p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Island: Modify ConfigurationImport and ConfigurationExport to work without PasswordBasedStringEncryptor

This commit is contained in:
Shreya Malviya 2022-06-27 12:07:58 -07:00
parent 3c41bada56
commit 5c5ae5bb0d
2 changed files with 2 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
monkey/monkey_island/cc/resources/configuration_export.py
View File

@ -1,10 +1,5 @@
import json
from flask import request
from monkey_island.cc.resources.AbstractResource import AbstractResource from monkey_island.cc.resources.AbstractResource import AbstractResource
from monkey_island.cc.resources.request_authentication import jwt_required from monkey_island.cc.resources.request_authentication import jwt_required
from monkey_island.cc.server_utils.encryption import PasswordBasedStringEncryptor
from monkey_island.cc.services.config import ConfigService from monkey_island.cc.services.config import ConfigService
@ -13,17 +8,8 @@ class ConfigurationExport(AbstractResource):
@jwt_required @jwt_required
def post(self): def post(self):
data = json.loads(request.data)
should_encrypt = data["should_encrypt"]
plaintext_config = ConfigService.get_config() plaintext_config = ConfigService.get_config()
config_export = plaintext_config config_export = plaintext_config
if should_encrypt:
password = data["password"]
plaintext_config = json.dumps(plaintext_config)
pb_encryptor = PasswordBasedStringEncryptor(password) return {"config_export": config_export, "encrypted": False}
config_export = pb_encryptor.encrypt(plaintext_config)
return {"config_export": config_export, "encrypted": should_encrypt}

22
monkey/monkey_island/cc/resources/configuration_import.py
View File

@ -8,12 +8,7 @@ from flask import request
from common.utils.exceptions import InvalidConfigurationError from common.utils.exceptions import InvalidConfigurationError
from monkey_island.cc.resources.AbstractResource import AbstractResource from monkey_island.cc.resources.AbstractResource import AbstractResource
from monkey_island.cc.resources.request_authentication import jwt_required from monkey_island.cc.resources.request_authentication import jwt_required
from monkey_island.cc.server_utils.encryption import ( from monkey_island.cc.server_utils.encryption import InvalidCiphertextError, InvalidCredentialsError
InvalidCiphertextError,
InvalidCredentialsError,
PasswordBasedStringEncryptor,
is_encrypted,
)
from monkey_island.cc.services.config import ConfigService from monkey_island.cc.services.config import ConfigService
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -75,9 +70,6 @@ class ConfigurationImport(AbstractResource):
def _get_plaintext_config_from_request(request_contents: dict) -> dict: def _get_plaintext_config_from_request(request_contents: dict) -> dict:
try: try:
config = request_contents["config"] config = request_contents["config"]
if ConfigurationImport.is_config_encrypted(request_contents["config"]):
pb_encryptor = PasswordBasedStringEncryptor(request_contents["password"])
config = pb_encryptor.decrypt(config)
return json.loads(config) return json.loads(config)
except (JSONDecodeError, InvalidCiphertextError): except (JSONDecodeError, InvalidCiphertextError):
logger.exception( logger.exception(
@ -89,15 +81,3 @@ class ConfigurationImport(AbstractResource):
def import_config(config_json): def import_config(config_json):
if not ConfigService.update_config(config_json, should_encrypt=True): if not ConfigService.update_config(config_json, should_encrypt=True):
raise InvalidConfigurationError raise InvalidConfigurationError
@staticmethod
def is_config_encrypted(config: str):
try:
if config.startswith("{"):
return False
elif is_encrypted(config):
return True
else:
raise InvalidConfigurationError
except Exception:
raise InvalidConfigurationError