From 3e453e8b2c9002c341d7adecb8371f2f1ae905a7 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:03:12 +0530 Subject: [PATCH 01/10] cc: Remove 'I want anyone to access the island' button --- .../cc/ui/src/components/pages/RegisterPage.js | 7 ------- 1 file changed, 7 deletions(-) diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js index 7dfd51276..896a8984e 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js @@ -96,13 +96,6 @@ class RegisterPageComponent extends React.Component { - - - - I want anyone to access the island - - - { From 6937a6b81a117bab0f7c5cfd6205eaf78848b8a8 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:04:05 +0530 Subject: [PATCH 02/10] cc: Remove setNoAuth() fron RegisterPage.js --- .../ui/src/components/pages/RegisterPage.js | 24 ------------------- 1 file changed, 24 deletions(-) diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js index 896a8984e..90927da44 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js @@ -24,30 +24,6 @@ class RegisterPageComponent extends React.Component { }); }; - setNoAuth = () => { - let options = {}; - options['headers'] = { - 'Accept': 'application/json', - 'Content-Type': 'application/json' - }; - options['method'] = 'PATCH'; - options['body'] = JSON.stringify({'server_config': 'standard'}); - - return fetch(this.NO_AUTH_API_ENDPOINT, options) - .then(res => { - if (res.status === 200) { - this.auth.attemptNoAuthLogin().then(() => { - this.redirectToHome(); - }); - } else { - this.setState({ - failed: true, - error: res['error'] - }); - } - }) - } - updateUsername = (evt) => { this.username = evt.target.value; }; From 7fe9d752fab0f86d46e0c09d3cded903b1e27777 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:06:36 +0530 Subject: [PATCH 03/10] cc: Remove StandardConfig in frontend --- .../cc/ui/src/server_config/ServerConfig.js | 2 -- .../cc/ui/src/server_config/StandardConfig.js | 10 ---------- 2 files changed, 12 deletions(-) delete mode 100644 monkey/monkey_island/cc/ui/src/server_config/StandardConfig.js diff --git a/monkey/monkey_island/cc/ui/src/server_config/ServerConfig.js b/monkey/monkey_island/cc/ui/src/server_config/ServerConfig.js index 14bd5c3ba..270c28710 100644 --- a/monkey/monkey_island/cc/ui/src/server_config/ServerConfig.js +++ b/monkey/monkey_island/cc/ui/src/server_config/ServerConfig.js @@ -1,4 +1,3 @@ -import StandardConfig from './StandardConfig'; import AwsConfig from './AwsConfig'; import PasswordConfig from './PasswordConfig'; @@ -6,7 +5,6 @@ import SERVER_CONFIG_JSON from '../../../server_config.json'; const CONFIG_DICT = { - 'standard': StandardConfig, 'aws': AwsConfig, 'password': PasswordConfig }; diff --git a/monkey/monkey_island/cc/ui/src/server_config/StandardConfig.js b/monkey/monkey_island/cc/ui/src/server_config/StandardConfig.js deleted file mode 100644 index c3ace9a97..000000000 --- a/monkey/monkey_island/cc/ui/src/server_config/StandardConfig.js +++ /dev/null @@ -1,10 +0,0 @@ -import BaseConfig from './BaseConfig'; - -class StandardConfig extends BaseConfig { - - isAuthEnabled() { - return false; - } -} - -export default StandardConfig; From e4d75e25bdabf751dce3cd12f0c69df69170f822 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:16:32 +0530 Subject: [PATCH 04/10] island: Remove standard environment --- monkey/monkey_island/cc/environment/__init__.py | 3 --- .../cc/environment/environment_singleton.py | 15 +-------------- monkey/monkey_island/cc/environment/standard.py | 12 ------------ 3 files changed, 1 insertion(+), 29 deletions(-) delete mode 100644 monkey/monkey_island/cc/environment/standard.py diff --git a/monkey/monkey_island/cc/environment/__init__.py b/monkey/monkey_island/cc/environment/__init__.py index 1792ea99b..2c43eb9be 100644 --- a/monkey/monkey_island/cc/environment/__init__.py +++ b/monkey/monkey_island/cc/environment/__init__.py @@ -77,9 +77,6 @@ class Environment(object, metaclass=ABCMeta): def testing(self, value): self._testing = value - def save_config(self): - self._config.save_to_file() - def get_config(self) -> EnvironmentConfig: return self._config diff --git a/monkey/monkey_island/cc/environment/environment_singleton.py b/monkey/monkey_island/cc/environment/environment_singleton.py index 82c6b90b0..4c5c6f744 100644 --- a/monkey/monkey_island/cc/environment/environment_singleton.py +++ b/monkey/monkey_island/cc/environment/environment_singleton.py @@ -1,16 +1,13 @@ import logging -import monkey_island.cc.resources.auth.user_store as user_store -from monkey_island.cc.environment import EnvironmentConfig, aws, password, standard +from monkey_island.cc.environment import EnvironmentConfig, aws, password logger = logging.getLogger(__name__) AWS = "aws" -STANDARD = "standard" PASSWORD = "password" ENV_DICT = { - STANDARD: standard.StandardEnvironment, AWS: aws.AwsEnvironment, PASSWORD: password.PasswordEnvironment, } @@ -24,16 +21,6 @@ def set_env(env_type: str, env_config: EnvironmentConfig): env = ENV_DICT[env_type](env_config) -def set_to_standard(): - global env - if env: - env_config = env.get_config() - env_config.server_config = "standard" - set_env("standard", env_config) - env.save_config() - user_store.UserStore.set_users(env.get_auth_users()) - - def initialize_from_file(file_path): try: config = EnvironmentConfig(file_path) diff --git a/monkey/monkey_island/cc/environment/standard.py b/monkey/monkey_island/cc/environment/standard.py deleted file mode 100644 index 3bc823b9b..000000000 --- a/monkey/monkey_island/cc/environment/standard.py +++ /dev/null @@ -1,12 +0,0 @@ -from monkey_island.cc.environment import Environment -from monkey_island.cc.resources.auth.auth_user import User - - -class StandardEnvironment(Environment): - _credentials_required = False - - NO_AUTH_USER = "1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()" - NO_AUTH_SECRET = "$2b$12$frH7uEwV3jkDNGgReW6j2udw8hy/Yw1SWAqytrcBYK48kn1V5lQIa" - - def get_auth_users(self): - return [User(1, StandardEnvironment.NO_AUTH_USER, StandardEnvironment.NO_AUTH_SECRET)] From 739a017e91a5ae5e01fd70223a5f4130f6a55669 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:18:16 +0530 Subject: [PATCH 05/10] island: Remove API endpoints for standard environment --- monkey/monkey_island/cc/app.py | 2 -- .../monkey_island/cc/resources/environment.py | 22 ------------------- .../ui/src/components/pages/RegisterPage.js | 2 -- 3 files changed, 26 deletions(-) delete mode 100644 monkey/monkey_island/cc/resources/environment.py diff --git a/monkey/monkey_island/cc/app.py b/monkey/monkey_island/cc/app.py index b3254d7cb..0bc20852f 100644 --- a/monkey/monkey_island/cc/app.py +++ b/monkey/monkey_island/cc/app.py @@ -23,7 +23,6 @@ from monkey_island.cc.resources.client_run import ClientRun from monkey_island.cc.resources.configuration_export import ConfigurationExport from monkey_island.cc.resources.configuration_import import ConfigurationImport from monkey_island.cc.resources.edge import Edge -from monkey_island.cc.resources.environment import Environment from monkey_island.cc.resources.exploitations.manual_exploitation import ManualExploitation from monkey_island.cc.resources.exploitations.monkey_exploitation import MonkeyExploitation from monkey_island.cc.resources.island_configuration import IslandConfiguration @@ -125,7 +124,6 @@ def init_api_resources(api): api.add_resource(Root, "/api") api.add_resource(Registration, "/api/registration") api.add_resource(Authenticate, "/api/auth") - api.add_resource(Environment, "/api/environment") api.add_resource(Monkey, "/api/monkey", "/api/monkey/", "/api/monkey/") api.add_resource(Bootloader, "/api/bootloader/") api.add_resource(LocalRun, "/api/local-monkey", "/api/local-monkey/") diff --git a/monkey/monkey_island/cc/resources/environment.py b/monkey/monkey_island/cc/resources/environment.py deleted file mode 100644 index feb0c138c..000000000 --- a/monkey/monkey_island/cc/resources/environment.py +++ /dev/null @@ -1,22 +0,0 @@ -import json -import logging - -import flask_restful -from flask import request - -import monkey_island.cc.environment.environment_singleton as env_singleton - -logger = logging.getLogger(__name__) - - -class Environment(flask_restful.Resource): - def patch(self): - env_data = json.loads(request.data) - if env_data["server_config"] == "standard": - if env_singleton.env.needs_registration(): - env_singleton.set_to_standard() - logger.warning( - "No user registered, Island on standard mode - no credentials required to " - "access." - ) - return {} diff --git a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js index 90927da44..55a5fcebf 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/RegisterPage.js @@ -7,8 +7,6 @@ import ParticleBackground from '../ui-components/ParticleBackground'; class RegisterPageComponent extends React.Component { - NO_AUTH_API_ENDPOINT = '/api/environment'; - register = (event) => { event.preventDefault(); this.auth.register(this.username, this.password).then(res => { From 94878a0196dce147bdfddf4a3bfdf12029ed3021 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:49:16 +0530 Subject: [PATCH 06/10] tests: Remove/modify tests and test data related to standard environment --- .../server_config_standard_env.json | 9 --------- ...rver_config_standard_with_credentials.json | 12 ------------ .../server_config_with_credentials.json | 1 + .../monkey_island/cc/environment/conftest.py | 5 ----- .../cc/environment/test_environment.py | 19 ------------------- .../cc/environment/test_environment_config.py | 16 ++++++++-------- 6 files changed, 9 insertions(+), 53 deletions(-) delete mode 100644 monkey/tests/data_for_tests/server_configs/server_config_standard_env.json delete mode 100644 monkey/tests/data_for_tests/server_configs/server_config_standard_with_credentials.json diff --git a/monkey/tests/data_for_tests/server_configs/server_config_standard_env.json b/monkey/tests/data_for_tests/server_configs/server_config_standard_env.json deleted file mode 100644 index 9c3a9899f..000000000 --- a/monkey/tests/data_for_tests/server_configs/server_config_standard_env.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "environment" : { - "server_config": "standard", - "deployment": "develop" - }, - "mongodb": { - "start_mongodb": true - } -} diff --git a/monkey/tests/data_for_tests/server_configs/server_config_standard_with_credentials.json b/monkey/tests/data_for_tests/server_configs/server_config_standard_with_credentials.json deleted file mode 100644 index 28d8653c8..000000000 --- a/monkey/tests/data_for_tests/server_configs/server_config_standard_with_credentials.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "log_level": "NOTICE", - "environment" : { - "server_config": "standard", - "deployment": "develop", - "user": "test", - "password_hash": "abcdef" - }, - "mongodb": { - "start_mongodb": true - } -} diff --git a/monkey/tests/data_for_tests/server_configs/server_config_with_credentials.json b/monkey/tests/data_for_tests/server_configs/server_config_with_credentials.json index 2f75c48fb..8690ef1c7 100644 --- a/monkey/tests/data_for_tests/server_configs/server_config_with_credentials.json +++ b/monkey/tests/data_for_tests/server_configs/server_config_with_credentials.json @@ -1,4 +1,5 @@ { + "log_level": "NOTICE", "environment" : { "server_config": "password", "deployment": "develop", diff --git a/monkey/tests/unit_tests/monkey_island/cc/environment/conftest.py b/monkey/tests/unit_tests/monkey_island/cc/environment/conftest.py index 767f765d9..c5d7b46b7 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/environment/conftest.py +++ b/monkey/tests/unit_tests/monkey_island/cc/environment/conftest.py @@ -16,8 +16,3 @@ def no_credentials(server_configs_dir): @pytest.fixture(scope="module") def partial_credentials(server_configs_dir): return os.path.join(server_configs_dir, "server_config_partial_credentials.json") - - -@pytest.fixture(scope="module") -def standard_with_credentials(server_configs_dir): - return os.path.join(server_configs_dir, "server_config_standard_with_credentials.json") diff --git a/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment.py b/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment.py index 030f99169..10adea8b7 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment.py +++ b/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment.py @@ -17,8 +17,6 @@ from monkey_island.cc.environment import Environment, EnvironmentConfig, UserCre WITH_CREDENTIALS = None NO_CREDENTIALS = None PARTIAL_CREDENTIALS = None -STANDARD_WITH_CREDENTIALS = None -STANDARD_ENV = None EMPTY_USER_CREDENTIALS = UserCreds("", "") FULL_USER_CREDENTIALS = UserCreds(username="test", password_hash="1231234") @@ -31,16 +29,10 @@ def configure_resources(server_configs_dir): global WITH_CREDENTIALS global NO_CREDENTIALS global PARTIAL_CREDENTIALS - global STANDARD_WITH_CREDENTIALS - global STANDARD_ENV WITH_CREDENTIALS = os.path.join(server_configs_dir, "server_config_with_credentials.json") NO_CREDENTIALS = os.path.join(server_configs_dir, "server_config_no_credentials.json") PARTIAL_CREDENTIALS = os.path.join(server_configs_dir, "server_config_partial_credentials.json") - STANDARD_WITH_CREDENTIALS = os.path.join( - server_configs_dir, "server_config_standard_with_credentials.json" - ) - STANDARD_ENV = os.path.join(server_configs_dir, "server_config_standard_env.json") def get_tmp_file(): @@ -123,29 +115,18 @@ class TestEnvironment(TestCase): self._test_bool_env_method("needs_registration", env, NO_CREDENTIALS, True) self._test_bool_env_method("needs_registration", env, PARTIAL_CREDENTIALS, True) - env = TestEnvironment.EnvironmentCredentialsNotRequired() - self._test_bool_env_method("needs_registration", env, STANDARD_ENV, False) - self._test_bool_env_method("needs_registration", env, STANDARD_WITH_CREDENTIALS, False) - def test_is_registered(self): env = TestEnvironment.EnvironmentCredentialsRequired() self._test_bool_env_method("_is_registered", env, WITH_CREDENTIALS, True) self._test_bool_env_method("_is_registered", env, NO_CREDENTIALS, False) self._test_bool_env_method("_is_registered", env, PARTIAL_CREDENTIALS, False) - env = TestEnvironment.EnvironmentCredentialsNotRequired() - self._test_bool_env_method("_is_registered", env, STANDARD_ENV, False) - self._test_bool_env_method("_is_registered", env, STANDARD_WITH_CREDENTIALS, False) - def test_is_credentials_set_up(self): env = TestEnvironment.EnvironmentCredentialsRequired() self._test_bool_env_method("_is_credentials_set_up", env, NO_CREDENTIALS, False) self._test_bool_env_method("_is_credentials_set_up", env, WITH_CREDENTIALS, True) self._test_bool_env_method("_is_credentials_set_up", env, PARTIAL_CREDENTIALS, False) - env = TestEnvironment.EnvironmentCredentialsNotRequired() - self._test_bool_env_method("_is_credentials_set_up", env, STANDARD_ENV, False) - def _test_bool_env_method( self, method_name: str, env: Environment, config: Dict, expected_result: bool ): diff --git a/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment_config.py b/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment_config.py index 0e3efda04..52f0d96ca 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment_config.py +++ b/monkey/tests/unit_tests/monkey_island/cc/environment/test_environment_config.py @@ -40,8 +40,8 @@ def test_get_with_partial_credentials(partial_credentials): assert config_dict["user"] == "test" -def test_save_to_file(config_file, standard_with_credentials): - shutil.copyfile(standard_with_credentials, config_file) +def test_save_to_file(config_file, with_credentials): + shutil.copyfile(with_credentials, config_file) environment_config = EnvironmentConfig(config_file) environment_config.aws = "test_aws" @@ -53,8 +53,8 @@ def test_save_to_file(config_file, standard_with_credentials): assert environment_config.to_dict() == from_file["environment"] -def test_save_to_file_preserve_log_level(config_file, standard_with_credentials): - shutil.copyfile(standard_with_credentials, config_file) +def test_save_to_file_preserve_log_level(config_file, with_credentials): + shutil.copyfile(with_credentials, config_file) environment_config = EnvironmentConfig(config_file) environment_config.aws = "test_aws" @@ -67,12 +67,12 @@ def test_save_to_file_preserve_log_level(config_file, standard_with_credentials) assert from_file["log_level"] == "NOTICE" -def test_add_user(config_file, standard_with_credentials): +def test_add_user(config_file, with_credentials): new_user = "new_user" new_password_hash = "fedcba" new_user_creds = UserCreds(new_user, new_password_hash) - shutil.copyfile(standard_with_credentials, config_file) + shutil.copyfile(with_credentials, config_file) environment_config = EnvironmentConfig(config_file) environment_config.add_user(new_user_creds) @@ -85,8 +85,8 @@ def test_add_user(config_file, standard_with_credentials): assert from_file["environment"]["password_hash"] == new_password_hash -def test_get_users(standard_with_credentials): - environment_config = EnvironmentConfig(standard_with_credentials) +def test_get_users(with_credentials): + environment_config = EnvironmentConfig(with_credentials) users = environment_config.get_users() assert len(users) == 1 From 30a8fd96a8a809e3e35cec4880887ebe26031699 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:51:27 +0530 Subject: [PATCH 07/10] cc: Remove CSS for the 'I want... island' button --- .../cc/ui/src/styles/pages/AuthPage.scss | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/monkey/monkey_island/cc/ui/src/styles/pages/AuthPage.scss b/monkey/monkey_island/cc/ui/src/styles/pages/AuthPage.scss index e3ecbd0e6..80bd54507 100644 --- a/monkey/monkey_island/cc/ui/src/styles/pages/AuthPage.scss +++ b/monkey/monkey_island/cc/ui/src/styles/pages/AuthPage.scss @@ -35,15 +35,3 @@ margin-bottom: 20px; text-align: center; } - -.no-auth-link { - margin-top: 10px; - float: right; - color: $monkey-black; - text-decoration: underline; -} - -.no-auth-link:hover { - float: right; - color: $monkey-yellow; -} From 8ef07bdca092292e4dc9e1fb9f2f0dfe4228791f Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 16:52:48 +0530 Subject: [PATCH 08/10] CHANGELOG: Update with insecure access removal --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 142a9029c..989d0204f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/). - "Back door user" post-breach action. #1410 - Stale code in the Windows system info collector that collected installed packages and WMI info. #1389 +- Remove insecure access feature in the Monkey Island. #1418 ### Fixed - Misaligned buttons and input fields on exploiter and network configuration From ffd421bed6c6e23da2f99194378286abe71bae94 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 18:01:13 +0530 Subject: [PATCH 09/10] cc: Remove authentication code related to standard environment --- .../cc/ui/src/components/Main.tsx | 72 +++++++++---------- .../cc/ui/src/components/pages/LoginPage.js | 11 ++- .../cc/ui/src/services/AuthService.js | 20 +----- 3 files changed, 43 insertions(+), 60 deletions(-) diff --git a/monkey/monkey_island/cc/ui/src/components/Main.tsx b/monkey/monkey_island/cc/ui/src/components/Main.tsx index 65ecfc6be..cfd04b39d 100644 --- a/monkey/monkey_island/cc/ui/src/components/Main.tsx +++ b/monkey/monkey_island/cc/ui/src/components/Main.tsx @@ -67,7 +67,6 @@ class AppComponent extends AuthComponent { loading: true, completedSteps: completedSteps, islandMode: undefined, - noAuthLoginAttempted: undefined }; this.interval = undefined; this.setMode(); @@ -77,45 +76,44 @@ class AppComponent extends AuthComponent { if (this.state.isLoggedIn === false) { return } - this.auth.loggedIn() - .then(res => { - if (this.state.isLoggedIn !== res) { - this.setState({ - isLoggedIn: res - }); - } - if (!res) { - this.auth.needsRegistration() - .then(result => { - this.setState({ - needsRegistration: result - }); - }) - } + let res = this.auth.loggedIn(); - if (res) { - this.setMode() - .then(() => { - if (this.state.islandMode === null) { - return - } - this.authFetch('/api') - .then(res => res.json()) - .then(res => { - let completedSteps = CompletedSteps.buildFromResponse(res.completed_steps); - // This check is used to prevent unnecessary re-rendering - if (_.isEqual(this.state.completedSteps, completedSteps)) { - return; - } - this.setState({completedSteps: completedSteps}); - this.showInfectionDoneNotification(); - }); - } - ) - - } + if (this.state.isLoggedIn !== res) { + this.setState({ + isLoggedIn: res }); + } + + if (!res) { + this.auth.needsRegistration() + .then(result => { + this.setState({ + needsRegistration: result + }); + }) + } + + if (res) { + this.setMode() + .then(() => { + if (this.state.islandMode === null) { + return + } + this.authFetch('/api') + .then(res => res.json()) + .then(res => { + let completedSteps = CompletedSteps.buildFromResponse(res.completed_steps); + // This check is used to prevent unnecessary re-rendering + if (_.isEqual(this.state.completedSteps, completedSteps)) { + return; + } + this.setState({completedSteps: completedSteps}); + this.showInfectionDoneNotification(); + }); + } + ) + } }; setMode = () => { diff --git a/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js b/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js index 961c1899c..0a281157f 100644 --- a/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js +++ b/monkey/monkey_island/cc/ui/src/components/pages/LoginPage.js @@ -48,12 +48,11 @@ class LoginPageComponent extends React.Component { this.redirectToRegistration() } }) - this.auth.loggedIn() - .then(res => { - if (res) { - this.redirectToHome(); - } - }); + + if (this.auth.loggedIn()) { + this.redirectToHome(); + } + } render() { diff --git a/monkey/monkey_island/cc/ui/src/services/AuthService.js b/monkey/monkey_island/cc/ui/src/services/AuthService.js index d7d1b9c2f..11cf37044 100644 --- a/monkey/monkey_island/cc/ui/src/services/AuthService.js +++ b/monkey/monkey_island/cc/ui/src/services/AuthService.js @@ -1,8 +1,6 @@ import decode from 'jwt-decode'; export default class AuthService { - NO_AUTH_CREDS = '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'; - SECONDS_BEFORE_JWT_EXPIRES = 20; AUTHENTICATION_API_ENDPOINT = '/api/auth'; REGISTRATION_API_ENDPOINT = '/api/registration'; @@ -16,7 +14,7 @@ export default class AuthService { }; jwtHeader = () => { - if (this._loggedIn()) { + if (this.loggedIn()) { return 'Bearer ' + this._getToken(); } }; @@ -68,7 +66,7 @@ export default class AuthService { 'Content-Type': 'application/json' }; - if (this._loggedIn()) { + if (this.loggedIn()) { headers['Authorization'] = 'Bearer ' + this._getToken(); } @@ -101,19 +99,7 @@ export default class AuthService { }) }; - async loggedIn() { - let token = this._getToken(); - if ((token === null) || (this._isTokenExpired(token))) { - await this.attemptNoAuthLogin(); - } - return this._loggedIn(); - } - - attemptNoAuthLogin() { - return this._login(this.NO_AUTH_CREDS, this.NO_AUTH_CREDS); - } - - _loggedIn() { + loggedIn() { const token = this._getToken(); return ((token !== null) && !this._isTokenExpired(token)); } From f6561fb1abb9402a40bc9e0c750e217cf12dc53e Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 1 Sep 2021 18:09:34 +0530 Subject: [PATCH 10/10] docs: Modify docs based on changes removing no auth option --- docs/content/FAQ/_index.md | 7 +++---- docs/content/setup/accounts-and-security.md | 2 -- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/docs/content/FAQ/_index.md b/docs/content/FAQ/_index.md index 32ae18617..e2ccc2d7e 100644 --- a/docs/content/FAQ/_index.md +++ b/docs/content/FAQ/_index.md @@ -52,12 +52,11 @@ Monkey in the newly created folder. ## Reset/enable the Monkey Island password When you first access the Monkey Island server, you'll be prompted to create an account. -To reset the credentials or enable/disable the authentication, -edit the `server_config.json` file manually +To reset the credentials, edit the `server_config.json` file manually (located in the [data directory](/reference/data_directory)). In order to reset the credentials, the following edits need to be made: -1. Delete the `user` field if one exists. It will look like this: +1. Delete the `user` field. It will look like this: ```json { ... @@ -65,7 +64,7 @@ In order to reset the credentials, the following edits need to be made: ... } ``` -1. Delete the `password_hash` field if one exists. It will look like this: +1. Delete the `password_hash` field. It will look like this: ```json { ... diff --git a/docs/content/setup/accounts-and-security.md b/docs/content/setup/accounts-and-security.md index cd87c2f19..b5664bf95 100644 --- a/docs/content/setup/accounts-and-security.md +++ b/docs/content/setup/accounts-and-security.md @@ -11,8 +11,6 @@ tags: ["usage", "password"] The first time you launch Monkey Island (the Infection Monkey C&C server), you'll be prompted to create an account and secure your island. After account creation, the server will only be accessible via the credentials you entered. -If you want an island to be accessible without credentials, press *I want anyone to access the island*. Please note that this option is insecure, and you should only use it in development environments. - ## Resetting your account credentials This procedure is documented in [the FAQ]({{< ref "/faq/#how-do-i-reset-the-monkey-island-password" >}}).