Skip to content

Commit

Permalink
adjust automated scoping to run, only after enrich
Browse files Browse the repository at this point in the history
  • Loading branch information
@jcran
jcran committed Jul 21, 2020
1 parent cf90251 commit 118557a
Show file tree
Hide file tree
Showing 3 changed files with 99 additions and 84 deletions.
52 changes: 24 additions & 28 deletions lib/entity_manager.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,25 +273,6 @@ def self.create_or_merge_entity(task_result_id,type_string,name,details,primary_
###
#####

### if the entity has specific scoping instructions (now that we have an entity)
##
## the default method on the base class simply sets what was available previously
## See the inidivdiual entity files for this logic.
##
if scope_request
tr.log "Entity Scope request!"
entity.scoped = scope_request.to_bool
tr.log "Using entity scoping request, got #{entity.scoped}"
else
entity.scoped = entity.scoped? #always fall back to our entity-specific logic if there was no request
tr.log "Using entity scoping logic, got #{entity.scoped}"
end

# SAVE IT
entity.save_changes

tr.log "FINAL scoping decision for #{entity.name}: #{entity.scoped}"

# ENRICHMENT LAUNCH (this may re-run if an entity has just been scoped in)
if tr.auto_enrich && !entity.deny_list && (!entity_already_existed || project.allow_reenrich)
# Check if we've alrady run first and return gracefully if so
Expand All @@ -301,7 +282,7 @@ def self.create_or_merge_entity(task_result_id,type_string,name,details,primary_
# starts a new background task... so anything that needs to happen from
# this point should happen in that new background task
if entity.enriched
tr.log "Re-enriching entity!"
tr.log "Re-scheduling enrichement for entity!"
end

entity.enrich(tr)
Expand All @@ -311,13 +292,6 @@ def self.create_or_merge_entity(task_result_id,type_string,name,details,primary_
tr.log "Skipping enrichment... entity exists!" if entity_already_existed
tr.log "Skipping enrichment... entity on deny list!" if entity.deny_list
end

###
### TODO
### TODO push it back into a machine from here if the scope changes
### TODO
###


# Attach the alias.. this can be confusing....
# ----
Expand Down Expand Up @@ -345,7 +319,29 @@ def self.create_or_merge_entity(task_result_id,type_string,name,details,primary_

end

# return the entity

####
#### Finally, set scope, enrichment has run
####

### if the entity has specific scoping instructions (now that we have an entity)
##
## the default method on the base class simply sets what was available previously
## See the inidivdiual entity files for this logic.
##
if scope_request

tr.log "Entity Scope request!"
entity.scoped = scope_request.to_bool
entity.scoped_at = Time.now.utc
tr.log "Using entity scoping request, got #{entity.scoped}"
tr.log "MANUAL scoping decision for #{entity.name}: #{entity.scoped}"

# SAVE IT
entity.save_changes
end

# return the entity, with enrichment now scheduled
entity
end

Expand Down
2 changes: 1 addition & 1 deletion lib/system/match_exceptions.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ def standard_no_traverse?(entity_name, type_string="Domain", skip_exceptions=[])
elsif (type_string == "Domain" || type_string == "DnsRecord" || type_string == "Uri" )
(standard_name_exceptions - skip_exceptions).each do |exception|
if exception.match(entity_name) || exception.match(".#{entity_name}")
puts "Matched #{exception}"
#puts "Matched #{exception}"
out = exception
end
end
Expand Down
129 changes: 74 additions & 55 deletions lib/tasks/base.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,77 +157,96 @@ def perform(task_result_id)
## FINALIZE ENRICHMENT
###
# Now, if this is an enrichment type task, we want to mark our enrichemnt complete
# if it's true, we can set it and launch our followon-work!
if Intrigue::TaskFactory.create_by_name(@task_result.task_name).class.metadata[:type] == "enrichment"
# entity should now be enriched!

### NOW WE CAN SET ENRICHED!
@entity.enriched = true

### NOW WE CAN DECIDE SCOPE BASED ON COMPLETE ENTITY (unless we were already scoped in!
unless @entity.scoped_at
@entity.scoped_at = Time.now.utc
@entity.scoped = @entity.scoped? #always fall back to our entity-specific logic if there was no request
_log_good "POST-ENRICH AUTOMATED ENTITY SCOPE: #{@entity.scoped}"
end

@entity.save_changes
else
_log "Not an enrichment task, skipping machine generation"
end


###
## POST ENRICHMENT, KICK OFF MACHINES for SCOPED ENTiTIES ONLY
###s
if @entity.enriched && @entity.scoped? && !@entity.hidden # technically socpeed shoudl handle but it doesnt
###
## NOW, KICK OFF MACHINES for SCOPED ENTiTIES ONLY
###

# MACHINE LAUNCH (ONLY IF WE ARE ATTACHED TO A MACHINE)
# if this is part of a scan and we're in depth
if @task_result.scan_result && @task_result.depth > 0
# technically socped shoudl handle but it doesnt
if @entity.enriched && @entity.scoped? #&& [email protected]

machine_name = @task_result.scan_result.machine
@task_result.log "Launching machine #{machine_name} on #{@entity.name}"
machine = Intrigue::MachineFactory.create_by_name(machine_name)
# MACHINE LAUNCH (ONLY IF WE ARE ATTACHED TO A MACHINE)
# if this is part of a scan and we're in depth
if @task_result.scan_result && @task_result.depth > 0

unless machine
raise "Unable to continue, missing machine: #{machine_name}!!!"
end

##
## Start the machine!
##
machine.start(@entity, @task_result)
machine_name = @task_result.scan_result.machine
@task_result.log "Launching machine #{machine_name} on #{@entity.name}"
machine = Intrigue::MachineFactory.create_by_name(machine_name)

else
@task_result.log "No machine configured for #{@entity.name}!"
end
unless machine
raise "Unable to continue, missing machine: #{machine_name}!!!"
end

##
## Start the machine!
##
machine.start(@entity, @task_result)

else
@task_result.log "No machine configured for #{@entity.name}!"
end

scan_result = @task_result.scan_result
if scan_result
scan_result.decrement_task_count

#####################
# Call Handlers #
#####################
scan_result = @task_result.scan_result
if scan_result
scan_result.decrement_task_count

### Task Result Handlers
if @task_result.handlers.count > 0
_log "Launching Task Handlers!"
@task_result.handle_attached
@task_result.handlers_complete = true
else
_log "No task result handlers configured."
end
#####################
# Call Handlers #
#####################

### Scan Result Handlers
if scan_result.handlers.count > 0
# Check our incomplete task count on the scan to see if this is the last one
if scan_result.incomplete_task_count <= 0
_log "Last task standing, let's handle the scan!"
scan_result.handle_attached
# let's mark it complete if there's nothing else to do here.
scan_result.handlers_complete = true
scan_result.complete = true
scan_result.save_changes
### Task Result Handlers
if @task_result.handlers.count > 0
_log "Launching Task Handlers!"
@task_result.handle_attached
@task_result.handlers_complete = true
else
_log "No task result handlers configured."
end

### Scan Result Handlers
if scan_result.handlers.count > 0
# Check our incomplete task count on the scan to see if this is the last one
if scan_result.incomplete_task_count <= 0
_log "Last task standing, let's handle the scan!"
scan_result.handle_attached
# let's mark it complete if there's nothing else to do here.
scan_result.handlers_complete = true
scan_result.complete = true
scan_result.save_changes
end
else
_log "No scan result handlers configured."
end
else
_log "No scan result handlers configured."
end
end
else
_log "Entity not scoped, no machine will be run."
end
else
_log "Entity not scoped, no machine will be run."
end





else
_log "Not an enrichment task, skipping machine generation"
end


ensure
begin

Expand Down

0 comments on commit 118557a

Please sign in to comment.