Merge branch 'develop' into snyk-upgrade-bb05e006ee678bf67c3eb4c3c10b3cdf

This commit is contained in:
Shay Nehmad 2020-07-15 16:51:50 +03:00
commit 4cc05637e5
8 changed files with 14 additions and 19 deletions

View File

@ -57,7 +57,7 @@ PRINCIPLES = {
PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.", PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint security solutions.",
PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.", PRINCIPLE_DATA_TRANSIT: "Secure data at transit by encrypting it.",
PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.", PRINCIPLE_RESTRICTIVE_NETWORK_POLICIES: "Configure network policies to be as restrictive as possible.",
PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandetory " PRINCIPLE_USERS_MAC_POLICIES: "Users' permissions to the network and to resources should be MAC (Mandatory "
"Access Control) only.", "Access Control) only.",
} }

View File

@ -24,7 +24,7 @@ class MongoUtils:
return o return o
elif isinstance(o, str): elif isinstance(o, str):
# mongo dosn't like unprintable chars, so we use repr :/ # mongo doesn't like unprintable chars, so we use repr :/
return repr(o) return repr(o)
elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object: elif hasattr(o, "__class__") and o.__class__ == wmi._wmi_object:
@ -32,7 +32,7 @@ class MongoUtils:
elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch: elif hasattr(o, "__class__") and o.__class__ == win32com.client.CDispatch:
try: try:
# objectSid property of ds_user is problematic and need thie special treatment. # objectSid property of ds_user is problematic and need this special treatment.
# ISWbemObjectEx interface. Class Uint8Array ? # ISWbemObjectEx interface. Class Uint8Array ?
if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}": if str(o._oleobj_.GetTypeInfo().GetTypeAttr().iid) == "{269AD56A-8A67-4129-BC8C-0506DCFE9880}":
return o.Value return o.Value

View File

@ -86,7 +86,7 @@ class ShellShockExploiter(HostExploiter):
LOG.info("SSH Skipping unknown os: %s", uname_os) LOG.info("SSH Skipping unknown os: %s", uname_os)
return False return False
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
return False return False
if not self.host.os.get('machine'): if not self.host.os.get('machine'):
try: try:
@ -95,7 +95,7 @@ class ShellShockExploiter(HostExploiter):
if '' != uname_machine: if '' != uname_machine:
self.host.os['machine'] = uname_machine.lower().strip() self.host.os['machine'] = uname_machine.lower().strip()
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
return False return False
# copy the monkey # copy the monkey

View File

@ -129,7 +129,7 @@ class SSHExploiter(HostExploiter):
LOG.info("SSH Skipping unknown os: %s", uname_os) LOG.info("SSH Skipping unknown os: %s", uname_os)
return False return False
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname os commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname os command on victim %r: (%s)", self.host, exc)
return False return False
if not self.host.os.get('machine'): if not self.host.os.get('machine'):
@ -139,7 +139,7 @@ class SSHExploiter(HostExploiter):
if '' != uname_machine: if '' != uname_machine:
self.host.os['machine'] = uname_machine self.host.os['machine'] = uname_machine
except Exception as exc: except Exception as exc:
LOG.debug("Error running uname machine commad on victim %r: (%s)", self.host, exc) LOG.debug("Error running uname machine command on victim %r: (%s)", self.host, exc)
if self.skip_exist: if self.skip_exist:
_, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux) _, stdout, stderr = ssh.exec_command("head -c 1 %s" % self._config.dropper_target_path_linux)

View File

@ -32,7 +32,7 @@ class Monkey(Document):
ip_addresses = ListField(StringField()) ip_addresses = ListField(StringField())
keepalive = DateTimeField() keepalive = DateTimeField()
modifytime = DateTimeField() modifytime = DateTimeField()
# TODO make "parent" an embedded document, so this can be removed and the schema explained (and validated) verbosly. # TODO make "parent" an embedded document, so this can be removed and the schema explained (and validated) verbosely.
# This is a temporary fix, since mongoengine doesn't allow for lists of strings to be null # This is a temporary fix, since mongoengine doesn't allow for lists of strings to be null
# (even with required=False of null=True). # (even with required=False of null=True).
# See relevant issue: https://github.com/MongoEngine/mongoengine/issues/1904 # See relevant issue: https://github.com/MongoEngine/mongoengine/issues/1904

View File

@ -576,7 +576,7 @@ SCHEMA = {
"default": True, "default": True,
"description": "description":
"Determines whether the monkey should retry exploiting machines" "Determines whether the monkey should retry exploiting machines"
" it didn't successfuly exploit on previous iterations" " it didn't successfully exploit on previous iterations"
} }
} }
} }
@ -713,7 +713,7 @@ SCHEMA = {
"type": "boolean", "type": "boolean",
"default": True, "default": True,
"description": "description":
"Determines whether the dropper should try to move itsel instead of copying itself" "Determines whether the dropper should try to move itself instead of copying itself"
" to target path" " to target path"
} }
} }

View File

@ -2720,11 +2720,6 @@
"supports-color": "^5.3.0" "supports-color": "^5.3.0"
} }
}, },
"change-emitter": {
"version": "0.1.6",
"resolved": "https://registry.npmjs.org/change-emitter/-/change-emitter-0.1.6.tgz",
"integrity": "sha1-6LL+PX8at9aaMhma/5HqaTFAlRU="
},
"character-entities": { "character-entities": {
"version": "1.2.4", "version": "1.2.4",
"resolved": "https://registry.npmjs.org/character-entities/-/character-entities-1.2.4.tgz", "resolved": "https://registry.npmjs.org/character-entities/-/character-entities-1.2.4.tgz",
@ -10696,9 +10691,9 @@
} }
}, },
"react-spinners": { "react-spinners": {
"version": "0.5.13", "version": "0.9.0",
"resolved": "https://registry.npmjs.org/react-spinners/-/react-spinners-0.5.13.tgz", "resolved": "https://registry.npmjs.org/react-spinners/-/react-spinners-0.9.0.tgz",
"integrity": "sha512-zrQTWlyhqs+3nQ4Zpg19eW4elYQgrrvu0fXL1tIP3CKgLBxkO+rmXdL8l34qTHrpDZnukMFGLxyqQebijeVSJA==", "integrity": "sha512-+x6eD8tn/aYLdxZjNW7fSR1uoAXLb9qq6TFYZR1dFweJvckcf/HfP8Pa/cy5HOvB/cvI4JgrYXTjh2Me3S6Now==",
"requires": { "requires": {
"@emotion/core": "^10.0.4", "@emotion/core": "^10.0.4",
"prop-types": "^15.5.10", "prop-types": "^15.5.10",

View File

@ -97,7 +97,7 @@
"react-particles-js": "^3.2.1", "react-particles-js": "^3.2.1",
"react-redux": "^5.1.2", "react-redux": "^5.1.2",
"react-router-dom": "^4.3.1", "react-router-dom": "^4.3.1",
"react-spinners": "^0.5.13", "react-spinners": "^0.9.0",
"react-table": "^6.10.3", "react-table": "^6.10.3",
"react-toggle": "^4.1.1", "react-toggle": "^4.1.1",
"react-tooltip-lite": "^1.10.0", "react-tooltip-lite": "^1.10.0",