forked from p15670423/monkey
* Added aws region getter
* Moved productARN to server_config.json file
This commit is contained in:
parent
c47572cd53
commit
673605b721
|
@ -15,6 +15,10 @@ class AwsEnvironment(Environment):
|
||||||
def _get_instance_id():
|
def _get_instance_id():
|
||||||
return urllib2.urlopen('http://169.254.169.254/latest/meta-data/instance-id').read()
|
return urllib2.urlopen('http://169.254.169.254/latest/meta-data/instance-id').read()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _get_region():
|
||||||
|
return urllib2.urlopen('http://169.254.169.254/latest/meta-data/placement/availability-zone').read()[:-1]
|
||||||
|
|
||||||
def is_auth_enabled(self):
|
def is_auth_enabled(self):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
|
@ -14,13 +14,16 @@ ENV_DICT = {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
def load_env_from_file():
|
def load_server_configuration_from_file():
|
||||||
with open('monkey_island/cc/server_config.json', 'r') as f:
|
with open('monkey_island/cc/server_config.json', 'r') as f:
|
||||||
config_content = f.read()
|
config_content = f.read()
|
||||||
config_json = json.loads(config_content)
|
return json.loads(config_content)
|
||||||
return config_json['server_config']
|
|
||||||
|
|
||||||
|
|
||||||
|
def load_env_from_file():
|
||||||
|
config_json = load_server_configuration_from_file()
|
||||||
|
return config_json['server_config']
|
||||||
|
|
||||||
try:
|
try:
|
||||||
__env_type = load_env_from_file()
|
__env_type = load_env_from_file()
|
||||||
env = ENV_DICT[__env_type]()
|
env = ENV_DICT[__env_type]()
|
||||||
|
|
|
@ -5,6 +5,7 @@ import boto3
|
||||||
|
|
||||||
from cc.resources.exporter import Exporter
|
from cc.resources.exporter import Exporter
|
||||||
from cc.services.config import ConfigService
|
from cc.services.config import ConfigService
|
||||||
|
from cc.environment.environment import load_server_configuration_from_file
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
@ -57,10 +58,12 @@ class AWSExporter(Exporter):
|
||||||
'shared_passwords': AWSExporter._handle_shared_passwords_issue,
|
'shared_passwords': AWSExporter._handle_shared_passwords_issue,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
product_arn = load_server_configuration_from_file()['aws'].get('sec_hub_product_arn', '')
|
||||||
|
|
||||||
finding = {
|
finding = {
|
||||||
"SchemaVersion": "2018-10-08",
|
"SchemaVersion": "2018-10-08",
|
||||||
"Id": uuid.uuid4().hex,
|
"Id": uuid.uuid4().hex,
|
||||||
"ProductArn": "arn:aws:securityhub:us-west-2:324264561773:product/aws/guardduty",
|
"ProductArn": product_arn,
|
||||||
"GeneratorId": issue['type'],
|
"GeneratorId": issue['type'],
|
||||||
"AwsAccountId": "324264561773",
|
"AwsAccountId": "324264561773",
|
||||||
"Types": [
|
"Types": [
|
||||||
|
@ -308,4 +311,4 @@ class AWSExporter(Exporter):
|
||||||
"Text": "The machine {0} ({1}) is vulnerable to a SMB attack. The Monkey authenticated over the SMB protocol with user {2} and its password.".format(issue['machine'], issue['ip_address'], issue['username'])
|
"Text": "The machine {0} ({1}) is vulnerable to a SMB attack. The Monkey authenticated over the SMB protocol with user {2} and its password.".format(issue['machine'], issue['ip_address'], issue['username'])
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return finding
|
return finding
|
|
@ -1,3 +1,6 @@
|
||||||
{
|
{
|
||||||
"server_config": "standard"
|
"server_config": "standard",
|
||||||
|
"aws": {
|
||||||
|
"sec_hub_product_arn": "arn:aws:securityhub:us-west-2:324264561773:product/aws/guardduty"
|
||||||
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue