From e8947a375a714d5c868d9d6df2a9a53c801a617d Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Thu, 6 May 2021 19:51:23 -0400 Subject: [PATCH] Add a whitelist for vulture --- .flake8 | 3 +- whitelist.py | 186 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 187 insertions(+), 2 deletions(-) create mode 100644 whitelist.py diff --git a/.flake8 b/.flake8 index 1f81c9edc..c7cd1da1d 100644 --- a/.flake8 +++ b/.flake8 @@ -1,7 +1,7 @@ [flake8] ## Warn about linter issues. -exclude = monkey/monkey_island/cc/ui +exclude = monkey/monkey_island/cc/ui,whitelist.py show-source = True max-complexity = 10 max-line-length = 100 @@ -15,4 +15,3 @@ statistics = True ### --count will print the total number of errors. count = True - diff --git a/whitelist.py b/whitelist.py new file mode 100644 index 000000000..ad346ff0b --- /dev/null +++ b/whitelist.py @@ -0,0 +1,186 @@ +""" +Everything in this file is what Vulture found as dead code but either isn't really +dead or is kept deliberately. Referencing these in a file like this makes sure that +Vulture doesn't mark these as dead again. +""" + + +fake_monkey_dir_path # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:37) +set_os_linux # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:37) +fake_monkey_dir_path # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:57) +set_os_windows # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:57) +fake_monkey_dir_path # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:77) +set_os_linux # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:77) +fake_monkey_dir_path # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:92) +set_os_windows # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:92) +fake_monkey_dir_path # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:107) +set_os_linux # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:107) +fake_monkey_dir_path # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:122) +set_os_windows # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:122) +patch_new_user_classes # unused variable (monkey/tests/infection_monkey/utils/test_auto_new_user_factory.py:25) +patch_new_user_classes # unused variable (monkey/tests/infection_monkey/utils/test_auto_new_user_factory.py:31) +mock_home_env # unused variable (monkey/tests/monkey_island/cc/server_utils/test_island_logger.py:20) +configure_resources # unused function (monkey/tests/monkey_island/cc/environment/test_environment.py:26) +change_to_mongo_mock # unused function (monkey/monkey_island/cc/test_common/fixtures/mongomock_fixtures.py:9) +uses_database # unused function (monkey/monkey_island/cc/test_common/fixtures/mongomock_fixtures.py:16) +datas # unused variable (monkey/monkey_island/pyinstaller_hooks/hook-stix2.py:9) +test_key # unused variable (monkey/monkey_island/cc/services/zero_trust/zero_trust_report/finding_service.py:20) +pillars # unused variable (monkey/monkey_island/cc/services/zero_trust/zero_trust_report/finding_service.py:21) +CLEAN_UNKNOWN # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:9) +CLEAN_LINUX # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:10) +CLEAN_WINDOWS # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:11) +EXPLOITED_LINUX # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:12) +EXPLOITED_WINDOWS # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:13) +ISLAND_MONKEY_LINUX # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:15) +ISLAND_MONKEY_LINUX_RUNNING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:16) +ISLAND_MONKEY_LINUX_STARTING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:17) +ISLAND_MONKEY_WINDOWS # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:18) +ISLAND_MONKEY_WINDOWS_RUNNING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:19) +ISLAND_MONKEY_WINDOWS_STARTING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:20) +MANUAL_LINUX # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:21) +MANUAL_LINUX_RUNNING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:22) +MANUAL_WINDOWS # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:23) +MANUAL_WINDOWS_RUNNING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:24) +MONKEY_LINUX # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:25) +MONKEY_WINDOWS # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:27) +MONKEY_WINDOWS_RUNNING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:28) +MONKEY_WINDOWS_STARTING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:29) +MONKEY_LINUX_STARTING # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:30) +MONKEY_WINDOWS_OLD # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:31) +MONKEY_LINUX_OLD # unused variable (monkey/monkey_island/cc/services/utils/node_states.py:32) +_.credential_type # unused attribute (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/processors/cred_exploit.py:19) +_.credential_type # unused attribute (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/processors/cred_exploit.py:22) +_.credential_type # unused attribute (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/processors/cred_exploit.py:25) +_.password_restored # unused attribute (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/processors/zerologon.py:11) +credential_type # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_report_info.py:18) +password_restored # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_report_info.py:23) +SSH # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:30) +SAMBACRY # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:31) +ELASTIC # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:32) +MS08_067 # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:35) +SHELLSHOCK # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:36) +STRUTS2 # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:39) +WEBLOGIC # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:40) +HADOOP # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:43) +MSSQL # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:44) +VSFTPD # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:45) +DRUPAL # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:48) +_.do_POST # unused method (monkey/monkey_island/cc/server_utils/bootloader_server.py:26) +PbaResults # unused class (monkey/monkey_island/cc/models/pba_results.py:4) +internet_access # unused variable (monkey/monkey_island/cc/models/monkey.py:43) +config_error # unused variable (monkey/monkey_island/cc/models/monkey.py:53) +pba_results # unused variable (monkey/monkey_island/cc/models/monkey.py:55) +command_control_channel # unused variable (monkey/monkey_island/cc/models/monkey.py:58) +meta # unused variable (monkey/monkey_island/cc/models/zero_trust/finding.py:37) +meta # unused variable (monkey/monkey_island/cc/models/monkey_ttl.py:34) +expire_at # unused variable (monkey/monkey_island/cc/models/monkey_ttl.py:36) +meta # unused variable (monkey/monkey_island/cc/models/config.py:11) +meta # unused variable (monkey/monkey_island/cc/models/creds.py:9) +meta # unused variable (monkey/monkey_island/cc/models/edge.py:5) +Config # unused class (monkey/monkey_island/cc/models/config.py:4) +Creds # unused class (monkey/monkey_island/cc/models/creds.py:4) +_.do_CONNECT # unused method (monkey/infection_monkey/transport/http.py:151) +_.do_POST # unused method (monkey/infection_monkey/transport/http.py:122) +_.do_HEAD # unused method (monkey/infection_monkey/transport/http.py:61) +_.do_GET # unused method (monkey/infection_monkey/transport/http.py:38) +_.do_POST # unused method (monkey/infection_monkey/transport/http.py:34) +_.do_GET # unused method (monkey/infection_monkey/exploit/weblogic.py:237) +ElasticFinger # unused class (monkey/infection_monkey/network/elasticfinger.py:18) +HTTPFinger # unused class (monkey/infection_monkey/network/httpfinger.py:9) +MySQLFinger # unused class (monkey/infection_monkey/network/mysqlfinger.py:13) +SSHFinger # unused class (monkey/infection_monkey/network/sshfinger.py:15) +ClearCommandHistory # unused class (monkey/infection_monkey/post_breach/actions/clear_command_history.py:11) +AccountDiscovery # unused class (monkey/infection_monkey/post_breach/actions/discover_accounts.py:8) +ModifyShellStartupFiles # unused class (monkey/infection_monkey/post_breach/actions/modify_shell_startup_files.py:11) +Timestomping # unused class (monkey/infection_monkey/post_breach/actions/timestomping.py:6) +SignedScriptProxyExecution # unused class (monkey/infection_monkey/post_breach/actions/use_signed_scripts.py:15) +AwsCollector # unused class (monkey/infection_monkey/system_info/collectors/aws_collector.py:15) +EnvironmentCollector # unused class (monkey/infection_monkey/system_info/collectors/environment_collector.py:19) +HostnameCollector # unused class (monkey/infection_monkey/system_info/collectors/hostname_collector.py:10) +ProcessListCollector # unused class (monkey/infection_monkey/system_info/collectors/process_list_collector.py:18) +_.coinit_flags # unused attribute (monkey/infection_monkey/system_info/windows_info_collector.py:11) +_.representations # unused attribute (monkey/monkey_island/cc/app.py:180) +_.log_message # unused method (monkey/infection_monkey/transport/http.py:188) +_.log_message # unused method (monkey/infection_monkey/transport/http.py:109) +_.version_string # unused method (monkey/infection_monkey/transport/http.py:148) +_.version_string # unused method (monkey/infection_monkey/transport/http.py:27) +_.close_connection # unused attribute (monkey/infection_monkey/transport/http.py:57) +protocol_version # unused variable (monkey/infection_monkey/transport/http.py:24) +hiddenimports # unused variable (monkey/infection_monkey/pyinstaller_hooks/hook-infection_monkey.exploit.py:3) +hiddenimports # unused variable (monkey/infection_monkey/pyinstaller_hooks/hook-infection_monkey.network.py:3) +hiddenimports # unused variable (monkey/infection_monkey/pyinstaller_hooks/hook-infection_monkey.post_breach.actions.py:4) +hiddenimports # unused variable (monkey/infection_monkey/pyinstaller_hooks/hook-infection_monkey.system_info.collectors.py:4) +_.wShowWindow # unused attribute (monkey/infection_monkey/monkey.py:345) +_.dwFlags # unused attribute (monkey/infection_monkey/monkey.py:344) +_.do_get # unused method (monkey/infection_monkey/exploit/zerologon_utils/remote_shell.py:79) +_.do_exit # unused method (monkey/infection_monkey/exploit/zerologon_utils/remote_shell.py:96) +_.prompt # unused attribute (monkey/infection_monkey/exploit/zerologon_utils/remote_shell.py:108) +_.prompt # unused attribute (monkey/infection_monkey/exploit/zerologon_utils/remote_shell.py:125) +keytab # unused variable (monkey/infection_monkey/exploit/zerologon_utils/options.py:16) +no_pass # unused variable (monkey/infection_monkey/exploit/zerologon_utils/options.py:18) +ts # unused variable (monkey/infection_monkey/exploit/zerologon_utils/options.py:25) +opnum # unused variable (monkey/infection_monkey/exploit/zerologon.py:466) +structure # unused variable (monkey/infection_monkey/exploit/zerologon.py:467) +structure # unused variable (monkey/infection_monkey/exploit/zerologon.py:478) +_._port # unused attribute (monkey/infection_monkey/exploit/win_ms08_067.py:123) +oid_set # unused variable (monkey/infection_monkey/exploit/tools/wmi_tools.py:96) +export_monkey_telems # unused variable (monkey/infection_monkey/config.py:282) +NoInternetError # unused class (monkey/common/utils/exceptions.py:33) +_.__isabstractmethod__ # unused attribute (monkey/common/utils/code_utils.py:11) +MIMIKATZ # unused variable (monkey/common/utils/attack_utils.py:21) +MIMIKATZ_WINAPI # unused variable (monkey/common/utils/attack_utils.py:25) +DROPPER # unused variable (monkey/common/utils/attack_utils.py:29) +pytest_addoption # unused function (envs/os_compatibility/conftest.py:4) +pytest_addoption # unused function (envs/monkey_zoo/blackbox/conftest.py:4) +pytest_runtest_setup # unused function (envs/monkey_zoo/blackbox/conftest.py:47) +config_value_list # unused variable (envs/monkey_zoo/blackbox/config_templates/smb_pth.py:10) +_.dashboard_name # unused attribute (monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_rule_service.py:13) +_.checked_items # unused attribute (monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_rule_service.py:14) +_.flagged_items # unused attribute (monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_rule_service.py:15) +_.rationale # unused attribute (monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_rule_service.py:17) +_.remediation # unused attribute (monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_rule_service.py:18) +_.compliance # unused attribute (monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_rule_service.py:19) +_.references # unused attribute (monkey/monkey_island/cc/services/zero_trust/scoutsuite/scoutsuite_rule_service.py:20) +ACM # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:8) +AWSLAMBDA # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:9) +DIRECTCONNECT # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:14) +EFS # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:16) +ELASTICACHE # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:17) +EMR # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:20) +KMS # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:22) +ROUTE53 # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:25) +SECRETSMANAGER # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/service_consts.py:31) +RDS_SNAPSHOT_PUBLIC # unused variable (monkey/monkey_island/cc/services/zero_trust/scoutsuite/consts/rule_names/rds_rules.py:17) +dashboard_name # unused variable (monkey/monkey_island/cc/models/zero_trust/scoutsuite_rule.py:18) +checked_items # unused variable (monkey/monkey_island/cc/models/zero_trust/scoutsuite_rule.py:19) +flagged_items # unused variable (monkey/monkey_island/cc/models/zero_trust/scoutsuite_rule.py:20) +rationale # unused variable (monkey/monkey_island/cc/models/zero_trust/scoutsuite_rule.py:22) +remediation # unused variable (monkey/monkey_island/cc/models/zero_trust/scoutsuite_rule.py:23) +compliance # unused variable (monkey/monkey_island/cc/models/zero_trust/scoutsuite_rule.py:24) +references # unused variable (monkey/monkey_island/cc/models/zero_trust/scoutsuite_rule.py:25) +ALIBABA # unused variable (monkey/common/cloud/scoutsuite_consts.py:8) +ORACLE # unused variable (monkey/common/cloud/scoutsuite_consts.py:9) +ALIBABA # unused variable (monkey/common/cloud/environment_names.py:10) +IBM # unused variable (monkey/common/cloud/environment_names.py:11) +DigitalOcean # unused variable (monkey/common/cloud/environment_names.py:12) +_.aws_info # unused attribute (monkey/monkey_island/cc/environment/aws.py:13) + + +# these are not needed for it to work, but may be useful extra information to understand what's going on +WINDOWS_PBA_TYPE # unused variable (monkey/monkey_island/cc/resources/pba_file_upload.py:23) +WINDOWS_TTL # unused variable (monkey/infection_monkey/network/ping_scanner.py:17) +wlist # unused variable (monkey/infection_monkey/transport/tcp.py:28) +wlist # unused variable (monkey/infection_monkey/transport/http.py:176) +charset # unused variable (monkey/infection_monkey/network/mysqlfinger.py:81) +salt # unused variable (monkey/infection_monkey/network/mysqlfinger.py:78) +thread_id # unused variable (monkey/infection_monkey/network/mysqlfinger.py:61) + + +# leaving this since there's a TODO related to it +_.get_wmi_info # unused method (monkey/infection_monkey/system_info/windows_info_collector.py:63) + + +# not 100% sure about these? are these being/will be used somewhere else? +LOG_DIR_NAME # unused variable (envs/monkey_zoo/blackbox/log_handlers/test_logs_handler.py:8) +delete_logs # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:85) +MongoQueryJSONEncoder # unused class (envs/monkey_zoo/blackbox/utils/json_encoder.py:6)