Mike Salvatore
84a78a5048
Island: Don't catch Exception in POST /api/island-mode
...
Flask automatically traps exceptions, returns a 500, and logs a stack
trace. Since Flask will automatically return a 500, we don't need to
duplicate the functionality. Since it prints a stack trace, it provides
more useful information than catching it did.
2021-07-13 11:02:18 -04:00
Mike Salvatore
a0fb6fa2b6
Island: Return 400 from POST /api/island_mode on invalid JSON
2021-07-13 10:58:08 -04:00
Mike Salvatore
26d3782a66
Island: Test both "ransomware" and "advanced" modes
2021-07-13 10:49:15 -04:00
Mike Salvatore
7549e64b41
Island: Return 500 from POST /api/island-mode if unexpected exception
2021-07-13 10:46:47 -04:00
Mike Salvatore
acdfeb858f
Tests: Move raise_() to a reusable location
2021-07-13 10:30:38 -04:00
Mike Salvatore
c56ca37bc0
Island: Respond with 422 instead of 404 from POST /api/island-mode
2021-07-13 10:25:52 -04:00
Ilija Lazoroski
9310463f44
UT: Refactor island mode test for set model
2021-07-13 10:25:52 -04:00
Ilija Lazoroski
81a8ccf673
Island: Return empty post status for island mode
2021-07-13 10:25:48 -04:00
Ilija Lazoroski
f9ed53a527
Island: Add UT tests for island mode model
2021-07-13 10:58:04 +02:00
VakarisZ
3bde6f013a
Island: Add a couple of island mode resource unit tests
2021-07-12 16:00:23 +03:00
VakarisZ
2778b69dfb
Island: Add unit test infrastructure for testing resources
2021-07-12 15:59:36 +03:00
VakarisZ
f8b6277a88
Island: Add an endpoint for setting the island's mode. Also, add an enum of all the modes
2021-07-12 13:32:14 +03:00
Mike Salvatore
af739b6c99
Merge pull request #1309 from guardicore/1287/ransomware-readme-config-dirs
...
Ransomware README with configurable directories
2021-07-09 15:47:22 -04:00
Mike Salvatore
eb36869e71
Island: Minor wording change to readme_note description
2021-07-09 15:41:31 -04:00
Mike Salvatore
a119855d84
Tests: Remove unnecessary option from test_no_readme_if_no_directory
2021-07-09 15:38:53 -04:00
Mike Salvatore
d108812e26
Agent: Remove redundant condition from RansomwarePayload.run_payload()
2021-07-09 14:49:00 -04:00
Ilija Lazoroski
824ffc3dfe
Merge branch '1287/ransomware-readme-config-dirs' of https://github.com/guardicore/monkey into 1287/ransomware-readme-config-dirs
2021-07-09 14:39:05 +02:00
Ilija Lazoroski
31a33a70cd
Island: Add different aproach to check for readme
2021-07-09 14:38:30 +02:00
Ilija Lazoroski
947ecb330c
Island: Add different aproach to check for readme
2021-07-09 14:33:43 +02:00
Ilija Lazoroski
cd2d08d266
Island: Improve wording on readme.txt note
2021-07-09 13:45:54 +02:00
Ilija Lazoroski
80f98575b2
Merge branch '1287/ransomware-readme-config-dirs' of https://github.com/guardicore/monkey into 1287/ransomware-readme-config-dirs
2021-07-09 12:38:21 +02:00
Ilija Lazoroski
0419e14a7a
Island: Add readme note to the bottom of the page
2021-07-09 12:36:44 +02:00
Ilija Lazoroski
8e22d2d1ae
Island: Add readme note to the bottom of the page
2021-07-09 12:23:12 +02:00
Ilija Lazoroski
80050b89e6
Island: Add unit test leaving no readme if no target dir
2021-07-09 11:23:22 +02:00
Ilija Lazoroski
69754205d0
Island: Add condition for leaving readme
2021-07-09 11:15:55 +02:00
Ilija Lazoroski
253f2668d0
Island: Add hidden widget to encryption and readme in ransomware
2021-07-08 20:49:55 +02:00
Mike Salvatore
fb50ba1e55
Agent: Remove unnecessary `if` from _find_files()
2021-07-08 12:52:05 -04:00
Mike Salvatore
bb554d923d
Agent: Rename _valid_file_extensions... -> _targeted_file_extensions
2021-07-08 12:52:05 -04:00
Mike Salvatore
24fdb9e299
Merge pull request #1307 from guardicore/ransomware-inject-copy-dependency
...
Ransomware README improvements
2021-07-08 12:50:32 -04:00
Mike Salvatore
92c5c3b682
Agent: Extract method _copy_file() from _leave_readme()
...
Reworks the logic in _leave_readme() to reduce indenting and improve
clarity and extracts the logic to copy the file into _copy_readme_file()
2021-07-08 12:04:50 -04:00
Mike Salvatore
7454ee72b2
Agent: Switch copy_file typehint from str to Path
2021-07-08 12:04:12 -04:00
Mike Salvatore
064525e6b9
Agent: Don't try to create README.txt if one already exists
2021-07-08 11:59:50 -04:00
Mike Salvatore
f0e9109f64
Agent: Inject copy_file callable into RansomwarePayload
...
In order to test certain conditions, our options are to either
monkeypatch shutil.copyfile(), or inject a callable into the
RansomwarePayload. Monkeypatching shutil.copyfile() could lead to
issues down the road. For example, if the implementation of
`_leave_readme()` is changed to no longer use copyfile(), a test that
asserts that copyfile() has not been called will pass, even though a
file may have been copied.
2021-07-08 11:23:15 -04:00
Mike Salvatore
e1b08079f1
Merge pull request #1305 from guardicore/ransomware-skip-encryption-test-refactor
...
Island: Refactor test_encryption_skipped_if_no_directory()
2021-07-08 06:37:49 -04:00
Mike Salvatore
ecb20dc99a
Island: Refactor test_encryption_skipped_if_no_directory()
...
The old implementation tightly coupled the test to the specific
implementation of the ransomware payload. Since the ransomware payload
provides insight into its actions in the form of telemetry, it should be
sufficient to test whether or not any telemetries were sent in order to
determine whether or not encryption was skipped. This way, the test can
remain decoupled from the internal workings of the ransomware payload.
2021-07-07 19:14:45 -04:00
Mike Salvatore
0db85ae407
Merge pull request #1300 from guardicore/expand-path-returns-path
...
Expand path returns path
2021-07-07 19:11:10 -04:00
Mike Salvatore
ae7687243f
Island: Return Path object from expand_path()
2021-07-07 18:49:50 -04:00
Mike Salvatore
8508a9f98f
Island: Remove unnecessary expand_path() call
2021-07-07 08:26:37 -04:00
VakarisZ
9ed2145810
Merge pull request #1303 from guardicore/ransomeware_cwd_encryption_bugfix
...
Ransomeware bugfix: cwd encryption by default
2021-07-07 14:20:39 +03:00
VakarisZ
726e180797
Add a log message explaining why ransomware target directory is set to none
2021-07-07 13:02:10 +03:00
VakarisZ
d33fc26fe3
Add a UT to test if ransomware payload tries to encrypt files if "linux_target_dir" and "windows_target_dir" inputs are empty.
...
We have empty "linux_target_dir" and "windows_target_dir" by default so it's important that ransomware payload doesn't try to encrypt files by default, without users' knowledge.
2021-07-07 11:45:12 +03:00
VakarisZ
d3beebf995
Change ransomware_payload.py to not encrypt files in CWD if no directory was specified
2021-07-07 11:41:42 +03:00
VakarisZ
ca1712cdd6
Extract the logic of determining target directory for ransomware payload into a separate method
2021-07-07 11:40:56 +03:00
VakarisZ
bd60bef35f
Change the expand_path method in file_utils.py to throw an error if an empty file path is provided instead of expanding it to current working directory
2021-07-07 11:23:10 +03:00
VakarisZ
6282cd0de3
Add a UT to test if ransomware payload tries to encrypt files if "linux_target_dir" and "windows_target_dir" inputs are empty.
...
We have empty "linux_target_dir" and "windows_target_dir" by default so it's important that ransomware payload doesn't try to encrypt files by default, without users' knowledge.
2021-07-07 10:48:35 +03:00
Mike Salvatore
5a77785164
Tests: Remove Path -> str implicit conversion warning
2021-07-06 11:56:25 -04:00
Mike Salvatore
a512fd947a
Tests: Return Path object from patched_home_env() fixture
2021-07-06 11:31:12 -04:00
Mike Salvatore
5ac574bd17
Tests: Fix failing expand_path() tests
2021-07-06 11:29:42 -04:00
Mike Salvatore
8dd1aa25ac
Merge pull request #1292 from guardicore/ransomware_dir_fix
...
Ransomware: bugfix for directories
2021-07-06 11:25:13 -04:00
Shreya Malviya
999399ae2d
Merge pull request #1291 from guardicore/ransomware-reporting-tab
...
Add ransomware report tab
2021-07-06 19:59:07 +05:30