forked from p15670423/monkey
island: Apply config filter as per mode
This commit is contained in:
Shreya Malviya
parent
f1a3e1fc25
commit
743619b81b
|
|
@ -1,17 +1,18 @@
|
||||||
import collections
|
import collections
|
||||||
import copy
|
import copy
|
||||||
|
import dpath.util
|
||||||
import functools
|
import functools
|
||||||
import logging
|
import logging
|
||||||
from typing import Dict
|
from typing import Dict, Optional
|
||||||
|
|
||||||
from jsonschema import Draft4Validator, validators
|
from jsonschema import Draft4Validator, validators
|
||||||
|
|
||||||
import monkey_island.cc.environment.environment_singleton as env_singleton
|
import monkey_island.cc.environment.environment_singleton as env_singleton
|
||||||
from monkey.monkey_island.cc.services.config_filters import FILTER_PER_MODE
|
from monkey_island.cc.services.config_filters import FILTER_PER_MODE
|
||||||
from monkey_island.cc.database import mongo
|
from monkey_island.cc.database import mongo
|
||||||
from monkey_island.cc.server_utils.encryptor import get_encryptor
|
from monkey_island.cc.server_utils.encryptor import get_encryptor
|
||||||
from monkey_island.cc.services.config_schema.config_schema import SCHEMA
|
from monkey_island.cc.services.config_schema.config_schema import SCHEMA
|
||||||
from monkey_island.cc.services.mode.island_mode_service import get_mode
|
from monkey_island.cc.services.mode.get_island_mode_service import ModeNotSetError, get_mode
|
||||||
from monkey_island.cc.services.post_breach_files import PostBreachFilesService
|
from monkey_island.cc.services.post_breach_files import PostBreachFilesService
|
||||||
from monkey_island.cc.services.utils.network_utils import local_ip_addresses
|
from monkey_island.cc.services.utils.network_utils import local_ip_addresses
|
||||||
|
|
||||||
|
|
@ -238,23 +239,34 @@ class ConfigService:
|
||||||
def get_default_config(should_encrypt=False):
|
def get_default_config(should_encrypt=False):
|
||||||
ConfigService.init_default_config()
|
ConfigService.init_default_config()
|
||||||
config = copy.deepcopy(ConfigService.default_config)
|
config = copy.deepcopy(ConfigService.default_config)
|
||||||
mode = get_mode()
|
|
||||||
config = ConfigService._set_default_config_values_per_mode(mode, config)
|
|
||||||
if should_encrypt:
|
if should_encrypt:
|
||||||
ConfigService.encrypt_config(config)
|
ConfigService.encrypt_config(config)
|
||||||
|
|
||||||
logger.info("Default config was called")
|
logger.info("Default config was called")
|
||||||
|
|
||||||
return config
|
return config
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def update_config_on_mode_set(mode: str) -> None:
|
||||||
|
config = ConfigService.get_config()
|
||||||
|
ConfigService.update_config_per_mode(mode, config, True)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def update_config_per_mode(mode: str, config: Dict, should_encrypt: bool) -> None:
|
||||||
|
config = ConfigService._set_default_config_values_per_mode(mode, config)
|
||||||
|
ConfigService.update_config(config_json=config, should_encrypt=True)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _set_default_config_values_per_mode(mode: str, config: Dict) -> Dict:
|
def _set_default_config_values_per_mode(mode: str, config: Dict) -> Dict:
|
||||||
if mode == "advanced":
|
|
||||||
return config
|
|
||||||
config_filter = FILTER_PER_MODE[mode]
|
config_filter = FILTER_PER_MODE[mode]
|
||||||
config = ConfigService._apply_config_filter(config, config_filter)
|
config = ConfigService._apply_config_filter(config, config_filter)
|
||||||
|
return config
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _apply_config_filter(config: Dict, config_filter: Dict):
|
def _apply_config_filter(config: Dict, config_filter: Dict):
|
||||||
config.update(config_filter)
|
for path, value in config_filter.items():
|
||||||
|
dpath.util.set(config, path, value, ".")
|
||||||
return config
|
return config
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|
@ -268,7 +280,11 @@ class ConfigService:
|
||||||
PostBreachFilesService.remove_PBA_files()
|
PostBreachFilesService.remove_PBA_files()
|
||||||
config = ConfigService.get_default_config(True)
|
config = ConfigService.get_default_config(True)
|
||||||
ConfigService.set_server_ips_in_config(config)
|
ConfigService.set_server_ips_in_config(config)
|
||||||
ConfigService.update_config(config, should_encrypt=False)
|
try:
|
||||||
|
mode = get_mode()
|
||||||
|
ConfigService.update_config_per_mode(mode, config, should_encrypt=False)
|
||||||
|
except ModeNotSetError:
|
||||||
|
ConfigService.update_config(config, should_encrypt=False)
|
||||||
logger.info("Monkey config reset was called")
|
logger.info("Monkey config reset was called")
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
from monkey_island.cc.services.mode.mode_enum import IslandModeEnum
|
from monkey_island.cc.services.mode.mode_enum import IslandModeEnum
|
||||||
|
|
||||||
FILTER_PER_MODE = {IslandModeEnum.RANSOMWARE.value: {"basic.monkey.post_breach.post_breach_actions": []}}
|
FILTER_PER_MODE = {IslandModeEnum.RANSOMWARE.value: {"monkey.post_breach.post_breach_actions": []}}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue