From df6082b50a14ae5721f2e1a743abdffdca11ac66 Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Mon, 5 Jul 2021 13:46:01 -0400
Subject: [PATCH] Island: Refactor linux/windows ransomware path regexes

Refactored because the escape characters were cumbersome and difficult
to read when regexes were defined as strings. Also allow special
characters in Windows environment variable names as per
https://ss64.com/nt/syntax-variables.html
---
 .../ValidationFormats.js                      | 31 +++++++++++--------
 1 file changed, 18 insertions(+), 13 deletions(-)

diff --git a/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js b/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
index 540942f80..6c4ba15a1 100644
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
@@ -2,14 +2,19 @@ const ipRegex = '((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0
 const cidrNotationRegex = '([0-9]|1[0-9]|2[0-9]|3[0-2])'
 const hostnameRegex = '^([A-Za-z0-9]*[A-Za-z]+[A-Za-z0-9]*.?)*([A-Za-z0-9]*[A-Za-z]+[A-Za-z0-9]*)$'
 
-const linuxAbsolutePathRegex = '^/' // path starts with `/`
-const linuxPathStartsWithEnvVariableRegex = '^\\$' // path starts with `$`
-const linuxPathStartsWithTilde = '^~' // path starts with `~`
 
-const windowsAbsolutePathRegex = '^([A-Za-z]:(\\\\|\\/))' // path starts like `C:\` OR `C:/`
-const windowsPathStartsWithEnvVariableRegex = '^\\$|^(%\\w*\\d*\\s*%)' // path starts like `$` OR `%abc%`
+const linuxAbsolutePathRegex = /^\// // path starts with `/`
+const linuxPathStartsWithEnvVariableRegex = /^\$/ // path starts with `$`
+const linuxPathStartsWithTildeRegex = /^~/ // path starts with `~`
 
-const whitespacesOnlyRegex = '^\\s*$'
+
+const windowsAbsolutePathRegex = /^([A-Za-z]:(\\|\/))/ // path starts like `C:\` OR `C:/`
+const windowsEnvVarNonNumeric = '[A-Za-z#\\$\'\\(\\)\\*\\+,-\\.\\?@\\[\\]_`\\{\\}~+ ]'
+const windowsPathStartsWithEnvVariableRegex = new RegExp(
+	`^\\$|^%(${windowsEnvVarNonNumeric}+(${windowsEnvVarNonNumeric}|\\d)*)%`
+);// path starts like `$` OR `%abc%`
+
+const emptyRegex = /^$/
 
 
 export const IP_RANGE = 'ip-range';
@@ -39,17 +44,17 @@ function buildIpRegex(){
 
 function buildValidRansomwarePathLinuxRegex() {
   return new RegExp([
-    whitespacesOnlyRegex,
-    linuxAbsolutePathRegex,
-    linuxPathStartsWithEnvVariableRegex,
-    linuxPathStartsWithTilde
+		emptyRegex.source,
+    linuxAbsolutePathRegex.source,
+    linuxPathStartsWithEnvVariableRegex.source,
+    linuxPathStartsWithTildeRegex.source
   ].join('|'))
 }
 
 function buildValidRansomwarePathWindowsRegex() {
   return new RegExp([
-    whitespacesOnlyRegex,
-    windowsAbsolutePathRegex,
-    windowsPathStartsWithEnvVariableRegex
+		emptyRegex.source,
+    windowsAbsolutePathRegex.source,
+    windowsPathStartsWithEnvVariableRegex.source
   ].join('|'))
 }