Added basic framework for running scoutsuite

2020-01-27 14:46:39 +02:00 · 2020-01-27 14:46:39 +02:00 · f49089aed3
parent a26b9114ef
commit f49089aed3
5 changed files with 32 additions and 7 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -16,6 +16,7 @@ install:
 - pip install -r monkey/monkey_island/requirements.txt  # for unit tests
 - pip install flake8 pytest dlint  # for next stages
 - pip install -r monkey/infection_monkey/requirements.txt  # for unit tests
+- pip install -r monkey/infection_monkey/system_info/collectors/scoutsuite/requirements.txt

 before_script:
 # Set the server config to `testing`. This is required for for the UTs to pass.
--- a/monkey/infection_monkey/system_info/collectors/scoutsuite_collector.py
+++ b/monkey/infection_monkey/system_info/collectors/scoutsuite_collector.py
@ -17,7 +17,11 @@ class ScoutSuiteCollector(SystemInfoCollector):
        env = get_monkey_environment()
        if env == Environment.ON_PREMISE.value:
            logger.info("Monkey is not on cloud; not running ScoutSuite")
+            return {}
        else:
            logger.info(f"Attempting to execute ScoutSuite with {env.lower()}")
-            run(env.lower(), debug=True, quiet=False)
-        return {}
+            scout_suite_results = run(env.lower(), debug=True, quiet=False)
+            return {
+                "Environment": env,
+                "Results": scout_suite_results
+            }
--- a/monkey/monkey_island/cc/services/config_schema.py
+++ b/monkey/monkey_island/cc/services/config_schema.py
@ -1,5 +1,5 @@
 from common.data.system_info_collectors_names \
-    import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR
+    import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR, SCOUTSUITE_COLLECTOR

 WARNING_SIGN = " \u26A0"

@ -130,7 +130,7 @@ SCHEMA = {
                    "title": "Collect the machine's hostname",
                    "attack_techniques": []
                },
-{
+                {
                    "type": "string",
                    "enum": [
                        PROCESS_LIST_COLLECTOR
@ -138,6 +138,14 @@ SCHEMA = {
                    "title": "Collect running processes on the machine",
                    "attack_techniques": []
                },
+                {
+                    "type": "string",
+                    "enum": [
+                        SCOUTSUITE_COLLECTOR
+                    ],
+                    "title": "If on cloud, execute ScoutSuite and collect its results",
+                    "attack_techniques": []
+                },
            ],
        },
        "post_breach_acts": {
@ -485,7 +493,8 @@ SCHEMA = {
                                ENVIRONMENT_COLLECTOR,
                                AWS_COLLECTOR,
                                HOSTNAME_COLLECTOR,
-                                PROCESS_LIST_COLLECTOR
+                                PROCESS_LIST_COLLECTOR,
+                                SCOUTSUITE_COLLECTOR
                            ],
                            "description": "Determines which system information collectors will collect information."
                        },
--- a/monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/scoutsuite.py
+++ b/monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/scoutsuite.py
@ -0,0 +1,9 @@
+import logging
+import json
+
+logger = logging.getLogger(__name__)
+
+
+def process_scout_suite_telemetry(collector_results, monkey_guid):
+    # Monkey.get_single_monkey_by_guid(monkey_guid).set_hostname(collector_results["hostname"])
+    logger.info(f"\n\n{json.dumps(collector_results, indent=2)}\n{monkey_guid}")
--- a/monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py
+++ b/monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py
@ -2,10 +2,11 @@ import logging
 import typing

 from common.data.system_info_collectors_names \
-    import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR
+    import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR, PROCESS_LIST_COLLECTOR, SCOUTSUITE_COLLECTOR
 from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry
 from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import process_environment_telemetry
 from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import process_hostname_telemetry
+from monkey_island.cc.services.telemetry.processing.system_info_collectors.scoutsuite import process_scout_suite_telemetry
 from monkey_island.cc.services.telemetry.zero_trust_tests.antivirus_existence import test_antivirus_existence

 logger = logging.getLogger(__name__)
@ -14,7 +15,8 @@ SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
    AWS_COLLECTOR: [process_aws_telemetry],
    ENVIRONMENT_COLLECTOR: [process_environment_telemetry],
    HOSTNAME_COLLECTOR: [process_hostname_telemetry],
-    PROCESS_LIST_COLLECTOR: [test_antivirus_existence]
+    PROCESS_LIST_COLLECTOR: [test_antivirus_existence],
+    SCOUTSUITE_COLLECTOR: [process_scout_suite_telemetry]
 }