p41275903
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,312 Commits 31 Branches 0 Tags 47 MiB
Commit Graph

6312 Commits

Author SHA1 Message Date
VakarisZ af99482a4a
Merge pull request #1506 from guardicore/mongo_key_encryption 
Mongo key encryption
 2021-10-04 15:10:12 +03:00
VakarisZ ddff2f0aa4 Refactor a couple of imports into a shorter import statement 2021-10-04 14:59:26 +03:00
VakarisZ 3b5dd6ac3e Remove database initialization during island startup 
Database initialization can not be done because island doesn't know the key needed for encrypting collections. Since the key only appears after registration, database setup also should happen only after registration
 2021-10-04 14:23:50 +03:00
VakarisZ a2b09a9e7a Fix unit tests for data store encryptor 2021-10-04 14:21:07 +03:00
VakarisZ ea6fe37b44 Fix scoutsuite unit test to use updated datastore encryptor interface 2021-10-04 12:13:55 +03:00
VakarisZ 3ec26bcef8 Refactor data store encryptor to IEncryptor interface, move data store encryptor creation related code to data_store_encryptor.py, move the reponsibility to initialize data store encryptor to AuthenticationService 2021-10-04 12:03:30 +03:00
VakarisZ 34d065ce69 Move encryptors into a separate folder 
This separates encryptor classes from other encryption related infrastructure that we have cc\server_utils\encryption
 2021-10-04 11:09:42 +03:00
VakarisZ 9d6dc3b026 Move all encryptor building related code to encryptor_factory.py from data_store_encryptor.py 2021-10-01 17:33:55 +03:00
Mike Salvatore 2adf5a7f64
Merge pull request #1503 from guardicore/629/ship-db-with-attack-mitigations 
Ship database with attack mitigations
 2021-10-01 09:01:35 -04:00
Mike Salvatore 4ef0f542b8 Docs: Add description of Attack Mitigations 2021-10-01 09:00:32 -04:00
VakarisZ 26ba02a1d0 Refactor get_credentials_from_request to get_username_password_from_request 
This better indicates that get_username_password_from_request returns a username/password pair rather than UserCreds structure
 2021-10-01 15:33:46 +03:00
VakarisZ da169dddc9 Refactor DataStoreEncryptor by splitting up initialization related methods into EncryptorFactory 
This makes encryptor initialization workflow more straight-forward and the files become smaller, easier to read
 2021-10-01 15:24:48 +03:00
Mike Salvatore 9436f5f5e1 Island: Remove stix2 dependency 2021-10-01 07:55:33 -04:00
VakarisZ b2bbb62bdd Add CHANGELOG.md entry for #1463 (Encrypt the database key with user's credentials.) 2021-10-01 12:48:08 +03:00
VakarisZ ddae09278e Refactor test_data_store_encryptor.py to use (path / to / file).isfile() syntax to check for presence of files 2021-10-01 12:44:05 +03:00
VakarisZ 4cbed6dce9 Fix typos and rename files/classes related to data store encryptor. Change PasswordBasedBytesEncryptor interface to use bytes instead of io.BytesIO 2021-10-01 12:34:21 +03:00
VakarisZ e280c4fb5a Move data store encryptor secret generation into the data store encryptor from credential_utils.py 2021-10-01 11:58:32 +03:00
VakarisZ f97ec4e9ed Implement data store encryptor key removal on registration and unit tests for data store encryptor 
Data store key needs to be deleted upon registration to create a new one.
 2021-10-01 11:26:43 +03:00
Mike Salvatore 2f88de6f08 Build: Fix AppImage package version 2021-09-30 15:41:37 -04:00
Mike Salvatore 2d701e45df Build: Set PYTHONNOUSERSITE in AppRun 
Fixes #1500
 2021-09-30 15:39:17 -04:00
Mike Salvatore c30d5721f2 Island: Fix formatting of database_initializer.py 2021-09-30 14:08:29 -04:00
Mike Salvatore fef6350871 Tests: Reduced code duplication in database initializer tests 2021-09-30 13:13:26 -04:00
Mike Salvatore f0c25b4b5e Docs: Add steps to attack mitigations dump script documentation 2021-09-30 18:03:28 +02:00
Mike Salvatore 0a3488b680 Deployment: Add requirements.txt for attack mitigations dump script 2021-09-30 18:03:28 +02:00
Mike Salvatore 6e92c84f89 Docs: Move attack mitigations from reference -> development 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 43471c6553 Island: Fix typing error in island spec 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 77c51497d0 docs: Add attack mitigations documentation 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 1ed6fed164 Island: Remove attack_data submodule 2021-09-30 18:03:28 +02:00
Ilija Lazoroski 9ea5a56abd UT: Fix database_initializer test 2021-09-30 18:03:23 +02:00
Mike Salvatore 1748955213 Island: Handle metadata in attack mitigations json 2021-09-30 18:00:32 +02:00
Mike Salvatore 45c66fe309 Deployment: Include metadata in attack mitigations json dump 2021-09-30 18:00:32 +02:00
Ilija Lazoroski 8c1afcc2b4 Island: Add import attack mitigations 
Also UTs for reset_database from setup mongo.
 2021-09-30 18:00:15 +02:00
Mike Salvatore c93d5037b2 Island: Remove unused attack mitigations import code 2021-09-30 10:52:43 -04:00
Mike Salvatore 2a9d9938cd Deployment: Move dump_attack_mitigations into a subdirectory 2021-09-30 10:52:43 -04:00
Ilija Lazoroski 36b13d0db9 Island: Remove attack-data submodule 
Removed submodule with its fork.
Remove usage of the submodule.
Fixed monkey_island.spec
Added attack_mitigations dump.
Added hook for above file.
 2021-09-30 10:52:41 -04:00
Mike Salvatore 6de33bfd57 Deployment: Import ATT&CK data into mongo 2021-09-30 10:50:52 -04:00
Mike Salvatore 82c8385863 Deployment: Reorder functions in dump_attack_mitigations.py 2021-09-30 10:50:52 -04:00
Mike Salvatore 38f50641a5 Deployment: Wrap argument parsing in function 2021-09-30 10:50:52 -04:00
Mike Salvatore 7bcfc6d27a Deployment: Make dump_attack_mitigations.py executable 2021-09-30 10:50:52 -04:00
Ilija Lazoroski 29f9384b6a Deployment: Initial commit for mongo export utility 2021-09-30 10:50:52 -04:00
VakarisZ 4f176939bb Split up the initialization of mongo_key into 2 parts: directory of mongo key initialization that happens during launch and initialization of key which happens after login or registration 2021-09-30 17:16:06 +03:00
VakarisZ fd1cb9d36d Add a secret to datastore encryptor 
This change enables the encryption/decryption of mongo key with a custom secret
 2021-09-30 17:16:05 +03:00
VakarisZ 191fbea665 Refactor password based encryptor into PasswordBasedStringEncryptor and PasswordBasedByteEncryptor 
This change allows to encrypt strings and bytes without any additional conversion done on the caller
 2021-09-30 17:16:04 +03:00
VakarisZ f387595104
Merge pull request #1495 from guardicore/delay-mongo-init 
Delay mongo init to after registration
 2021-09-29 17:03:12 +03:00
VakarisZ 7939ed4739 Alter the log message talking about storing the mitigations: remove the part saying that it will take a while 2021-09-29 17:02:34 +03:00
VakarisZ 579ebf4a0f Alter registration page to show loading icon while registration request is being processed 2021-09-29 16:45:28 +03:00
VakarisZ c211d51d8c Move database reset to happen during the registration 2021-09-29 16:45:28 +03:00
VakarisZ b73958dd55 Rename the CHANGELOG.md entry about resetting login credentials to "Resetting login credentials also cleans the contents of the database. #1495" 2021-09-29 16:45:26 +03:00
Shreya Malviya ab7872d103 CHANGELOG: Add entry for delaying mongo init 2021-09-29 16:44:42 +03:00
Shreya Malviya 2cbaf954e1 docs: Fix spelling mistake 2021-09-29 16:44:16 +03:00