p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

* Added fallback case for urllib failure to get the region 

* Added some safe checks for formatting and happy flows
* Removed productARN from server_config.json - it will now be inserted in deb build.
* Added the awscli lib to be installed via pip
This commit is contained in:
maor.rayzin 2018-11-28 18:54:50 +02:00
parent 1c99636414
commit e24e9b90f7
4 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
monkey/common/cloud/aws.py
View File

@ -10,6 +10,7 @@ class AWS(object):
self.region = urllib2.urlopen('http://169.254.169.254/latest/meta-data/placement/availability-zone').read()[:-1] self.region = urllib2.urlopen('http://169.254.169.254/latest/meta-data/placement/availability-zone').read()[:-1]
except urllib2.URLError: except urllib2.URLError:
self.instance_id = None self.instance_id = None
self.region = None
def get_instance_id(self): def get_instance_id(self):
return self.instance_id return self.instance_id

12
monkey/monkey_island/cc/resources/aws_exporter.py
View File

@ -77,8 +77,8 @@ class AWSExporter(Exporter):
} }
configured_product_arn = load_server_configuration_from_file()['aws'].get('sec_hub_product_arn', '') configured_product_arn = load_server_configuration_from_file()['aws'].get('sec_hub_product_arn', '')
product_arn = 'arn:aws:securityhub:{region}:{arn}'.format(region='us-west-2', arn=configured_product_arn) product_arn = 'arn:aws:securityhub:{region}:{arn}'.format(region=region, arn=configured_product_arn)
instance_arn = 'arn:aws:ec2:' + region + ':instance:{instance_id}' instance_arn = 'arn:aws:ec2:' + str(region) + ':instance:{instance_id}'
account_id = AWSExporter._get_aws_keys().get('aws_account_id', '') account_id = AWSExporter._get_aws_keys().get('aws_account_id', '')
finding = { finding = {
@ -98,6 +98,10 @@ class AWSExporter(Exporter):
@staticmethod @staticmethod
def _send_findings(findings_list, creds_dict, region): def _send_findings(findings_list, creds_dict, region):
try: try:
if not creds_dict:
logger.info('No AWS access credentials received in configuration')
return False
securityhub = boto3.client('securityhub', securityhub = boto3.client('securityhub',
aws_access_key_id=creds_dict.get('aws_access_key_id', ''), aws_access_key_id=creds_dict.get('aws_access_key_id', ''),
aws_secret_access_key=creds_dict.get('aws_secret_access_key', ''), aws_secret_access_key=creds_dict.get('aws_secret_access_key', ''),
@ -109,10 +113,10 @@ class AWSExporter(Exporter):
else: else:
return False return False
except UnknownServiceError as e: except UnknownServiceError as e:
logger.warning('AWS exporter called but AWS-CLI not installed') logger.warning('AWS exporter called but AWS-CLI securityhub service is not installed')
return False return False
except Exception as e: except Exception as e:
logger.error('AWS security hub findings failed to send.') logger.exception('AWS security hub findings failed to send.')
return False return False
@staticmethod @staticmethod

5
monkey/monkey_island/cc/server_config.json
View File

@ -1,6 +1,3 @@
{ {
"server_config": "standard", "server_config": "standard"
"aws": {
"sec_hub_product_arn": "324264561773:product/guardicore/aws-infection-monkey"
}
} }

1
monkey/monkey_island/deb-package/monkey_island_pip_requirements.txt
View File

@ -15,4 +15,5 @@ ipaddress
enum34 enum34
PyCrypto PyCrypto
boto3 boto3
awscli
virtualenv virtualenv