Island: Reimplement PropagationCredentials resource

2021-12-07 11:27:19 -05:00 · 2021-12-07 11:27:19 -05:00 · 8ecf328b4c
parent 703ba4f1c4
commit 8ecf328b4c
5 changed files with 38 additions and 26 deletions
--- a/monkey/monkey_island/cc/app.py
+++ b/monkey/monkey_island/cc/app.py
@ -170,7 +170,7 @@ def init_api_resources(api):
        "/api/fileUpload/<string:file_type>?load=<string:filename>",
        "/api/fileUpload/<string:file_type>?restore=<string:filename>",
    )
-    api.add_resource(PropagationCredentials, "/api/propagation-credentials")
+    api.add_resource(PropagationCredentials, "/api/propagation-credentials/<string:guid>")
    api.add_resource(RemoteRun, "/api/remote-monkey", "/api/remote-monkey/")
    api.add_resource(VersionUpdate, "/api/version-update", "/api/version-update/")
    api.add_resource(RemotePortCheck, "/api/monkey_control/check_remote_port/<string:port>")
--- a/monkey/monkey_island/cc/resources/propagation_credentials.py
+++ b/monkey/monkey_island/cc/resources/propagation_credentials.py
@ -1,9 +1,16 @@
 import flask_restful

+from monkey_island.cc.database import mongo
 from monkey_island.cc.services.config import ConfigService


 class PropagationCredentials(flask_restful.Resource):
-    def get(self):
+    def get(self, guid: str):
+        monkey_json = mongo.db.monkey.find_one_or_404({"guid": guid})
+        ConfigService.decrypt_flat_config(monkey_json)

-        return {"propagation_credentials": ConfigService.get_config_propagation_credentials()}
+        propagation_credentials = ConfigService.get_config_propagation_credentials_from_flat_config(
+            monkey_json["config"]
+        )
+
+        return {"propagation_credentials": propagation_credentials}
--- a/monkey/monkey_island/cc/services/config.py
+++ b/monkey/monkey_island/cc/services/config.py
@ -410,21 +410,13 @@ class ConfigService:
        ConfigService.set_config_value(STARTED_ON_ISLAND_PATH, value)

    @staticmethod
-    def get_config_propagation_credentials():
+    def get_config_propagation_credentials_from_flat_config(config):
        return {
-            "exploit_user_list": ConfigService.get_config_value(
-                USER_LIST_PATH, should_decrypt=False
-            ),
-            "exploit_password_list": ConfigService.get_config_value(
-                PASSWORD_LIST_PATH, should_decrypt=False
-            ),
-            "exploit_lm_hash_list": ConfigService.get_config_value(
-                LM_HASH_LIST_PATH, should_decrypt=False
-            ),
-            "exploit_ntlm_hash_list": ConfigService.get_config_value(
-                NTLM_HASH_LIST_PATH, should_decrypt=False
-            ),
-            "exploit_ssh_keys": ConfigService.get_config_value(SSH_KEYS_PATH, should_decrypt=False),
+            "exploit_user_list": config["exploit_user_list"],
+            "exploit_password_list": config["exploit_password_list"],
+            "exploit_lm_hash_list": config["exploit_lm_hash_list"],
+            "exploit_ntlm_hash_list": config["exploit_ntlm_hash_list"],
+            "exploit_ssh_keys": config["exploit_ssh_keys"],
        }

    @staticmethod
--- a/monkey/tests/data_for_tests/monkey_configs/flat_config.json
+++ b/monkey/tests/data_for_tests/monkey_configs/flat_config.json
@ -29,18 +29,18 @@
    "dropper_target_path_linux": "/tmp/monkey",
    "dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe",
    "dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
-    "exploit_lm_hash_list": [],
-    "exploit_ntlm_hash_list": [],
+    "exploit_lm_hash_list": ["lm_hash_1", "lm_hash_2"],
+    "exploit_ntlm_hash_list": ["nt_hash_1", "nt_hash_2", "nt_hash_3"],
    "exploit_password_list": [
-        "root",
-        "123456",
-        "password",
-        "123456789",
-        "qwerty",
-        "111111",
-        "iloveyou"
+        "test",
+        "iloveyou",
+        "12345"
    ],
    "exploit_ssh_keys": [
+        {
+            "public_key": "my_public_key",
+            "private_key": "my_private_key"
+        }
    ],
    "exploit_user_list": [
        "Administrator",
--- a/monkey/tests/unit_tests/monkey_island/cc/services/test_config.py
+++ b/monkey/tests/unit_tests/monkey_island/cc/services/test_config.py
@ -80,3 +80,16 @@ def test_format_config_for_agent__pbas(flat_monkey_config):
    assert "PBA_linux_filename" not in flat_monkey_config
    assert "custom_PBA_windows_cmd" not in flat_monkey_config
    assert "PBA_windows_filename" not in flat_monkey_config
+
+
+def test_get_config_propagation_credentials_from_flat_config(flat_monkey_config):
+    expected_creds = {
+        "exploit_lm_hash_list": ["lm_hash_1", "lm_hash_2"],
+        "exploit_ntlm_hash_list": ["nt_hash_1", "nt_hash_2", "nt_hash_3"],
+        "exploit_password_list": ["test", "iloveyou", "12345"],
+        "exploit_ssh_keys": [{"private_key": "my_private_key", "public_key": "my_public_key"}],
+        "exploit_user_list": ["Administrator", "root", "user", "ubuntu"],
+    }
+
+    creds = ConfigService.get_config_propagation_credentials_from_flat_config(flat_monkey_config)
+    assert creds == expected_creds