Merge branch 'master' into dependabot/npm_and_yarn/openbas-front/expr…

…ess-4.20.0
OpenBAS-Platform · Sep 16, 2024 · 726c697 · 726c697
2 parents d05621f + 71bb26a
commit 726c697
Show file tree

Hide file tree

Showing 9 changed files with 73 additions and 42 deletions.
diff --git a/openbas-api/src/main/java/io/openbas/injectors/openbas/OpenBASInjector.java b/openbas-api/src/main/java/io/openbas/injectors/openbas/OpenBASInjector.java
@@ -20,7 +20,7 @@ public class OpenBASInjector {
     private static final String OPENBAS_INJECTOR_ID = "49229430-b5b5-431f-ba5b-f36f599b0144";
 
     private String dlUri(OpenBASConfig openBASConfig, String platform, String arch) {
-        return openBASConfig.getBaseUrl() + "/api/implant/openbas/" + platform + "/" + arch;
+        return openBASConfig.getBaseUrlForAgent() + "/api/implant/openbas/" + platform + "/" + arch;
     }
 
     @SuppressWarnings("SameParameterValue")
@@ -31,7 +31,7 @@ private String dlVar(OpenBASConfig openBASConfig, String platform, String arch)
     @Autowired
     public OpenBASInjector(InjectorService injectorService, OpenBASImplantContract contract, OpenBASConfig openBASConfig) {
         String tokenVar = "token=\"" + openBASConfig.getAdminToken() + "\"";
-        String serverVar = "server=\"" + openBASConfig.getBaseUrl() + "\"";
+        String serverVar = "server=\"" + openBASConfig.getBaseUrlForAgent() + "\"";
         Map<String, String> executorCommands = new HashMap<>();
         executorCommands.put(Endpoint.PLATFORM_TYPE.Windows.name() + "." + Endpoint.PLATFORM_ARCH.x86_64, "$x=\"#{location}\";$location=$x.Replace(\"\\obas-agent-caldera.exe\", \"\");[Environment]::CurrentDirectory = $location;$filename=\"obas-implant-#{inject}.exe\";$" + tokenVar + ";$" + serverVar + ";" + dlVar(openBASConfig, "windows", "x86_64") + ";$wc=New-Object System.Net.WebClient;$data=$wc.DownloadData($url);[io.file]::WriteAllBytes($filename,$data) | Out-Null;Remove-NetFirewallRule -DisplayName \"Allow OpenBAS Inbound\";New-NetFirewallRule -DisplayName \"Allow OpenBAS Inbound\" -Direction Inbound -Program \"$location\\$filename\" -Action Allow | Out-Null;Remove-NetFirewallRule -DisplayName \"Allow OpenBAS Outbound\";New-NetFirewallRule -DisplayName \"Allow OpenBAS Outbound\" -Direction Outbound -Program \"$location\\$filename\" -Action Allow | Out-Null;Start-Process -FilePath \"$location\\$filename\" -ArgumentList \"--uri $server --token $token --inject-id #{inject}\" -WindowStyle hidden;");
         executorCommands.put(Endpoint.PLATFORM_TYPE.Linux.name() + "." + Endpoint.PLATFORM_ARCH.x86_64, "x=\"#{location}\";location=$(echo \"$x\" | sed \"s#/openbas-caldera-agent##\");filename=obas-implant-#{inject};" + serverVar + ";" + tokenVar + ";curl -s -X GET " + dlUri(openBASConfig, "linux", "x86_64") + " > $location/$filename;chmod +x $location/$filename;$location/$filename --uri $server --token $token --inject-id #{inject} &");

diff --git a/openbas-api/src/main/java/io/openbas/rest/settings/response/PlatformSettings.java b/openbas-api/src/main/java/io/openbas/rest/settings/response/PlatformSettings.java
@@ -3,14 +3,16 @@
 import com.fasterxml.jackson.annotation.JsonProperty;
 import io.openbas.rest.settings.form.PolicyInput;
 import io.openbas.rest.settings.form.ThemeInput;
-import lombok.*;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
 
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import static java.util.Optional.ofNullable;
 import static lombok.AccessLevel.NONE;
 
 @Setter
@@ -25,6 +27,9 @@ public class PlatformSettings {
   @JsonProperty("platform_base_url")
   private String platformBaseUrl;
 
+  @JsonProperty("platform_agent_url")
+  private String platformAgentUrl;
+
   @JsonProperty("platform_theme")
   private String platformTheme;
 

diff --git a/openbas-api/src/main/java/io/openbas/service/PlatformSettingsService.java b/openbas-api/src/main/java/io/openbas/service/PlatformSettingsService.java
@@ -192,6 +192,7 @@ public PlatformSettings findSettings() {
           ofNullable(dbSettings.get(PLATFORM_NAME.key())).map(Setting::getValue).orElse(PLATFORM_NAME.defaultValue())
       );
       platformSettings.setPlatformBaseUrl(openBASConfig.getBaseUrl());
+      platformSettings.setPlatformAgentUrl(openBASConfig.getBaseUrlForAgent());
       platformSettings.setXtmOpenctiEnable(openCTIConfig.getEnable());
       platformSettings.setXtmOpenctiUrl(openCTIConfig.getUrl());
       platformSettings.setAiEnabled(aiConfig.isEnabled());

diff --git a/openbas-framework/src/main/java/io/openbas/asset/EndpointService.java b/openbas-framework/src/main/java/io/openbas/asset/EndpointService.java
@@ -108,7 +108,7 @@ public String getFileOrDownloadFromJfrog(String platform, String file, String ad
       in = new BufferedInputStream(new URL(JFROG_BASE + resourcePath + filename).openStream());
     }
     return IOUtils.toString(in, StandardCharsets.UTF_8)
-            .replace("${OPENBAS_URL}", openBASConfig.getBaseUrl())
+            .replace("${OPENBAS_URL}", openBASConfig.getBaseUrlForAgent())
             .replace("${OPENBAS_TOKEN}", adminToken);
   }
 

diff --git a/openbas-framework/src/main/java/io/openbas/config/OpenBASConfig.java b/openbas-framework/src/main/java/io/openbas/config/OpenBASConfig.java
@@ -2,11 +2,14 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.fasterxml.jackson.annotation.JsonProperty;
+import jakarta.validation.constraints.NotBlank;
 import lombok.Data;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 
+import static org.springframework.util.StringUtils.hasText;
+
 @Component
 @ConfigurationProperties(prefix = "openbas")
 @Data
@@ -64,8 +67,20 @@ public class OpenBASConfig {
   @JsonIgnore
   private boolean cookieSecure = false;
 
-
   public String getBaseUrl() {
-    return baseUrl.endsWith("/") ? baseUrl.substring(0, baseUrl.length() - 1) : baseUrl;
+    return url(baseUrl);
+  }
+
+  @JsonProperty("application_agent_url")
+  private String agentUrl;
+
+  public String getBaseUrlForAgent() {
+    return hasText(agentUrl) ? url(agentUrl) :url(baseUrl);
+  }
+
+  // -- PRIVATE --
+
+  private String url(@NotBlank final String url) {
+    return url.endsWith("/") ? url.substring(0, url.length() - 1) : url;
   }
 }
diff --git a/openbas-front/package.json b/openbas-front/package.json
@@ -24,7 +24,7 @@
     "@uiw/react-md-editor": "4.0.4",
     "@xyflow/react": "12.2.1",
     "apexcharts": "3.51.0",
-    "axios": "1.7.4",
+    "axios": "1.7.7",
     "ckeditor5-custom-build": "link:packages/ckeditor5-custom-build",
     "classcat": "^5.0.5",
     "classnames": "2.5.1",
@@ -36,7 +36,7 @@
     "final-form": "4.20.10",
     "final-form-arrays": "3.1.0",
     "history": "5.3.0",
-    "html-react-parser": "5.1.12",
+    "html-react-parser": "5.1.16",
     "html-to-image": "1.11.11",
     "http-proxy-middleware": "2.0.6",
     "js-file-download": "0.4.12",
@@ -47,7 +47,7 @@
     "normalizr": "3.6.2",
     "pdfmake": "0.2.10",
     "prop-types": "15.8.1",
-    "qs": "6.12.3",
+    "qs": "6.13.0",
     "ramda": "0.30.1",
     "react": "18.3.1",
     "react-apexcharts": "1.4.1",

diff --git a/openbas-front/src/admin/components/agents/Agents.tsx b/openbas-front/src/admin/components/agents/Agents.tsx
@@ -226,8 +226,8 @@ MD5: d604c952bb3c6d96621594d39992c499
 SHA1: 5b6087f87f5f2ae129f888bba799611836eb39a2
 SHA256: 98d1e64445bbef46a36d4724699a386646de78881a1b6f2b346122c76d696c12
 SHA512: ca07dc1d0a5297e29327e483f4f35dadb254d96a16a5c33da5ad048e6965a3863d621518a2be40f1a42226c68cbf5e779382a37ee5baa7dd7c538ec73ce059e8`,
-          displayedCode: `curl -s ${settings.platform_base_url}/api/agent/installer/openbas/linux/${userToken?.token_value} | sudo sh`,
-          code: `curl -s ${settings.platform_base_url}/api/agent/installer/openbas/linux/${userToken?.token_value} | sudo sh`,
+          displayedCode: `curl -s ${settings.platform_agent_url}/api/agent/installer/openbas/linux/${userToken?.token_value} | sudo sh`,
+          code: `curl -s ${settings.platform_agent_url}/api/agent/installer/openbas/linux/${userToken?.token_value} | sudo sh`,
         };
       case 'macos':
         return {

diff --git a/openbas-front/src/utils/api-types.d.ts b/openbas-front/src/utils/api-types.d.ts
@@ -2473,6 +2473,7 @@ export interface PlatformSettings {
   java_version?: string;
   map_tile_server_dark?: string;
   map_tile_server_light?: string;
+  platform_agent_url?: string;
   platform_ai_enabled?: boolean;
   platform_ai_has_token?: boolean;
   platform_ai_model?: string;

diff --git a/openbas-front/yarn.lock b/openbas-front/yarn.lock
@@ -5592,14 +5592,14 @@ __metadata:
   languageName: node
   linkType: hard
 
-"axios@npm:1.7.4":
-  version: 1.7.4
-  resolution: "axios@npm:1.7.4"
+"axios@npm:1.7.7":
+  version: 1.7.7
+  resolution: "axios@npm:1.7.7"
   dependencies:
     follow-redirects: "npm:^1.15.6"
     form-data: "npm:^4.0.0"
     proxy-from-env: "npm:^1.1.0"
-  checksum: 10c0/5ea1a93140ca1d49db25ef8e1bd8cfc59da6f9220159a944168860ad15a2743ea21c5df2967795acb15cbe81362f5b157fdebbea39d53117ca27658bab9f7f17
+  checksum: 10c0/4499efc89e86b0b49ffddc018798de05fab26e3bf57913818266be73279a6418c3ce8f9e934c7d2d707ab8c095e837fc6c90608fb7715b94d357720b5f568af7
   languageName: node
   linkType: hard
 
@@ -9296,13 +9296,13 @@ __metadata:
   languageName: node
   linkType: hard
 
-"html-dom-parser@npm:5.0.9":
-  version: 5.0.9
-  resolution: "html-dom-parser@npm:5.0.9"
+"html-dom-parser@npm:5.0.10":
+  version: 5.0.10
+  resolution: "html-dom-parser@npm:5.0.10"
   dependencies:
     domhandler: "npm:5.0.3"
     htmlparser2: "npm:9.1.0"
-  checksum: 10c0/d440520dbc1b2f295af70292d409435c89f5b5cb2f0d370722e76ddad473cb3ab750c4e4db2c3625ca4e469f5638a5aef716d31874c3b001d964cdbdcf090736
+  checksum: 10c0/cc81f276cd90c4583a79eca13c4c29dfe5b049c06235f8259a007855f3f69cb30c44ee8ff7f7ac64114de6c7bc4ea47c394780a61b670e4b01814822e3f69b5e
   languageName: node
   linkType: hard
 
@@ -9322,21 +9322,21 @@ __metadata:
   languageName: node
   linkType: hard
 
-"html-react-parser@npm:5.1.12":
-  version: 5.1.12
-  resolution: "html-react-parser@npm:5.1.12"
+"html-react-parser@npm:5.1.16":
+  version: 5.1.16
+  resolution: "html-react-parser@npm:5.1.16"
   dependencies:
     domhandler: "npm:5.0.3"
-    html-dom-parser: "npm:5.0.9"
+    html-dom-parser: "npm:5.0.10"
     react-property: "npm:2.0.2"
-    style-to-js: "npm:1.1.12"
+    style-to-js: "npm:1.1.14"
   peerDependencies:
     "@types/react": 0.14 || 15 || 16 || 17 || 18
     react: 0.14 || 15 || 16 || 17 || 18
   peerDependenciesMeta:
     "@types/react":
       optional: true
-  checksum: 10c0/2979bfb5934d65608c7ceb50325b36a7901a674ee8ac3a765b08d61d5fd396870d9061aa6c63cf44291a566fc5bc451d80a9f9d92ef89ed5fef7e0a8036be9cd
+  checksum: 10c0/2e6581b2086b6d82e229369672f885c878813216bab2b10599f5eabe61450ba2b6200f9314b6cb7011f2a63024f79bb7b8db30bee06d9f5750ff6e6f4cb2849e
   languageName: node
   linkType: hard
 
@@ -12051,7 +12051,7 @@ __metadata:
     "@vitejs/plugin-react": "npm:4.3.0"
     "@xyflow/react": "npm:12.2.1"
     apexcharts: "npm:3.51.0"
-    axios: "npm:1.7.4"
+    axios: "npm:1.7.7"
     chokidar: "npm:3.6.0"
     ckeditor5-custom-build: "link:packages/ckeditor5-custom-build"
     classcat: "npm:^5.0.5"
@@ -12081,7 +12081,7 @@ __metadata:
     fs-extra: "npm:11.2.0"
     globals: "npm:15.9.0"
     history: "npm:5.3.0"
-    html-react-parser: "npm:5.1.12"
+    html-react-parser: "npm:5.1.16"
     html-to-image: "npm:1.11.11"
     http-proxy-middleware: "npm:2.0.6"
     js-file-download: "npm:0.4.12"
@@ -12094,7 +12094,7 @@ __metadata:
     nyc: "npm:17.0.0"
     pdfmake: "npm:0.2.10"
     prop-types: "npm:15.8.1"
-    qs: "npm:6.12.3"
+    qs: "npm:6.13.0"
     ramda: "npm:0.30.1"
     react: "npm:18.3.1"
     react-apexcharts: "npm:1.4.1"
@@ -13109,12 +13109,21 @@ __metadata:
   languageName: node
   linkType: hard
 
-"qs@npm:6.12.3":
-  version: 6.12.3
-  resolution: "qs@npm:6.12.3"
+"qs@npm:6.13.0":
+  version: 6.13.0
+  resolution: "qs@npm:6.13.0"
   dependencies:
     side-channel: "npm:^1.0.6"
-  checksum: 10c0/243ddcc8f49dab78fc51041f7f64c500b47c671c45a101a8aca565d8537cb562921da7ef1a831b4a7051596ec88bb35a0d5e25a240025e8b32c6bfb69f00bf2f
+  checksum: 10c0/62372cdeec24dc83a9fb240b7533c0fdcf0c5f7e0b83343edd7310f0ab4c8205a5e7c56406531f2e47e1b4878a3821d652be4192c841de5b032ca83619d8f860
+  languageName: node
+  linkType: hard
+
+"qs@npm:6.13.0":
+  version: 6.13.0
+  resolution: "qs@npm:6.13.0"
+  dependencies:
+    side-channel: "npm:^1.0.6"
+  checksum: 10c0/62372cdeec24dc83a9fb240b7533c0fdcf0c5f7e0b83343edd7310f0ab4c8205a5e7c56406531f2e47e1b4878a3821d652be4192c841de5b032ca83619d8f860
   languageName: node
   linkType: hard
 
@@ -14831,21 +14840,21 @@ __metadata:
   languageName: node
   linkType: hard
 
-"style-to-js@npm:1.1.12":
-  version: 1.1.12
-  resolution: "style-to-js@npm:1.1.12"
+"style-to-js@npm:1.1.14":
+  version: 1.1.14
+  resolution: "style-to-js@npm:1.1.14"
   dependencies:
-    style-to-object: "npm:1.0.6"
-  checksum: 10c0/4b03ac3cec5d0e4c2578513dfbae9861eb9fb56825bccfd64bddcdf067e66805d6f160b93d2985aad4198893940fa162c4c85c3969e13ba2662a5824231c009c
+    style-to-object: "npm:1.0.7"
+  checksum: 10c0/5ef92ed22fa7725b2be8e611bd9e9a7d2d822d1b6ffcc7d53729821dab10a6e66f15411b9280a540bde4e82dd6a28b0629fe68859527787ae4e196af1e027253
   languageName: node
   linkType: hard
 
-"style-to-object@npm:1.0.6":
-  version: 1.0.6
-  resolution: "style-to-object@npm:1.0.6"
+"style-to-object@npm:1.0.7":
+  version: 1.0.7
+  resolution: "style-to-object@npm:1.0.7"
   dependencies:
     inline-style-parser: "npm:0.2.3"
-  checksum: 10c0/be5e8e3f0e35c0338de4112b9d861db576a52ebbd97f2501f1fb2c900d05c8fc42c5114407fa3a7f8b39301146cd8ca03a661bf52212394125a9629d5b771aba
+  checksum: 10c0/61f393482fdaf3f88acb1a31087875073d952c22f7614de90d5ce4f7aa86714c2523f96ab6ebefbecb327cfb31b41c14151878cb5e1e7999e5ee006987a11e62
   languageName: node
   linkType: hard