#callable
#
# In our case, we're OK with subscribers living until the application exits. We don't
# provide an unsubscribe method (at this time) as subscriptions are expected to last
# for the life of the process.
#
# Specifically, if an instance object of a callable class is created and subscribed,
# we don't want that subscription to end if the callable instance object goes out of
# scope. Adding subscribers to self._refs prevents them from ever going out of scope.
self._refs.append(subscriber)
def publish(self, topic_name: str, **kwargs):
# NOTE: `kwargs` needs to match the MDS (message data specification) of the topic,
# otherwise, errors will arise. The MDS of a topic is set when the topic is created,
# which in our case is when a subscriber subscribes to a topic (in `subscribe()`)
# which is new (hasn't been subscribed to before).
self._pypubsub_publisher.sendMessage(topicName=topic_name, **kwargs)

Some files were not shown because too many files have changed in this diff Show More