forked from p15670423/monkey
UI: Remove Scoutsuite option from Run Monkey page
This commit is contained in:
parent
c2c609aa3a
commit
c357ee410e
|
@ -8,7 +8,6 @@ import {cloneDeep} from 'lodash';
|
||||||
import {faCloud, faExpandArrowsAlt} from '@fortawesome/free-solid-svg-icons';
|
import {faCloud, faExpandArrowsAlt} from '@fortawesome/free-solid-svg-icons';
|
||||||
import RunOnIslandButton from './RunOnIslandButton';
|
import RunOnIslandButton from './RunOnIslandButton';
|
||||||
import AWSRunButton from './RunOnAWS/AWSRunButton';
|
import AWSRunButton from './RunOnAWS/AWSRunButton';
|
||||||
import CloudOptions from './scoutsuite-setup/CloudOptions';
|
|
||||||
|
|
||||||
const CONFIG_URL = '/api/configuration/island';
|
const CONFIG_URL = '/api/configuration/island';
|
||||||
|
|
||||||
|
@ -56,6 +55,7 @@ function RunOptions(props) {
|
||||||
return InlineSelection(defaultContents, newProps);
|
return InlineSelection(defaultContents, newProps);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO: Change function name
|
||||||
function shouldShowScoutsuite(islandMode){
|
function shouldShowScoutsuite(islandMode){
|
||||||
return islandMode !== 'ransomware';
|
return islandMode !== 'ransomware';
|
||||||
}
|
}
|
||||||
|
@ -74,14 +74,6 @@ function RunOptions(props) {
|
||||||
{ips: ips, setComponent: setComponent})
|
{ips: ips, setComponent: setComponent})
|
||||||
}}/>
|
}}/>
|
||||||
{shouldShowScoutsuite(props.islandMode) && <AWSRunButton setComponent={setComponent}/> }
|
{shouldShowScoutsuite(props.islandMode) && <AWSRunButton setComponent={setComponent}/> }
|
||||||
{shouldShowScoutsuite(props.islandMode) && <NextSelectionButton title={'Cloud security scan'}
|
|
||||||
description={'Explains how to enable cloud security scan.'}
|
|
||||||
icon={faCloud}
|
|
||||||
onButtonClick={() => {
|
|
||||||
setComponent(CloudOptions,
|
|
||||||
{ips: ips, setComponent: setComponent})
|
|
||||||
}}/>
|
|
||||||
}
|
|
||||||
</>
|
</>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,63 +0,0 @@
|
||||||
import {Button} from 'react-bootstrap';
|
|
||||||
import React from 'react';
|
|
||||||
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
|
|
||||||
import {COLUMN_SIZES} from '../../../../ui-components/inline-selection/utils';
|
|
||||||
import '../../../../../styles/components/scoutsuite/AWSSetup.scss';
|
|
||||||
import AWSSetupOptions from './AWSSetupOptions';
|
|
||||||
|
|
||||||
|
|
||||||
export default function AWSCLISetup(props) {
|
|
||||||
return InlineSelection(getContents, {
|
|
||||||
...props,
|
|
||||||
collumnSize: COLUMN_SIZES.LARGE,
|
|
||||||
onBackButtonClick: () => {
|
|
||||||
props.setComponent(AWSSetupOptions, props);
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
const getContents = (props) => {
|
|
||||||
return (
|
|
||||||
<div className={'aws-scoutsuite-configuration'}>
|
|
||||||
<h2>AWS CLI configuration for scan</h2>
|
|
||||||
<p>To assess your AWS infrastructure's security do the following:</p>
|
|
||||||
<ol>
|
|
||||||
<li>
|
|
||||||
1. Configure AWS CLI on Monkey Island Server (if you already have a configured CLI you can skip this step).
|
|
||||||
<ol className={'nested-ol'}>
|
|
||||||
<li>
|
|
||||||
a. Download <Button href={'https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html'}
|
|
||||||
target={'_blank'} variant={'link'}>AWS CLI</Button> and
|
|
||||||
install it on the Monkey Island server (machine running this page).
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
b. Run <code>aws configure</code>. It's important to configure credentials as it
|
|
||||||
allows ScoutSuite to get information about your cloud configuration. The simplest way to do so is to
|
|
||||||
provide
|
|
||||||
<Button
|
|
||||||
href={'https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html#cli-configure-quickstart-creds'}
|
|
||||||
variant={'link'}
|
|
||||||
className={'cli-link'}
|
|
||||||
target={'_blank'}>
|
|
||||||
Access key ID and secret access key
|
|
||||||
</Button>.
|
|
||||||
</li>
|
|
||||||
</ol>
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
2. If you change the configuration, make sure not to disable AWS system info collector.
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
3. Go <Button onClick={() => props.setComponent()}
|
|
||||||
variant={'link'}
|
|
||||||
className={'cli-link'}>back</Button>
|
|
||||||
and run Monkey on the Island server.
|
|
||||||
</li>
|
|
||||||
<li>
|
|
||||||
4. Assess results in Zero Trust report.
|
|
||||||
</li>
|
|
||||||
</ol>
|
|
||||||
</div>
|
|
||||||
);
|
|
||||||
}
|
|
|
@ -1,179 +0,0 @@
|
||||||
import React, {useEffect, useState} from 'react';
|
|
||||||
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
|
|
||||||
import {COLUMN_SIZES} from '../../../../ui-components/inline-selection/utils';
|
|
||||||
import AWSSetupOptions from './AWSSetupOptions';
|
|
||||||
import {Button, Col, Form, Row} from 'react-bootstrap';
|
|
||||||
import AuthComponent from '../../../../AuthComponent';
|
|
||||||
import '../../../../../styles/components/scoutsuite/AWSSetup.scss';
|
|
||||||
import {PROVIDERS} from '../ProvidersEnum';
|
|
||||||
import classNames from 'classnames';
|
|
||||||
import {FontAwesomeIcon} from '@fortawesome/react-fontawesome';
|
|
||||||
import {faChevronDown} from '@fortawesome/free-solid-svg-icons/faChevronDown';
|
|
||||||
import {faChevronUp} from '@fortawesome/free-solid-svg-icons/faChevronUp';
|
|
||||||
import {faQuestion} from '@fortawesome/free-solid-svg-icons';
|
|
||||||
import Collapse from '@kunukn/react-collapse/dist/Collapse.umd';
|
|
||||||
import keySetupForAnyUserImage from '../../../../../images/aws_keys_tutorial-any-user.png';
|
|
||||||
import keySetupForCurrentUserImage from '../../../../../images/aws_keys_tutorial-current-user.png';
|
|
||||||
import ImageModal from '../../../../ui-components/ImageModal';
|
|
||||||
|
|
||||||
|
|
||||||
export default function AWSCLISetup(props) {
|
|
||||||
return InlineSelection(getContents, {
|
|
||||||
...props,
|
|
||||||
collumnSize: COLUMN_SIZES.LARGE,
|
|
||||||
onBackButtonClick: () => {
|
|
||||||
props.setComponent(AWSSetupOptions, props);
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
const authComponent = new AuthComponent({})
|
|
||||||
|
|
||||||
const getContents = (props) => {
|
|
||||||
|
|
||||||
const [accessKeyId, setAccessKeyId] = useState('');
|
|
||||||
const [secretAccessKey, setSecretAccessKey] = useState('');
|
|
||||||
const [sessionToken, setSessionToken] = useState('');
|
|
||||||
const [errorMessage, setErrorMessage] = useState('');
|
|
||||||
const [successMessage, setSuccessMessage] = useState('');
|
|
||||||
const [docCollapseOpen, setDocCollapseOpen] = useState(false);
|
|
||||||
|
|
||||||
function submitKeys(event) {
|
|
||||||
event.preventDefault();
|
|
||||||
setSuccessMessage('');
|
|
||||||
setErrorMessage('');
|
|
||||||
authComponent.authFetch(
|
|
||||||
'/api/scoutsuite_auth/' + PROVIDERS.AWS,
|
|
||||||
{
|
|
||||||
'method': 'POST',
|
|
||||||
'body': JSON.stringify({
|
|
||||||
'accessKeyId': accessKeyId,
|
|
||||||
'secretAccessKey': secretAccessKey,
|
|
||||||
'sessionToken': sessionToken
|
|
||||||
})
|
|
||||||
})
|
|
||||||
.then(res => res.json())
|
|
||||||
.then(res => {
|
|
||||||
if (res['error_msg'] === '') {
|
|
||||||
setSuccessMessage('AWS keys saved!');
|
|
||||||
} else if (res['message'] === 'Internal Server Error') {
|
|
||||||
setErrorMessage('Something went wrong, double check keys and contact support if problem persists.');
|
|
||||||
} else {
|
|
||||||
setErrorMessage(res['error_msg']);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}
|
|
||||||
|
|
||||||
useEffect(() => {
|
|
||||||
authComponent.authFetch('/api/aws_keys')
|
|
||||||
.then(res => res.json())
|
|
||||||
.then(res => {
|
|
||||||
setAccessKeyId(res['access_key_id']);
|
|
||||||
setSecretAccessKey(res['secret_access_key']);
|
|
||||||
setSessionToken(res['session_token']);
|
|
||||||
});
|
|
||||||
}, [props]);
|
|
||||||
|
|
||||||
|
|
||||||
// TODO separate into standalone component
|
|
||||||
function getKeyCreationDocsContent() {
|
|
||||||
return (
|
|
||||||
<div className={'key-creation-tutorial'}>
|
|
||||||
<h5>Tips</h5>
|
|
||||||
<p>Consider creating a new user account just for this activity. Assign only <b>ReadOnlyAccess</b> and
|
|
||||||
<b>SecurityAudit</b> policies.</p>
|
|
||||||
|
|
||||||
<h5>Keys for custom user</h5>
|
|
||||||
<p>1. Open the IAM console at <a href={'https://console.aws.amazon.com/iam/'}
|
|
||||||
target={'_blank'}
|
|
||||||
rel="noopener noreferrer">https://console.aws.amazon.com/iam/</a>.</p>
|
|
||||||
<p>2. In the navigation pane, choose Users.</p>
|
|
||||||
<p>3. Choose the name of the user whose access keys you want to create, and then choose the Security credentials
|
|
||||||
tab.</p>
|
|
||||||
<p>4. In the Access keys section, choose Create Access key.</p>
|
|
||||||
<p>To view the new access key pair, choose Show. Your credentials will look something like this:</p>
|
|
||||||
<p>Access key ID: AKIAIOSFODNN7EXAMPLE</p>
|
|
||||||
<p>Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</p>
|
|
||||||
<Row>
|
|
||||||
<Col lg={3} md={3} sm={5} xs={12}>
|
|
||||||
<ImageModal image={keySetupForAnyUserImage}/>
|
|
||||||
</Col>
|
|
||||||
</Row>
|
|
||||||
|
|
||||||
<h5>Keys for current user</h5>
|
|
||||||
<p>1. Click on your username in the upper right corner.</p>
|
|
||||||
<p>2. Click on "My security credentials".</p>
|
|
||||||
<p>3. In the Access keys section, choose Create Access key.</p>
|
|
||||||
<p>To view the new Access key pair, choose Show. Your credentials will look something like this:</p>
|
|
||||||
<p>Access key ID: AKIAIOSFODNN7EXAMPLE</p>
|
|
||||||
<p>Secret access key: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY</p>
|
|
||||||
<Row>
|
|
||||||
<Col lg={3} md={3} sm={5} xs={12}>
|
|
||||||
<ImageModal image={keySetupForCurrentUserImage}/>
|
|
||||||
</Col>
|
|
||||||
</Row>
|
|
||||||
</div>);
|
|
||||||
}
|
|
||||||
|
|
||||||
function getKeyCreationDocs() {
|
|
||||||
return (
|
|
||||||
<div className={classNames('collapse-item', {'item--active': docCollapseOpen})}>
|
|
||||||
<button className={'btn-collapse'}
|
|
||||||
onClick={() => setDocCollapseOpen(!docCollapseOpen)}>
|
|
||||||
<span>
|
|
||||||
<FontAwesomeIcon icon={faQuestion} className={'question-icon'}/>
|
|
||||||
<p>How to generate keys</p>
|
|
||||||
</span>
|
|
||||||
<span>
|
|
||||||
<FontAwesomeIcon icon={docCollapseOpen ? faChevronDown : faChevronUp}/>
|
|
||||||
</span>
|
|
||||||
</button>
|
|
||||||
<Collapse
|
|
||||||
className='collapse-comp'
|
|
||||||
isOpen={docCollapseOpen}
|
|
||||||
render={getKeyCreationDocsContent}/>
|
|
||||||
</div>);
|
|
||||||
}
|
|
||||||
|
|
||||||
return (
|
|
||||||
<div className={'aws-scoutsuite-key-configuration'}>
|
|
||||||
{getKeyCreationDocs()}
|
|
||||||
<Form className={'auth-form'} onSubmit={submitKeys}>
|
|
||||||
<Form.Control onChange={evt => setAccessKeyId(evt.target.value)}
|
|
||||||
type='text'
|
|
||||||
placeholder='Access key ID'
|
|
||||||
value={accessKeyId}/>
|
|
||||||
<Form.Control onChange={evt => setSecretAccessKey(evt.target.value)}
|
|
||||||
type='password'
|
|
||||||
placeholder='Secret access key'
|
|
||||||
value={secretAccessKey}/>
|
|
||||||
<Form.Control onChange={evt => setSessionToken(evt.target.value)}
|
|
||||||
type='text'
|
|
||||||
placeholder='Session token (optional, only for temp. keys)'
|
|
||||||
value={sessionToken}/>
|
|
||||||
{
|
|
||||||
errorMessage ?
|
|
||||||
<div className="alert alert-danger" role="alert">{errorMessage}</div>
|
|
||||||
:
|
|
||||||
''
|
|
||||||
}
|
|
||||||
{
|
|
||||||
successMessage ?
|
|
||||||
<div className="alert alert-success" role="alert">{successMessage}
|
|
||||||
Go back and
|
|
||||||
<Button variant={'link'} onClick={() => props.setComponent()} className={'link-in-success-message'}>
|
|
||||||
run Monkey from the Island server </Button> to start AWS scan!</div>
|
|
||||||
:
|
|
||||||
''
|
|
||||||
}
|
|
||||||
<Row className={'justify-content-center'}>
|
|
||||||
<Col lg={4} md={6} sm={8} xs={12}>
|
|
||||||
<Button className={'monkey-submit-button'} type={'submit'}>
|
|
||||||
Submit
|
|
||||||
</Button>
|
|
||||||
</Col>
|
|
||||||
</Row>
|
|
||||||
</Form>
|
|
||||||
</div>
|
|
||||||
);
|
|
||||||
}
|
|
|
@ -1,40 +0,0 @@
|
||||||
import React from 'react';
|
|
||||||
import InlineSelection from '../../../../ui-components/inline-selection/InlineSelection';
|
|
||||||
import NextSelectionButton from '../../../../ui-components/inline-selection/NextSelectionButton';
|
|
||||||
import {faKey, faTerminal} from '@fortawesome/free-solid-svg-icons';
|
|
||||||
import AWSCLISetup from './AWSCLISetup';
|
|
||||||
import CloudOptions from '../CloudOptions';
|
|
||||||
import AWSKeySetup from './AWSKeySetup';
|
|
||||||
|
|
||||||
|
|
||||||
const AWSSetupOptions = (props) => {
|
|
||||||
return InlineSelection(getContents, {
|
|
||||||
...props,
|
|
||||||
onBackButtonClick: () => {
|
|
||||||
props.setComponent(CloudOptions, props);
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
const getContents = (props) => {
|
|
||||||
return (
|
|
||||||
<>
|
|
||||||
<NextSelectionButton title={'Security keys'}
|
|
||||||
description={'Provide security keys for monkey to authenticate.'}
|
|
||||||
icon={faKey}
|
|
||||||
onButtonClick={() => {
|
|
||||||
props.setComponent(AWSKeySetup,
|
|
||||||
{setComponent: props.setComponent})
|
|
||||||
}}/>
|
|
||||||
<NextSelectionButton title={'AWS CLI'}
|
|
||||||
description={'Manually configure AWS CLI yourself.'}
|
|
||||||
icon={faTerminal}
|
|
||||||
onButtonClick={() => {
|
|
||||||
props.setComponent(AWSCLISetup,
|
|
||||||
{setComponent: props.setComponent})
|
|
||||||
}}/>
|
|
||||||
</>
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
export default AWSSetupOptions;
|
|
|
@ -1,65 +0,0 @@
|
||||||
import React, {useEffect, useState} from 'react';
|
|
||||||
import InlineSelection from '../../../ui-components/inline-selection/InlineSelection';
|
|
||||||
import NextSelectionButton from '../../../ui-components/inline-selection/NextSelectionButton';
|
|
||||||
import {faCheck, faCloud, faSync} from '@fortawesome/free-solid-svg-icons';
|
|
||||||
import AWSSetupOptions from './AWSConfiguration/AWSSetupOptions';
|
|
||||||
import {PROVIDERS} from './ProvidersEnum';
|
|
||||||
import AuthComponent from '../../../AuthComponent';
|
|
||||||
|
|
||||||
|
|
||||||
const CloudOptions = (props) => {
|
|
||||||
return InlineSelection(getContents, {
|
|
||||||
...props,
|
|
||||||
onBackButtonClick: () => {
|
|
||||||
props.setComponent()
|
|
||||||
}
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
const authComponent = new AuthComponent({})
|
|
||||||
|
|
||||||
const getContents = (props) => {
|
|
||||||
|
|
||||||
const [description, setDescription] = useState('Loading...');
|
|
||||||
const [iconType, setIconType] = useState('spinning-icon');
|
|
||||||
const [icon, setIcon] = useState(faSync);
|
|
||||||
|
|
||||||
useEffect(() => {
|
|
||||||
authComponent.authFetch('/api/scoutsuite_auth/' + PROVIDERS.AWS)
|
|
||||||
.then(res => res.json())
|
|
||||||
.then(res => {
|
|
||||||
if(res.is_setup){
|
|
||||||
setDescription(getDescription(res.message));
|
|
||||||
setIconType('icon-success');
|
|
||||||
setIcon(faCheck);
|
|
||||||
} else {
|
|
||||||
setDescription('Setup Amazon Web Services infrastructure scan.');
|
|
||||||
setIconType('')
|
|
||||||
setIcon(faCloud);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
}, [props]);
|
|
||||||
|
|
||||||
function getDescription(message){
|
|
||||||
return (
|
|
||||||
<>
|
|
||||||
{message} Run <b>from the Island</b> to start the scan. Click next to change the configuration.
|
|
||||||
</>
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
return (
|
|
||||||
<>
|
|
||||||
<NextSelectionButton title={'AWS'}
|
|
||||||
description={description}
|
|
||||||
icon={icon}
|
|
||||||
iconType={iconType}
|
|
||||||
onButtonClick={() => {
|
|
||||||
props.setComponent(AWSSetupOptions,
|
|
||||||
{setComponent: props.setComponent})
|
|
||||||
}}/>
|
|
||||||
</>
|
|
||||||
)
|
|
||||||
}
|
|
||||||
|
|
||||||
export default CloudOptions;
|
|
|
@ -1,9 +0,0 @@
|
||||||
// Should match enum in monkey/common/cloud/scoutsuite_consts.py
|
|
||||||
|
|
||||||
export const PROVIDERS = {
|
|
||||||
AWS : 'aws',
|
|
||||||
AZURE : 'azure',
|
|
||||||
GCP : 'gcp',
|
|
||||||
ALIBABA : 'aliyun',
|
|
||||||
ORACLE : 'oci'
|
|
||||||
}
|
|
Loading…
Reference in New Issue