Commit Graph

5630 Commits

Author SHA1 Message Date
Mike Salvatore 84a78a5048 Island: Don't catch Exception in POST /api/island-mode
Flask automatically traps exceptions, returns a 500, and logs a stack
trace. Since Flask will automatically return a 500, we don't need to
duplicate the functionality. Since it prints a stack trace, it provides
more useful information than catching it did.
2021-07-13 11:02:18 -04:00
Mike Salvatore a0fb6fa2b6 Island: Return 400 from POST /api/island_mode on invalid JSON 2021-07-13 10:58:08 -04:00
Mike Salvatore 26d3782a66 Island: Test both "ransomware" and "advanced" modes 2021-07-13 10:49:15 -04:00
Mike Salvatore 7549e64b41 Island: Return 500 from POST /api/island-mode if unexpected exception 2021-07-13 10:46:47 -04:00
Mike Salvatore acdfeb858f Tests: Move raise_() to a reusable location 2021-07-13 10:30:38 -04:00
Mike Salvatore c56ca37bc0 Island: Respond with 422 instead of 404 from POST /api/island-mode 2021-07-13 10:25:52 -04:00
Ilija Lazoroski 9310463f44 UT: Refactor island mode test for set model 2021-07-13 10:25:52 -04:00
Ilija Lazoroski 81a8ccf673 Island: Return empty post status for island mode 2021-07-13 10:25:48 -04:00
Ilija Lazoroski f9ed53a527 Island: Add UT tests for island mode model 2021-07-13 10:58:04 +02:00
VakarisZ 3bde6f013a Island: Add a couple of island mode resource unit tests 2021-07-12 16:00:23 +03:00
VakarisZ 2778b69dfb Island: Add unit test infrastructure for testing resources 2021-07-12 15:59:36 +03:00
VakarisZ f8b6277a88 Island: Add an endpoint for setting the island's mode. Also, add an enum of all the modes 2021-07-12 13:32:14 +03:00
Mike Salvatore af739b6c99
Merge pull request #1309 from guardicore/1287/ransomware-readme-config-dirs
Ransomware README with configurable directories
2021-07-09 15:47:22 -04:00
Mike Salvatore eb36869e71 Island: Minor wording change to readme_note description 2021-07-09 15:41:31 -04:00
Mike Salvatore a119855d84 Tests: Remove unnecessary option from test_no_readme_if_no_directory 2021-07-09 15:38:53 -04:00
Mike Salvatore d108812e26 Agent: Remove redundant condition from RansomwarePayload.run_payload() 2021-07-09 14:49:00 -04:00
Ilija Lazoroski 824ffc3dfe Merge branch '1287/ransomware-readme-config-dirs' of https://github.com/guardicore/monkey into 1287/ransomware-readme-config-dirs 2021-07-09 14:39:05 +02:00
Ilija Lazoroski 31a33a70cd Island: Add different aproach to check for readme 2021-07-09 14:38:30 +02:00
Ilija Lazoroski 947ecb330c Island: Add different aproach to check for readme 2021-07-09 14:33:43 +02:00
Ilija Lazoroski cd2d08d266 Island: Improve wording on readme.txt note 2021-07-09 13:45:54 +02:00
Ilija Lazoroski 80f98575b2 Merge branch '1287/ransomware-readme-config-dirs' of https://github.com/guardicore/monkey into 1287/ransomware-readme-config-dirs 2021-07-09 12:38:21 +02:00
Ilija Lazoroski 0419e14a7a Island: Add readme note to the bottom of the page 2021-07-09 12:36:44 +02:00
Ilija Lazoroski 8e22d2d1ae Island: Add readme note to the bottom of the page 2021-07-09 12:23:12 +02:00
Ilija Lazoroski 80050b89e6 Island: Add unit test leaving no readme if no target dir 2021-07-09 11:23:22 +02:00
Ilija Lazoroski 69754205d0 Island: Add condition for leaving readme 2021-07-09 11:15:55 +02:00
Ilija Lazoroski 253f2668d0 Island: Add hidden widget to encryption and readme in ransomware 2021-07-08 20:49:55 +02:00
Mike Salvatore fb50ba1e55 Agent: Remove unnecessary `if` from _find_files() 2021-07-08 12:52:05 -04:00
Mike Salvatore bb554d923d Agent: Rename _valid_file_extensions... -> _targeted_file_extensions 2021-07-08 12:52:05 -04:00
Mike Salvatore 24fdb9e299
Merge pull request #1307 from guardicore/ransomware-inject-copy-dependency
Ransomware README improvements
2021-07-08 12:50:32 -04:00
Mike Salvatore 92c5c3b682 Agent: Extract method _copy_file() from _leave_readme()
Reworks the logic in _leave_readme() to reduce indenting and improve
clarity and extracts the logic to copy the file into _copy_readme_file()
2021-07-08 12:04:50 -04:00
Mike Salvatore 7454ee72b2 Agent: Switch copy_file typehint from str to Path 2021-07-08 12:04:12 -04:00
Mike Salvatore 064525e6b9 Agent: Don't try to create README.txt if one already exists 2021-07-08 11:59:50 -04:00
Mike Salvatore f0e9109f64 Agent: Inject copy_file callable into RansomwarePayload
In order to test certain conditions, our options are to either
monkeypatch shutil.copyfile(), or inject a callable into the
RansomwarePayload.  Monkeypatching shutil.copyfile() could lead to
issues down the road. For example, if the implementation of
`_leave_readme()` is changed to no longer use copyfile(), a test that
asserts that copyfile() has not been called will pass, even though a
file may have been copied.
2021-07-08 11:23:15 -04:00
Mike Salvatore e1b08079f1
Merge pull request #1305 from guardicore/ransomware-skip-encryption-test-refactor
Island: Refactor test_encryption_skipped_if_no_directory()
2021-07-08 06:37:49 -04:00
Mike Salvatore ecb20dc99a Island: Refactor test_encryption_skipped_if_no_directory()
The old implementation tightly coupled the test to the specific
implementation of the ransomware payload. Since the ransomware payload
provides insight into its actions in the form of telemetry, it should be
sufficient to test whether or not any telemetries were sent in order to
determine whether or not encryption was skipped. This way, the test can
remain decoupled from the internal workings of the ransomware payload.
2021-07-07 19:14:45 -04:00
Mike Salvatore 0db85ae407
Merge pull request #1300 from guardicore/expand-path-returns-path
Expand path returns path
2021-07-07 19:11:10 -04:00
Mike Salvatore ae7687243f Island: Return Path object from expand_path() 2021-07-07 18:49:50 -04:00
Mike Salvatore 8508a9f98f Island: Remove unnecessary expand_path() call 2021-07-07 08:26:37 -04:00
VakarisZ 9ed2145810
Merge pull request #1303 from guardicore/ransomeware_cwd_encryption_bugfix
Ransomeware bugfix: cwd encryption by default
2021-07-07 14:20:39 +03:00
VakarisZ 726e180797 Add a log message explaining why ransomware target directory is set to none 2021-07-07 13:02:10 +03:00
VakarisZ d33fc26fe3 Add a UT to test if ransomware payload tries to encrypt files if "linux_target_dir" and "windows_target_dir" inputs are empty.
We have empty "linux_target_dir" and "windows_target_dir" by default so it's important that ransomware payload doesn't try to encrypt files by default, without users' knowledge.
2021-07-07 11:45:12 +03:00
VakarisZ d3beebf995 Change ransomware_payload.py to not encrypt files in CWD if no directory was specified 2021-07-07 11:41:42 +03:00
VakarisZ ca1712cdd6 Extract the logic of determining target directory for ransomware payload into a separate method 2021-07-07 11:40:56 +03:00
VakarisZ bd60bef35f Change the expand_path method in file_utils.py to throw an error if an empty file path is provided instead of expanding it to current working directory 2021-07-07 11:23:10 +03:00
VakarisZ 6282cd0de3 Add a UT to test if ransomware payload tries to encrypt files if "linux_target_dir" and "windows_target_dir" inputs are empty.
We have empty "linux_target_dir" and "windows_target_dir" by default so it's important that ransomware payload doesn't try to encrypt files by default, without users' knowledge.
2021-07-07 10:48:35 +03:00
Mike Salvatore 5a77785164 Tests: Remove Path -> str implicit conversion warning 2021-07-06 11:56:25 -04:00
Mike Salvatore a512fd947a Tests: Return Path object from patched_home_env() fixture 2021-07-06 11:31:12 -04:00
Mike Salvatore 5ac574bd17 Tests: Fix failing expand_path() tests 2021-07-06 11:29:42 -04:00
Mike Salvatore 8dd1aa25ac
Merge pull request #1292 from guardicore/ransomware_dir_fix
Ransomware: bugfix for directories
2021-07-06 11:25:13 -04:00
Shreya Malviya 999399ae2d
Merge pull request #1291 from guardicore/ransomware-reporting-tab
Add ransomware report tab
2021-07-06 19:59:07 +05:30