p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'environment-config-section' into develop

This commit is contained in:
Mike Salvatore 2021-05-13 08:02:55 -04:00
parent f247dd7daa f0bd6e10d3
commit 3205d8344c
17 changed files with 73 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -28,6 +28,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Zerologon exploiter writes runtime artifacts to a secure temporary directory - Zerologon exploiter writes runtime artifacts to a secure temporary directory
instead of $HOME. #1143 instead of $HOME. #1143
- Authentication mechanism to use bcrypt on server side. #1139 - Authentication mechanism to use bcrypt on server side. #1139
- `server_config.json` puts environment config options in a separate section
named "environment". #1161
### Removed ### Removed
- Relevant dead code as reported by Vulture. #1149 - Relevant dead code as reported by Vulture. #1149

1
appimage/build_appimage.sh
View File

@ -166,7 +166,6 @@ copy_monkey_island_to_appdir() {
cp -r "$1"/common "$INSTALL_DIR/" cp -r "$1"/common "$INSTALL_DIR/"
cp -r "$1"/monkey_island "$INSTALL_DIR/" cp -r "$1"/monkey_island "$INSTALL_DIR/"
cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/ cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/
cp ./island_logger_config.json "$INSTALL_DIR"/
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/ cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/
# TODO: This is a workaround that may be able to be removed after PR #848 is # TODO: This is a workaround that may be able to be removed after PR #848 is

9
appimage/run_appimage.sh
View File

@ -3,12 +3,6 @@
PYTHON_CMD="$APPDIR"/opt/python3.7/bin/python3.7 PYTHON_CMD="$APPDIR"/opt/python3.7/bin/python3.7
DOT_MONKEY="$HOME"/.monkey_island/ DOT_MONKEY="$HOME"/.monkey_island/
configure_default_logging() {
if [ ! -f "$DOT_MONKEY"/island_logger_config.json ]; then
cp "$APPDIR"/usr/src/island_logger_config.json "$DOT_MONKEY"
fi
}
configure_default_server() { configure_default_server() {
if [ ! -f "$DOT_MONKEY"/server_config.json ]; then if [ ! -f "$DOT_MONKEY"/server_config.json ]; then
cp "$APPDIR"/usr/src/monkey_island/cc/server_config.json.standard "$DOT_MONKEY"/server_config.json cp "$APPDIR"/usr/src/monkey_island/cc/server_config.json.standard "$DOT_MONKEY"/server_config.json
@ -21,9 +15,8 @@ mkdir --mode=0700 --parents "$DOT_MONKEY"
DB_DIR="$DOT_MONKEY"/db DB_DIR="$DOT_MONKEY"/db
mkdir --parents "$DB_DIR" mkdir --parents "$DB_DIR"
configure_default_logging
configure_default_server configure_default_server
cd "$APPDIR"/usr/src || exit 1 cd "$APPDIR"/usr/src || exit 1
./monkey_island/bin/mongodb/bin/mongod --dbpath "$DB_DIR" & ./monkey_island/bin/mongodb/bin/mongod --dbpath "$DB_DIR" &
${PYTHON_CMD} ./monkey_island.py --server-config "$DOT_MONKEY"/server_config.json --logger-config "$DOT_MONKEY"/island_logger_config.json ${PYTHON_CMD} ./monkey_island.py --server-config "$DOT_MONKEY"/server_config.json

7
appimage/server_config.json.standard
View File

@ -1,5 +1,8 @@
{ {
"data_dir": "~/.monkey_island",
"log_level": "DEBUG",
"environment": {
"server_config": "password", "server_config": "password",
"deployment": "standard", "deployment": "standard"
"data_dir": "~/.monkey_island" }
} }

2
monkey/monkey_island.py
View File

@ -32,4 +32,4 @@ if "__main__" == __name__:
from monkey_island.cc.main import main # noqa: E402 from monkey_island.cc.main import main # noqa: E402
main(island_args.setup_only, island_args.server_config) main(config["data_dir"], island_args.setup_only, island_args.server_config)

18
monkey/monkey_island/cc/environment/environment_config.py
View File

@ -9,7 +9,6 @@ import monkey_island.cc.environment.server_config_generator as server_config_gen
from monkey_island.cc.environment.user_creds import UserCreds from monkey_island.cc.environment.user_creds import UserCreds
from monkey_island.cc.resources.auth.auth_user import User from monkey_island.cc.resources.auth.auth_user import User
from monkey_island.cc.resources.auth.user_store import UserStore from monkey_island.cc.resources.auth.user_store import UserStore
from monkey_island.cc.server_utils.consts import DEFAULT_DATA_DIR
class EnvironmentConfig: class EnvironmentConfig:
@ -19,7 +18,6 @@ class EnvironmentConfig:
self.deployment = None self.deployment = None
self.user_creds = None self.user_creds = None
self.aws = None self.aws = None
self.data_dir = None
self._load_from_file(self._server_config_path) self._load_from_file(self._server_config_path)
@ -35,31 +33,29 @@ class EnvironmentConfig:
def _load_from_json(self, config_json: str) -> EnvironmentConfig: def _load_from_json(self, config_json: str) -> EnvironmentConfig:
data = json.loads(config_json) data = json.loads(config_json)
self._load_from_dict(data) self._load_from_dict(data["environment"])
def _load_from_dict(self, dict_data: Dict): def _load_from_dict(self, dict_data: Dict):
aws = dict_data["aws"] if "aws" in dict_data else None aws = dict_data["aws"] if "aws" in dict_data else None
data_dir = dict_data["data_dir"] if "data_dir" in dict_data else DEFAULT_DATA_DIR
self.server_config = dict_data["server_config"] self.server_config = dict_data["server_config"]
self.deployment = dict_data["deployment"] self.deployment = dict_data["deployment"]
self.user_creds = _get_user_credentials_from_config(dict_data) self.user_creds = _get_user_credentials_from_config(dict_data)
self.aws = aws self.aws = aws
self.data_dir = data_dir
@property
def data_dir_abs_path(self):
return os.path.abspath(os.path.expanduser(os.path.expandvars(self.data_dir)))
def save_to_file(self): def save_to_file(self):
with open(self._server_config_path, "r") as f:
config = json.load(f)
config["environment"] = self.to_dict()
with open(self._server_config_path, "w") as f: with open(self._server_config_path, "w") as f:
f.write(json.dumps(self.to_dict(), indent=2)) f.write(json.dumps(config, indent=2))
def to_dict(self) -> Dict: def to_dict(self) -> Dict:
config_dict = { config_dict = {
"server_config": self.server_config, "server_config": self.server_config,
"deployment": self.deployment, "deployment": self.deployment,
"data_dir": self.data_dir,
} }
if self.aws: if self.aws:
config_dict.update({"aws": self.aws}) config_dict.update({"aws": self.aws})

7
monkey/monkey_island/cc/main.py
View File

@ -34,10 +34,13 @@ from monkey_island.cc.setup import setup # noqa: E402
MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0" MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0"
def main(should_setup_only=False, server_config_filename=DEFAULT_SERVER_CONFIG_PATH): def main(
data_dir,
should_setup_only=False,
server_config_filename=DEFAULT_SERVER_CONFIG_PATH,
):
logger.info("Starting bootloader server") logger.info("Starting bootloader server")
data_dir = env_singleton.env.get_config().data_dir_abs_path
env_singleton.initialize_from_file(server_config_filename) env_singleton.initialize_from_file(server_config_filename)
initialize_encryptor(data_dir) initialize_encryptor(data_dir)
initialize_services(data_dir) initialize_services(data_dir)

6
monkey/monkey_island/cc/server_config.json.develop
View File

@ -1,5 +1,7 @@
{ {
"log_level": "DEBUG",
"environment": {
"server_config": "password", "server_config": "password",
"deployment": "develop", "deployment": "develop"
"log_level": "DEBUG" }
} }

10
monkey/tests/conftest.py
View File

@ -38,16 +38,6 @@ def standard_with_credentials(environment_resources_dir):
return os.path.join(environment_resources_dir, "server_config_standard_with_credentials.json") return os.path.join(environment_resources_dir, "server_config_standard_with_credentials.json")
@pytest.fixture(scope="session")
def with_data_dir(environment_resources_dir):
return os.path.join(environment_resources_dir, "server_config_with_data_dir.json")
@pytest.fixture(scope="session")
def with_data_dir_home(environment_resources_dir):
return os.path.join(environment_resources_dir, "server_config_with_data_dir_home.json")
@pytest.fixture(scope="session") @pytest.fixture(scope="session")
def server_config_resources_dir(resources_dir): def server_config_resources_dir(resources_dir):
return os.path.join(resources_dir, "server_configs") return os.path.join(resources_dir, "server_configs")

62
monkey/tests/monkey_island/cc/environment/test_environment_config.py
View File

@ -6,7 +6,6 @@ import pytest
from monkey_island.cc.environment.environment_config import EnvironmentConfig from monkey_island.cc.environment.environment_config import EnvironmentConfig
from monkey_island.cc.environment.user_creds import UserCreds from monkey_island.cc.environment.user_creds import UserCreds
from monkey_island.cc.server_utils.consts import DEFAULT_DATA_DIR
@pytest.fixture @pytest.fixture
@ -17,31 +16,28 @@ def config_file(tmpdir):
def test_get_with_credentials(with_credentials): def test_get_with_credentials(with_credentials):
config_dict = EnvironmentConfig(with_credentials).to_dict() config_dict = EnvironmentConfig(with_credentials).to_dict()
assert len(config_dict.keys()) == 5 assert len(config_dict.keys()) == 4
assert config_dict["server_config"] == "password" assert config_dict["server_config"] == "password"
assert config_dict["deployment"] == "develop" assert config_dict["deployment"] == "develop"
assert config_dict["user"] == "test" assert config_dict["user"] == "test"
assert config_dict["password_hash"] == "abcdef" assert config_dict["password_hash"] == "abcdef"
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
def test_get_with_no_credentials(no_credentials): def test_get_with_no_credentials(no_credentials):
config_dict = EnvironmentConfig(no_credentials).to_dict() config_dict = EnvironmentConfig(no_credentials).to_dict()
assert len(config_dict.keys()) == 3 assert len(config_dict.keys()) == 2
assert config_dict["server_config"] == "password" assert config_dict["server_config"] == "password"
assert config_dict["deployment"] == "develop" assert config_dict["deployment"] == "develop"
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
def test_get_with_partial_credentials(partial_credentials): def test_get_with_partial_credentials(partial_credentials):
config_dict = EnvironmentConfig(partial_credentials).to_dict() config_dict = EnvironmentConfig(partial_credentials).to_dict()
assert len(config_dict.keys()) == 4 assert len(config_dict.keys()) == 3
assert config_dict["server_config"] == "password" assert config_dict["server_config"] == "password"
assert config_dict["deployment"] == "develop" assert config_dict["deployment"] == "develop"
assert config_dict["user"] == "test" assert config_dict["user"] == "test"
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
def test_save_to_file(config_file, standard_with_credentials): def test_save_to_file(config_file, standard_with_credentials):
@ -54,13 +50,28 @@ def test_save_to_file(config_file, standard_with_credentials):
with open(config_file, "r") as f: with open(config_file, "r") as f:
from_file = json.load(f) from_file = json.load(f)
assert len(from_file.keys()) == 6 assert len(from_file.keys()) == 2
assert from_file["server_config"] == "standard" assert len(from_file["environment"].keys()) == 5
assert from_file["deployment"] == "develop" assert from_file["environment"]["server_config"] == "standard"
assert from_file["user"] == "test" assert from_file["environment"]["deployment"] == "develop"
assert from_file["password_hash"] == "abcdef" assert from_file["environment"]["user"] == "test"
assert from_file["aws"] == "test_aws" assert from_file["environment"]["password_hash"] == "abcdef"
assert from_file["data_dir"] == DEFAULT_DATA_DIR assert from_file["environment"]["aws"] == "test_aws"
def test_save_to_file_preserve_log_level(config_file, standard_with_credentials):
shutil.copyfile(standard_with_credentials, config_file)
environment_config = EnvironmentConfig(config_file)
environment_config.aws = "test_aws"
environment_config.save_to_file()
with open(config_file, "r") as f:
from_file = json.load(f)
assert len(from_file.keys()) == 2
assert "log_level" in from_file
assert from_file["log_level"] == "NOTICE"
def test_add_user(config_file, standard_with_credentials): def test_add_user(config_file, standard_with_credentials):
@ -76,9 +87,9 @@ def test_add_user(config_file, standard_with_credentials):
with open(config_file, "r") as f: with open(config_file, "r") as f:
from_file = json.load(f) from_file = json.load(f)
assert len(from_file.keys()) == 5 assert len(from_file["environment"].keys()) == 4
assert from_file["user"] == new_user assert from_file["environment"]["user"] == new_user
assert from_file["password_hash"] == new_password_hash assert from_file["environment"]["password_hash"] == new_password_hash
def test_get_users(standard_with_credentials): def test_get_users(standard_with_credentials):
@ -101,20 +112,3 @@ def test_generate_default_file(config_file):
assert environment_config.user_creds.username == "" assert environment_config.user_creds.username == ""
assert environment_config.user_creds.password_hash == "" assert environment_config.user_creds.password_hash == ""
assert environment_config.aws is None assert environment_config.aws is None
assert environment_config.data_dir == DEFAULT_DATA_DIR
def test_data_dir(with_data_dir):
environment_config = EnvironmentConfig(with_data_dir)
assert environment_config.data_dir == "/test/data/dir"
def set_home_env(monkeypatch, tmpdir):
monkeypatch.setenv("HOME", str(tmpdir))
def test_data_dir_abs_path_from_file(monkeypatch, tmpdir, with_data_dir_home):
set_home_env(monkeypatch, tmpdir)
config = EnvironmentConfig(with_data_dir_home)
assert config.data_dir_abs_path == os.path.join(tmpdir, "data_dir")

2
monkey/tests/resources/environment/server_config_no_credentials.json
View File

@ -1,4 +1,6 @@
{ {
"environment" : {
"server_config": "password", "server_config": "password",
"deployment": "develop" "deployment": "develop"
} }
}

2
monkey/tests/resources/environment/server_config_partial_credentials.json
View File

@ -1,5 +1,7 @@
{ {
"environment" : {
"server_config": "password", "server_config": "password",
"deployment": "develop", "deployment": "develop",
"user": "test" "user": "test"
} }
}

2
monkey/tests/resources/environment/server_config_standard_env.json
View File

@ -1,4 +1,6 @@
{ {
"environment" : {
"server_config": "standard", "server_config": "standard",
"deployment": "develop" "deployment": "develop"
} }
}

3
monkey/tests/resources/environment/server_config_standard_with_credentials.json
View File

@ -1,6 +1,9 @@
{ {
"log_level": "NOTICE",
"environment" : {
"server_config": "standard", "server_config": "standard",
"deployment": "develop", "deployment": "develop",
"user": "test", "user": "test",
"password_hash": "abcdef" "password_hash": "abcdef"
} }
}

2
monkey/tests/resources/environment/server_config_with_credentials.json
View File

@ -1,6 +1,8 @@
{ {
"environment" : {
"server_config": "password", "server_config": "password",
"deployment": "develop", "deployment": "develop",
"user": "test", "user": "test",
"password_hash": "abcdef" "password_hash": "abcdef"
} }
}

7
monkey/tests/resources/environment/server_config_with_data_dir.json
View File

@ -1,7 +0,0 @@
{
"server_config": "password",
"deployment": "develop",
"user": "test",
"password_hash": "abcdef",
"data_dir": "/test/data/dir"
}

7
monkey/tests/resources/environment/server_config_with_data_dir_home.json
View File

@ -1,7 +0,0 @@
{
"server_config": "password",
"deployment": "develop",
"user": "test",
"password_hash": "abcdef",
"data_dir": "~/data_dir"
}