Skip to content

Commit

Permalink
Sanitize report's inputs and usernames - 3.13.x (#4336)
Browse files Browse the repository at this point in the history
* feature: Add parameter validation to reporting endpoints
- Removed some parameters when creating endpoints and added groupID and
  agentID. Now the report name is built in the backend.
- Add testing with Jest
- Add tests with invalid expected parameters

* changelog: Add PR entry to the changelog and bump versions

* bump: bump revision to 889

* fix: fixed the report filename for agent inventory data that didn't display the agent ID
  • Loading branch information
Desvelao authored Aug 11, 2022
1 parent 8c94a9e commit 0b3ce55
Show file tree
Hide file tree
Showing 10 changed files with 391 additions and 67 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

All notable changes to the Wazuh app project will be documented in this file.

## Wazuh v3.13.5 - Kibana 7.9.2 - Revision 889

- Sanitize report's inputs and usernames [#4336](https://github.com/wazuh/wazuh-kibana-app/pull/4336)

## Wazuh v3.13.2 - Kibana v7.9.2 - Revision 887

### Added
Expand Down
13 changes: 8 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -87,9 +87,9 @@ This plugin for Kibana allows you to visualize and analyze Wazuh alerts stored i

## Requisites

- Wazuh HIDS 3.13.2
- Wazuh RESTful API 3.13.2
- Kibana 7.9.1
- Wazuh HIDS 3.13.5
- Wazuh RESTful API 3.13.5
- Kibana 7.9.3
- Elasticsearch 7.9.2

## Installation
Expand All @@ -98,7 +98,7 @@ Install the Wazuh app plugin for Kibana

```
cd /usr/share/kibana
sudo -u kibana bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.2_7.9.2.zip
sudo -u kibana bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.5_7.9.2.zip
```

Restart Kibana
Expand Down Expand Up @@ -164,7 +164,7 @@ Install the Wazuh app

```
cd /usr/share/kibana/
sudo -u kibana bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.2_7.9.2.zip
sudo -u kibana bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.5_7.9.2.zip
```

Update configuration file permissions.
Expand Down Expand Up @@ -193,6 +193,9 @@ service kibana restart

| Wazuh app | Kibana | Open Distro | Package |
| :-------: | :----: | :---------: | :-------------------------------------------------------------- |
| 3.13.5 | 7.9.2 | | <https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.5_7.9.2.zip> |
| 3.13.4 | 7.9.2 | | <https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.4_7.9.2.zip> |
| 3.13.3 | 7.9.2 | | <https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.3_7.9.2.zip> |
| 3.13.2 | 7.9.2 | | <https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.2_7.9.2.zip> |
| 3.13.2 | 7.9.1 | | <https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.2_7.9.1.zip> |
| 3.13.2 | 7.8.0 | | <https://packages.wazuh.com/wazuhapp/wazuhapp-3.13.2_7.8.0.zip> |
Expand Down
9 changes: 5 additions & 4 deletions package.json
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
{
"name": "wazuh",
"version": "3.13.2",
"revision": "0886",
"code": "0886-0",
"version": "3.13.5",
"revision": "0889",
"code": "0889-0",
"kibana": {
"version": "7.9.2"
},
Expand Down Expand Up @@ -37,7 +37,8 @@
"test": "_mocha test/**/*",
"test:ui:runner": "node ../../scripts/functional_test_runner.js",
"test:server": "plugin-helpers test:server",
"test:browser": "plugin-helpers test:browser"
"test:browser": "plugin-helpers test:browser",
"test:jest": "node test/jest/jest"
},
"dependencies": {
"angular-animate": "1.7.8",
Expand Down
18 changes: 2 additions & 16 deletions public/react-services/reporting.js
Original file line number Diff line number Diff line change
Expand Up @@ -93,16 +93,11 @@ export class ReportingService {
);

const array = await this.vis2png.checkArray(idArray);
const name = `wazuh-${
isAgents ? 'agents' : 'overview'
}-${tab}-${(Date.now() / 1000) | 0}.pdf`;

const browserTimezone = moment.tz.guess(true);

const data = {
array,
name,
title: isAgents ? `Agents ${tab}` : `Overview ${tab}`,
filters: appliedFilters.filters,
time: appliedFilters.time,
searchBar: appliedFilters.searchBar,
Expand Down Expand Up @@ -138,26 +133,17 @@ export class ReportingService {
this.$rootScope.reportStatus = 'Generating PDF document...';
this.$rootScope.$applyAsync();

const docType =
type === 'agentConfig'
? `wazuh-agent-${obj.id}`
: `wazuh-group-${obj.name}`;

const name = `${docType}-configuration-${(Date.now() / 1000) | 0}.pdf`;
const browserTimezone = moment.tz.guess(true);

const data = {
array: [],
name,
filters: [
type === 'agentConfig' ? { agent: obj.id } : { group: obj.name }
],
time: '',
searchBar: '',
tables: [],
tab: type,
browserTimezone,
components
components,
...(type === 'agentConfig' ? { agentID: obj.id } : { groupID: obj.name })
};

await this.genericReq.request('POST', '/reports', data);
Expand Down
18 changes: 2 additions & 16 deletions public/services/reporting.js
Original file line number Diff line number Diff line change
Expand Up @@ -85,16 +85,11 @@ export class ReportingService {
);

const array = await this.vis2png.checkArray(idArray);
const name = `wazuh-${
isAgents ? 'agents' : 'overview'
}-${tab}-${(Date.now() / 1000) | 0}.pdf`;

const browserTimezone = moment.tz.guess(true);

const data = {
array,
name,
title: isAgents ? `Agents ${tab}` : `Overview ${tab}`,
filters: appliedFilters.filters,
time: appliedFilters.time,
searchBar: appliedFilters.searchBar,
Expand Down Expand Up @@ -129,26 +124,17 @@ export class ReportingService {
this.$rootScope.reportStatus = 'Generating PDF document...';
this.$rootScope.$applyAsync();

const docType =
type === 'agentConfig'
? `wazuh-agent-${obj.id}`
: `wazuh-group-${obj.name}`;

const name = `${docType}-configuration-${(Date.now() / 1000) | 0}.pdf`;
const browserTimezone = moment.tz.guess(true);

const data = {
array: [],
name,
filters: [
type === 'agentConfig' ? { agent: obj.id } : { group: obj.name }
],
time: '',
searchBar: '',
tables: [],
tab: type,
browserTimezone,
components
components,
...(type === 'agentConfig' ? { agentID: obj.id } : { groupID: obj.name })
};

await this.genericReq.request('POST', '/reports', data);
Expand Down
60 changes: 34 additions & 26 deletions server/controllers/wazuh-reporting.js
Original file line number Diff line number Diff line change
Expand Up @@ -1862,6 +1862,7 @@ export class WazuhReportingCtrl {
* @returns {Object} pdf or ErrorResponse
*/
async report(req, reply) {
let pathFilename;
try {
log('reporting:report', `Report started`, 'info');
// Init
Expand All @@ -1886,7 +1887,7 @@ export class WazuhReportingCtrl {
if (req.payload && req.payload.array) {
const payload = (req || {}).payload || {};
const headers = (req || {}).headers || {};
const { name, tab, section, isAgents, browserTimezone } = payload;
const { tab, section, isAgents, browserTimezone, agentID, groupID } = payload;
const apiId = headers.id || false;
const pattern = headers.pattern || false;
const from = (payload.time || {}).from || false;
Expand All @@ -1895,6 +1896,20 @@ export class WazuhReportingCtrl {
const isAgentConfig = tab === 'agentConfig';
const isGroupConfig = tab === 'groupConfig';

// Generate the filename of report depeding on request parameters
const filename = tab === 'syscollector'
? `wazuh-agent-inventory-${isAgents}-${this.generateReportTimestamp()}.pdf`
: (isAgentConfig
? `wazuh-agent-configuration-${agentID}-${this.generateReportTimestamp()}.pdf`
: ( isGroupConfig
? `wazuh-group-configuration-${groupID}-${this.generateReportTimestamp()}.pdf`
: `wazuh-module-${isAgents ? `agents-${isAgents}` : 'overview'}-${tab}-${this.generateReportTimestamp()}.pdf`
)
);

// Generate the path to filename
pathFilename = path.join(__dirname, REPORTING_PATH, filename);

// Pass the namespace if present to all the requesters
if (pattern) {
const spaces = this.server.plugins.spaces;
Expand All @@ -1921,10 +1936,6 @@ export class WazuhReportingCtrl {
throw new Error(
'Reporting needs a valid Wazuh API ID in order to work properly'
);
if (!name)
throw new Error(
'Reporting needs a valid file name in order to work properly'
);

let tables = [];
if (isGroupConfig) {
Expand All @@ -1940,19 +1951,18 @@ export class WazuhReportingCtrl {
labels: 'Labels',
sca: 'Security configuration assessment'
};
const g_id = kfilters[0].group;
kfilters = [];
const enabledComponents = req.payload.components;
this.dd.content.push({
text: `Group ${g_id} configuration`,
text: `Group ${groupID} configuration`,
style: 'h1'
});
if (enabledComponents['0']) {
let configuration = {};
try {
configuration = await this.apiRequest.makeGenericRequest(
'GET',
`/agents/groups/${g_id}/configuration`,
`/agents/groups/${groupID}/configuration`,
{},
apiId
);
Expand Down Expand Up @@ -2150,7 +2160,7 @@ export class WazuhReportingCtrl {
try {
agentsInGroup = await this.apiRequest.makeGenericRequest(
'GET',
`/agents/groups/${g_id}`,
`/agents/groups/${groupID}`,
{},
apiId
);
Expand All @@ -2159,7 +2169,7 @@ export class WazuhReportingCtrl {
}
await this.renderHeader(
tab,
g_id,
groupID,
(((agentsInGroup || []).data || []).items || []).map(x => x.id),
apiId
);
Expand All @@ -2168,12 +2178,11 @@ export class WazuhReportingCtrl {
if (isAgentConfig) {
const configurations = AgentConfiguration.configurations;
const enabledComponents = req.payload.components;
const a_id = kfilters[0].agent;
let wmodules = {};
try {
wmodules = await this.apiRequest.makeGenericRequest(
'GET',
`/agents/${a_id}/config/wmodules/wmodules`,
`/agents/${agentID}/config/wmodules/wmodules`,
{},
apiId
);
Expand All @@ -2182,7 +2191,7 @@ export class WazuhReportingCtrl {
}

kfilters = [];
await this.renderHeader(tab, tab, a_id, apiId);
await this.renderHeader(tab, tab, agentID, apiId);
let idxComponent = 0;
for (let config of configurations) {
let titleOfSection = false;
Expand Down Expand Up @@ -2211,7 +2220,7 @@ export class WazuhReportingCtrl {
if (!conf['name']) {
data = await this.apiRequest.makeGenericRequest(
'GET',
`/agents/${a_id}/config/${conf.component}/${conf.configuration}`,
`/agents/${agentID}/config/${conf.component}/${conf.configuration}`,
{},
apiId
);
Expand Down Expand Up @@ -2692,25 +2701,16 @@ export class WazuhReportingCtrl {

const pdfDoc = this.printer.createPdfKitDocument(this.dd);
await pdfDoc.pipe(
fs.createWriteStream(
path.join(__dirname, REPORTING_PATH + '/' + req.payload.name)
)
fs.createWriteStream(pathFilename)
);
pdfDoc.end();
}
return { error: 0, data: null };
} catch (error) {
log('reporting:report', error.message || error);
// Delete generated file if an error occurred
if (
((req || {}).payload || {}).name &&
fs.existsSync(
path.join(__dirname, REPORTING_PATH + '/' + req.payload.name)
)
) {
fs.unlinkSync(
path.join(__dirname, REPORTING_PATH + '/' + req.payload.name)
);
if ( pathFilename && fs.existsSync(pathFilename) ) {
fs.unlinkSync(pathFilename);
}
return ErrorResponse(error.message || error, 5029, 500, reply);
}
Expand Down Expand Up @@ -2796,4 +2796,12 @@ export class WazuhReportingCtrl {
return ErrorResponse(error.message || error, 5032, 500, reply);
}
}

/**
* Generate a current timestamp in seconds
* @returns
*/
generateReportTimestamp(){
return `${(Date.now() / 1000) | 0}`;
}
}
Loading

0 comments on commit 0b3ce55

Please sign in to comment.