def get(self, file_type):
"""
Sends file to filepond
:param file_type: Type indicates which file to send, linux or windows
:return: Returns file contents
"""
# Verify that file_name is indeed a file from config
if file_type == LINUX_PBA_TYPE:
filename = ConfigService.get_config_value(
copy.deepcopy(PBA_LINUX_FILENAME_PATH))
else:
filename = ConfigService.get_config_value(
copy.deepcopy(PBA_WINDOWS_FILENAME_PATH))
return send_from_directory(ABS_UPLOAD_PATH, filename)
def update_aws_auth_params():
"""
Updates the AWS authentication parameters according to config
:return: True if new params allow successful authentication. False otherwise
"""
access_key_id = ConfigService.get_config_value(
['cnc', 'aws_config', 'aws_access_key_id'], False, True)
secret_access_key = ConfigService.get_config_value(
['cnc', 'aws_config', 'aws_secret_access_key'], False, True)
if (access_key_id != AwsService.access_key_id) or (
secret_access_key != AwsService.secret_access_key):
AwsService.set_auth_params(access_key_id, secret_access_key)
RemoteRunAwsService.is_auth = AwsService.test_client()
AwsService.set_region(RemoteRunAwsService.aws_instance.region)
return RemoteRunAwsService.is_auth
def get(self, file_type):
"""
Sends file to filepond
:param file_type: Type indicates which file to send, linux or windows
:return: Returns file contents
"""
if self.is_pba_file_type_supported(file_type):
return Response(status=HTTPStatus.UNPROCESSABLE_ENTITY,
mimetype="text/plain")
# Verify that file_name is indeed a file from config
if file_type == LINUX_PBA_TYPE:
filename = ConfigService.get_config_value(
copy.deepcopy(PBA_LINUX_FILENAME_PATH))
else:
filename = ConfigService.get_config_value(
copy.deepcopy(PBA_WINDOWS_FILENAME_PATH))
return send_from_directory(
PostBreachFilesService.get_custom_pba_directory(), filename)
def get_config_exploits():
exploits_config_value = ['exploits', 'general', 'exploiter_classes']
default_exploits = ConfigService.get_default_config(False)
for namespace in exploits_config_value:
default_exploits = default_exploits[namespace]
exploits = ConfigService.get_config_value(exploits_config_value, True, True)
if exploits == default_exploits:
return ['default']
return [ReportService.EXPLOIT_DISPLAY_DICT[exploit] for exploit in
exploits]
def get_cross_segment_issues():
scans = mongo.db.telemetry.find({'telem_type': 'scan'},
{'monkey_guid': 1, 'data.machine.ip_addr': 1, 'data.machine.services': 1})
cross_segment_issues = []
# For now the feature is limited to 1 group.
subnet_groups = [ConfigService.get_config_value(['basic_network', 'network_analysis', 'inaccessible_subnets'])]
for subnet_group in subnet_groups:
cross_segment_issues += ReportService.get_cross_segment_issues_per_subnet_group(scans, subnet_group)
return cross_segment_issues
def get_config_exploits():
exploits_config_value = EXPLOITER_CLASSES_PATH
default_exploits = ConfigService.get_default_config(False)
for namespace in exploits_config_value:
default_exploits = default_exploits[namespace]
exploits = ConfigService.get_config_value(exploits_config_value, True, True)
if exploits == default_exploits:
return ["default"]
return [
ExploiterDescriptorEnum.get_by_class_name(exploit).display_name for exploit in exploits
]
def get_config_exploits():
exploits_config_value = EXPLOITER_CLASSES_PATH
default_exploits = ConfigService.get_default_config(False)
for namespace in exploits_config_value:
default_exploits = default_exploits[namespace]
exploits = ConfigService.get_config_value(exploits_config_value, True,
True)
if exploits == default_exploits:
return ['default']
return [
ReportService.EXPLOIT_DISPLAY_DICT[exploit] for exploit in exploits
]
def delete(self, file_type):
"""
Deletes file that has been deleted on the front end
:param file_type: Type indicates which file was deleted, linux of windows
:return: Empty response
"""
filename_path = (PBA_LINUX_FILENAME_PATH if file_type == "PBAlinux"
else PBA_WINDOWS_FILENAME_PATH)
filename = ConfigService.get_config_value(filename_path)
if filename:
PostBreachFilesService.remove_file(filename)
ConfigService.set_config_value(filename_path, "")
return {}
def delete(self, file_type):
"""
Deletes file that has been deleted on the front end
:param file_type: Type indicates which file was deleted, linux of windows
:return: Empty response
"""
filename_path = PBA_LINUX_FILENAME_PATH if file_type == 'PBAlinux' else PBA_WINDOWS_FILENAME_PATH
filename = ConfigService.get_config_value(filename_path)
file_path = ABS_UPLOAD_PATH.joinpath(filename)
try:
if os.path.exists(file_path):
os.remove(file_path)
ConfigService.set_config_value(filename_path, '')
except OSError as e:
LOG.error(
"Can't remove previously uploaded post breach files: %s" % e)
return {}
def delete(self, file_type):
"""
Deletes file that has been deleted on the front end
:param file_type: Type indicates which file was deleted, linux of windows
:return: Empty response
"""
if self.is_pba_file_type_supported(file_type):
return Response(status=HTTPStatus.UNPROCESSABLE_ENTITY,
mimetype="text/plain")
filename_path = (PBA_LINUX_FILENAME_PATH if file_type == "PBAlinux"
else PBA_WINDOWS_FILENAME_PATH)
filename = ConfigService.get_config_value(filename_path)
if filename:
PostBreachFilesService.remove_file(filename)
ConfigService.set_config_value(filename_path, "")
return {}
def _get_aws_keys():
creds_dict = {}
for key in AWS_CRED_CONFIG_KEYS:
creds_dict[key[2]] = str(ConfigService.get_config_value(key))
return creds_dict
def _get_aws_key(key_type: str):
path_to_keys = AWS_KEYS_PATH
return ConfigService.get_config_value(config_key_as_arr=path_to_keys +
[key_type])
def get_config_network_segments_as_subnet_groups():
return [ConfigService.get_config_value(INACCESSIBLE_SUBNETS_PATH)]
def is_aws_keys_setup():
return (ConfigService.get_config_value(AWS_KEYS_PATH +
['aws_access_key_id'])
and ConfigService.get_config_value(AWS_KEYS_PATH +
['aws_secret_access_key']))
def get_config_ips():
return ConfigService.get_config_value(
['basic_network', 'scope', 'subnet_scan_list'], True, True)
def get_config_users():
return ConfigService.get_config_value(
['basic', 'credentials', 'exploit_user_list'], True, True)
def get_config_passwords():
return ConfigService.get_config_value(
['basic', 'credentials', 'exploit_password_list'], True, True)
def get_config_users():
return ConfigService.get_config_value(USER_LIST_PATH, True, True)
def get_config_scan():
return ConfigService.get_config_value(
['basic_network', 'scope', 'local_network_scan'], True, True)
def get_config_passwords():
return ConfigService.get_config_value(PASSWORD_LIST_PATH, True, True)
def get_report_data():
port = ConfigService.get_config_value(['cnc', 'servers', 'current_server']).split(':')[1]
T1065.used_msg = T1065.message % port
return T1065.get_base_data_by_status(ScanStatus.USED.value)
def get_config_ips():
return ConfigService.get_config_value(SUBNET_SCAN_LIST_PATH, True, True)
def is_aws_keys_setup():
return ConfigService.get_config_value(
AWS_KEYS_PATH +
["aws_access_key_id"]) and ConfigService.get_config_value(
AWS_KEYS_PATH + ["aws_secret_access_key"])
def get_config_scan():
return ConfigService.get_config_value(LOCAL_NETWORK_SCAN_PATH, True, True)
def get_report_data():
port = ConfigService.get_config_value(CURRENT_SERVER_PATH).split(
":")[1]
T1065.used_msg = T1065.message % port
return T1065.get_base_data_by_status(ScanStatus.USED.value)
def get_config_network_segments_as_subnet_groups():
return [
ConfigService.get_config_value(
['basic_network', 'network_analysis', 'inaccessible_subnets'])
]