From 5c3f1ca9d7715632f7c098e8a884fa5eb806b736 Mon Sep 17 00:00:00 2001 From: devplayer55221 Date: Sat, 19 Oct 2024 03:36:39 +0530 Subject: [PATCH 1/4] report dictionary from yaml --- configs/local.yml | 18 +++++++++++++++++- mantis/config_parsers/config_client.py | 21 +++++++++++++++++++++ mantis/models/args_model.py | 3 ++- mantis/utils/args_parse.py | 21 +++++++++++++++++++-- mantis/utils/config_utils.py | 5 +++++ mantis/workflows/mantis_workflow.py | 5 ++++- mantis/workflows/report_workflow.py | 11 +++++++++++ setup/docker/docker-compose.yml | 5 ++++- 8 files changed, 83 insertions(+), 6 deletions(-) create mode 100644 mantis/workflows/report_workflow.py diff --git a/configs/local.yml b/configs/local.yml index 4bb05be..047601b 100644 --- a/configs/local.yml +++ b/configs/local.yml @@ -1,5 +1,13 @@ # Do not store sensitive information and check-in code to gitlab +report: + title: "Attack Surface Management Report" + author: "John Doe" + date: "2024-09-30" + header: "Confidential - For Internal Use Only" + footer: "Company XYZ - All Rights Reserved" + format: "pdf" + workflow: - workflowName: 'default' schedule: 'daily between 00:00 and 04:00' @@ -84,6 +92,14 @@ workflow: tools: ['Cloudflare'] order: 1 + - workflowName: 'testreport' + schedule: 'daily between 00:00 and 04:00' + cmd: [] + workflowConfig: + - moduleName : discovery + tools: ['Subfinder'] + order: 1 + nuclei_template_path: whitelist: blacklist: @@ -161,4 +177,4 @@ logging_debug: root: level: DEBUG - handlers: [console] \ No newline at end of file + handlers: [console] diff --git a/mantis/config_parsers/config_client.py b/mantis/config_parsers/config_client.py index ef0880d..d9e0ff1 100644 --- a/mantis/config_parsers/config_client.py +++ b/mantis/config_parsers/config_client.py @@ -26,6 +26,21 @@ def convert_yml_to_obj(yml_file_path): logging.error('(convert_yml_to_obj) Error in reading yml file: {}, Reason: {}'.format(yml_file_path, e)) sys.exit(0) + + @staticmethod + def convert_yml_to_dict(yml_file_path): + config = dict() + try: + with open(yml_file_path, 'r') as yml_file: + yml_to_dict = yaml.load(yml_file, Loader=yaml.SafeLoader) + config.update(yml_to_dict) + ConfigProvider.yml_config = config + except yaml.YAMLError as e: + logging.error('(convert_yml_to_obj) Error in reading yml file: {}, Reason: {}'.format(yml_file_path, e)) + sys.exit(0) + except OSError as e: + logging.error('(convert_yml_to_obj) Error in reading yml file: {}, Reason: {}'.format(yml_file_path, e)) + sys.exit(0) @staticmethod def get_local_config(): @@ -40,3 +55,9 @@ def get_config(): else: ConfigProvider.get_local_config() return ConfigProvider.yml_config + + @staticmethod + def get_report(): + config_path = os.path.join('configs', 'local.yml') + ConfigProvider.convert_yml_to_dict(config_path) + return ConfigProvider.yml_config.get("report") diff --git a/mantis/models/args_model.py b/mantis/models/args_model.py index ceb59bc..162500e 100644 --- a/mantis/models/args_model.py +++ b/mantis/models/args_model.py @@ -21,5 +21,6 @@ class ArgsModel(BaseModel): subdomain: str = Field(None) list_: bool = False list_orgs: bool = False + report_: bool = False in_scope: bool = False - \ No newline at end of file + diff --git a/mantis/utils/args_parse.py b/mantis/utils/args_parse.py index 061cb32..7593921 100644 --- a/mantis/utils/args_parse.py +++ b/mantis/utils/args_parse.py @@ -51,6 +51,13 @@ def list_msg(name=None): \033[0;32mmantis list {subcommand}\033[0m ''' + + @staticmethod + def report_msg(name=None): + return ''' + \033[1;34mREPORT:\033[0m + \033[0;32mmantis report -o example_org\033[0m + ''' @staticmethod def args_parse() -> ArgsModel: @@ -243,6 +250,13 @@ def args_parse() -> ArgsModel: list_sub_parser.add_parser("orgs", help="List orgs present in DB") + report_parser = subparser.add_parser("report", help="Generate report", usage=ArgsParse.report_msg()) + + report_parser.add_argument('-o', '--org', + dest = 'org', + required = True, + help = "name of the organisation") + # display help, if no arguments are passed args = parser.parse_args(args=None if argv[1:] else ['--help']) logging.info(f"Arguments Passed - {args}") @@ -259,7 +273,7 @@ def args_parse() -> ArgsModel: parsed_args['input_type'] = "file" parsed_args['input'] = str(args.file_name) - if args.subcommand != "list": + if args.subcommand != "list" and args.subcommand != "report": if args.aws_profiles: parsed_args["aws_profiles"] = args.aws_profiles.split(',') @@ -314,10 +328,13 @@ def args_parse() -> ArgsModel: if args.list_sub_command == "orgs": parsed_args["list_orgs"] = True + if args.subcommand == "report": + parsed_args["report_"] = True + args_pydantic_obj = ArgsModel.parse_obj(parsed_args) logging.info(f'parsed args - {args_pydantic_obj}') logging.info(f"Parsing Arguements - Completed") return args_pydantic_obj - \ No newline at end of file + diff --git a/mantis/utils/config_utils.py b/mantis/utils/config_utils.py index 432decd..35959e3 100644 --- a/mantis/utils/config_utils.py +++ b/mantis/utils/config_utils.py @@ -34,3 +34,8 @@ def is_scanNewOnly_tool(tool_name, args): return False else: return True + + @staticmethod + def get_report_dict(): + report = ConfigProvider.get_report() + return report diff --git a/mantis/workflows/mantis_workflow.py b/mantis/workflows/mantis_workflow.py index 5befd7c..4191a36 100644 --- a/mantis/workflows/mantis_workflow.py +++ b/mantis/workflows/mantis_workflow.py @@ -1,6 +1,7 @@ from mantis.models.args_model import ArgsModel from mantis.modules.workflow import Workflow from mantis.workflows.list_workflow import ListWorkflow +from mantis.workflows.report_workflow import ReportWorkflow import asyncio class MantisWorkflow: @@ -9,6 +10,8 @@ def select_workflow(args: ArgsModel) -> None: if args.list_: asyncio.run(ListWorkflow.executor(args)) + elif args.report_: + asyncio.run(ReportWorkflow.executor()) else: asyncio.run(Workflow.workflow_executor(args)) - \ No newline at end of file + diff --git a/mantis/workflows/report_workflow.py b/mantis/workflows/report_workflow.py new file mode 100644 index 0000000..61365b3 --- /dev/null +++ b/mantis/workflows/report_workflow.py @@ -0,0 +1,11 @@ +import logging +from mantis.utils.config_utils import ConfigUtils + +class ReportWorkflow: + + @staticmethod + async def executor(): + + report = ConfigUtils.get_report_dict() + + print(f"Report: {report}") diff --git a/setup/docker/docker-compose.yml b/setup/docker/docker-compose.yml index 25a95d1..9e47a22 100644 --- a/setup/docker/docker-compose.yml +++ b/setup/docker/docker-compose.yml @@ -1,6 +1,9 @@ services: mantis: - image: ghcr.io/phonepe/mantis:latest + #image: ghcr.io/phonepe/mantis:latest + build: + dockerfile: Dockerfile + context: ../../ container_name: mantis restart: on-failure command: sleep infinity From 0e091f2871197bc20e7ab6f1c26d313a275897c3 Mon Sep 17 00:00:00 2001 From: devplayer55221 Date: Tue, 22 Oct 2024 18:11:03 +0530 Subject: [PATCH 2/4] Removing code changes to config_client.py --- mantis/config_parsers/config_client.py | 20 -------------------- mantis/config_parsers/config_models.py | 3 ++- mantis/utils/config_utils.py | 2 +- 3 files changed, 3 insertions(+), 22 deletions(-) diff --git a/mantis/config_parsers/config_client.py b/mantis/config_parsers/config_client.py index d9e0ff1..1db26fd 100644 --- a/mantis/config_parsers/config_client.py +++ b/mantis/config_parsers/config_client.py @@ -26,21 +26,6 @@ def convert_yml_to_obj(yml_file_path): logging.error('(convert_yml_to_obj) Error in reading yml file: {}, Reason: {}'.format(yml_file_path, e)) sys.exit(0) - - @staticmethod - def convert_yml_to_dict(yml_file_path): - config = dict() - try: - with open(yml_file_path, 'r') as yml_file: - yml_to_dict = yaml.load(yml_file, Loader=yaml.SafeLoader) - config.update(yml_to_dict) - ConfigProvider.yml_config = config - except yaml.YAMLError as e: - logging.error('(convert_yml_to_obj) Error in reading yml file: {}, Reason: {}'.format(yml_file_path, e)) - sys.exit(0) - except OSError as e: - logging.error('(convert_yml_to_obj) Error in reading yml file: {}, Reason: {}'.format(yml_file_path, e)) - sys.exit(0) @staticmethod def get_local_config(): @@ -56,8 +41,3 @@ def get_config(): ConfigProvider.get_local_config() return ConfigProvider.yml_config - @staticmethod - def get_report(): - config_path = os.path.join('configs', 'local.yml') - ConfigProvider.convert_yml_to_dict(config_path) - return ConfigProvider.yml_config.get("report") diff --git a/mantis/config_parsers/config_models.py b/mantis/config_parsers/config_models.py index 2b8b8df..c4a16e8 100644 --- a/mantis/config_parsers/config_models.py +++ b/mantis/config_parsers/config_models.py @@ -49,6 +49,7 @@ class NucleiTemplate(BaseModel): blacklist: str = Field(None) class AppConfig(BaseModel): + report: dict workflow: List[Workflow] dbConfig: DBConfig logging: dict @@ -57,4 +58,4 @@ class AppConfig(BaseModel): app: dict nuclei_template_path: NucleiTemplate aws: AWSConfig - \ No newline at end of file + diff --git a/mantis/utils/config_utils.py b/mantis/utils/config_utils.py index 35959e3..5aed26b 100644 --- a/mantis/utils/config_utils.py +++ b/mantis/utils/config_utils.py @@ -37,5 +37,5 @@ def is_scanNewOnly_tool(tool_name, args): @staticmethod def get_report_dict(): - report = ConfigProvider.get_report() + report = ConfigProvider.get_config().report return report From 306c1ade56cdcac1287f37017acb034b2c2e74b1 Mon Sep 17 00:00:00 2001 From: devplayer55221 Date: Tue, 22 Oct 2024 19:51:38 +0530 Subject: [PATCH 3/4] Modifying report_workflow, config_utils --- mantis/utils/config_utils.py | 5 ----- mantis/workflows/report_workflow.py | 6 ++---- setup/docker/docker-compose.yml | 10 ++++++---- 3 files changed, 8 insertions(+), 13 deletions(-) diff --git a/mantis/utils/config_utils.py b/mantis/utils/config_utils.py index 5aed26b..432decd 100644 --- a/mantis/utils/config_utils.py +++ b/mantis/utils/config_utils.py @@ -34,8 +34,3 @@ def is_scanNewOnly_tool(tool_name, args): return False else: return True - - @staticmethod - def get_report_dict(): - report = ConfigProvider.get_config().report - return report diff --git a/mantis/workflows/report_workflow.py b/mantis/workflows/report_workflow.py index 61365b3..0fe80b3 100644 --- a/mantis/workflows/report_workflow.py +++ b/mantis/workflows/report_workflow.py @@ -1,11 +1,9 @@ import logging -from mantis.utils.config_utils import ConfigUtils +from mantis.config_parsers.config_client import ConfigProvider class ReportWorkflow: @staticmethod async def executor(): - - report = ConfigUtils.get_report_dict() - + report = ConfigProvider.get_config().report print(f"Report: {report}") diff --git a/setup/docker/docker-compose.yml b/setup/docker/docker-compose.yml index 9e47a22..465c617 100644 --- a/setup/docker/docker-compose.yml +++ b/setup/docker/docker-compose.yml @@ -1,9 +1,11 @@ services: mantis: - #image: ghcr.io/phonepe/mantis:latest - build: - dockerfile: Dockerfile - context: ../../ + # When testing local changes, uncomment the following commented lines and comment out "image" + # This will build the mantis container locally instead of pulling from GHRC + #build: + # dockerfile: Dockerfile + # context: ../../ + image: ghcr.io/phonepe/mantis:latest container_name: mantis restart: on-failure command: sleep infinity From ed98f5f76f27d14785622172d87bbd2d96aae97c Mon Sep 17 00:00:00 2001 From: devplayer55221 Date: Wed, 23 Oct 2024 11:51:59 +0530 Subject: [PATCH 4/4] reverting back config_client.py --- mantis/config_parsers/config_client.py | 1 - 1 file changed, 1 deletion(-) diff --git a/mantis/config_parsers/config_client.py b/mantis/config_parsers/config_client.py index 1db26fd..ef0880d 100644 --- a/mantis/config_parsers/config_client.py +++ b/mantis/config_parsers/config_client.py @@ -40,4 +40,3 @@ def get_config(): else: ConfigProvider.get_local_config() return ConfigProvider.yml_config -