forked from p15670423/monkey
Merge pull request #2063 from guardicore/1965-retrieve-credentials
1965 retrieve credentials
This commit is contained in:
commit
540519e3c1
|
@ -10,3 +10,4 @@ from .i_agent_configuration_repository import IAgentConfigurationRepository
|
||||||
from .file_agent_configuration_repository import FileAgentConfigurationRepository
|
from .file_agent_configuration_repository import FileAgentConfigurationRepository
|
||||||
from .i_simulation_repository import ISimulationRepository
|
from .i_simulation_repository import ISimulationRepository
|
||||||
from .file_simulation_repository import FileSimulationRepository
|
from .file_simulation_repository import FileSimulationRepository
|
||||||
|
from .i_credentials_repository import ICredentialsRepository
|
||||||
|
|
|
@ -1,15 +1,16 @@
|
||||||
|
from flask import jsonify
|
||||||
|
|
||||||
|
from monkey_island.cc.repository import ICredentialsRepository
|
||||||
from monkey_island.cc.resources.AbstractResource import AbstractResource
|
from monkey_island.cc.resources.AbstractResource import AbstractResource
|
||||||
from monkey_island.cc.services.config import ConfigService
|
|
||||||
|
|
||||||
|
|
||||||
class PropagationCredentials(AbstractResource):
|
class PropagationCredentials(AbstractResource):
|
||||||
urls = ["/api/propagation-credentials"]
|
urls = ["/api/propagation-credentials"]
|
||||||
|
|
||||||
|
def __init__(self, credentials_repository: ICredentialsRepository):
|
||||||
|
self._credentials_repository = credentials_repository
|
||||||
|
|
||||||
def get(self):
|
def get(self):
|
||||||
config = ConfigService.get_flat_config(should_decrypt=True)
|
propagation_credentials = self._credentials_repository.get_all_credentials()
|
||||||
|
|
||||||
propagation_credentials = ConfigService.get_config_propagation_credentials_from_flat_config(
|
return jsonify(propagation_credentials)
|
||||||
config
|
|
||||||
)
|
|
||||||
|
|
||||||
return {"propagation_credentials": propagation_credentials}
|
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
import collections
|
import collections
|
||||||
import functools
|
import functools
|
||||||
import logging
|
import logging
|
||||||
from typing import Dict, List
|
|
||||||
|
|
||||||
from common.config_value_paths import (
|
from common.config_value_paths import (
|
||||||
LM_HASH_LIST_PATH,
|
LM_HASH_LIST_PATH,
|
||||||
|
@ -98,25 +97,6 @@ class ConfigService:
|
||||||
mongo_key = ".".join(config_key_as_arr)
|
mongo_key = ".".join(config_key_as_arr)
|
||||||
mongo.db.config.update({}, {"$set": {mongo_key: value}})
|
mongo.db.config.update({}, {"$set": {mongo_key: value}})
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def get_flat_config(should_decrypt=True):
|
|
||||||
config_json = ConfigService.get_config(should_decrypt)
|
|
||||||
flat_config_json = {}
|
|
||||||
for i in config_json:
|
|
||||||
if i == "ransomware":
|
|
||||||
# Don't flatten the ransomware because ransomware payload expects a dictionary #1260
|
|
||||||
flat_config_json[i] = config_json[i]
|
|
||||||
continue
|
|
||||||
for j in config_json[i]:
|
|
||||||
for k in config_json[i][j]:
|
|
||||||
if isinstance(config_json[i][j][k], dict):
|
|
||||||
for key, value in config_json[i][j][k].items():
|
|
||||||
flat_config_json[key] = value
|
|
||||||
else:
|
|
||||||
flat_config_json[k] = config_json[i][j][k]
|
|
||||||
|
|
||||||
return flat_config_json
|
|
||||||
|
|
||||||
# Not added to interface because it's doable by get_config_field + set_config_field
|
# Not added to interface because it's doable by get_config_field + set_config_field
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def add_item_to_config_set_if_dont_exist(item_path_array, item_value, should_encrypt):
|
def add_item_to_config_set_if_dont_exist(item_path_array, item_value, should_encrypt):
|
||||||
|
@ -251,13 +231,3 @@ class ConfigService:
|
||||||
if is_decrypt
|
if is_decrypt
|
||||||
else get_datastore_encryptor().encrypt(config_arr)
|
else get_datastore_encryptor().encrypt(config_arr)
|
||||||
)
|
)
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def get_config_propagation_credentials_from_flat_config(config) -> Dict[str, List[str]]:
|
|
||||||
return {
|
|
||||||
"exploit_user_list": config.get("exploit_user_list", []),
|
|
||||||
"exploit_password_list": config.get("exploit_password_list", []),
|
|
||||||
"exploit_lm_hash_list": config.get("exploit_lm_hash_list", []),
|
|
||||||
"exploit_ntlm_hash_list": config.get("exploit_ntlm_hash_list", []),
|
|
||||||
"exploit_ssh_keys": config.get("exploit_ssh_keys", []),
|
|
||||||
}
|
|
||||||
|
|
|
@ -3,3 +3,8 @@ from .mock_file_repository import MockFileRepository, FILE_CONTENTS, FILE_NAME
|
||||||
from .open_error_file_repository import OpenErrorFileRepository
|
from .open_error_file_repository import OpenErrorFileRepository
|
||||||
from .in_memory_agent_configuration_repository import InMemoryAgentConfigurationRepository
|
from .in_memory_agent_configuration_repository import InMemoryAgentConfigurationRepository
|
||||||
from .in_memory_simulation_configuration import InMemorySimulationRepository
|
from .in_memory_simulation_configuration import InMemorySimulationRepository
|
||||||
|
from .stub_propagation_credentials_repository import StubPropagationCredentialsRepository
|
||||||
|
from .stub_propagation_credentials_repository import (
|
||||||
|
PROPAGATION_CREDENTIALS_1,
|
||||||
|
PROPAGATION_CREDENTIALS_2,
|
||||||
|
)
|
||||||
|
|
|
@ -0,0 +1,63 @@
|
||||||
|
from typing import Sequence
|
||||||
|
|
||||||
|
from monkey_island.cc.repository import ICredentialsRepository
|
||||||
|
from monkey_island.cc.services.telemetry.processing.credentials import Credentials
|
||||||
|
|
||||||
|
fake_username = "m0nk3y_user"
|
||||||
|
fake_special_username = "m0nk3y.user"
|
||||||
|
fake_nt_hash = "c1c58f96cdf212b50837bc11a00be47c"
|
||||||
|
fake_lm_hash = "299BD128C1101FD6"
|
||||||
|
fake_password_1 = "trytostealthis"
|
||||||
|
fake_password_2 = "password"
|
||||||
|
fake_password_3 = "12345678"
|
||||||
|
PROPAGATION_CREDENTIALS_1 = {
|
||||||
|
"identities": [{"username": fake_username, "credential_type": "USERNAME"}],
|
||||||
|
"secrets": [
|
||||||
|
{"nt_hash": fake_nt_hash, "credential_type": "NT_HASH"},
|
||||||
|
{"lm_hash": fake_lm_hash, "credential_type": "LM_HASH"},
|
||||||
|
{"password": fake_password_1, "credential_type": "PASSWORD"},
|
||||||
|
],
|
||||||
|
}
|
||||||
|
|
||||||
|
PROPAGATION_CREDENTIALS_2 = {
|
||||||
|
"identities": [
|
||||||
|
{"username": fake_username, "credential_type": "USERNAME"},
|
||||||
|
{"username": fake_special_username, "credential_type": "USERNAME"},
|
||||||
|
],
|
||||||
|
"secrets": [
|
||||||
|
{"password": fake_password_1, "credential_type": "PASSWORD"},
|
||||||
|
{"password": fake_password_2, "credential_type": "PASSWORD"},
|
||||||
|
{"password": fake_password_3, "credential_type": "PASSWORD"},
|
||||||
|
],
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# TODO: Use Credentials from common.credentials when serialization is implemented
|
||||||
|
class StubPropagationCredentialsRepository(ICredentialsRepository):
|
||||||
|
def get_configured_credentials(self) -> Sequence[Credentials]:
|
||||||
|
pass
|
||||||
|
|
||||||
|
def get_stolen_credentials(self) -> Sequence[Credentials]:
|
||||||
|
pass
|
||||||
|
|
||||||
|
def get_all_credentials(self) -> Sequence[Credentials]:
|
||||||
|
|
||||||
|
return [
|
||||||
|
Credentials.from_mapping(PROPAGATION_CREDENTIALS_1, monkey_guid="some_guid"),
|
||||||
|
Credentials.from_mapping(PROPAGATION_CREDENTIALS_2, monkey_guid="second_guid"),
|
||||||
|
]
|
||||||
|
|
||||||
|
def save_configured_credentials(self, credentials: Credentials):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def save_stolen_credentials(self, credentials: Credentials):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def remove_configured_credentials(self):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def remove_stolen_credentials(self):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def remove_all_credentials(self):
|
||||||
|
pass
|
|
@ -0,0 +1,39 @@
|
||||||
|
import json
|
||||||
|
|
||||||
|
import pytest
|
||||||
|
from tests.common import StubDIContainer
|
||||||
|
from tests.monkey_island import (
|
||||||
|
PROPAGATION_CREDENTIALS_1,
|
||||||
|
PROPAGATION_CREDENTIALS_2,
|
||||||
|
StubPropagationCredentialsRepository,
|
||||||
|
)
|
||||||
|
from tests.unit_tests.monkey_island.conftest import get_url_for_resource
|
||||||
|
|
||||||
|
from monkey_island.cc.repository import ICredentialsRepository
|
||||||
|
from monkey_island.cc.resources.propagation_credentials import PropagationCredentials
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def flask_client(build_flask_client):
|
||||||
|
container = StubDIContainer()
|
||||||
|
|
||||||
|
container.register(ICredentialsRepository, StubPropagationCredentialsRepository)
|
||||||
|
|
||||||
|
with build_flask_client(container) as flask_client:
|
||||||
|
yield flask_client
|
||||||
|
|
||||||
|
|
||||||
|
def test_propagation_credentials_endpoint_get(flask_client):
|
||||||
|
propagation_credentials_url = get_url_for_resource(PropagationCredentials)
|
||||||
|
|
||||||
|
resp = flask_client.get(propagation_credentials_url)
|
||||||
|
|
||||||
|
assert resp.status_code == 200
|
||||||
|
actual_propagation_credentials = json.loads(resp.data)
|
||||||
|
assert len(actual_propagation_credentials) == 2
|
||||||
|
|
||||||
|
# TODO: delete the removal of monkey_guid key when the serialization of credentials
|
||||||
|
del actual_propagation_credentials[0]["monkey_guid"]
|
||||||
|
assert actual_propagation_credentials[0] == PROPAGATION_CREDENTIALS_1
|
||||||
|
del actual_propagation_credentials[1]["monkey_guid"]
|
||||||
|
assert actual_propagation_credentials[1] == PROPAGATION_CREDENTIALS_2
|
|
@ -1,17 +0,0 @@
|
||||||
from monkey_island.cc.services.config import ConfigService
|
|
||||||
|
|
||||||
# If tests fail because config path is changed, sync with
|
|
||||||
# monkey/monkey_island/cc/ui/src/components/pages/RunMonkeyPage/RunOptions.js
|
|
||||||
|
|
||||||
|
|
||||||
def test_get_config_propagation_credentials_from_flat_config(flat_monkey_config):
|
|
||||||
expected_creds = {
|
|
||||||
"exploit_lm_hash_list": ["lm_hash_1", "lm_hash_2"],
|
|
||||||
"exploit_ntlm_hash_list": ["nt_hash_1", "nt_hash_2", "nt_hash_3"],
|
|
||||||
"exploit_password_list": ["test", "iloveyou", "12345"],
|
|
||||||
"exploit_ssh_keys": [{"private_key": "my_private_key", "public_key": "my_public_key"}],
|
|
||||||
"exploit_user_list": ["Administrator", "root", "user", "ubuntu"],
|
|
||||||
}
|
|
||||||
|
|
||||||
creds = ConfigService.get_config_propagation_credentials_from_flat_config(flat_monkey_config)
|
|
||||||
assert creds == expected_creds
|
|
Loading…
Reference in New Issue