From 985f45d8de668e6f470643b652a46da7ad0a19e8 Mon Sep 17 00:00:00 2001 From: "maor.rayzin" Date: Wed, 2 Jan 2019 14:26:36 +0200 Subject: [PATCH] - Added exporters list population - some pep8 - Added a report json cleanup for mongo insertion, sometimes machine names are used as keys and these names might contain '.' which mongodb doesn't allow. - Fixed a typo and aws sec hub protocol requirements --- monkey/monkey_island/cc/exporter_init.py | 1 + monkey/monkey_island/cc/main.py | 4 +-- .../cc/resources/aws_exporter.py | 4 +-- .../cc/services/config_schema.py | 28 +++++++++++++++++-- monkey/monkey_island/cc/services/report.py | 16 ++++++++++- 5 files changed, 46 insertions(+), 7 deletions(-) diff --git a/monkey/monkey_island/cc/exporter_init.py b/monkey/monkey_island/cc/exporter_init.py index 0fc32fccb..9b25469f9 100644 --- a/monkey/monkey_island/cc/exporter_init.py +++ b/monkey/monkey_island/cc/exporter_init.py @@ -4,6 +4,7 @@ from cc.resources.aws_exporter import AWSExporter __author__ = 'maor.rayzin' + def populate_exporter_list(): manager = ReportExporterManager() diff --git a/monkey/monkey_island/cc/main.py b/monkey/monkey_island/cc/main.py index a6ded6628..713e83b96 100644 --- a/monkey/monkey_island/cc/main.py +++ b/monkey/monkey_island/cc/main.py @@ -18,6 +18,7 @@ json_setup_logging(default_path=os.path.join(BASE_PATH, 'cc', 'island_logger_def logger = logging.getLogger(__name__) from cc.app import init_app +from cc.exporter_init import populate_exporter_list from cc.utils import local_ip_addresses from cc.environment.environment import env from cc.database import is_db_server_up @@ -34,8 +35,7 @@ def main(): logger.info('Waiting for MongoDB server') time.sleep(1) - - + populate_exporter_list() app = init_app(mongo_url) if env.is_debug(): app.run(host='0.0.0.0', debug=True, ssl_context=('monkey_island/cc/server.crt', 'monkey_island/cc/server.key')) diff --git a/monkey/monkey_island/cc/resources/aws_exporter.py b/monkey/monkey_island/cc/resources/aws_exporter.py index 0c1d51d1a..bd6ef3a10 100644 --- a/monkey/monkey_island/cc/resources/aws_exporter.py +++ b/monkey/monkey_island/cc/resources/aws_exporter.py @@ -131,7 +131,7 @@ class AWSExporter(Exporter): "Id": instance_arn.format(instance_id=instance_id) }] else: - return [{'Type': 'Other'}] + return [{'Type': 'Other', 'Id': 'None'}] @staticmethod def _build_generic_finding(severity, title, description, recommendation, instance_arn, instance_id=None): @@ -140,7 +140,7 @@ class AWSExporter(Exporter): "Product": severity, "Normalized": 100 }, - 'Resource': AWSExporter._get_finding_resource(instance_id, instance_arn), + 'Resources': AWSExporter._get_finding_resource(instance_id, instance_arn), "Title": title, "Description": description, "Remediation": { diff --git a/monkey/monkey_island/cc/services/config_schema.py b/monkey/monkey_island/cc/services/config_schema.py index d4d294afc..bb5b10cbb 100644 --- a/monkey/monkey_island/cc/services/config_schema.py +++ b/monkey/monkey_island/cc/services/config_schema.py @@ -1,6 +1,5 @@ WARNING_SIGN = u" \u26A0" - SCHEMA = { "title": "Monkey", "type": "object", @@ -624,6 +623,31 @@ SCHEMA = { "description": "The current command server the monkey is communicating with" } } + }, + 'aws_config': { + 'title': 'AWS Configuration', + 'type': 'object', + 'description': 'These credentials will be used in order to export the monkey\'s findings to the AWS Security Hub.', + 'properties': { + 'aws_account_id': { + 'title': 'AWS account ID', + 'type': 'string', + 'description': 'Your AWS account ID that is subscribed to security hub feeds', + 'default': '' + }, + 'aws_access_key_id': { + 'title': 'AWS access key ID', + 'type': 'string', + 'description': 'Your AWS public access key ID, can be found in the IAM user interface in the AWS console.', + 'default': '' + }, + 'aws_secret_access_key': { + 'title': 'AWS secret access key', + 'type': 'string', + 'description': 'Your AWS secret access key id, you can get this after creating a public access key in the console.', + 'default': '' + } + } } } }, @@ -852,4 +876,4 @@ SCHEMA = { "options": { "collapsed": True } -} \ No newline at end of file +} diff --git a/monkey/monkey_island/cc/services/report.py b/monkey/monkey_island/cc/services/report.py index 8861e8d85..a9edbaf48 100644 --- a/monkey/monkey_island/cc/services/report.py +++ b/monkey/monkey_island/cc/services/report.py @@ -3,6 +3,8 @@ import functools import ipaddress import logging + +from bson import json_util from enum import Enum from six import text_type @@ -725,10 +727,22 @@ class ReportService: } ReportExporterManager().export(report) mongo.db.report.drop() - mongo.db.report.insert_one(report) + mongo.db.report.insert_one(ReportService.clean_report_before_mongo_insert(report)) return report + @staticmethod + def clean_report_before_mongo_insert(report_dict): + """ + mongodb doesn't allow for '.' and '$' in a key's name, this function replaces the '.' char with the unicode + \u002E char instead. + :return: + """ + report_as_json = json_util.dumps(report_dict) + report_as_json.replace('.', '\u002E') + return json_util.loads(report_as_json) + + @staticmethod def is_latest_report_exists(): """