def get(self, file_type): """ Sends file to filepond :param file_type: Type indicates which file to send, linux or windows :return: Returns file contents """ # Verify that file_name is indeed a file from config if file_type == LINUX_PBA_TYPE: filename = ConfigService.get_config_value( copy.deepcopy(PBA_LINUX_FILENAME_PATH)) else: filename = ConfigService.get_config_value( copy.deepcopy(PBA_WINDOWS_FILENAME_PATH)) return send_from_directory(ABS_UPLOAD_PATH, filename)
def update_aws_auth_params(): """ Updates the AWS authentication parameters according to config :return: True if new params allow successful authentication. False otherwise """ access_key_id = ConfigService.get_config_value( ['cnc', 'aws_config', 'aws_access_key_id'], False, True) secret_access_key = ConfigService.get_config_value( ['cnc', 'aws_config', 'aws_secret_access_key'], False, True) if (access_key_id != AwsService.access_key_id) or ( secret_access_key != AwsService.secret_access_key): AwsService.set_auth_params(access_key_id, secret_access_key) RemoteRunAwsService.is_auth = AwsService.test_client() AwsService.set_region(RemoteRunAwsService.aws_instance.region) return RemoteRunAwsService.is_auth
def get(self, file_type): """ Sends file to filepond :param file_type: Type indicates which file to send, linux or windows :return: Returns file contents """ if self.is_pba_file_type_supported(file_type): return Response(status=HTTPStatus.UNPROCESSABLE_ENTITY, mimetype="text/plain") # Verify that file_name is indeed a file from config if file_type == LINUX_PBA_TYPE: filename = ConfigService.get_config_value( copy.deepcopy(PBA_LINUX_FILENAME_PATH)) else: filename = ConfigService.get_config_value( copy.deepcopy(PBA_WINDOWS_FILENAME_PATH)) return send_from_directory( PostBreachFilesService.get_custom_pba_directory(), filename)
def get_config_exploits(): exploits_config_value = ['exploits', 'general', 'exploiter_classes'] default_exploits = ConfigService.get_default_config(False) for namespace in exploits_config_value: default_exploits = default_exploits[namespace] exploits = ConfigService.get_config_value(exploits_config_value, True, True) if exploits == default_exploits: return ['default'] return [ReportService.EXPLOIT_DISPLAY_DICT[exploit] for exploit in exploits]
def get_cross_segment_issues(): scans = mongo.db.telemetry.find({'telem_type': 'scan'}, {'monkey_guid': 1, 'data.machine.ip_addr': 1, 'data.machine.services': 1}) cross_segment_issues = [] # For now the feature is limited to 1 group. subnet_groups = [ConfigService.get_config_value(['basic_network', 'network_analysis', 'inaccessible_subnets'])] for subnet_group in subnet_groups: cross_segment_issues += ReportService.get_cross_segment_issues_per_subnet_group(scans, subnet_group) return cross_segment_issues
def get_config_exploits(): exploits_config_value = EXPLOITER_CLASSES_PATH default_exploits = ConfigService.get_default_config(False) for namespace in exploits_config_value: default_exploits = default_exploits[namespace] exploits = ConfigService.get_config_value(exploits_config_value, True, True) if exploits == default_exploits: return ["default"] return [ ExploiterDescriptorEnum.get_by_class_name(exploit).display_name for exploit in exploits ]
def get_config_exploits(): exploits_config_value = EXPLOITER_CLASSES_PATH default_exploits = ConfigService.get_default_config(False) for namespace in exploits_config_value: default_exploits = default_exploits[namespace] exploits = ConfigService.get_config_value(exploits_config_value, True, True) if exploits == default_exploits: return ['default'] return [ ReportService.EXPLOIT_DISPLAY_DICT[exploit] for exploit in exploits ]
def delete(self, file_type): """ Deletes file that has been deleted on the front end :param file_type: Type indicates which file was deleted, linux of windows :return: Empty response """ filename_path = (PBA_LINUX_FILENAME_PATH if file_type == "PBAlinux" else PBA_WINDOWS_FILENAME_PATH) filename = ConfigService.get_config_value(filename_path) if filename: PostBreachFilesService.remove_file(filename) ConfigService.set_config_value(filename_path, "") return {}
def delete(self, file_type): """ Deletes file that has been deleted on the front end :param file_type: Type indicates which file was deleted, linux of windows :return: Empty response """ filename_path = PBA_LINUX_FILENAME_PATH if file_type == 'PBAlinux' else PBA_WINDOWS_FILENAME_PATH filename = ConfigService.get_config_value(filename_path) file_path = ABS_UPLOAD_PATH.joinpath(filename) try: if os.path.exists(file_path): os.remove(file_path) ConfigService.set_config_value(filename_path, '') except OSError as e: LOG.error( "Can't remove previously uploaded post breach files: %s" % e) return {}
def delete(self, file_type): """ Deletes file that has been deleted on the front end :param file_type: Type indicates which file was deleted, linux of windows :return: Empty response """ if self.is_pba_file_type_supported(file_type): return Response(status=HTTPStatus.UNPROCESSABLE_ENTITY, mimetype="text/plain") filename_path = (PBA_LINUX_FILENAME_PATH if file_type == "PBAlinux" else PBA_WINDOWS_FILENAME_PATH) filename = ConfigService.get_config_value(filename_path) if filename: PostBreachFilesService.remove_file(filename) ConfigService.set_config_value(filename_path, "") return {}
def _get_aws_keys(): creds_dict = {} for key in AWS_CRED_CONFIG_KEYS: creds_dict[key[2]] = str(ConfigService.get_config_value(key)) return creds_dict
def _get_aws_key(key_type: str): path_to_keys = AWS_KEYS_PATH return ConfigService.get_config_value(config_key_as_arr=path_to_keys + [key_type])
def get_config_network_segments_as_subnet_groups(): return [ConfigService.get_config_value(INACCESSIBLE_SUBNETS_PATH)]
def is_aws_keys_setup(): return (ConfigService.get_config_value(AWS_KEYS_PATH + ['aws_access_key_id']) and ConfigService.get_config_value(AWS_KEYS_PATH + ['aws_secret_access_key']))
def get_config_ips(): return ConfigService.get_config_value( ['basic_network', 'scope', 'subnet_scan_list'], True, True)
def get_config_users(): return ConfigService.get_config_value( ['basic', 'credentials', 'exploit_user_list'], True, True)
def get_config_passwords(): return ConfigService.get_config_value( ['basic', 'credentials', 'exploit_password_list'], True, True)
def get_config_users(): return ConfigService.get_config_value(USER_LIST_PATH, True, True)
def get_config_scan(): return ConfigService.get_config_value( ['basic_network', 'scope', 'local_network_scan'], True, True)
def get_config_passwords(): return ConfigService.get_config_value(PASSWORD_LIST_PATH, True, True)
def get_report_data(): port = ConfigService.get_config_value(['cnc', 'servers', 'current_server']).split(':')[1] T1065.used_msg = T1065.message % port return T1065.get_base_data_by_status(ScanStatus.USED.value)
def get_config_ips(): return ConfigService.get_config_value(SUBNET_SCAN_LIST_PATH, True, True)
def is_aws_keys_setup(): return ConfigService.get_config_value( AWS_KEYS_PATH + ["aws_access_key_id"]) and ConfigService.get_config_value( AWS_KEYS_PATH + ["aws_secret_access_key"])
def get_config_scan(): return ConfigService.get_config_value(LOCAL_NETWORK_SCAN_PATH, True, True)
def get_report_data(): port = ConfigService.get_config_value(CURRENT_SERVER_PATH).split( ":")[1] T1065.used_msg = T1065.message % port return T1065.get_base_data_by_status(ScanStatus.USED.value)
def get_config_network_segments_as_subnet_groups(): return [ ConfigService.get_config_value( ['basic_network', 'network_analysis', 'inaccessible_subnets']) ]