-
Notifications
You must be signed in to change notification settings - Fork 258
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial commit for the frontend of the windows fake file system token
- Loading branch information
1 parent
208b392
commit 65da710
Showing
10 changed files
with
155 additions
and
0 deletions.
There are no files selected for viewing
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
39 changes: 39 additions & 0 deletions
39
frontend_vue/src/components/tokens/windows_fake_fs/ActivatedToken.vue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| <template> | ||
| <TokenDisplay :token-data="tokenData" /> | ||
| <base-message-box | ||
| class="mt-24" | ||
| variant="info" | ||
| message="Once installed (with admin permissions) you'll get an alert whenever someone | ||
| (or someone's code) accesses or copies files in your fake file system." | ||
| /> | ||
| <p class="mt-24 text-sm"> | ||
| It will automatically provide the file that was accessed, and the process used | ||
| to access or copy the file. | ||
| </p> | ||
| <p class="mt-16 text-sm"></p> | ||
| <base-message-box | ||
| class="mt-24" | ||
| variant="warning" | ||
| message="In order to ensure that the token setup works ensure you | ||
| are running the powershell script as admin." | ||
| /> | ||
| </template> | ||
|
|
||
| <script setup lang="ts"> | ||
| import { ref } from 'vue'; | ||
| import TokenDisplay from './TokenDisplay.vue'; | ||
| import type { NewTokenBackendType } from '@/components/tokens/types'; | ||
| const props = defineProps<{ | ||
| tokenData: NewTokenBackendType; | ||
| }>(); | ||
| const tokenData = ref({ | ||
| token: props.tokenData.token || '', | ||
| auth: props.tokenData.auth_token || '', | ||
| }); | ||
| const recommendedReg = ref( | ||
| 'reg import FILENAME /reg:64 \nreg import FILENAME /reg:32' | ||
| ); | ||
| </script> |
30 changes: 30 additions & 0 deletions
30
frontend_vue/src/components/tokens/windows_fake_fs/GenerateTokenForm.vue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| <template> | ||
| <BaseGenerateTokenSettings setting-type="Canarytoken"> | ||
| <BaseFormTextField | ||
| id="windows_fake_fs_root" | ||
| type="text" | ||
| placeholder="Directory Path" | ||
| label="The root directory for the fake file system" | ||
| helper-message="C:\Secrets" | ||
| full-width | ||
| required | ||
| /> | ||
| <div class="flex flex-col gap-16 mt-24 mb-32"> | ||
| <BaseFormSelect | ||
| id="windows_fake_fs_file_structure" | ||
| label="Industry Generated File Tree" | ||
| :options="['option1', 'option2', 'option3']" | ||
| placeholder="Select an option" | ||
| full-width | ||
| required | ||
| /> | ||
| </div> | ||
| </BaseGenerateTokenSettings> | ||
| <GenerateTokenSettingsNotifications | ||
| memo-helper-example="Fake file system token on off-site backup server" | ||
| /> | ||
| </template> | ||
|
|
||
| <script setup lang="ts"> | ||
| import GenerateTokenSettingsNotifications from '@/components/ui/GenerateTokenSettingsNotifications.vue'; | ||
| </script> |
22 changes: 22 additions & 0 deletions
22
frontend_vue/src/components/tokens/windows_fake_fs/ManageToken.vue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| <template> | ||
| <div v-if="!tokenData">Error loading</div> | ||
| <TokenDisplay | ||
| v-else | ||
| :token-data="tokenData" | ||
| /> | ||
| </template> | ||
|
|
||
| <script lang="ts" setup> | ||
| import { ref } from 'vue'; | ||
| import TokenDisplay from './TokenDisplay.vue'; | ||
| import type { ManageTokenBackendType } from '@/components/tokens/types.ts'; | ||
| const props = defineProps<{ | ||
| tokenBackendResponse: ManageTokenBackendType; | ||
| }>(); | ||
| const tokenData = ref({ | ||
| token: props.tokenBackendResponse?.canarydrop?.canarytoken?._value || '', | ||
| auth: props.tokenBackendResponse.canarydrop?.auth || '', | ||
| }); | ||
| </script> |
38 changes: 38 additions & 0 deletions
38
frontend_vue/src/components/tokens/windows_fake_fs/TokenDisplay.vue
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| <template> | ||
| <div class="flex justify-center"> | ||
| <base-button | ||
| class="mt-16" | ||
| @click="handleDownloadMSregistryFile" | ||
| >Download your powershell script</base-button | ||
| > | ||
| </div> | ||
| </template> | ||
|
|
||
| <script setup lang="ts"> | ||
| import { downloadAsset } from '@/api/main'; | ||
| type FakeWindowsFSDataType = { | ||
| auth: string; | ||
| token: string; | ||
| }; | ||
| const props = defineProps<{ | ||
| tokenData: FakeWindowsFSDataType; | ||
| }>(); | ||
| async function handleDownloadMSregistryFile() { | ||
| const params = { | ||
| fmt: 'windows_fake_fs', | ||
| auth: props.tokenData?.auth, | ||
| token: props.tokenData?.token, | ||
| }; | ||
| try { | ||
| const res = await downloadAsset(params); | ||
| window.location.href = res.request.responseURL; | ||
| } catch (err) { | ||
| console.log(err, 'File download failed'); | ||
| } finally { | ||
| console.log('Download ready'); | ||
| } | ||
| } | ||
| </script> |
5 changes: 5 additions & 0 deletions
5
frontend_vue/src/components/tokens/windows_fake_fs/howToUse.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| export const howToUse = [ | ||
| "Create a path to for us to create an empty folder, it can be C:\Secrets or C:\Users\thinkst\Documents\MySecretFiles", | ||
| "Then we'll create scheduled task that runs when you logon, and creates several files there", | ||
| "When an attacker opens or copies these files you will get an alert", | ||
| ]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters