forked from p15670423/monkey
Agent: Remove ScoutSuite system info collector
This commit is contained in:
parent
ee0c98a435
commit
16bb13fc10
|
@ -1,12 +1,7 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from common.cloud.aws.aws_instance import AwsInstance
|
from common.cloud.aws.aws_instance import AwsInstance
|
||||||
from common.cloud.scoutsuite_consts import CloudProviders
|
|
||||||
from common.common_consts.system_info_collectors_names import AWS_COLLECTOR
|
from common.common_consts.system_info_collectors_names import AWS_COLLECTOR
|
||||||
from infection_monkey.network.tools import is_running_on_island
|
|
||||||
from infection_monkey.system_info.collectors.scoutsuite_collector.scoutsuite_collector import (
|
|
||||||
scan_cloud_security,
|
|
||||||
)
|
|
||||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
@ -22,11 +17,6 @@ class AwsCollector(SystemInfoCollector):
|
||||||
|
|
||||||
def collect(self) -> dict:
|
def collect(self) -> dict:
|
||||||
logger.info("Collecting AWS info")
|
logger.info("Collecting AWS info")
|
||||||
if is_running_on_island():
|
|
||||||
logger.info("Attempting to scan AWS security with ScoutSuite.")
|
|
||||||
scan_cloud_security(cloud_type=CloudProviders.AWS)
|
|
||||||
else:
|
|
||||||
logger.info("Didn't scan AWS security with ScoutSuite, because not on island.")
|
|
||||||
aws = AwsInstance()
|
aws = AwsInstance()
|
||||||
info = {}
|
info = {}
|
||||||
if aws.is_instance():
|
if aws.is_instance():
|
||||||
|
|
|
@ -1,35 +0,0 @@
|
||||||
import logging
|
|
||||||
from typing import Union
|
|
||||||
|
|
||||||
import ScoutSuite.api_run
|
|
||||||
from ScoutSuite.providers.base.provider import BaseProvider
|
|
||||||
|
|
||||||
from common.cloud.scoutsuite_consts import CloudProviders
|
|
||||||
from common.utils.exceptions import ScoutSuiteScanError
|
|
||||||
from infection_monkey.config import WormConfiguration
|
|
||||||
from infection_monkey.telemetry.scoutsuite_telem import ScoutSuiteTelem
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
|
||||||
|
|
||||||
|
|
||||||
def scan_cloud_security(cloud_type: CloudProviders):
|
|
||||||
try:
|
|
||||||
results = run_scoutsuite(cloud_type.value)
|
|
||||||
if isinstance(results, dict) and "error" in results and results["error"]:
|
|
||||||
raise ScoutSuiteScanError(results["error"])
|
|
||||||
send_scoutsuite_run_results(results)
|
|
||||||
except (Exception, ScoutSuiteScanError) as e:
|
|
||||||
logger.error(f"ScoutSuite didn't scan {cloud_type.value} security because: {e}")
|
|
||||||
|
|
||||||
|
|
||||||
def run_scoutsuite(cloud_type: str) -> Union[BaseProvider, dict]:
|
|
||||||
return ScoutSuite.api_run.run(
|
|
||||||
provider=cloud_type,
|
|
||||||
aws_access_key_id=WormConfiguration.aws_access_key_id,
|
|
||||||
aws_secret_access_key=WormConfiguration.aws_secret_access_key,
|
|
||||||
aws_session_token=WormConfiguration.aws_session_token,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
def send_scoutsuite_run_results(run_results: BaseProvider):
|
|
||||||
ScoutSuiteTelem(run_results).send()
|
|
Loading…
Reference in New Issue