Merge branch '2509-remove-manual-exploitations-endpoint' into develop

Issue #2509
PR #2553

CHANGELOG.md

@@ -143,6 +143,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
 - "GET /api/local-monkey" endpoint. #2506
 - "/api/telemetry" endpoint. #2503
 - "/api/agent" endpoint. #2542
+- "/api/exploitations/manual" endpoint. #2509
 
 ### Fixed
 - A bug in network map page that caused delay of telemetry log loading. #1545

monkey/monkey_island/cc/app.py

@@ -30,7 +30,6 @@
 )
 from monkey_island.cc.resources.AbstractResource import AbstractResource
 from monkey_island.cc.resources.auth import Authenticate, Register, RegistrationStatus, init_jwt
-from monkey_island.cc.resources.exploitations.manual_exploitation import ManualExploitation
 from monkey_island.cc.resources.exploitations.monkey_exploitation import MonkeyExploitation
 from monkey_island.cc.resources.island_mode import IslandMode
 from monkey_island.cc.resources.local_run import LocalRun
@@ -158,7 +157,6 @@ def init_restful_endpoints(api: FlaskDIWrapper):
 
     api.add_resource(SecurityReport)
     api.add_resource(RansomwareReport)
-    api.add_resource(ManualExploitation)
     api.add_resource(MonkeyExploitation)
 
     api.add_resource(AgentLogs)

monkey/monkey_island/cc/ui/src/components/IslandHttpClient.tsx

@@ -17,7 +17,6 @@ export enum APIEndpoint {
   nodes = '/api/nodes',
   agentEvents = '/api/agent-events',
   mode = '/api/island/mode',
-  manual_exploitation = '/api/exploitations/manual',
   monkey_exploitation = '/api/exploitations/monkey',
   stolenCredentials = '/api/propagation-credentials/stolen-credentials'
 }

monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js

@@ -47,7 +47,7 @@ import {
   getAllMachines,
   getMachineByAgent,
   getMachineHostname,
-  getManuallyStartedAgents,
+  getManuallyStartedAgents
 } from '../utils/ServerUtils';
 
 

monkey/monkey_island/cc/ui/src/components/report-components/ransomware/BreachSection.tsx

@@ -1,9 +1,10 @@
 import React, {useEffect, useState} from 'react';
-import IslandHttpClient, {APIEndpoint} from '../../IslandHttpClient';
 import NumberedReportSection from './NumberedReportSection';
 import LoadingIcon from '../../ui-components/LoadingIcon';
 import {renderLimitedArray} from '../common/RenderArrays';
 import ExternalLink from '../common/ExternalLink';
+import {getAllAgents, getAllMachines, getManuallyStartedAgents, getMachineByAgent, getMachineHostname, getMachineIPs} from '../../utils/ServerUtils';
+import {parseTimeToDateString} from '../../utils/DateUtils';
 
 const BREACH_DESCRIPTION = <>
                              Ransomware attacks start after machines in the internal network get
@@ -19,21 +20,41 @@ const BREACH_DESCRIPTION = <>
                            </>
 
 function BreachSection() {
+  const [agents, setAgents] = useState(null);
   const [machines, setMachines] = useState(null);
 
   useEffect(() => {
-      IslandHttpClient.get(APIEndpoint.manual_exploitation)
-      .then(resp => setMachines(resp.body['manual_exploitations']));
+    getAllAgents().then(agents => setAgents(agents));
+    getAllMachines().then(machines => setMachines(machines));
   }, []);
 
-  if(machines !== null){
-    let body = getBreachSectionBody(machines);
+  if((machines !== null) && (agents !== null)){
+    let manuallyExploitedMachines = getManuallyExploitedMachines(agents, machines);
+    let body = getBreachSectionBody(manuallyExploitedMachines);
     return (<NumberedReportSection index={1} title={'Breach'} description={BREACH_DESCRIPTION} body={body}/>)
   } else {
     return <LoadingIcon />
   }
 }
 
+function getManuallyExploitedMachines(agents, machines){
+  let manuallyExploitedMachines = [];
+  let manuallyStartedAgents = getManuallyStartedAgents(agents);
+  for (let agent of manuallyStartedAgents) {
+    let machine = getMachineByAgent(agent, machines);
+    if (machine !== null){
+      let manuallyExploitatedMachine = {};
+      manuallyExploitatedMachine['hostname'] = getMachineHostname(machine);
+      manuallyExploitatedMachine['ip_addresses'] = getMachineIPs(machine);
+      manuallyExploitatedMachine['start_time'] = parseTimeToDateString(agent['start_time']);
+
+      manuallyExploitedMachines.push(manuallyExploitatedMachine);
+    }
+  }
+
+  return manuallyExploitedMachines;
+}
+
 function getBreachSectionBody(machines) {
     let machineList = [];
     for(let i = 0; i < machines.length; i++){
@@ -51,7 +72,7 @@ function getBreachSectionBody(machines) {
 
 function getMachine(machine) {
   return (
-    <li key={machine['hostname']}>
+    <li key={machine['hostname']+machine['start_time']}>
     <b>{machine['hostname']}</b>&nbsp;
       ({renderLimitedArray(machine['ip_addresses'], 2, 'ip-address')}) at <b>{machine['start_time']}</b>
     </li>

monkey/monkey_island/cc/ui/src/components/report-components/security/issues/TunnelIssue.js

@@ -1,6 +1,6 @@
 import React from 'react';
 import CollapsibleWellComponent from '../CollapsibleWell';
-import {getMachineByAgent, getMachineFromIP, getMachineHostname} from '../../../utils/ServerUtils';
+import {getMachineByAgent, getMachineFromIP, getMachineHostname, getMachineIPs} from '../../../utils/ServerUtils';
 
 export function tunnelIssueOverview(agents, machines) {
   if(getTunnels(agents, machines).length > 0){
@@ -23,7 +23,7 @@ export function tunnelIssueReport(agents, machines) {
           Network tunnels were set up between the following.
           <ul>
             {tunnels.map(tunnel =>
-              <li>
+              <li key={tunnel.agent_machine+tunnel.agent_tunnel}>
                 from <span className="badge badge-primary">{tunnel.agent_machine}
                 </span> to <span className="badge badge-primary">{tunnel.agent_tunnel}</span>
               </li>
@@ -42,9 +42,7 @@ function getTunnels(agents, machines) {
   for (let machine of machines) {
     if (machine.island === true) {
       islandIPs = islandIPs.concat(
-        ...(
-          machine.network_interfaces.map(network_interface => network_interface.split('/')[0])
-        )
+        ...getMachineIPs(machine)
       );
     }
   }

monkey/monkey_island/cc/ui/src/components/ui-components/EventsTable.js

@@ -5,7 +5,8 @@ import AuthService from '../../services/AuthService';
 import '../../styles/pages/EventPage.scss';
 import IslandHttpClient, {APIEndpoint} from '../IslandHttpClient';
 import LoadingIcon from './LoadingIcon';
-import {getEventSourceHostname, getMachineHostname} from '../utils/ServerUtils';
+import {getEventSourceHostname, getMachineHostname, getMachineIPs} from '../utils/ServerUtils';
+import {parseTimeToDateString} from '../utils/DateUtils';
 
 const columns = [
   {label: 'Time', name: 'timestamp'},
@@ -34,9 +35,7 @@ const table_options = {
   selectableRows: 'none'
 };
 
-const timestamp_options =  [{year: 'numeric'}, {month: '2-digit'},{day: '2-digit'},{'hour': '2-digit'},{'minutes': '2-digit'},{'second': 'numeric'}];
-
-const renderTime = (val) => new Date(val*1000).toLocaleString('en-us', timestamp_options);
+const renderTime = (val) => parseTimeToDateString(val*1000);
 
 const renderTarget = (event_target, machines) => {
   // event_target is null
@@ -55,9 +54,7 @@ const renderTarget = (event_target, machines) => {
 
   // if none of the above, event_target is an IPv4 address
   for (let machine of machines) {
-    let machine_ips = machine['network_interfaces'].map(network_interface => {
-      return network_interface.split('/')[0]
-    })
+    let machine_ips = getMachineIPs(machine);
 
     if (machine_ips.includes(event_target)) {
       if ((machine['hostname'] !== null) && (machine['hostname'] !== '')) {

monkey/monkey_island/cc/ui/src/components/utils/DateUtils.tsx

@@ -0,0 +1,14 @@
+export function parseTimeToDateString(time) {
+  // If the time is a string timestamp
+  let parsedTimeDate = Date.parse(time);
+
+   // If the time is a unix timestamp
+  if(isNaN(parsedTimeDate)){
+      parsedTimeDate = time;
+  }
+
+  let timeDate = new Date();
+  timeDate.setTime(parsedTimeDate);
+
+  return timeDate.toLocaleString('en-us');
+}

monkey/monkey_island/cc/ui/src/components/utils/ServerUtils.tsx

@@ -65,7 +65,7 @@ export function getMachineFromIP(ip, machines) {
   let machineFromIP = null;
 
   for (let machine of machines) {
-    let machineIPs = machine['network_interfaces'].map(network_interface => network_interface.split('/')[0]);
+    let machineIPs = getMachineIPs(machine);
     if (machineIPs.includes(ip)) {
       machineFromIP = machine;
       break;
@@ -75,6 +75,14 @@ export function getMachineFromIP(ip, machines) {
   return machineFromIP;
 }
 
+export function getMachineIPs(machine) {
+    if(machine !== null) {
+     return machine['network_interfaces'].map(network_interface => network_interface.split('/')[0])
+    }
+
+    return [];
+}
+
 export function getEventSourceHostname(event_source, agents, machines): string {
   let hostname = "unknown";