Rephrase custom PBA file descriptions in configuration

[shreyamalviya]

Related: #1020

[codecov]

Codecov Report

Merging #1027 (2b4fd9e) into release/1.10.0 (53fa550) will increase coverage by 0.54%.
The diff coverage is n/a.

@@ Coverage Diff @@ ## release/1.10.0 #1027 +/- ## ================================================== + Coverage 27.63% 28.18% +0.54%  ================================================== Files 402 402 Lines 12838 12830 -8 ================================================== + Hits 3548 3616 +68  + Misses 9290 9214 -76 

Impacted Files	Coverage Δ
monkey/monkey/infection_monkey/utils/monkey_dir.py	46.66% <0.00%> (+46.66%)	⬆️
monkey/monkey/infection_monkey/post_breach/pba.py	56.81% <0.00%> (+56.81%)	⬆️
...ion_monkey/post_breach/actions/users_custom_pba.py	57.37% <0.00%> (+57.37%)	⬆️
...ey/monkey/infection_monkey/post_breach/__init__.py	100.00% <0.00%> (+100.00%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 53fa550...2b4fd9e. Read the comment docs.

[VakarisZ]

First, let us resolve the PBA fix PR

[ghost]

DeepCode failed to analyze this pull request

Something went wrong despite trying multiple times, sorry about that.
Please comment this pull request with "Retry DeepCode" to manually retry, or contact us so that a human can look into the issue.

[mssalvatore]

Can you explain this change? It think it's not ideal to be downloading files from the island in the constructor if we can avoid it. Also, it makes sense to me that downloading the file is part of execution; I wouldn't expect the initialization of the PBA to fail if there were a network outage or other condition that prevented the download.

[shreyamalviya]

Makes sense; fixed

[mssalvatore]

@shreyamalviya Can you rework and include the tests from #1020?

[VakarisZ]

Unit tests are nice, but not a silver bullet. There's an antipattern in TDD called the "mockery", when most of the functionality is mocked. I don't suggest refactoring the whole pba's to solve it, but I can see BB tests bringing more value here and still being trivial enough to implement (command execution at least). Other PBA's should be tested with BB's IMO.

[VakarisZ]

Suggested change

	"description": "File to be uploaded after breaching. "
	"If you want the file to be executed, "
	"specify it in the 'Linux post breach command' field. "
	"description": "File will be uploaded after breaching. "
	"Use 'Linux post-breach command' field to "
	"change permissions, run or delete the file."

[mssalvatore]

"File will be uploaded" doesn't seem right as a description. "File to be uploaded" is what I would expect.

[VakarisZ]

Suggested change

	"description": "File to be uploaded after breaching. "
	"If you want the file to be executed, "
	"specify it in the 'Windows post breach command' field. "
	"description": "File will be uploaded after breaching. "
	"Use 'Windows post-breach command' field to "
	"run or delete the file."

[VakarisZ]

Suggested change

	"title": "Windows post breach file",
	"title": "Windows post-breach file",

[VakarisZ]

Suggested change

	"title": "Linux post breach file",
	"title": "Linux post-breach file",

[VakarisZ]

We also need to change descriptions of PBA command fields. They should also contain examples. Linux description should be something like:
"Use this field to run custom commands or uploaded files on exploited machines. Example command chmod +x ./my_script.sh; ./my_script.sh ; rm ./my_script.sh"