Merge branch 'scoutsuite-submodule-to-package' into release/1.10.0

This commit is contained in:
Mike Salvatore 2021-03-17 11:53:43 -04:00
commit 21914d35b3
12 changed files with 30 additions and 60 deletions

3
.gitmodules vendored
View File

@ -4,6 +4,3 @@
[submodule "docs/themes/learn"] [submodule "docs/themes/learn"]
path = docs/themes/learn path = docs/themes/learn
url = https://github.com/guardicode/hugo-theme-learn.git url = https://github.com/guardicode/hugo-theme-learn.git
[submodule "monkey/infection_monkey/system_info/collectors/scoutsuite"]
path = monkey/common/cloud/scoutsuite
url = https://github.com/guardicode/ScoutSuite.git

View File

@ -27,7 +27,6 @@ install:
- pip install flake8 pytest pytest-cov dlint isort # for next stages - pip install flake8 pytest pytest-cov dlint isort # for next stages
- pip install coverage # for code coverage - pip install coverage # for code coverage
- pip install -r monkey/infection_monkey/requirements.txt # for unit tests - pip install -r monkey/infection_monkey/requirements.txt # for unit tests
- pip install -r monkey/common/cloud/scoutsuite/requirements.txt
- pip install pipdeptree - pip install pipdeptree
# Fail builds on possible conflicting dependencies. # Fail builds on possible conflicting dependencies.
- pipdeptree --warn fail - pipdeptree --warn fail
@ -56,7 +55,7 @@ install:
script: script:
# Check Python code # Check Python code
## Check syntax errors and fail the build if any are found. ## Check syntax errors and fail the build if any are found.
- flake8 ./monkey --exclude=monkey/common/cloud/scoutsuite --config=./ci_scripts/flake8_syntax_check.ini - flake8 ./monkey --config=./ci_scripts/flake8_syntax_check.ini
## Warn about linter issues. ## Warn about linter issues.
### --exit-zero forces Flake8 to use the exit status code 0 even if there are errors, which means this will NOT fail the build. ### --exit-zero forces Flake8 to use the exit status code 0 even if there are errors, which means this will NOT fail the build.

@ -1 +0,0 @@
Subproject commit 9de1e78ba475f925c66c5b645564ec9eb08e2309

View File

@ -1,24 +1,24 @@
# -*- mode: python -*- # -*- mode: python -*-
import os import os
import sys
import platform import platform
import sys
__author__ = 'itay.mizeretz' __author__ = 'itay.mizeretz'
from PyInstaller.utils.hooks import collect_data_files
block_cipher = None block_cipher = None
def main(): def main():
print(collect_data_files('policyuniverse'))
a = Analysis(['main.py'], a = Analysis(['main.py'],
pathex=['..'], pathex=['..'],
hiddenimports=get_hidden_imports(), hiddenimports=get_hidden_imports(),
hookspath=['./pyinstaller_hooks'], hookspath=['./pyinstaller_hooks'],
runtime_hooks=None, runtime_hooks=None,
binaries=None, binaries=None,
datas=[ datas=[("../common/BUILD", "/common")],
("../common/BUILD", "/common")
],
excludes=None, excludes=None,
win_no_prefer_redirects=None, win_no_prefer_redirects=None,
win_private_assemblies=None, win_private_assemblies=None,
@ -48,7 +48,7 @@ def is_windows():
def is_32_bit(): def is_32_bit():
return sys.maxsize <= 2**32 return sys.maxsize <= 2 ** 32
def get_bin_folder(): def get_bin_folder():
@ -79,7 +79,12 @@ def get_linux_only_binaries():
def get_hidden_imports(): def get_hidden_imports():
return ['_cffi_backend', 'queue', '_mssql'] if is_windows() else ['_cffi_backend','_mssql'] imports = ['ScoutSuite']
if is_windows():
imports.extend(['_cffi_backend', 'queue', '_mssql'])
else:
imports.extend(['_cffi_backend', '_mssql'])
return imports
def get_sc_binaries(): def get_sc_binaries():
@ -94,15 +99,15 @@ def get_traceroute_binaries():
def get_monkey_filename(): def get_monkey_filename():
name = 'monkey-' name = 'monkey-'
if is_windows(): if is_windows():
name = name+"windows-" name = name + "windows-"
else: else:
name = name+"linux-" name = name + "linux-"
if is_32_bit(): if is_32_bit():
name = name+"32" name = name + "32"
else: else:
name = name+"64" name = name + "64"
if is_windows(): if is_windows():
name = name+".exe" name = name + ".exe"
return name return name

View File

@ -16,3 +16,4 @@ pypykatz==0.3.12
pysmb==1.2.5 pysmb==1.2.5
requests>=2.24 requests>=2.24
wmi==1.5.1 ; sys_platform == 'win32' wmi==1.5.1 ; sys_platform == 'win32'
git+https://github.com/guardicode/ScoutSuite

View File

@ -1,15 +0,0 @@
import pkgutil
import sys
from pathlib import PurePath
_scoutsuite_api_package = pkgutil.get_loader('common.cloud.scoutsuite.ScoutSuite.__main__')
def _add_scoutsuite_to_python_path():
scoutsuite_path = PurePath(_scoutsuite_api_package.path).parent.parent.__str__()
sys.path.append(scoutsuite_path)
# Add ScoutSuite to python path because this way
# we don't need to change any imports in ScoutSuite code
_add_scoutsuite_to_python_path()

View File

@ -1,5 +0,0 @@
import common.cloud.scoutsuite.ScoutSuite.api_run as scoutsuite_api
def run(*args, **kwargs):
return scoutsuite_api.run(*args, **kwargs)

View File

@ -1,8 +1,9 @@
import logging import logging
from typing import Union from typing import Union
import infection_monkey.system_info.collectors.scoutsuite_collector.scoutsuite_api as scoutsuite_api import ScoutSuite.api_run
from common.cloud.scoutsuite.ScoutSuite.providers.base.provider import BaseProvider from ScoutSuite.providers.base.provider import BaseProvider
from common.cloud.scoutsuite_consts import CloudProviders from common.cloud.scoutsuite_consts import CloudProviders
from common.utils.exceptions import ScoutSuiteScanError from common.utils.exceptions import ScoutSuiteScanError
from infection_monkey.config import WormConfiguration from infection_monkey.config import WormConfiguration
@ -22,7 +23,7 @@ def scan_cloud_security(cloud_type: CloudProviders):
def run_scoutsuite(cloud_type: str) -> Union[BaseProvider, dict]: def run_scoutsuite(cloud_type: str) -> Union[BaseProvider, dict]:
return scoutsuite_api.run(provider=cloud_type, return ScoutSuite.api_run.run(provider=cloud_type,
aws_access_key_id=WormConfiguration.aws_access_key_id, aws_access_key_id=WormConfiguration.aws_access_key_id,
aws_secret_access_key=WormConfiguration.aws_secret_access_key, aws_secret_access_key=WormConfiguration.aws_secret_access_key,
aws_session_token=WormConfiguration.aws_session_token) aws_session_token=WormConfiguration.aws_session_token)

View File

@ -1,5 +1,5 @@
from common.cloud.scoutsuite.ScoutSuite.output.result_encoder import ScoutJsonEncoder from ScoutSuite.output.result_encoder import ScoutJsonEncoder
from common.cloud.scoutsuite.ScoutSuite.providers.base.provider import BaseProvider from ScoutSuite.providers.base.provider import BaseProvider
from common.common_consts.telem_categories import TelemCategoryEnum from common.common_consts.telem_categories import TelemCategoryEnum
from infection_monkey.telemetry.base_telem import BaseTelem from infection_monkey.telemetry.base_telem import BaseTelem

View File

@ -1,13 +0,0 @@
import pkgutil
import sys
from pathlib import PurePath
_scoutsuite_api_package = pkgutil.get_loader('common.cloud.scoutsuite.ScoutSuite.__main__')
def _add_scoutsuite_to_python_path():
scoutsuite_path = PurePath(_scoutsuite_api_package.path).parent.parent.__str__()
sys.path.append(scoutsuite_path)
_add_scoutsuite_to_python_path()

View File

@ -14,7 +14,7 @@ def is_cloud_authentication_setup(provider: CloudProviders) -> Tuple[bool, str]:
if is_aws_keys_setup(): if is_aws_keys_setup():
return True, "AWS keys already setup." return True, "AWS keys already setup."
import common.cloud.scoutsuite.ScoutSuite.providers.aws.authentication_strategy as auth_strategy import ScoutSuite.providers.aws.authentication_strategy as auth_strategy
try: try:
profile = auth_strategy.AWSAuthenticationStrategy().authenticate() profile = auth_strategy.AWSAuthenticationStrategy().authenticate()
return True, f" Profile \"{profile.session.profile_name}\" is already setup. " return True, f" Profile \"{profile.session.profile_name}\" is already setup. "

View File

@ -26,5 +26,6 @@ tqdm>=4.47
virtualenv>=20.0.26 virtualenv>=20.0.26
werkzeug>=1.0.1 werkzeug>=1.0.1
wheel>=0.34.2 wheel>=0.34.2
git+https://github.com/guardicode/ScoutSuite
pyjwt>=1.5.1 # not directly required, pinned by Snyk to avoid a vulnerability pyjwt>=1.5.1 # not directly required, pinned by Snyk to avoid a vulnerability