From 6695e5b4acc7e44bfd3cb2544aa2c7334cba9f58 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 4 Jul 2022 17:49:32 +0200 Subject: [PATCH 1/6] Island: Modify IStolenCredentialsRepository * Rename to ICredentialsRepository * Add {get/remove/save}_{stolen/configured}_credentials --- .../cc/repository/i_credentials_repository.py | 81 +++++++++++++++++++ .../i_stolen_credentials_repository.py | 13 --- vulture_allowlist.py | 13 ++- 3 files changed, 91 insertions(+), 16 deletions(-) create mode 100644 monkey/monkey_island/cc/repository/i_credentials_repository.py delete mode 100644 monkey/monkey_island/cc/repository/i_stolen_credentials_repository.py diff --git a/monkey/monkey_island/cc/repository/i_credentials_repository.py b/monkey/monkey_island/cc/repository/i_credentials_repository.py new file mode 100644 index 000000000..75dd6f6e1 --- /dev/null +++ b/monkey/monkey_island/cc/repository/i_credentials_repository.py @@ -0,0 +1,81 @@ +from abc import ABC +from typing import Sequence + +from monkey_island.cc.services.telemetry.processing.credentials import Credentials + + +class ICredentialsRepository(ABC): + def get_configured_credentials(self) -> Sequence[Credentials]: + """ + Retrieve all credentials that were configured. + + :raises RetrievalError: If an error is encountered while attempting to retrieve configured + credentials. + :return: Sequence of configured credentials + """ + pass + + def save_configured_credentials(self, configured_credentials: Credentials): + """ + Save credentials which are configured. + + :param configured_credentials: Credentials that are going to be stored. + :raises StorageError: If an error is encountered while attempting to store configured + credentials. + """ + pass + + def remove_configured_credentials(self): + """ + Remove all configured credentials. + + :raises RemovalError: If an error is encountered while attempting to remove configured + credentials. + """ + pass + + def get_stolen_credentials(self) -> Sequence[Credentials]: + """ + Retrieve credentials that are stolen + + :raises RetrievalError: If an error is encountered while attempting to retrieve stolen + credentials. + :return: Sequence of all stolen credentials + """ + pass + + def save_stolen_credentials(self, stolen_credentials: Credentials): + """ + Save credentials which are stolen. + + :param stolen_credentials: Credentials that are going to be stored. + :raises StorageError: If an error is encountered while attempting to store stolen + credentials. + """ + pass + + def remove_stolen_credentials(self): + """ + Remove all credentials from the repository. + + :raises RemovalError: If an error is encountered while attempting to remove the credentials. + """ + pass + + def get_all_credentials(self) -> Sequence[Credentials]: + """ + Retrieve stolen and configured credentials. + + :raises RetrievalError: If an error is encountered while attempting to retrieve the + credentials + :return: Sequence of stolen and configured credentials + """ + pass + + def remove_all_credentials(self): + """ + Remove all the credentials in the repository. + + :raises RemovalError: If an error is encountered while attempting to remove the credentials. + """ + pass diff --git a/monkey/monkey_island/cc/repository/i_stolen_credentials_repository.py b/monkey/monkey_island/cc/repository/i_stolen_credentials_repository.py deleted file mode 100644 index 00d8a4620..000000000 --- a/monkey/monkey_island/cc/repository/i_stolen_credentials_repository.py +++ /dev/null @@ -1,13 +0,0 @@ -from abc import ABC -from typing import Sequence - -from monkey_island.cc.models import StolenCredentials - - -# Consider removing this interface and just using the telemetry type -class IStolenCredentialsRepository(ABC): - def get_stolen_credentials(self) -> Sequence[StolenCredentials]: - pass - - def save_stolen_credentials(self, stolen_credentials: StolenCredentials): - pass diff --git a/vulture_allowlist.py b/vulture_allowlist.py index 22ddb97d5..383072f14 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -17,7 +17,7 @@ from monkey_island.cc.repository.i_network_map_repository import INetworkMapRepo from monkey_island.cc.repository.i_report_repository import IReportRepository from monkey_island.cc.repository.i_simulation_repository import ISimulationRepository from monkey_island.cc.repository.i_telemetry_repository import ITelemetryRepository -from monkey_island.cc.repository.IStolenCredentials import IStolenCredentialsRepository +from monkey_island.cc.repository.ICredentials import ICredentialsRepository from monkey_island.cc.repository.zero_trust.IEventRepository import IEventRepository from monkey_island.cc.repository.zero_trust.IFindingRepository import IFindingRepository @@ -225,12 +225,19 @@ INetworkMapRepository.save_netmap IReportRepository ISimulationRepository.save_simulation ISimulationRepository.get_simulation -IStolenCredentialsRepository.get_stolen_credentials -IStolenCredentialsRepository.save_stolen_credentials +ICredentialsRepository.get_stolen_credentials +ICredentialsRepository.get_configured_credentials +ICredentialsRepository.get_all_credentials +ICredentialsRepository.remove_stolen_credentials +ICredentialsRepository.remove_configured_credentials +ICredentialsRepository.remove_all_credentials +ICredentialsRepository.save_stolen_credentials +ICredentialsRepository.save_configured_credentials ITelemetryRepository.get_telemetries IEventRepository.get_events IFindingRepository.get_findings key_list simulation stolen_credentials +configured_credentials netmap From 2736f058d727443e6fb1ea2b98386761f62fe5cd Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 5 Jul 2022 10:46:10 -0400 Subject: [PATCH 2/6] Island: Fix docstring formatting in ICredentialsRepository --- .../cc/repository/i_credentials_repository.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/monkey/monkey_island/cc/repository/i_credentials_repository.py b/monkey/monkey_island/cc/repository/i_credentials_repository.py index 75dd6f6e1..c58456c9d 100644 --- a/monkey/monkey_island/cc/repository/i_credentials_repository.py +++ b/monkey/monkey_island/cc/repository/i_credentials_repository.py @@ -10,7 +10,7 @@ class ICredentialsRepository(ABC): Retrieve all credentials that were configured. :raises RetrievalError: If an error is encountered while attempting to retrieve configured - credentials. + credentials :return: Sequence of configured credentials """ pass @@ -19,9 +19,9 @@ class ICredentialsRepository(ABC): """ Save credentials which are configured. - :param configured_credentials: Credentials that are going to be stored. + :param configured_credentials: Credentials that are going to be stored :raises StorageError: If an error is encountered while attempting to store configured - credentials. + credentials """ pass @@ -30,7 +30,7 @@ class ICredentialsRepository(ABC): Remove all configured credentials. :raises RemovalError: If an error is encountered while attempting to remove configured - credentials. + credentials """ pass @@ -39,7 +39,7 @@ class ICredentialsRepository(ABC): Retrieve credentials that are stolen :raises RetrievalError: If an error is encountered while attempting to retrieve stolen - credentials. + credentials :return: Sequence of all stolen credentials """ pass @@ -48,9 +48,9 @@ class ICredentialsRepository(ABC): """ Save credentials which are stolen. - :param stolen_credentials: Credentials that are going to be stored. + :param stolen_credentials: Credentials that are going to be stored :raises StorageError: If an error is encountered while attempting to store stolen - credentials. + credentials """ pass @@ -58,7 +58,7 @@ class ICredentialsRepository(ABC): """ Remove all credentials from the repository. - :raises RemovalError: If an error is encountered while attempting to remove the credentials. + :raises RemovalError: If an error is encountered while attempting to remove the credentials """ pass @@ -76,6 +76,6 @@ class ICredentialsRepository(ABC): """ Remove all the credentials in the repository. - :raises RemovalError: If an error is encountered while attempting to remove the credentials. + :raises RemovalError: If an error is encountered while attempting to remove the credentials """ pass From 035734992c4ca30bcf5910fb9fb1fa33f19acecf Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 5 Jul 2022 10:48:25 -0400 Subject: [PATCH 3/6] Island: Change parameter names in ICredentialsRepository.save_*() --- .../cc/repository/i_credentials_repository.py | 8 ++++---- vulture_allowlist.py | 2 -- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/monkey/monkey_island/cc/repository/i_credentials_repository.py b/monkey/monkey_island/cc/repository/i_credentials_repository.py index c58456c9d..4360f5a62 100644 --- a/monkey/monkey_island/cc/repository/i_credentials_repository.py +++ b/monkey/monkey_island/cc/repository/i_credentials_repository.py @@ -15,11 +15,11 @@ class ICredentialsRepository(ABC): """ pass - def save_configured_credentials(self, configured_credentials: Credentials): + def save_configured_credentials(self, credentials: Credentials): """ Save credentials which are configured. - :param configured_credentials: Credentials that are going to be stored + :param credentials: Credentials that are going to be stored :raises StorageError: If an error is encountered while attempting to store configured credentials """ @@ -44,11 +44,11 @@ class ICredentialsRepository(ABC): """ pass - def save_stolen_credentials(self, stolen_credentials: Credentials): + def save_stolen_credentials(self, credentials: Credentials): """ Save credentials which are stolen. - :param stolen_credentials: Credentials that are going to be stored + :param credentials: Credentials that are going to be stored :raises StorageError: If an error is encountered while attempting to store stolen credentials """ diff --git a/vulture_allowlist.py b/vulture_allowlist.py index 383072f14..a3393325e 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -238,6 +238,4 @@ IEventRepository.get_events IFindingRepository.get_findings key_list simulation -stolen_credentials -configured_credentials netmap From cbed178549d940190fc67794068637440efcf55a Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 5 Jul 2022 10:57:36 -0400 Subject: [PATCH 4/6] Island: Reword docstrings in ICredentialsRepository --- .../cc/repository/i_credentials_repository.py | 29 +++++++++---------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/monkey/monkey_island/cc/repository/i_credentials_repository.py b/monkey/monkey_island/cc/repository/i_credentials_repository.py index 4360f5a62..26a21b980 100644 --- a/monkey/monkey_island/cc/repository/i_credentials_repository.py +++ b/monkey/monkey_island/cc/repository/i_credentials_repository.py @@ -7,9 +7,9 @@ from monkey_island.cc.services.telemetry.processing.credentials import Credentia class ICredentialsRepository(ABC): def get_configured_credentials(self) -> Sequence[Credentials]: """ - Retrieve all credentials that were configured. + Retrieve credentials that were configured. - :raises RetrievalError: If an error is encountered while attempting to retrieve configured + :raises RetrievalError: If an error is encountered while attempting to retrieve the credentials :return: Sequence of configured credentials """ @@ -17,9 +17,9 @@ class ICredentialsRepository(ABC): def save_configured_credentials(self, credentials: Credentials): """ - Save credentials which are configured. + Save credentials that were configured. - :param credentials: Credentials that are going to be stored + :param credentials: Configured Credentials to store in the repository :raises StorageError: If an error is encountered while attempting to store configured credentials """ @@ -27,28 +27,27 @@ class ICredentialsRepository(ABC): def remove_configured_credentials(self): """ - Remove all configured credentials. + Remove credentials that were configured from the repository. - :raises RemovalError: If an error is encountered while attempting to remove configured - credentials + :raises RemovalError: If an error is encountered while attempting to remove the credentials """ pass def get_stolen_credentials(self) -> Sequence[Credentials]: """ - Retrieve credentials that are stolen + Retrieve credentials that were stolen during a simulation. - :raises RetrievalError: If an error is encountered while attempting to retrieve stolen + :raises RetrievalError: If an error is encountered while attempting to retrieve the credentials - :return: Sequence of all stolen credentials + :return: Sequence of stolen credentials """ pass def save_stolen_credentials(self, credentials: Credentials): """ - Save credentials which are stolen. + Save credentials that were stolen during a simulation. - :param credentials: Credentials that are going to be stored + :param credentials: Stolen Credentials to store in the repository :raises StorageError: If an error is encountered while attempting to store stolen credentials """ @@ -56,7 +55,7 @@ class ICredentialsRepository(ABC): def remove_stolen_credentials(self): """ - Remove all credentials from the repository. + Remove stolen credentials from the repository. :raises RemovalError: If an error is encountered while attempting to remove the credentials """ @@ -64,7 +63,7 @@ class ICredentialsRepository(ABC): def get_all_credentials(self) -> Sequence[Credentials]: """ - Retrieve stolen and configured credentials. + Retrieve all credentials in the repository. :raises RetrievalError: If an error is encountered while attempting to retrieve the credentials @@ -74,7 +73,7 @@ class ICredentialsRepository(ABC): def remove_all_credentials(self): """ - Remove all the credentials in the repository. + Remove all credentials in the repository. :raises RemovalError: If an error is encountered while attempting to remove the credentials """ From 64e548957f1457e3ef56fc356089a9c9f1a2bdd3 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 5 Jul 2022 10:59:28 -0400 Subject: [PATCH 5/6] Island: Reorder methods in ICredentialsRepository --- .../cc/repository/i_credentials_repository.py | 70 +++++++++---------- 1 file changed, 34 insertions(+), 36 deletions(-) diff --git a/monkey/monkey_island/cc/repository/i_credentials_repository.py b/monkey/monkey_island/cc/repository/i_credentials_repository.py index 26a21b980..769175301 100644 --- a/monkey/monkey_island/cc/repository/i_credentials_repository.py +++ b/monkey/monkey_island/cc/repository/i_credentials_repository.py @@ -15,24 +15,6 @@ class ICredentialsRepository(ABC): """ pass - def save_configured_credentials(self, credentials: Credentials): - """ - Save credentials that were configured. - - :param credentials: Configured Credentials to store in the repository - :raises StorageError: If an error is encountered while attempting to store configured - credentials - """ - pass - - def remove_configured_credentials(self): - """ - Remove credentials that were configured from the repository. - - :raises RemovalError: If an error is encountered while attempting to remove the credentials - """ - pass - def get_stolen_credentials(self) -> Sequence[Credentials]: """ Retrieve credentials that were stolen during a simulation. @@ -43,24 +25,6 @@ class ICredentialsRepository(ABC): """ pass - def save_stolen_credentials(self, credentials: Credentials): - """ - Save credentials that were stolen during a simulation. - - :param credentials: Stolen Credentials to store in the repository - :raises StorageError: If an error is encountered while attempting to store stolen - credentials - """ - pass - - def remove_stolen_credentials(self): - """ - Remove stolen credentials from the repository. - - :raises RemovalError: If an error is encountered while attempting to remove the credentials - """ - pass - def get_all_credentials(self) -> Sequence[Credentials]: """ Retrieve all credentials in the repository. @@ -71,6 +35,40 @@ class ICredentialsRepository(ABC): """ pass + def save_configured_credentials(self, credentials: Credentials): + """ + Save credentials that were configured. + + :param credentials: Configured Credentials to store in the repository + :raises StorageError: If an error is encountered while attempting to store the credentials + """ + pass + + def save_stolen_credentials(self, credentials: Credentials): + """ + Save credentials that were stolen during a simulation. + + :param credentials: Stolen Credentials to store in the repository + :raises StorageError: If an error is encountered while attempting to store the credentials + """ + pass + + def remove_configured_credentials(self): + """ + Remove credentials that were configured from the repository. + + :raises RemovalError: If an error is encountered while attempting to remove the credentials + """ + pass + + def remove_stolen_credentials(self): + """ + Remove stolen credentials from the repository. + + :raises RemovalError: If an error is encountered while attempting to remove the credentials + """ + pass + def remove_all_credentials(self): """ Remove all credentials in the repository. From 0ab30d02a2c20b42c27d266f34ec29d82b76fb40 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 5 Jul 2022 11:02:27 -0400 Subject: [PATCH 6/6] Island: Add class docstring for ICredentialsRepository --- .../cc/repository/i_credentials_repository.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/monkey/monkey_island/cc/repository/i_credentials_repository.py b/monkey/monkey_island/cc/repository/i_credentials_repository.py index 769175301..74ab94628 100644 --- a/monkey/monkey_island/cc/repository/i_credentials_repository.py +++ b/monkey/monkey_island/cc/repository/i_credentials_repository.py @@ -5,6 +5,14 @@ from monkey_island.cc.services.telemetry.processing.credentials import Credentia class ICredentialsRepository(ABC): + """ + Store credentials that can be used to propagate around the network. + + This repository stores credentials that were either "configured" or "stolen". "Configured" + credentials are provided to the simulation as input. "Stolen" credentials are collected during + a simulation. + """ + def get_configured_credentials(self) -> Sequence[Credentials]: """ Retrieve credentials that were configured.