Merge pull request #401 from nccgroup/release/5.1.0

Release/5.1.0
nccgroup · May 22, 2019 · 1ac89eb · 1ac89eb
2 parents 5a498fb + f9fe9e6
commit 1ac89eb
Show file tree

Hide file tree

Showing 25 changed files with 479 additions and 108 deletions.
diff --git a/ScoutSuite/__init__.py b/ScoutSuite/__init__.py
@@ -1,5 +1,5 @@
 __author__ = 'NCC Group'
-__version__ = '5.0.post3'
+__version__ = '5.1.0'
 
 ERRORS_LIST = []
 

diff --git a/ScoutSuite/__main__.py b/ScoutSuite/__main__.py
@@ -6,7 +6,7 @@
 from concurrent.futures import ThreadPoolExecutor
 
 from ScoutSuite.core.cli_parser import ScoutSuiteArgumentParser
-from ScoutSuite.core.console import set_config_debug_level, print_info, print_exception
+from ScoutSuite.core.console import set_logger_configuration, print_info, print_exception
 from ScoutSuite.core.exceptions import RuleExceptions
 from ScoutSuite.core.processingengine import ProcessingEngine
 from ScoutSuite.core.ruleset import Ruleset
@@ -24,59 +24,64 @@ def run_from_cli():
     # Get the dictionary to get None instead of a crash
     args = args.__dict__
 
-    run(args.get('provider'),
-        args.get('profile'),
-        args.get('user_account'), args.get('service_account'),
-        args.get('cli'), args.get('msi'), args.get('service_principal'), args.get('file_auth'), args.get('tenant_id'),
-        args.get('subscription_id'),
-        args.get('client_id'), args.get('client_secret'),
-        args.get('username'), args.get('password'),
-        args.get('project_id'), args.get('folder_id'), args.get('organization_id'), args.get('all_projects'),
-        args.get('report_name'), args.get('report_dir'),
-        args.get('timestamp'),
-        args.get('services'), args.get('skipped_services'),
-        args.get('result_format'),
-        args.get('database_name'),
-        args.get('host_ip'),
-        args.get('host_port'),
-        args.get('max_workers'),
-        args.get('regions'),
-        args.get('fetch_local'), args.get('update'),
-        args.get('ip_ranges'), args.get('ip_ranges_name_key'),
-        args.get('ruleset'), args.get('exceptions'),
-        args.get('force_write'),
-        args.get('debug'),
-        args.get('no_browser'))
+    return run(args.get('provider'),
+               args.get('profile'),
+               args.get('user_account'), args.get('service_account'),
+               args.get('cli'), args.get('msi'), args.get('service_principal'), args.get('file_auth'), args.get('tenant_id'),
+               args.get('subscription_id'),
+               args.get('client_id'), args.get('client_secret'),
+               args.get('username'), args.get('password'),
+               args.get('project_id'), args.get('folder_id'), args.get('organization_id'), args.get('all_projects'),
+               args.get('report_name'), args.get('report_dir'),
+               args.get('timestamp'),
+               args.get('services'), args.get('skipped_services'),
+               args.get('result_format'),
+               args.get('database_name'),
+               args.get('host_ip'),
+               args.get('host_port'),
+               args.get('max_workers'),
+               args.get('regions'),
+               args.get('fetch_local'), args.get('update'),
+               args.get('ip_ranges'), args.get('ip_ranges_name_key'),
+               args.get('ruleset'), args.get('exceptions'),
+               args.get('force_write'),
+               args.get('debug'),
+               args.get('quiet'),
+               args.get('log_file'),
+               args.get('no_browser'))
 
 
 def run(provider,
-        profile,
-        user_account, service_account,
-        cli, msi, service_principal, file_auth, tenant_id, subscription_id,
-        client_id, client_secret,
-        username, password,
-        project_id, folder_id, organization_id, all_projects,
-        report_name, report_dir,
-        timestamp,
-        services, skipped_services,
-        result_format,
-        database_name, host_ip, host_port,
-        max_workers,
-        regions,
-        fetch_local, update,
-        ip_ranges, ip_ranges_name_key,
-        ruleset, exceptions,
-        force_write,
-        debug,
-        no_browser):
+        profile=None,
+        user_account=False, service_account=None,
+        cli=False, msi=False, service_principal=False, file_auth=None, tenant_id=None, subscription_id=None,
+        client_id=None, client_secret=None,
+        username=None, password=None,
+        project_id=None, folder_id=None, organization_id=None, all_projects=False,
+        report_name=None, report_dir=None,
+        timestamp=False,
+        services=[], skipped_services=[],
+        result_format='json',
+        database_name=None, host_ip='127.0.0.1', host_port=8000,
+        max_workers=10,
+        regions=[],
+        fetch_local=False, update=False,
+        ip_ranges=[], ip_ranges_name_key='name',
+        ruleset='default.json', exceptions=None,
+        force_write=False,
+        debug=False,
+        quiet=False,
+        log_file=None,
+        no_browser=False):
     """
     Run a scout job in an async event loop.
     """
 
     loop = asyncio.get_event_loop()
     loop.set_default_executor(ThreadPoolExecutor(max_workers=max_workers))
-    loop.run_until_complete(_run(**locals()))  # pass through all the parameters
+    result = loop.run_until_complete(_run(**locals()))  # pass through all the parameters
     loop.close()
+    return result
 
 
 async def _run(provider,
@@ -97,14 +102,16 @@ async def _run(provider,
                ruleset, exceptions,
                force_write,
                debug,
+               quiet,
+               log_file,
                no_browser,
                **kwargs):
     """
     Run a scout job.
     """
 
     # Configure the debug level
-    set_config_debug_level(debug)
+    set_logger_configuration(debug, quiet, log_file)
 
     print_info('Launching Scout')
 
@@ -221,8 +228,13 @@ async def _run(provider,
     else:
         exceptions = {}
 
+    run_parameters = {
+        'services': services,
+        'skipped_services': skipped_services,
+        'regions': regions,
+    }
     # Finalize
-    cloud_provider.postprocessing(report.current_time, finding_rules)
+    cloud_provider.postprocessing(report.current_time, finding_rules, run_parameters)
 
     # Save config and create HTML report
     html_report_path = report.save(

diff --git a/ScoutSuite/core/cli_parser.py b/ScoutSuite/core/cli_parser.py
@@ -49,11 +49,6 @@ def _init_aws_parser(self):
                             default=[],
                             nargs='+',
                             help='Name of regions to run the tool in, defaults to all')
-        parser.add_argument('--vpc',
-                            dest='vpc',
-                            default=[],
-                            nargs='+',
-                            help='Name of VPC to run the tool in, defaults to all')
         parser.add_argument('--ip-ranges',
                             dest='ip_ranges',
                             default=[],
@@ -185,11 +180,22 @@ def _init_common_args_parser(self):
                             default=False,
                             action='store_true',
                             help='Print the stack trace when exception occurs')
-        parser.add_argument('--resume',
-                            dest='resume',
+        parser.add_argument('--quiet',
+                            dest='quiet',
                             default=False,
                             action='store_true',
-                            help='Complete a partial (throttled) run')
+                            help='Disables CLI output')
+        parser.add_argument('--logfile',
+                            dest='log_file',
+                            default=None,
+                            action='store',
+                            nargs='?',
+                            help='Additional output to the specified file')
+        # parser.add_argument('--resume',
+        #                     dest='resume',
+        #                     default=False,
+        #                     action='store_true',
+        #                     help='Complete a partial (throttled) run')
         parser.add_argument('--update',
                             dest='update',
                             default=False,

diff --git a/ScoutSuite/core/console.py b/ScoutSuite/core/console.py
@@ -15,13 +15,26 @@
 verbose_exceptions = False
 logger = logging.getLogger('scout')
 
-def set_config_debug_level(is_debug):
+def set_logger_configuration(is_debug=False, quiet=False, output_file_path=None):
     """
     Configure whether full stacktraces should be dumped in the console output
     """
     global verbose_exceptions
     verbose_exceptions = is_debug
-    coloredlogs.install(level='DEBUG' if is_debug else 'INFO', logger=logger)
+    # if "quiet" is set, don't output anything
+    if not quiet:
+        coloredlogs.install(level='DEBUG' if is_debug else 'INFO', logger=logger)
+
+    if output_file_path:
+        # create file handler which logs messages
+        fh = logging.FileHandler(output_file_path, 'w+')
+        fh.setLevel(logging.DEBUG if is_debug else logging.INFO)
+        # create formatter and add it to the handlers
+        formatter = logging.Formatter(fmt='%(asctime)s %(hostname)s %(name)s[%(process)d] %(levelname)s %(message)s',
+                                      datefmt='%Y-%m-%d %H:%M:%S')
+        fh.setFormatter(formatter)
+        # add the handlers to the logger
+        logger.addHandler(fh)
 
 
 ########################################

diff --git a/ScoutSuite/output/data/html/partials/azure/services.network.network_security_groups.html b/ScoutSuite/output/data/html/partials/azure/services.network.network_security_groups.html
@@ -8,14 +8,16 @@ <h4 class="list-group-item-heading">{{name}}</h4>
         <h4 class="list-group-item-heading">Information</h4>
         <div class="list-group-item-text item-margin">Name: <span id="network.network_security_groups.{{@key}}.name">{{name}}</span></div>
         <div class="list-group-item-text item-margin">Location: <span id="network.network_security_groups.{{@key}}.location">{{ location }}</span></div>
-
-        <div class="list-group-item-text item-margin">Exposed Ports:
+        {{!--
+        <div class="list-group-item-text item-margin">
+            <span id="network.network_security_groups.{{@key}}.ExposedPorts">Exposed Ports:</span>
             <div class="list-group-item-text item-margin">
-            {{#each exposed_port_ranges}}
+                {{#each exposed_port_ranges}}
                 <li id="network.network_security_groups.{{@../key}}.exposed_port_ranges.{{@key}}">{{ this }}</li>
-            {{/each}}
+                {{/each}}
             </div>
         </div>
+        --}}
     </div>
     <div class="list-group-item">
         <h4 class="list-group-item-heading">Security Rules</h4>

diff --git a/ScoutSuite/output/data/html/partials/last_run_details.html b/ScoutSuite/output/data/html/partials/last_run_details.html
@@ -11,7 +11,15 @@ <h5 class="modal-title">Execution Details</h5>
                 <div>
                     <p><strong>Provider:</strong> {{provider_name}}</p>
                     <p><strong>Time:</strong> {{format_date last_run.time}}</p>
-                    <p><strong>Command:</strong> <code>{{last_run.cmd}}</code></p>
+                    {{#if last_run.run_parameters.services}}
+                    <p><strong>Services:</strong> {{last_run.run_parameters.services}}</p>
+                    {{/if}}
+                    {{#if last_run.run_parameters.skipped_services}}
+                    <p><strong>Skipped Services:</strong> {{last_run.run_parameters.skipped_services}}</p>
+                    {{/if}}
+                    {{#if last_run.run_parameters.regions}}
+                    <p><strong>Regions:</strong> {{last_run.run_parameters.regions}}</p>
+                    {{/if}}
                     <p><strong>Report generated with</strong> Scout Suite version <samp>{{last_run.version}}</samp></p>
                     <p><strong>Using ruleset</strong> <samp>{{last_run.ruleset_name}}</samp>:
                     <p class="ml-4 mr-4 text-justify"><em>{{last_run.ruleset_about}}</em></p>

diff --git a/ScoutSuite/output/data/html/partials/metadata.html b/ScoutSuite/output/data/html/partials/metadata.html
@@ -87,7 +87,7 @@
                   <li><a class="dropdown-item" href="javascript:showResourcesDetails()">Resources Details</a></li>
                   <li><a class="dropdown-item" href="javascript:showAbout()">About Scout Suite</a></li>
                   <li><a class="dropdown-item" href="javascript:downloadExceptions()">Export Exceptions</a><a id="downloadAnchorElem" style="display:none"></a></li>
-                  <li><a class="dropdown-item" href="javascript:void(0)">Dark theme
+                  <li><span>Dark theme</span>
                     <label class="switch">
                       <input type="checkbox" id="theme_checkbox" onclick="toggleTheme()">
                       <span class="slider round"></span>

diff --git a/ScoutSuite/output/data/html/partials/modal.html b/ScoutSuite/output/data/html/partials/modal.html
@@ -14,9 +14,6 @@ <h5 class="modal-title">{{name}}</h5>
                 </button>
             </div>
             <div class="modal-body">
-                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
-                    <span aria-hidden="true">&times;</span>
-                </button>
                 {{> (lookup . 'template') }}
             </div>
         </div>

diff --git a/ScoutSuite/output/data/html/report.html b/ScoutSuite/output/data/html/report.html
@@ -84,8 +84,8 @@ <h2 id="section_title-h2"></h2>
 
             <!-- Two columns container -->
             <div class="row w-100">
-                <div class="col-sm-4 w-100 text-overflow" id="double-column-left"></div>
-                <div class="col-sm-8 w-100 pr-0" id="double-column-right"></div>
+                <div class="col-sm-3 w-100 text-overflow" id="double-column-left"></div>
+                <div class="col-sm-9 w-100 pr-0" id="double-column-right"></div>
             </div>
 
             <!-- CONTENTS PLACEHOLDER -->
@@ -110,12 +110,12 @@ <h5 class="modal-title">Please wait</h5>
             <script id="last_run.details.template" type="text/x-handlebars-template">
                 <h4>
                     <div class="row std-size" id="last_run.details">
-                        <div class="list-group-item active">
+                        <div class="list-group-item active ml-3">
                             <div class="list-group-item-heading">Dashboard</div>
                         </div>
                         <div class="accordion" id="last_run">
                             <a class="card">
-                                <div class="card-header">Service
+                                <div class="card-header card-header-dark">Service
                                     <div class="col-sm-2 float-right" style="text-align: center">Checks</div>
                                     <div class="col-sm-2 float-right" style="text-align: center">Findings</div>
                                     <div class="col-sm-2 float-right" style="text-align: center">Rules</div>

diff --git a/ScoutSuite/output/data/inc-scoutsuite/css/modal.css b/ScoutSuite/output/data/inc-scoutsuite/css/modal.css
@@ -16,12 +16,17 @@
 
 .modal-header {
     height: 65px;
+    background: #414042;
 }
 
 .modal-body {
     overflow-y: auto;
 }
 
+.modal-body .list-group-item {
+    background: transparent !important;
+}
+
 .modal-content {
     max-height: 80vh;
 }