forked from p15670423/monkey
UI: Remove Scoutsuite option from Run Monkey page
This commit is contained in:
parent
c2c609aa3a
commit
c357ee410e
|
@ -8,7 +8,6 @@ import {cloneDeep} from 'lodash';
|
|||
import {faCloud, faExpandArrowsAlt} from '@fortawesome/free-solid-svg-icons';
|
||||
import RunOnIslandButton from './RunOnIslandButton';
|
||||
import AWSRunButton from './RunOnAWS/AWSRunButton';
|
||||
import CloudOptions from './scoutsuite-setup/CloudOptions';
|
||||
|
||||
const CONFIG_URL = '/api/configuration/island';
|
||||
|
||||
|
@ -56,6 +55,7 @@ function RunOptions(props) {
|
|||
return InlineSelection(defaultContents, newProps);
|
||||
}
|
||||
|
||||
// TODO: Change function name
|
||||
function shouldShowScoutsuite(islandMode){
|
||||
return islandMode !== 'ransomware';
|
||||
}
|
||||
|
@ -74,14 +74,6 @@ function RunOptions(props) {
|
|||
{ips: ips, setComponent: setComponent})
|
||||
}}/>
|
||||
{shouldShowScoutsuite(props.islandMode) && <AWSRunButton setComponent={setComponent}/> }
|
||||
{shouldShowScoutsuite(props.islandMode) && <NextSelectionButton title={'Cloud security scan'}
|
||||
description={'Explains how to enable cloud security scan.'}
|
||||
icon={faCloud}
|
||||
onButtonClick={() => {
|
||||
setComponent(CloudOptions,
|
||||
{ips: ips, setComponent: setComponent})
|
||||
}}/>
|
||||
}
|
||||
</>
|
||||
);
|
||||
}
|
||||
|
|
|
@ -1,63 +0,0 @@
|
|||
import {Button} from 'react-bootstrap';
|
||||
import React from 'react';
|
||||
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
|
||||
import {COLUMN_SIZES} from '../../../../ui-components/inline-selection/utils';
|
||||
import '../../../../../styles/components/scoutsuite/AWSSetup.scss';
|
||||
import AWSSetupOptions from './AWSSetupOptions';
|
||||
|
||||
|
||||
export default function AWSCLISetup(props) {
|
||||
return InlineSelection(getContents, {
|
||||
...props,
|
||||
collumnSize: COLUMN_SIZES.LARGE,
|
||||
onBackButtonClick: () => {
|
||||
props.setComponent(AWSSetupOptions, props);
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
const getContents = (props) => {
|
||||
return (
|
||||
<div className={'aws-scoutsuite-configuration'}>
|
||||
<h2>AWS CLI configuration for scan</h2>
|
||||
<p>To assess your AWS infrastructure's security do the following:</p>
|
||||
<ol>
|
||||
<li>
|
||||
1. Configure AWS CLI on Monkey Island Server (if you already have a configured CLI you can skip this step).
|
||||
<ol className={'nested-ol'}>
|
||||
<li>
|
||||
a. Download <Button href={'https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html'}
|
||||
target={'_blank'} variant={'link'}>AWS CLI</Button> and
|
||||
install it on the Monkey Island server (machine running this page).
|
||||
</li>
|
||||
<li>
|
||||
b. Run <code>aws configure</code>. It's important to configure credentials as it
|
||||
allows ScoutSuite to get information about your cloud configuration. The simplest way to do so is to
|
||||
provide
|
||||
<Button
|
||||
href={'https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html#cli-configure-quickstart-creds'}
|
||||
variant={'link'}
|
||||
className={'cli-link'}
|
||||
target={'_blank'}>
|
||||
Access key ID and secret access key
|
||||
</Button>.
|
||||
</li>
|
||||
</ol>
|
||||
</li>
|
||||
<li>
|
||||
2. If you change the configuration, make sure not to disable AWS system info collector.
|
||||
</li>
|
||||
<li>
|
||||
3. Go <Button onClick={() => props.setComponent()}
|
||||
variant={'link'}
|
||||
className={'cli-link'}>back</Button>
|
||||
and run Monkey on the Island server.
|
||||
</li>
|
||||
<li>
|
||||
4. Assess results in Zero Trust report.
|
||||
</li>
|
||||
</ol>
|
||||
</div>
|
||||
);
|
||||
}
|
|
@ -1,179 +0,0 @@
|
|||
import React, {useEffect, useState} from 'react';
|
||||
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
|
||||
import {COLUMN_SIZES} from '../../../../ui-components/inline-selection/utils';
|
||||
import AWSSetupOptions from './AWSSetupOptions';
|
||||
import {Button, Col, Form, Row} from 'react-bootstrap';
|
||||
import AuthComponent from '../../../../AuthComponent';
|
||||
import '../../../../../styles/components/scoutsuite/AWSSetup.scss';
|
||||
import {PROVIDERS} from '../ProvidersEnum';
|
||||
import classNames from 'classnames';
|
||||
import {FontAwesomeIcon} from '@fortawesome/react-fontawesome';
|
||||
import {faChevronDown} from '@fortawesome/free-solid-svg-icons/faChevronDown';
|
||||
import {faChevronUp} from '@fortawesome/free-solid-svg-icons/faChevronUp';
|
||||
import {faQuestion} from '@fortawesome/free-solid-svg-icons';
|
||||
import Collapse from '@kunukn/react-collapse/dist/Collapse.umd';
|
||||
import keySetupForAnyUserImage from '../../../../../images/aws_keys_tutorial-any-user.png';
|
||||
import keySetupForCurrentUserImage from '../../../../../images/aws_keys_tutorial-current-user.png';
|
||||
import ImageModal from '../../../../ui-components/ImageModal';
|
||||
|
||||
|
||||
export default function AWSCLISetup(props) {
|
||||
return InlineSelection(getContents, {
|
||||
...props,
|
||||
collumnSize: COLUMN_SIZES.LARGE,
|
||||
onBackButtonClick: () => {
|
||||
props.setComponent(AWSSetupOptions, props);
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
const authComponent = new AuthComponent({})
|
||||
|
||||
const getContents = (props) => {
|
||||
|
||||
const [accessKeyId, setAccessKeyId] = useState('');
|
||||
const [secretAccessKey, setSecretAccessKey] = useState('');
|
||||
const [sessionToken, setSessionToken] = useState('');
|
||||
const [errorMessage, setErrorMessage] = useState('');
|
||||
const [successMessage, setSuccessMessage] = useState('');
|
||||
const [docCollapseOpen, setDocCollapseOpen] = useState(false);
|
||||
|
||||
function submitKeys(event) {
|
||||
event.preventDefault();
|
||||
setSuccessMessage('');
|
||||
setErrorMessage('');
|
||||
authComponent.authFetch(
|
||||
'/api/scoutsuite_auth/' + PROVIDERS.AWS,
|
||||
{
|
||||
'method': 'POST',
|
||||
'body': JSON.stringify({
|
||||
'accessKeyId': accessKeyId,
|
||||
'secretAccessKey': secretAccessKey,
|
||||
'sessionToken': sessionToken
|
||||
})
|
||||
})
|
||||
.then(res => res.json())
|
||||
.then(res => {
|
||||
if (res['error_msg'] === '') {
|
||||
setSuccessMessage('AWS keys saved!');
|
||||
} else if (res['message'] === 'Internal Server Error') {
|
||||
setErrorMessage('Something went wrong, double check keys and contact support if problem persists.');
|
||||
} else {
|
||||
setErrorMessage(res['error_msg']);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
useEffect(() => {
|
||||
authComponent.authFetch('/api/aws_keys')
|
||||
.then(res => res.json())
|
||||
.then(res => {
|
||||
setAccessKeyId(res['access_key_id']);
|
||||
setSecretAccessKey(res['secret_access_key']);
|
||||
setSessionToken(res['session_token']);
|
||||
});
|
||||
}, [props]);
|
||||
|
||||
|
||||
// TODO separate into standalone component
|
||||
function getKeyCreationDocsContent() {
|
||||
return (
|
||||
<div className={'key-creation-tutorial'}>
|
||||
<h5>Tips</h5>
|
||||
<p>Consider creating a new user account just for this activity. Assign only <b>ReadOnlyAccess</b> and
|
||||
<b>SecurityAudit</b> policies.</p>
|
||||
|
||||
<h5>Keys for custom user</h5>
|
||||
<p>1. Open the IAM console at <a href={'https://console.aws.amazon.com/iam/'}
|
||||
target={'_blank'}
|
||||
rel="noopener noreferrer">https://console.aws.amazon.com/iam/</a>.</p>
|
||||
<p>2. In the navigation pane, choose Users.</p>
|
||||
<p>3. Choose the name of the user whose access keys you want to create, and then choose the Security credentials
|
||||
tab.</p>
|
||||
<p>4. In the Access keys section, choose Create Access key.</p>
|
||||
<p>To view the new access key pair, choose Show. Your credentials will look something like this:</p>
|
||||
<p>Access key ID: AKIAIOSFODNN7EXAMPLE</p>
|
||||
<p>Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</p>
|
||||
<Row>
|
||||
<Col lg={3} md={3} sm={5} xs={12}>
|
||||
<ImageModal image={keySetupForAnyUserImage}/>
|
||||
</Col>
|
||||
</Row>
|
||||
|
||||
<h5>Keys for current user</h5>
|
||||
<p>1. Click on your username in the upper right corner.</p>
|
||||
<p>2. Click on "My security credentials".</p>
|
||||
<p>3. In the Access keys section, choose Create Access key.</p>
|
||||
<p>To view the new Access key pair, choose Show. Your credentials will look something like this:</p>
|
||||
<p>Access key ID: AKIAIOSFODNN7EXAMPLE</p>
|
||||
<p>Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</p>
|
||||
<Row>
|
||||
<Col lg={3} md={3} sm={5} xs={12}>
|
||||
<ImageModal image={keySetupForCurrentUserImage}/>
|
||||
</Col>
|
||||
</Row>
|
||||
</div>);
|
||||
}
|
||||
|
||||
function getKeyCreationDocs() {
|
||||
return (
|
||||
<div className={classNames('collapse-item', {'item--active': docCollapseOpen})}>
|
||||
<button className={'btn-collapse'}
|
||||
onClick={() => setDocCollapseOpen(!docCollapseOpen)}>
|
||||
<span>
|
||||
<FontAwesomeIcon icon={faQuestion} className={'question-icon'}/>
|
||||
<p>How to generate keys</p>
|
||||
</span>
|
||||
<span>
|
||||
<FontAwesomeIcon icon={docCollapseOpen ? faChevronDown : faChevronUp}/>
|
||||
</span>
|
||||
</button>
|
||||
<Collapse
|
||||
className='collapse-comp'
|
||||
isOpen={docCollapseOpen}
|
||||
render={getKeyCreationDocsContent}/>
|
||||
</div>);
|
||||
}
|
||||
|
||||
return (
|
||||
<div className={'aws-scoutsuite-key-configuration'}>
|
||||
{getKeyCreationDocs()}
|
||||
<Form className={'auth-form'} onSubmit={submitKeys}>
|
||||
<Form.Control onChange={evt => setAccessKeyId(evt.target.value)}
|
||||
type='text'
|
||||
placeholder='Access key ID'
|
||||
value={accessKeyId}/>
|
||||
<Form.Control onChange={evt => setSecretAccessKey(evt.target.value)}
|
||||
type='password'
|
||||
placeholder='Secret access key'
|
||||
value={secretAccessKey}/>
|
||||
<Form.Control onChange={evt => setSessionToken(evt.target.value)}
|
||||
type='text'
|
||||
placeholder='Session token (optional, only for temp. keys)'
|
||||
value={sessionToken}/>
|
||||
{
|
||||
errorMessage ?
|
||||
<div className="alert alert-danger" role="alert">{errorMessage}</div>
|
||||
:
|
||||
''
|
||||
}
|
||||
{
|
||||
successMessage ?
|
||||
<div className="alert alert-success" role="alert">{successMessage}
|
||||
Go back and
|
||||
<Button variant={'link'} onClick={() => props.setComponent()} className={'link-in-success-message'}>
|
||||
run Monkey from the Island server </Button> to start AWS scan!</div>
|
||||
:
|
||||
''
|
||||
}
|
||||
<Row className={'justify-content-center'}>
|
||||
<Col lg={4} md={6} sm={8} xs={12}>
|
||||
<Button className={'monkey-submit-button'} type={'submit'}>
|
||||
Submit
|
||||
</Button>
|
||||
</Col>
|
||||
</Row>
|
||||
</Form>
|
||||
</div>
|
||||
);
|
||||
}
|
|
@ -1,40 +0,0 @@
|
|||
import React from 'react';
|
||||
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
|
||||
import NextSelectionButton from '../../../../ui-components/inline-selection/NextSelectionButton';
|
||||
import {faKey, faTerminal} from '@fortawesome/free-solid-svg-icons';
|
||||
import AWSCLISetup from './AWSCLISetup';
|
||||
import CloudOptions from '../CloudOptions';
|
||||
import AWSKeySetup from './AWSKeySetup';
|
||||
|
||||
|
||||
const AWSSetupOptions = (props) => {
|
||||
return InlineSelection(getContents, {
|
||||
...props,
|
||||
onBackButtonClick: () => {
|
||||
props.setComponent(CloudOptions, props);
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
const getContents = (props) => {
|
||||
return (
|
||||
<>
|
||||
<NextSelectionButton title={'Security keys'}
|
||||
description={'Provide security keys for monkey to authenticate.'}
|
||||
icon={faKey}
|
||||
onButtonClick={() => {
|
||||
props.setComponent(AWSKeySetup,
|
||||
{setComponent: props.setComponent})
|
||||
}}/>
|
||||
<NextSelectionButton title={'AWS CLI'}
|
||||
description={'Manually configure AWS CLI yourself.'}
|
||||
icon={faTerminal}
|
||||
onButtonClick={() => {
|
||||
props.setComponent(AWSCLISetup,
|
||||
{setComponent: props.setComponent})
|
||||
}}/>
|
||||
</>
|
||||
)
|
||||
}
|
||||
|
||||
export default AWSSetupOptions;
|
|
@ -1,65 +0,0 @@
|
|||
import React, {useEffect, useState} from 'react';
|
||||
import InlineSelection from '../../../ui-components/inline-selection/InlineSelection';
|
||||
import NextSelectionButton from '../../../ui-components/inline-selection/NextSelectionButton';
|
||||
import {faCheck, faCloud, faSync} from '@fortawesome/free-solid-svg-icons';
|
||||
import AWSSetupOptions from './AWSConfiguration/AWSSetupOptions';
|
||||
import {PROVIDERS} from './ProvidersEnum';
|
||||
import AuthComponent from '../../../AuthComponent';
|
||||
|
||||
|
||||
const CloudOptions = (props) => {
|
||||
return InlineSelection(getContents, {
|
||||
...props,
|
||||
onBackButtonClick: () => {
|
||||
props.setComponent()
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
const authComponent = new AuthComponent({})
|
||||
|
||||
const getContents = (props) => {
|
||||
|
||||
const [description, setDescription] = useState('Loading...');
|
||||
const [iconType, setIconType] = useState('spinning-icon');
|
||||
const [icon, setIcon] = useState(faSync);
|
||||
|
||||
useEffect(() => {
|
||||
authComponent.authFetch('/api/scoutsuite_auth/' + PROVIDERS.AWS)
|
||||
.then(res => res.json())
|
||||
.then(res => {
|
||||
if(res.is_setup){
|
||||
setDescription(getDescription(res.message));
|
||||
setIconType('icon-success');
|
||||
setIcon(faCheck);
|
||||
} else {
|
||||
setDescription('Setup Amazon Web Services infrastructure scan.');
|
||||
setIconType('')
|
||||
setIcon(faCloud);
|
||||
}
|
||||
});
|
||||
}, [props]);
|
||||
|
||||
function getDescription(message){
|
||||
return (
|
||||
<>
|
||||
{message} Run <b>from the Island</b> to start the scan. Click next to change the configuration.
|
||||
</>
|
||||
)
|
||||
}
|
||||
|
||||
return (
|
||||
<>
|
||||
<NextSelectionButton title={'AWS'}
|
||||
description={description}
|
||||
icon={icon}
|
||||
iconType={iconType}
|
||||
onButtonClick={() => {
|
||||
props.setComponent(AWSSetupOptions,
|
||||
{setComponent: props.setComponent})
|
||||
}}/>
|
||||
</>
|
||||
)
|
||||
}
|
||||
|
||||
export default CloudOptions;
|
|
@ -1,9 +0,0 @@
|
|||
// Should match enum in monkey/common/cloud/scoutsuite_consts.py
|
||||
|
||||
export const PROVIDERS = {
|
||||
AWS : 'aws',
|
||||
AZURE : 'azure',
|
||||
GCP : 'gcp',
|
||||
ALIBABA : 'aliyun',
|
||||
ORACLE : 'oci'
|
||||
}
|
Loading…
Reference in New Issue