From 5cee9443ff97ff45b963f8a902cca5329d9a69d9 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Tue, 24 Aug 2021 15:11:22 +0200 Subject: [PATCH] Zoo: Remove GCPHandler class. Powershell-3-47 renamed to Powershell-3-46. Powershell-45 moved to different zone --- .../blackbox/config_templates/performance.py | 3 - .../blackbox/config_templates/powershell.py | 4 +- .../blackbox/gcp_test_machine_list.py | 5 +- .../blackbox/start_all_gcp_machines.py | 6 +- .../blackbox/stop_all_gcp_machines.py | 6 +- envs/monkey_zoo/blackbox/test_blackbox.py | 12 +- .../blackbox/utils/gcp_machine_handlers.py | 116 +++++++++--------- envs/monkey_zoo/terraform/images.tf | 8 +- envs/monkey_zoo/terraform/monkey_zoo.tf | 16 +-- vulture_allowlist.py | 1 + 10 files changed, 88 insertions(+), 89 deletions(-) diff --git a/envs/monkey_zoo/blackbox/config_templates/performance.py b/envs/monkey_zoo/blackbox/config_templates/performance.py index b5b3e0655..2662642e6 100644 --- a/envs/monkey_zoo/blackbox/config_templates/performance.py +++ b/envs/monkey_zoo/blackbox/config_templates/performance.py @@ -10,7 +10,6 @@ class Performance(ConfigTemplate): "3Q=(Ge(+&w]*", "`))jU7L(w}", "t67TC5ZDmz", - "Passw0rd!", ], "basic.credentials.exploit_user_list": ["m0nk3y"], "basic.exploiters.exploiter_classes": [ @@ -60,7 +59,5 @@ class Performance(ConfigTemplate): "10.2.2.23", "10.2.2.24", "10.2.2.25", - "10.2.2.45", - "10.2.3.47", ], } diff --git a/envs/monkey_zoo/blackbox/config_templates/powershell.py b/envs/monkey_zoo/blackbox/config_templates/powershell.py index 76db9e248..e6d2467ab 100644 --- a/envs/monkey_zoo/blackbox/config_templates/powershell.py +++ b/envs/monkey_zoo/blackbox/config_templates/powershell.py @@ -10,8 +10,8 @@ class PowerShell(ConfigTemplate): config_values.update( { "basic.exploiters.exploiter_classes": ["PowerShellExploiter"], - "basic_network.scope.subnet_scan_list": ["10.2.2.45", "10.2.3.47"], - "basic.credentials.exploit_password_list": ["Passw0rd!", ""], + "basic_network.scope.subnet_scan_list": ["10.2.3.45", "10.2.3.46"], + "basic.credentials.exploit_password_list": ["Passw0rd!"], "basic_network.scope.depth": 2, "basic.credentials.exploit_user_list": ["m0nk3y", "m0nk3y-user"], "internal.classes.finger_classes": ["PingScanner"], diff --git a/envs/monkey_zoo/blackbox/gcp_test_machine_list.py b/envs/monkey_zoo/blackbox/gcp_test_machine_list.py index 852d2fb25..52efeb670 100644 --- a/envs/monkey_zoo/blackbox/gcp_test_machine_list.py +++ b/envs/monkey_zoo/blackbox/gcp_test_machine_list.py @@ -7,7 +7,7 @@ GCP_TEST_MACHINE_LIST = { "hadoop-2", "hadoop-3", "mssql-16", - "powershell-45", + "powershell-3-45", "mimikatz-14", "mimikatz-15", "struts2-23", @@ -23,6 +23,7 @@ GCP_TEST_MACHINE_LIST = { "drupal-28", ], "europe-west1-b": [ - "powershell-3-47", + "powershell-3-45", + "powershell-3-46", ], } diff --git a/envs/monkey_zoo/blackbox/start_all_gcp_machines.py b/envs/monkey_zoo/blackbox/start_all_gcp_machines.py index 9cab68d97..c5e83671c 100755 --- a/envs/monkey_zoo/blackbox/start_all_gcp_machines.py +++ b/envs/monkey_zoo/blackbox/start_all_gcp_machines.py @@ -1,7 +1,7 @@ #!/usr/bin/env python3 from gcp_test_machine_list import GCP_TEST_MACHINE_LIST -from utils.gcp_machine_handlers import GCPHandler +from utils.gcp_machine_handlers import initialize_gcp_client, start_machines -gcp_handler = GCPHandler() -gcp_handler.start_machines(GCP_TEST_MACHINE_LIST) +initialize_gcp_client() +start_machines(GCP_TEST_MACHINE_LIST) diff --git a/envs/monkey_zoo/blackbox/stop_all_gcp_machines.py b/envs/monkey_zoo/blackbox/stop_all_gcp_machines.py index 7272df30b..d5a489a52 100755 --- a/envs/monkey_zoo/blackbox/stop_all_gcp_machines.py +++ b/envs/monkey_zoo/blackbox/stop_all_gcp_machines.py @@ -1,7 +1,7 @@ #!/usr/bin/env python3 from gcp_test_machine_list import GCP_TEST_MACHINE_LIST -from utils.gcp_machine_handlers import GCPHandler +from utils.gcp_machine_handlers import initialize_gcp_client, stop_machines -gcp_handler = GCPHandler() -gcp_handler.stop_machines(GCP_TEST_MACHINE_LIST) +initialize_gcp_client() +stop_machines(GCP_TEST_MACHINE_LIST) diff --git a/envs/monkey_zoo/blackbox/test_blackbox.py b/envs/monkey_zoo/blackbox/test_blackbox.py index aa6544e6c..221d783f6 100644 --- a/envs/monkey_zoo/blackbox/test_blackbox.py +++ b/envs/monkey_zoo/blackbox/test_blackbox.py @@ -40,7 +40,11 @@ from envs.monkey_zoo.blackbox.tests.performance.report_generation_from_telemetri from envs.monkey_zoo.blackbox.tests.performance.telemetry_performance_test import ( TelemetryPerformanceTest, ) -from envs.monkey_zoo.blackbox.utils import gcp_machine_handlers +from envs.monkey_zoo.blackbox.utils.gcp_machine_handlers import ( + initialize_gcp_client, + start_machines, + stop_machines, +) from monkey_island.cc.services.mode.mode_enum import IslandModeEnum DEFAULT_TIMEOUT_SECONDS = 5 * 60 @@ -54,15 +58,15 @@ LOGGER = logging.getLogger(__name__) def GCPHandler(request, no_gcp): if not no_gcp: try: - GCPHandler = gcp_machine_handlers.GCPHandler() - GCPHandler.start_machines(GCP_TEST_MACHINE_LIST) + initialize_gcp_client() + start_machines(GCP_TEST_MACHINE_LIST) except Exception as e: LOGGER.error("GCP Handler failed to initialize: %s." % e) pytest.exit("Encountered an error while starting GCP machines. Stopping the tests.") wait_machine_bootup() def fin(): - GCPHandler.stop_machines(GCP_TEST_MACHINE_LIST) + stop_machines(GCP_TEST_MACHINE_LIST) request.addfinalizer(fin) diff --git a/envs/monkey_zoo/blackbox/utils/gcp_machine_handlers.py b/envs/monkey_zoo/blackbox/utils/gcp_machine_handlers.py index 38fc7125c..26b4b18a5 100644 --- a/envs/monkey_zoo/blackbox/utils/gcp_machine_handlers.py +++ b/envs/monkey_zoo/blackbox/utils/gcp_machine_handlers.py @@ -4,75 +4,71 @@ import subprocess LOGGER = logging.getLogger(__name__) +AUTHENTICATION_COMMAND = "gcloud auth activate-service-account --key-file=%s" +SET_PROPERTY_PROJECT = "gcloud config set project %s" +MACHINE_STARTING_COMMAND = "gcloud compute instances start %s --zone=%s" +MACHINE_STOPPING_COMMAND = "gcloud compute instances stop %s --zone=%s" -class GCPHandler(object): - AUTHENTICATION_COMMAND = "gcloud auth activate-service-account --key-file=%s" - SET_PROPERTY_PROJECT = "gcloud config set project %s" - MACHINE_STARTING_COMMAND = "gcloud compute instances start %s --zone=%s" - MACHINE_STOPPING_COMMAND = "gcloud compute instances stop %s --zone=%s" +# Key path location relative to this file's directory +RELATIVE_KEY_PATH = "../../gcp_keys/gcp_key.json" +DEFAULT_PROJECT = "guardicore-22050661" - # Key path location relative to this file's directory - RELATIVE_KEY_PATH = "../../gcp_keys/gcp_key.json" - DEFAULT_PROJECT = "guardicore-22050661" - def __init__( - self, - project_id=DEFAULT_PROJECT, - ): - abs_key_path = GCPHandler.get_absolute_key_path() +def initialize_gcp_client(): + abs_key_path = get_absolute_key_path() - subprocess.call(GCPHandler.get_auth_command(abs_key_path), shell=True) # noqa: DUO116 - LOGGER.info("GCP Handler passed key") + subprocess.call(get_auth_command(abs_key_path), shell=True) # noqa: DUO116 + LOGGER.info("GCP Handler passed key") - subprocess.call(GCPHandler.get_set_project_command(project_id), shell=True) # noqa: DUO116 - LOGGER.info("GCP Handler set project") - LOGGER.info("GCP Handler initialized successfully") + subprocess.call(get_set_project_command(DEFAULT_PROJECT), shell=True) # noqa: DUO116 + LOGGER.info("GCP Handler set project") + LOGGER.info("GCP Handler initialized successfully") - @staticmethod - def get_absolute_key_path() -> str: - file_dir = os.path.dirname(os.path.realpath(__file__)) - absolute_key_path = os.path.join(file_dir, GCPHandler.RELATIVE_KEY_PATH) - absolute_key_path = os.path.realpath(absolute_key_path) - if not os.path.isfile(absolute_key_path): - raise FileNotFoundError( - "GCP key not found. " "Add a service key to envs/monkey_zoo/gcp_keys/gcp_key.json" +def get_absolute_key_path() -> str: + file_dir = os.path.dirname(os.path.realpath(__file__)) + absolute_key_path = os.path.join(file_dir, RELATIVE_KEY_PATH) + absolute_key_path = os.path.realpath(absolute_key_path) + + if not os.path.isfile(absolute_key_path): + raise FileNotFoundError( + "GCP key not found. " "Add a service key to envs/monkey_zoo/gcp_keys/gcp_key.json" + ) + return absolute_key_path + + +def start_machines(machine_list): + """ + Start all the machines in the list. + :param machine_list: A dictionary with zone and machines per zone. + """ + LOGGER.info("Setting up all GCP machines...") + try: + for zone in machine_list: + subprocess.call( # noqa: DUO116 + (MACHINE_STARTING_COMMAND % (" ".join(machine_list[zone]), zone)), + shell=True, ) - return absolute_key_path + LOGGER.info("GCP machines successfully started.") + except Exception as e: + LOGGER.error("GCP Handler failed to start GCP machines: %s" % e) - @staticmethod - def start_machines(machine_list): - """ - Start all the machines in the list. - :param machine_list: A dictionary with zone and machines per zone. - """ - LOGGER.info("Setting up all GCP machines...") - try: - for zone in machine_list: - subprocess.call( # noqa: DUO116 - (GCPHandler.MACHINE_STARTING_COMMAND % (" ".join(machine_list[zone]), zone)), - shell=True, - ) - LOGGER.info("GCP machines successfully started.") - except Exception as e: - LOGGER.error("GCP Handler failed to start GCP machines: %s" % e) - @staticmethod - def stop_machines(machine_list): - try: - for zone in machine_list: - subprocess.call( # noqa: DUO116 - (GCPHandler.MACHINE_STOPPING_COMMAND % (" ".join(machine_list[zone]), zone)), - shell=True, - ) - LOGGER.info("GCP machines stopped successfully.") - except Exception as e: - LOGGER.error("GCP Handler failed to stop network machines: %s" % e) +def stop_machines(machine_list): + try: + for zone in machine_list: + subprocess.call( # noqa: DUO116 + (MACHINE_STOPPING_COMMAND % (" ".join(machine_list[zone]), zone)), + shell=True, + ) + LOGGER.info("GCP machines stopped successfully.") + except Exception as e: + LOGGER.error("GCP Handler failed to stop network machines: %s" % e) - @staticmethod - def get_auth_command(key_path): - return GCPHandler.AUTHENTICATION_COMMAND % key_path - @staticmethod - def get_set_project_command(project): - return GCPHandler.SET_PROPERTY_PROJECT % project +def get_auth_command(key_path): + return AUTHENTICATION_COMMAND % key_path + + +def get_set_project_command(project): + return SET_PROPERTY_PROJECT % project diff --git a/envs/monkey_zoo/terraform/images.tf b/envs/monkey_zoo/terraform/images.tf index 3c4783389..3f293736d 100644 --- a/envs/monkey_zoo/terraform/images.tf +++ b/envs/monkey_zoo/terraform/images.tf @@ -57,12 +57,12 @@ data "google_compute_image" "mssql-16" { name = "mssql-16" project = local.monkeyzoo_project } -data "google_compute_image" "powershell-3-47" { - name = "powershell-3-47" +data "google_compute_image" "powershell-3-46" { + name = "powershell-3-46" project = local.monkeyzoo_project } -data "google_compute_image" "powershell-45" { - name = "powershell-45" +data "google_compute_image" "powershell-3-45" { + name = "powershell-3-45" project = local.monkeyzoo_project } data "google_compute_image" "weblogic-18" { diff --git a/envs/monkey_zoo/terraform/monkey_zoo.tf b/envs/monkey_zoo/terraform/monkey_zoo.tf index a3411c608..241828557 100644 --- a/envs/monkey_zoo/terraform/monkey_zoo.tf +++ b/envs/monkey_zoo/terraform/monkey_zoo.tf @@ -313,33 +313,33 @@ resource "google_compute_instance_from_template" "mssql-16" { } } -resource "google_compute_instance_from_template" "powershell-3-47" { - name = "${local.resource_prefix}powershell-3-47" +resource "google_compute_instance_from_template" "powershell-3-46" { + name = "${local.resource_prefix}powershell-3-46" source_instance_template = local.default_windows boot_disk{ initialize_params { - image = data.google_compute_image.powershell-3-47.self_link + image = data.google_compute_image.powershell-3-46.self_link } auto_delete = true } network_interface { subnetwork="${local.resource_prefix}monkeyzoo-main-1" - network_ip="10.2.3.47" + network_ip="10.2.3.46" } } -resource "google_compute_instance_from_template" "powershell-45" { - name = "${local.resource_prefix}powershell-45" +resource "google_compute_instance_from_template" "powershell-3-45" { + name = "${local.resource_prefix}powershell-3-45" source_instance_template = local.default_windows boot_disk{ initialize_params { - image = data.google_compute_image.powershell-45.self_link + image = data.google_compute_image.powershell-3-45.self_link } auto_delete = true } network_interface { subnetwork="${local.resource_prefix}monkeyzoo-main" - network_ip="10.2.2.45" + network_ip="10.2.3.45" } } diff --git a/vulture_allowlist.py b/vulture_allowlist.py index b39d61dd8..e1454d876 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -196,3 +196,4 @@ environment # unused variable (monkey/monkey_island/cc/models/monkey.py:59) _.environment # unused attribute (monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/environment.py:10) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:35) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:64) +GCPHandler # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:57)