From ea95a14daf46fc130e830396e421e8d5a8abf844 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Tue, 7 Jun 2022 19:55:06 +0200 Subject: [PATCH] Island: Log agent binary hashes on initialization --- .../cc/resources/agent_binaries.py | 18 ---------- monkey/monkey_island/cc/server_setup.py | 3 -- .../monkey_island/cc/services/initialize.py | 35 ++++++++++++++++++- 3 files changed, 34 insertions(+), 22 deletions(-) diff --git a/monkey/monkey_island/cc/resources/agent_binaries.py b/monkey/monkey_island/cc/resources/agent_binaries.py index 9e7b858b7..ff4e061c1 100644 --- a/monkey/monkey_island/cc/resources/agent_binaries.py +++ b/monkey/monkey_island/cc/resources/agent_binaries.py @@ -1,4 +1,3 @@ -import hashlib import logging from pathlib import Path @@ -31,23 +30,6 @@ class AgentBinaries(AbstractResource): logger.error(ex) return make_response({"error": str(ex)}, 404) - @staticmethod - def log_executable_hashes(): - """ - Logs all the hashes of the monkey executables for debugging ease (can check what Monkey - version you have etc.). - """ - filenames = set(AGENTS.values()) - for filename in filenames: - filepath = get_executable_full_path(filename) - if filepath.is_file(): - with open(filepath, "rb") as monkey_exec_file: - file_contents = monkey_exec_file.read() - file_sha256_hash = hashlib.sha256(file_contents).hexdigest() - logger.debug(f"{filename} SHA-256 hash: {file_sha256_hash}") - else: - logger.debug(f"No monkey executable for {filepath}") - def get_agent_executable_path(os: str) -> Path: try: diff --git a/monkey/monkey_island/cc/server_setup.py b/monkey/monkey_island/cc/server_setup.py index 551048fad..e6365239f 100644 --- a/monkey/monkey_island/cc/server_setup.py +++ b/monkey/monkey_island/cc/server_setup.py @@ -21,7 +21,6 @@ from common.version import get_version # noqa: E402 from monkey_island.cc.app import init_app # noqa: E402 from monkey_island.cc.arg_parser import IslandCmdArgs # noqa: E402 from monkey_island.cc.arg_parser import parse_cli_args # noqa: E402 -from monkey_island.cc.resources import AgentBinaries # noqa: E402 from monkey_island.cc.server_utils.consts import ( # noqa: E402 GEVENT_EXCEPTION_LOG, MONGO_CONNECTION_TIMEOUT, @@ -154,8 +153,6 @@ def _start_island_server( def _log_init_info(): - AgentBinaries.log_executable_hashes() - logger.info("Monkey Island Server is running!") logger.info(f"version: {get_version()}") diff --git a/monkey/monkey_island/cc/services/initialize.py b/monkey/monkey_island/cc/services/initialize.py index 40ff4e69b..f4e4c5b97 100644 --- a/monkey/monkey_island/cc/services/initialize.py +++ b/monkey/monkey_island/cc/services/initialize.py @@ -1,9 +1,12 @@ +import logging from pathlib import Path from common import DIContainer from common.aws import AWSInstance +from common.utils.file_utils import get_binary_io_sha256_hash from monkey_island.cc.repository import ( AgentBinaryRepository, + AgentRetrievalError, IAgentBinaryRepository, IFileRepository, LocalStorageFileRepository, @@ -16,6 +19,8 @@ from monkey_island.cc.services.run_local_monkey import LocalMonkeyRunService from . import AuthenticationService, JsonFileUserDatastore from .reporting.report import ReportService +logger = logging.getLogger(__name__) + AGENT_BINARIES_PATH = Path(MONKEY_ISLAND_ABS_PATH) / "cc" / "binaries" @@ -40,4 +45,32 @@ def initialize_services(data_dir: Path) -> DIContainer: def _build_agent_binary_repository(): file_repository = LocalStorageFileRepository(AGENT_BINARIES_PATH) - return AgentBinaryRepository(file_repository) + agent_binary_repository = AgentBinaryRepository(file_repository) + + _log_agent_binary_hashes(agent_binary_repository) + + return agent_binary_repository + + +def _log_agent_binary_hashes(agent_binary_repository: IAgentBinaryRepository): + """ + Logs all the hashes of the agent executables for debbuging ease + + :param agent_binary_repository: Used to retrieve the agent binaries + """ + agent_binaries = { + "Linux": agent_binary_repository.get_linux_binary, + "Windows": agent_binary_repository.get_windows_binary, + } + agent_hashes = {} + + for os, get_agent_binary in agent_binaries.items(): + try: + agent_binary = get_agent_binary() + binary_sha256_hash = get_binary_io_sha256_hash(agent_binary) + agent_hashes[os] = binary_sha256_hash + except AgentRetrievalError as err: + logger.error(f"No agent available for {os}: {err}") + + for os, binary_sha256_hash in agent_hashes.items(): + logger.info(f"{os} agent: SHA-256 hash: {binary_sha256_hash}")