Mike Salvatore
1d7476637d
Tests: Remove hash_file() and use get_file_sha256_hash() instead
2021-07-19 06:41:52 -04:00
Mike Salvatore
8879dae276
Agent: Don't encrypt ransomware README.txt
...
Fixes #1304
2021-07-19 06:41:37 -04:00
Mike Salvatore
3912b85d08
Common: Add get_file_sha256_hash()
2021-07-16 10:22:35 -04:00
Mike Salvatore
07937d7238
Agent: Move ransomware readme constants to ransomware/consts.py
2021-07-16 10:05:58 -04:00
Mike Salvatore
b1fe850624
Travis: Use swimm version 0.5.0, and not "latest" from GitHub API
...
GitHub only allows so many API calls per hour. If this is exceeded, the
travis ci build will fail.
2021-07-15 12:13:16 -04:00
Mike Salvatore
23c298a5f1
Travis: Use hugo version 0.85.0, and not "latest" from GitHub API
...
GitHub only allows so many API calls per hour. If this is exceeded, the
travis ci build will fail.
2021-07-15 12:00:57 -04:00
Mike Salvatore
ed2ebc79c3
Merge pull request #1325 from guardicore/ransomware-payload-refactor
...
Ransomware payload refactor
2021-07-15 11:54:12 -04:00
Mike Salvatore
feda0718cc
Agent: Set default self.target_directory to None
2021-07-15 11:52:17 -04:00
Mike Salvatore
4be442f814
Agent: Fix import error
2021-07-15 11:45:58 -04:00
Mike Salvatore
7966703f63
Agent: Rename readme_utils to readme_dropper
2021-07-15 11:36:10 -04:00
Mike Salvatore
8ae41907ba
Tests: Remove accidental print() from test_file_selectors
2021-07-15 11:29:54 -04:00
Mike Salvatore
9044c587a6
Agent: Pass a RansomwareConfig to RansomwarePayload
...
Rather than RansomwarePayload being responsible fro translating the
config dictionary into something usable, it now just accepts a
RansomwareConfig object which contains pre-processed configuration
options.
2021-07-15 11:26:02 -04:00
Mike Salvatore
6f5a7faaa1
Agent: Add RannsomwareConfig class
2021-07-15 11:23:32 -04:00
Mike Salvatore
f804d6cf5b
UI: Left-align report table headers since contents are left-aligned
2021-07-14 14:56:42 -04:00
Mike Salvatore
7ae46339e0
UI: Show ransomware encrypted file count only in red or black
2021-07-14 14:56:42 -04:00
Mike Salvatore
e241d46263
Merge pull request #1323 from guardicore/ransomware-show-relevant-configuration-tabs
...
Display relevant configuration tabs in ransomware mode
2021-07-14 14:31:59 -04:00
Mike Salvatore
6acd9061a3
Island: Set correct default config tab on refresh
2021-07-14 14:30:41 -04:00
Mike Salvatore
fb7a615766
Merge pull request #1322 from guardicore/1241/ransomware-quickstart-hide-run-scoutsuite
...
Ransomware quickstart - Hide scoutsuite run options in ransomware mode
2021-07-14 14:29:41 -04:00
Mike Salvatore
c0514e1359
Island: Pass island mode as a prop to ConfigurePageComponent
2021-07-14 14:26:14 -04:00
Shreya
7170efbf0d
cc: Extract configuration tabs' order to a separate file and modify how the order is fetched
2021-07-14 13:58:19 -04:00
Shreya
6e3053cfc0
cc: Don't try rendering any monkey config tab if length of `this.state.configuration` is 0
...
The config is fetched in `componentDidMount()` (which is called
after `render()` finishes successfully). If you attempt to render
the configuration (i.e. call `renderConfigContent()`) before the
config is fetched, it throws an error.
2021-07-14 13:58:19 -04:00
Shreya
917d7dfb15
cc: Get configuration tabs' order based on Island mode
2021-07-14 13:58:19 -04:00
Shreya
035ce6c8b0
cc: Don't set `selectedSection` to 'attack' in `componentDidMount` in `ConfigurePage.js`
...
Remove a line which seems to do nothing useful.
Causes issues if the first tab in the configuration page
is not the ATT&CK tab.
2021-07-14 13:58:18 -04:00
Mike Salvatore
a786428652
Island: Pass island mode as a prop from Main.js to child components
2021-07-14 13:26:30 -04:00
Mike Salvatore
918d233983
Agent: Add build_ransomware_payload() function
2021-07-14 12:48:37 -04:00
Mike Salvatore
fd3cc46e55
Agent: Remove unused return value from RansomwarePayload._encrypt_files
2021-07-14 12:07:19 -04:00
Ilija Lazoroski
f725efd41a
ui: Refactor scoutsuite hiding functions
2021-07-14 16:30:41 +02:00
Mike Salvatore
0be919b805
Agent: Use mock encryptor in test_ransomware_payload.py
2021-07-14 09:18:59 -04:00
Ilija Lazoroski
6dbac85256
ui: Hide scoutsuite run options in ransomware mode
2021-07-14 15:00:21 +02:00
Mike Salvatore
d9cc66de54
Agent: Inject InPlaceFileEncryptor into RansomwarePayload
2021-07-14 08:50:49 -04:00
Mike Salvatore
0cb975a592
Agent: Rename InPlaceEncryptor -> InPlaceFileEncryptor
2021-07-14 08:38:51 -04:00
Mike Salvatore
39171f0950
Agent: Add ability to rename file to InPlaceEncryptor
2021-07-14 08:34:58 -04:00
Mike Salvatore
55ba5f530d
Agent: Add InPlaceEncryptor
...
InPlaceEncryptor encrypts a file in place. It accepts a callable that
performs the actual bit manipulation. This allows the in-place
encryption functionality to be easily reused, while the actual
encryption algorithm can be changed.
2021-07-14 08:33:42 -04:00
Mike Salvatore
ce2ad81321
Island: Replace concrete file selector with mock in ransomware tests
2021-07-14 07:14:49 -04:00
VakarisZ
a77b7ea7bb
Merge pull request #1321 from guardicore/1241/ransomware-quickstart-start-over
...
Ransomware quickstart unset mode to get method in island mode
2021-07-14 13:47:58 +03:00
Ilija Lazoroski
2a1d41f6c7
Island: Add unset mode to get method in island mode
2021-07-14 12:40:08 +02:00
VakarisZ
bf517bf566
Merge pull request #1320 from guardicore/1241/ransomware-quickstart-get-mode
...
Ransomware quickstart - Add get method for island mode
2021-07-14 12:25:53 +03:00
Ilija Lazoroski
56b5e8bb87
Tests: Remove post tests that interact with the model
2021-07-14 11:24:48 +02:00
Mike Salvatore
81eba6e883
Agent: Accept a "select_files" Callable
2021-07-13 19:22:42 -04:00
Mike Salvatore
222c394dbc
Agent: Accept a "leave_readme" Callable instead of copy_file
2021-07-13 16:24:21 -04:00
Mike Salvatore
45a382f5ff
Add #1240 to CHANGELOG
2021-07-13 12:36:03 -04:00
Mike Salvatore
8977040d98
Merge pull request #1317 from guardicore/ransomware_table_ui
...
Ransomware table UI
2021-07-13 12:35:18 -04:00
Mike Salvatore
50cb687769
Island: Change colors of ransomware table text
...
If some files were encrypted, warning text color should be used. If all
files were encrypted, danger text color should be used.
2021-07-13 12:34:25 -04:00
Ilija Lazoroski
5fe7a9d204
Island: Add inital get method to island mode
2021-07-13 18:26:11 +02:00
Mike Salvatore
5aa5facf1f
Island: Move renderFileEncryptionStats to FileEncryptionTable.tsx
2021-07-13 11:26:07 -04:00
Mike Salvatore
77754cb4ff
Island: Remove superfluous description from ransomware report
2021-07-13 11:23:48 -04:00
Mike Salvatore
1f1b9bf2fc
Island: Deduplicate <p> in renderFileEncryptionStats()
2021-07-13 11:21:56 -04:00
Mike Salvatore
3c84e70ab1
Merge pull request #1314 from guardicore/1241/ransomware-quickstart-remove-congrats
...
Ransomware quickstart - Remove "Congrats" message and change header
2021-07-13 11:08:52 -04:00
Mike Salvatore
c89416f256
Merge pull request #1318 from guardicore/ransomware_quickstart_endpoint
...
Ransomware quickstart endpoint
2021-07-13 11:05:23 -04:00
Mike Salvatore
84a78a5048
Island: Don't catch Exception in POST /api/island-mode
...
Flask automatically traps exceptions, returns a 500, and logs a stack
trace. Since Flask will automatically return a 500, we don't need to
duplicate the functionality. Since it prints a stack trace, it provides
more useful information than catching it did.
2021-07-13 11:02:18 -04:00