forked from p15670423/monkey
Improved configuration by removing unused method and separating config value paths to a separate file
This commit is contained in:
parent
9dc0211341
commit
708d1a697d
|
@ -36,16 +36,6 @@ class Configuration(object):
|
|||
self.max_depth = self.depth
|
||||
return unknown_items
|
||||
|
||||
def from_json(self, json_data):
|
||||
"""
|
||||
Gets a json data object, parses it and applies it to the configuration
|
||||
:param json_data:
|
||||
:return:
|
||||
"""
|
||||
formatted_data = json.loads(json_data)
|
||||
result = self.from_kv(formatted_data)
|
||||
return result
|
||||
|
||||
@staticmethod
|
||||
def hide_sensitive_info(config_dict):
|
||||
for field in SENSITIVE_FIELDS:
|
||||
|
|
|
@ -14,6 +14,10 @@ from monkey_island.cc.services.config_schema.config_schema import SCHEMA
|
|||
|
||||
__author__ = "itay.mizeretz"
|
||||
|
||||
from monkey_island.cc.services.config_schema.config_value_paths import STARTED_ON_ISLAND_PATH, \
|
||||
EXPORT_MONKEY_TELEMS_PATH, SSH_KEYS_PATH, USER_LIST_PATH, PASSWORD_LIST_PATH, \
|
||||
LM_HASH_LIST_PATH, NTLM_HASH_LIST_PATH, AWS_KEYS_PATH
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
# This should be used for config values of array type (array of strings only)
|
||||
|
@ -118,34 +122,34 @@ class ConfigService:
|
|||
|
||||
@staticmethod
|
||||
def creds_add_username(username):
|
||||
ConfigService.add_item_to_config_set_if_dont_exist('basic.credentials.exploit_user_list',
|
||||
ConfigService.add_item_to_config_set_if_dont_exist(USER_LIST_PATH,
|
||||
username,
|
||||
should_encrypt=False)
|
||||
|
||||
@staticmethod
|
||||
def creds_add_password(password):
|
||||
ConfigService.add_item_to_config_set_if_dont_exist('basic.credentials.exploit_password_list',
|
||||
ConfigService.add_item_to_config_set_if_dont_exist(PASSWORD_LIST_PATH,
|
||||
password,
|
||||
should_encrypt=True)
|
||||
|
||||
@staticmethod
|
||||
def creds_add_lm_hash(lm_hash):
|
||||
ConfigService.add_item_to_config_set_if_dont_exist('internal.exploits.exploit_lm_hash_list',
|
||||
ConfigService.add_item_to_config_set_if_dont_exist(LM_HASH_LIST_PATH,
|
||||
lm_hash,
|
||||
should_encrypt=True)
|
||||
|
||||
@staticmethod
|
||||
def creds_add_ntlm_hash(ntlm_hash):
|
||||
ConfigService.add_item_to_config_set_if_dont_exist('internal.exploits.exploit_ntlm_hash_list',
|
||||
ConfigService.add_item_to_config_set_if_dont_exist(NTLM_HASH_LIST_PATH,
|
||||
ntlm_hash,
|
||||
should_encrypt=True)
|
||||
|
||||
@staticmethod
|
||||
def ssh_add_keys(public_key, private_key, user, ip):
|
||||
if not ConfigService.ssh_key_exists(
|
||||
ConfigService.get_config_value(['internal', 'exploits', 'exploit_ssh_keys'], False, False), user, ip):
|
||||
ConfigService.get_config_value(SSH_KEYS_PATH, False, False), user, ip):
|
||||
ConfigService.add_item_to_config_set_if_dont_exist(
|
||||
'internal.exploits.exploit_ssh_keys',
|
||||
SSH_KEYS_PATH,
|
||||
{
|
||||
"public_key": public_key,
|
||||
"private_key": private_key,
|
||||
|
@ -280,7 +284,7 @@ class ConfigService:
|
|||
"""
|
||||
Same as decrypt_config but for a flat configuration
|
||||
"""
|
||||
keys = [config_arr_as_array[2] for config_arr_as_array in ENCRYPTED_CONFIG_ARRAYS]
|
||||
keys = [config_arr_as_array[-1] for config_arr_as_array in ENCRYPTED_CONFIG_VALUES]
|
||||
|
||||
for key in keys:
|
||||
if isinstance(flat_config[key], collections.Sequence) and not isinstance(flat_config[key], str):
|
||||
|
@ -295,7 +299,7 @@ class ConfigService:
|
|||
|
||||
@staticmethod
|
||||
def _encrypt_or_decrypt_config(config, is_decrypt=False):
|
||||
for config_arr_as_array in ENCRYPTED_CONFIG_ARRAYS:
|
||||
for config_arr_as_array in ENCRYPTED_CONFIG_VALUES:
|
||||
config_arr = config
|
||||
parent_config_arr = None
|
||||
|
||||
|
@ -328,8 +332,8 @@ class ConfigService:
|
|||
|
||||
@staticmethod
|
||||
def is_test_telem_export_enabled():
|
||||
return ConfigService.get_config_value(['internal', 'testing', 'export_monkey_telems'])
|
||||
return ConfigService.get_config_value(EXPORT_MONKEY_TELEMS_PATH)
|
||||
|
||||
@staticmethod
|
||||
def set_started_on_island(value: bool):
|
||||
ConfigService.set_config_value(['internal', 'general', 'started_on_island'], value)
|
||||
ConfigService.set_config_value(STARTED_ON_ISLAND_PATH, value)
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
AWS_KEYS_PATH = ['internal', 'monkey', 'aws_keys']
|
||||
STARTED_ON_ISLAND_PATH = ['internal', 'general', 'started_on_island']
|
||||
EXPORT_MONKEY_TELEMS_PATH = ['internal', 'testing', 'export_monkey_telems']
|
||||
CURRENT_SERVER_PATH = ['internal', 'island_server', 'current_server']
|
||||
SSH_KEYS_PATH = ['internal', 'exploits', 'exploit_ssh_keys']
|
||||
INACCESSIBLE_SUBNETS_PATH = ['basic_network', 'network_analysis', 'inaccessible_subnets']
|
||||
USER_LIST_PATH = ['basic', 'credentials', 'exploit_user_list']
|
||||
PASSWORD_LIST_PATH = ['basic', 'credentials', 'exploit_password_list']
|
||||
EXPLOITER_CLASSES_PATH = ['basic', 'exploiters', 'exploiter_classes']
|
||||
SUBNET_SCAN_LIST_PATH = ['basic_network', 'scope', 'subnet_scan_list']
|
||||
LOCAL_NETWORK_SCAN_PATH = ['basic_network', 'scope', 'local_network_scan']
|
||||
LM_HASH_LIST_PATH = ['internal', 'exploits', 'exploit_lm_hash_list']
|
||||
NTLM_HASH_LIST_PATH = ['internal', 'exploits', 'exploit_ntlm_hash_list']
|
|
@ -12,6 +12,8 @@ from monkey_island.cc.database import mongo
|
|||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.network_utils import get_subnets, local_ip_addresses
|
||||
from monkey_island.cc.services.config import ConfigService
|
||||
from monkey_island.cc.services.config_schema.config_value_paths import USER_LIST_PATH, \
|
||||
PASSWORD_LIST_PATH, EXPLOITER_CLASSES_PATH, SUBNET_SCAN_LIST_PATH, LOCAL_NETWORK_SCAN_PATH
|
||||
from monkey_island.cc.services.configuration.utils import \
|
||||
get_config_network_segments_as_subnet_groups
|
||||
from monkey_island.cc.services.node import NodeService
|
||||
|
@ -619,15 +621,15 @@ class ReportService:
|
|||
|
||||
@staticmethod
|
||||
def get_config_users():
|
||||
return ConfigService.get_config_value(['basic', 'credentials', 'exploit_user_list'], True, True)
|
||||
return ConfigService.get_config_value(USER_LIST_PATH, True, True)
|
||||
|
||||
@staticmethod
|
||||
def get_config_passwords():
|
||||
return ConfigService.get_config_value(['basic', 'credentials', 'exploit_password_list'], True, True)
|
||||
return ConfigService.get_config_value(PASSWORD_LIST_PATH, True, True)
|
||||
|
||||
@staticmethod
|
||||
def get_config_exploits():
|
||||
exploits_config_value = ['basic', 'exploiters', 'exploiter_classes']
|
||||
exploits_config_value = EXPLOITER_CLASSES_PATH
|
||||
default_exploits = ConfigService.get_default_config(False)
|
||||
for namespace in exploits_config_value:
|
||||
default_exploits = default_exploits[namespace]
|
||||
|
@ -641,11 +643,11 @@ class ReportService:
|
|||
|
||||
@staticmethod
|
||||
def get_config_ips():
|
||||
return ConfigService.get_config_value(['basic_network', 'scope', 'subnet_scan_list'], True, True)
|
||||
return ConfigService.get_config_value(SUBNET_SCAN_LIST_PATH, True, True)
|
||||
|
||||
@staticmethod
|
||||
def get_config_scan():
|
||||
return ConfigService.get_config_value(['basic_network', 'scope', 'local_network_scan'], True, True)
|
||||
return ConfigService.get_config_value(LOCAL_NETWORK_SCAN_PATH, True, True)
|
||||
|
||||
@staticmethod
|
||||
def get_issues_overview(issues, config_users, config_passwords):
|
||||
|
|
Loading…
Reference in New Issue