Improve Trusted Microsoft Services Enabled rule (fixes #763) #785

ramimac · 2020-06-10T20:40:24Z

Description

Quick and easy improvement to the Trusted Microsoft Services Enabled rule. See https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.management.storage.fluent.models.networkruleset.bypass?view=azure-dotnet.

NetworkRuleSet.Bypass can be any combination of Logging|Metrics|AzureServices.
Logging/Monitoring have no effect on the rule, so all I did was change the check the be "AzureServices" in instead of ==.

I'm not setup to test this, but it should be trivial (famous last words).

Mind giving it a go @Dziubey ?

Fixes #763

Type of change

Select the relevant option(s):

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to not work as expected)
This change requires a documentation update

Checklist:

My code follows the style guidelines of this project
I have performed a self-review of my own code
I have commented my code, particularly in hard-to-understand areas
My changes generate no new warnings
I have added tests that prove my fix is effective or that my feature works (optional)
New and existing unit tests pass locally with my changes

Dziubey · 2020-06-12T08:57:27Z

Hello @ramimac

I am sorry for missing this. Will test today and provide feedback.

Thanks

Dziubey

Hi @ramimac,

I have tested the updated code, and it seems like everything works as expected now. I had two storage accounts in the same subscription, one with Microsoft Trusted Services enabled and another one with the exception disabled. Only the one with the exception disabled has been flagged.

Adding some screenshots for reference:

Exception enabled
Exception disabled
ScoutSuite report

Thanks for the fix and all the great work on this tool so far!

x4v13r64 · 2020-06-15T07:15:45Z

Thanks @Dziubey.

@ramimac there's a change-freeze for features until we release 5.9, but since this is a bugfix I'll merge it in.

codecov-commenter · 2020-06-15T07:24:28Z

Codecov Report

Merging #785 into develop will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff            @@
##           develop     #785   +/-   ##
========================================
  Coverage    66.25%   66.25%           
========================================
  Files           22       22           
  Lines         1547     1547           
========================================
  Hits          1025     1025           
  Misses         522      522

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update fb10f70...3048b25. Read the comment docs.

fixes #763

b8b9b18

x4v13r64 added this to the 5.10 milestone Jun 11, 2020

Dziubey reviewed Jun 13, 2020

View reviewed changes

Fix bug

3048b25

x4v13r64 self-requested a review June 15, 2020 08:39

x4v13r64 approved these changes Jun 15, 2020

View reviewed changes

x4v13r64 merged commit 807d2bf into develop Jun 15, 2020

x4v13r64 deleted the bugfix/trustedservices branch June 15, 2020 08:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Improve Trusted Microsoft Services Enabled rule (fixes #763) #785

Improve Trusted Microsoft Services Enabled rule (fixes #763) #785

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Improve Trusted Microsoft Services Enabled rule (fixes #763) #785

Improve Trusted Microsoft Services Enabled rule (fixes #763) #785

Uh oh!

Conversation

Description

Type of change

Checklist:

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Codecov Report

Uh oh!

Uh oh!