Added error suppression where required and documented where it isn't.

This commit is contained in:
Shay Nehmad 2019-10-13 11:10:42 +03:00
parent 177e1ea990
commit 177f902838
4 changed files with 18 additions and 3 deletions

View File

@ -9,6 +9,7 @@ __author__ = 'itay.mizeretz'
class AwsEnvironment(Environment): class AwsEnvironment(Environment):
def __init__(self): def __init__(self):
super(AwsEnvironment, self).__init__() super(AwsEnvironment, self).__init__()
# Not suppressing error here on purpose. This is critical if we're on AWS env.
self.aws_info = AwsInstance() self.aws_info = AwsInstance()
self._instance_id = self._get_instance_id() self._instance_id = self._get_instance_id()
self.region = self._get_region() self.region = self._get_region()

View File

@ -1,3 +1,5 @@
import logging
from monkey_island.cc.services.config import ConfigService from monkey_island.cc.services.config import ConfigService
from common.cloud.aws_instance import AwsInstance from common.cloud.aws_instance import AwsInstance
from common.cloud.aws_service import AwsService from common.cloud.aws_service import AwsService
@ -7,6 +9,8 @@ from common.cmd.cmd_runner import CmdRunner
__author__ = "itay.mizeretz" __author__ = "itay.mizeretz"
logger = logging.getLogger(__name__)
class RemoteRunAwsService: class RemoteRunAwsService:
aws_instance = None aws_instance = None
@ -23,7 +27,15 @@ class RemoteRunAwsService:
:return: None :return: None
""" """
if RemoteRunAwsService.aws_instance is None: if RemoteRunAwsService.aws_instance is None:
RemoteRunAwsService.try_init_aws_instance()
@staticmethod
def try_init_aws_instance():
# noinspection PyBroadException
try:
RemoteRunAwsService.aws_instance = AwsInstance() RemoteRunAwsService.aws_instance = AwsInstance()
except Exception:
logger.error("Failed init aws instance. Exception info: ", exc_info=True)
@staticmethod @staticmethod
def run_aws_monkeys(instances, island_ip): def run_aws_monkeys(instances, island_ip):
@ -119,7 +131,7 @@ class RemoteRunAwsService:
return r"[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {" \ return r"[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {" \
r"$true}; (New-Object System.Net.WebClient).DownloadFile('https://" + island_ip + \ r"$true}; (New-Object System.Net.WebClient).DownloadFile('https://" + island_ip + \
r":5000/api/monkey/download/monkey-windows-" + bit_text + r".exe','.\\monkey.exe'); " \ r":5000/api/monkey/download/monkey-windows-" + bit_text + r".exe','.\\monkey.exe'); " \
r";Start-Process -FilePath '.\\monkey.exe' -ArgumentList 'm0nk3y -s " + island_ip + r":5000'; " r";Start-Process -FilePath '.\\monkey.exe' -ArgumentList 'm0nk3y -s " + island_ip + r":5000'; "
@staticmethod @staticmethod
def _get_run_monkey_cmd_line(is_linux, is_64bit, island_ip): def _get_run_monkey_cmd_line(is_linux, is_64bit, island_ip):

View File

@ -24,6 +24,7 @@ class AWSExporter(Exporter):
logger.info('No issues were found by the monkey, no need to send anything') logger.info('No issues were found by the monkey, no need to send anything')
return True return True
# Not suppressing error here on purpose.
current_aws_region = AwsInstance().get_region() current_aws_region = AwsInstance().get_region()
for machine in issues_list: for machine in issues_list:
@ -70,6 +71,7 @@ class AWSExporter(Exporter):
configured_product_arn = load_server_configuration_from_file()['aws'].get('sec_hub_product_arn', '') configured_product_arn = load_server_configuration_from_file()['aws'].get('sec_hub_product_arn', '')
product_arn = 'arn:aws:securityhub:{region}:{arn}'.format(region=region, arn=configured_product_arn) product_arn = 'arn:aws:securityhub:{region}:{arn}'.format(region=region, arn=configured_product_arn)
instance_arn = 'arn:aws:ec2:' + str(region) + ':instance:{instance_id}' instance_arn = 'arn:aws:ec2:' + str(region) + ':instance:{instance_id}'
# Not suppressing error here on purpose.
account_id = AwsInstance().get_account_id() account_id = AwsInstance().get_account_id()
logger.debug("aws account id acquired: {}".format(account_id)) logger.debug("aws account id acquired: {}".format(account_id))

View File

@ -22,5 +22,5 @@ def try_add_aws_exporter_to_manager(manager):
RemoteRunAwsService.init() RemoteRunAwsService.init()
if RemoteRunAwsService.is_running_on_aws() and ('aws' == env.get_deployment()): if RemoteRunAwsService.is_running_on_aws() and ('aws' == env.get_deployment()):
manager.add_exporter_to_list(AWSExporter) manager.add_exporter_to_list(AWSExporter)
except Exception as err: except Exception:
logger.error("Failed adding aws exporter to manager.", exc_info=True) logger.error("Failed adding aws exporter to manager. Exception info:", exc_info=True)