Mike Salvatore
ed2ebc79c3
Merge pull request #1325 from guardicore/ransomware-payload-refactor
...
Ransomware payload refactor
2021-07-15 11:54:12 -04:00
Mike Salvatore
feda0718cc
Agent: Set default self.target_directory to None
2021-07-15 11:52:17 -04:00
Mike Salvatore
4be442f814
Agent: Fix import error
2021-07-15 11:45:58 -04:00
Mike Salvatore
7966703f63
Agent: Rename readme_utils to readme_dropper
2021-07-15 11:36:10 -04:00
Mike Salvatore
8ae41907ba
Tests: Remove accidental print() from test_file_selectors
2021-07-15 11:29:54 -04:00
Mike Salvatore
9044c587a6
Agent: Pass a RansomwareConfig to RansomwarePayload
...
Rather than RansomwarePayload being responsible fro translating the
config dictionary into something usable, it now just accepts a
RansomwareConfig object which contains pre-processed configuration
options.
2021-07-15 11:26:02 -04:00
Mike Salvatore
6f5a7faaa1
Agent: Add RannsomwareConfig class
2021-07-15 11:23:32 -04:00
Mike Salvatore
f804d6cf5b
UI: Left-align report table headers since contents are left-aligned
2021-07-14 14:56:42 -04:00
Mike Salvatore
7ae46339e0
UI: Show ransomware encrypted file count only in red or black
2021-07-14 14:56:42 -04:00
Mike Salvatore
e241d46263
Merge pull request #1323 from guardicore/ransomware-show-relevant-configuration-tabs
...
Display relevant configuration tabs in ransomware mode
2021-07-14 14:31:59 -04:00
Mike Salvatore
6acd9061a3
Island: Set correct default config tab on refresh
2021-07-14 14:30:41 -04:00
Mike Salvatore
fb7a615766
Merge pull request #1322 from guardicore/1241/ransomware-quickstart-hide-run-scoutsuite
...
Ransomware quickstart - Hide scoutsuite run options in ransomware mode
2021-07-14 14:29:41 -04:00
Mike Salvatore
c0514e1359
Island: Pass island mode as a prop to ConfigurePageComponent
2021-07-14 14:26:14 -04:00
Shreya
7170efbf0d
cc: Extract configuration tabs' order to a separate file and modify how the order is fetched
2021-07-14 13:58:19 -04:00
Shreya
6e3053cfc0
cc: Don't try rendering any monkey config tab if length of `this.state.configuration` is 0
...
The config is fetched in `componentDidMount()` (which is called
after `render()` finishes successfully). If you attempt to render
the configuration (i.e. call `renderConfigContent()`) before the
config is fetched, it throws an error.
2021-07-14 13:58:19 -04:00
Shreya
917d7dfb15
cc: Get configuration tabs' order based on Island mode
2021-07-14 13:58:19 -04:00
Shreya
035ce6c8b0
cc: Don't set `selectedSection` to 'attack' in `componentDidMount` in `ConfigurePage.js`
...
Remove a line which seems to do nothing useful.
Causes issues if the first tab in the configuration page
is not the ATT&CK tab.
2021-07-14 13:58:18 -04:00
Mike Salvatore
a786428652
Island: Pass island mode as a prop from Main.js to child components
2021-07-14 13:26:30 -04:00
Mike Salvatore
918d233983
Agent: Add build_ransomware_payload() function
2021-07-14 12:48:37 -04:00
Mike Salvatore
fd3cc46e55
Agent: Remove unused return value from RansomwarePayload._encrypt_files
2021-07-14 12:07:19 -04:00
Ilija Lazoroski
f725efd41a
ui: Refactor scoutsuite hiding functions
2021-07-14 16:30:41 +02:00
Mike Salvatore
0be919b805
Agent: Use mock encryptor in test_ransomware_payload.py
2021-07-14 09:18:59 -04:00
Ilija Lazoroski
6dbac85256
ui: Hide scoutsuite run options in ransomware mode
2021-07-14 15:00:21 +02:00
Mike Salvatore
d9cc66de54
Agent: Inject InPlaceFileEncryptor into RansomwarePayload
2021-07-14 08:50:49 -04:00
Mike Salvatore
0cb975a592
Agent: Rename InPlaceEncryptor -> InPlaceFileEncryptor
2021-07-14 08:38:51 -04:00
Mike Salvatore
39171f0950
Agent: Add ability to rename file to InPlaceEncryptor
2021-07-14 08:34:58 -04:00
Mike Salvatore
55ba5f530d
Agent: Add InPlaceEncryptor
...
InPlaceEncryptor encrypts a file in place. It accepts a callable that
performs the actual bit manipulation. This allows the in-place
encryption functionality to be easily reused, while the actual
encryption algorithm can be changed.
2021-07-14 08:33:42 -04:00
Mike Salvatore
ce2ad81321
Island: Replace concrete file selector with mock in ransomware tests
2021-07-14 07:14:49 -04:00
VakarisZ
a77b7ea7bb
Merge pull request #1321 from guardicore/1241/ransomware-quickstart-start-over
...
Ransomware quickstart unset mode to get method in island mode
2021-07-14 13:47:58 +03:00
Ilija Lazoroski
2a1d41f6c7
Island: Add unset mode to get method in island mode
2021-07-14 12:40:08 +02:00
VakarisZ
bf517bf566
Merge pull request #1320 from guardicore/1241/ransomware-quickstart-get-mode
...
Ransomware quickstart - Add get method for island mode
2021-07-14 12:25:53 +03:00
Ilija Lazoroski
56b5e8bb87
Tests: Remove post tests that interact with the model
2021-07-14 11:24:48 +02:00
Mike Salvatore
81eba6e883
Agent: Accept a "select_files" Callable
2021-07-13 19:22:42 -04:00
Mike Salvatore
222c394dbc
Agent: Accept a "leave_readme" Callable instead of copy_file
2021-07-13 16:24:21 -04:00
Mike Salvatore
45a382f5ff
Add #1240 to CHANGELOG
2021-07-13 12:36:03 -04:00
Mike Salvatore
8977040d98
Merge pull request #1317 from guardicore/ransomware_table_ui
...
Ransomware table UI
2021-07-13 12:35:18 -04:00
Mike Salvatore
50cb687769
Island: Change colors of ransomware table text
...
If some files were encrypted, warning text color should be used. If all
files were encrypted, danger text color should be used.
2021-07-13 12:34:25 -04:00
Ilija Lazoroski
5fe7a9d204
Island: Add inital get method to island mode
2021-07-13 18:26:11 +02:00
Mike Salvatore
5aa5facf1f
Island: Move renderFileEncryptionStats to FileEncryptionTable.tsx
2021-07-13 11:26:07 -04:00
Mike Salvatore
77754cb4ff
Island: Remove superfluous description from ransomware report
2021-07-13 11:23:48 -04:00
Mike Salvatore
1f1b9bf2fc
Island: Deduplicate <p> in renderFileEncryptionStats()
2021-07-13 11:21:56 -04:00
Mike Salvatore
3c84e70ab1
Merge pull request #1314 from guardicore/1241/ransomware-quickstart-remove-congrats
...
Ransomware quickstart - Remove "Congrats" message and change header
2021-07-13 11:08:52 -04:00
Mike Salvatore
c89416f256
Merge pull request #1318 from guardicore/ransomware_quickstart_endpoint
...
Ransomware quickstart endpoint
2021-07-13 11:05:23 -04:00
Mike Salvatore
84a78a5048
Island: Don't catch Exception in POST /api/island-mode
...
Flask automatically traps exceptions, returns a 500, and logs a stack
trace. Since Flask will automatically return a 500, we don't need to
duplicate the functionality. Since it prints a stack trace, it provides
more useful information than catching it did.
2021-07-13 11:02:18 -04:00
Mike Salvatore
a0fb6fa2b6
Island: Return 400 from POST /api/island_mode on invalid JSON
2021-07-13 10:58:08 -04:00
Mike Salvatore
26d3782a66
Island: Test both "ransomware" and "advanced" modes
2021-07-13 10:49:15 -04:00
Mike Salvatore
7549e64b41
Island: Return 500 from POST /api/island-mode if unexpected exception
2021-07-13 10:46:47 -04:00
Ilija Lazoroski
bf5ff8dc71
ui: Rename RunServerPage to GettingStartedPage
2021-07-13 16:32:32 +02:00
Mike Salvatore
acdfeb858f
Tests: Move raise_() to a reusable location
2021-07-13 10:30:38 -04:00
Mike Salvatore
c56ca37bc0
Island: Respond with 422 instead of 404 from POST /api/island-mode
2021-07-13 10:25:52 -04:00