forked from p34709852/monkey
Merge pull request #2046 from guardicore/2002-remove-config-import-export-endpoints
2002 remove config import export endpoints
This commit is contained in:
commit
49fbb6a128
|
@ -83,6 +83,8 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- "+dev" from version numbers. #1553
|
- "+dev" from version numbers. #1553
|
||||||
- agent's "--config" argument. #906
|
- agent's "--config" argument. #906
|
||||||
- Option to export monkey telemetries. #1998
|
- Option to export monkey telemetries. #1998
|
||||||
|
- "/api/configuration/import" endpoint. #2002
|
||||||
|
- "/api/configuration/export" endpoint. #2002
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
- A bug in network map page that caused delay of telemetry log loading. #1545
|
- A bug in network map page that caused delay of telemetry log loading. #1545
|
||||||
|
|
|
@ -23,8 +23,6 @@ from monkey_island.cc.resources.blackbox.monkey_blackbox_endpoint import MonkeyB
|
||||||
from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import (
|
from monkey_island.cc.resources.blackbox.telemetry_blackbox_endpoint import (
|
||||||
TelemetryBlackboxEndpoint,
|
TelemetryBlackboxEndpoint,
|
||||||
)
|
)
|
||||||
from monkey_island.cc.resources.configuration_export import ConfigurationExport
|
|
||||||
from monkey_island.cc.resources.configuration_import import ConfigurationImport
|
|
||||||
from monkey_island.cc.resources.edge import Edge
|
from monkey_island.cc.resources.edge import Edge
|
||||||
from monkey_island.cc.resources.exploitations.manual_exploitation import ManualExploitation
|
from monkey_island.cc.resources.exploitations.manual_exploitation import ManualExploitation
|
||||||
from monkey_island.cc.resources.exploitations.monkey_exploitation import MonkeyExploitation
|
from monkey_island.cc.resources.exploitations.monkey_exploitation import MonkeyExploitation
|
||||||
|
@ -154,8 +152,6 @@ def init_api_resources(api: FlaskDIWrapper):
|
||||||
|
|
||||||
api.add_resource(IslandMode)
|
api.add_resource(IslandMode)
|
||||||
api.add_resource(IslandConfiguration)
|
api.add_resource(IslandConfiguration)
|
||||||
api.add_resource(ConfigurationExport)
|
|
||||||
api.add_resource(ConfigurationImport)
|
|
||||||
api.add_resource(AgentConfiguration)
|
api.add_resource(AgentConfiguration)
|
||||||
api.add_resource(AgentBinaries)
|
api.add_resource(AgentBinaries)
|
||||||
api.add_resource(NetMap)
|
api.add_resource(NetMap)
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
from monkey_island.cc.resources.AbstractResource import AbstractResource
|
|
||||||
from monkey_island.cc.resources.request_authentication import jwt_required
|
|
||||||
from monkey_island.cc.services.config import ConfigService
|
|
||||||
|
|
||||||
|
|
||||||
class ConfigurationExport(AbstractResource):
|
|
||||||
urls = ["/api/configuration/export"]
|
|
||||||
|
|
||||||
@jwt_required
|
|
||||||
def post(self):
|
|
||||||
plaintext_config = ConfigService.get_config()
|
|
||||||
|
|
||||||
config_export = plaintext_config
|
|
||||||
|
|
||||||
return {"config_export": config_export, "encrypted": False}
|
|
|
@ -1,83 +0,0 @@
|
||||||
import json
|
|
||||||
import logging
|
|
||||||
from dataclasses import dataclass
|
|
||||||
from json.decoder import JSONDecodeError
|
|
||||||
|
|
||||||
from flask import request
|
|
||||||
|
|
||||||
from common.utils.exceptions import InvalidConfigurationError
|
|
||||||
from monkey_island.cc.resources.AbstractResource import AbstractResource
|
|
||||||
from monkey_island.cc.resources.request_authentication import jwt_required
|
|
||||||
from monkey_island.cc.server_utils.encryption import InvalidCiphertextError, InvalidCredentialsError
|
|
||||||
from monkey_island.cc.services.config import ConfigService
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
|
||||||
|
|
||||||
|
|
||||||
class ImportStatuses:
|
|
||||||
UNSAFE_OPTION_VERIFICATION_REQUIRED = "unsafe_options_verification_required"
|
|
||||||
INVALID_CONFIGURATION = "invalid_configuration"
|
|
||||||
INVALID_CREDENTIALS = "invalid_credentials"
|
|
||||||
IMPORTED = "imported"
|
|
||||||
|
|
||||||
|
|
||||||
@dataclass
|
|
||||||
class ResponseContents:
|
|
||||||
import_status: str = ImportStatuses.IMPORTED
|
|
||||||
message: str = ""
|
|
||||||
status_code: int = 200
|
|
||||||
config: str = ""
|
|
||||||
config_schema: str = ""
|
|
||||||
|
|
||||||
def form_response(self):
|
|
||||||
return self.__dict__
|
|
||||||
|
|
||||||
|
|
||||||
class ConfigurationImport(AbstractResource):
|
|
||||||
# API Spec: Should probably be merged with IslandConfiguration
|
|
||||||
urls = ["/api/configuration/import"]
|
|
||||||
SUCCESS = False
|
|
||||||
|
|
||||||
@jwt_required
|
|
||||||
def post(self):
|
|
||||||
request_contents = json.loads(request.data)
|
|
||||||
try:
|
|
||||||
config = ConfigurationImport._get_plaintext_config_from_request(request_contents)
|
|
||||||
if request_contents["unsafeOptionsVerified"]:
|
|
||||||
ConfigurationImport.import_config(config)
|
|
||||||
return ResponseContents().form_response()
|
|
||||||
else:
|
|
||||||
return ResponseContents(
|
|
||||||
config=json.dumps(config),
|
|
||||||
config_schema=ConfigService.get_config_schema(),
|
|
||||||
import_status=ImportStatuses.UNSAFE_OPTION_VERIFICATION_REQUIRED,
|
|
||||||
).form_response()
|
|
||||||
# API Spec: HTTP status code should be 401 here
|
|
||||||
except InvalidCredentialsError:
|
|
||||||
return ResponseContents(
|
|
||||||
import_status=ImportStatuses.INVALID_CREDENTIALS,
|
|
||||||
message="Invalid credentials provided",
|
|
||||||
).form_response()
|
|
||||||
# API Spec: HTTP status code should be 400 (or something else) here
|
|
||||||
except InvalidConfigurationError:
|
|
||||||
return ResponseContents(
|
|
||||||
import_status=ImportStatuses.INVALID_CONFIGURATION,
|
|
||||||
message="Invalid configuration supplied. "
|
|
||||||
"Maybe the format is outdated or the file has been corrupted.",
|
|
||||||
).form_response()
|
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def _get_plaintext_config_from_request(request_contents: dict) -> dict:
|
|
||||||
try:
|
|
||||||
config = request_contents["config"]
|
|
||||||
return json.loads(config)
|
|
||||||
except (JSONDecodeError, InvalidCiphertextError):
|
|
||||||
logger.exception(
|
|
||||||
"Exception encountered when trying to extract plaintext configuration."
|
|
||||||
)
|
|
||||||
raise InvalidConfigurationError
|
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def import_config(config_json):
|
|
||||||
if not ConfigService.update_config(config_json, should_encrypt=True):
|
|
||||||
raise InvalidConfigurationError
|
|
|
@ -12,6 +12,7 @@ type Props = {
|
||||||
}
|
}
|
||||||
|
|
||||||
const ConfigExportModal = (props: Props) => {
|
const ConfigExportModal = (props: Props) => {
|
||||||
|
// TODO: Change this endpoint to new agent-configuration endpoint
|
||||||
const configExportEndpoint = '/api/configuration/export';
|
const configExportEndpoint = '/api/configuration/export';
|
||||||
|
|
||||||
const [pass, setPass] = useState('');
|
const [pass, setPass] = useState('');
|
||||||
|
|
|
@ -18,6 +18,7 @@ type Props = {
|
||||||
|
|
||||||
|
|
||||||
const ConfigImportModal = (props: Props) => {
|
const ConfigImportModal = (props: Props) => {
|
||||||
|
// TODO: change this endpoint to the new configuration import endpoint
|
||||||
const configImportEndpoint = '/api/configuration/import';
|
const configImportEndpoint = '/api/configuration/import';
|
||||||
|
|
||||||
const [uploadStatus, setUploadStatus] = useState(UploadStatuses.clean);
|
const [uploadStatus, setUploadStatus] = useState(UploadStatuses.clean);
|
||||||
|
|
Loading…
Reference in New Issue