BB: Fix Zerologon analyzer
This commit is contained in:
parent
7fba5139f7
commit
17e07429a4
|
@ -1,6 +1,7 @@
|
||||||
from pprint import pformat
|
from pprint import pformat
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
||||||
|
from common.credentials import CredentialComponentType, Credentials
|
||||||
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
|
from envs.monkey_zoo.blackbox.analyzers.analyzer import Analyzer
|
||||||
from envs.monkey_zoo.blackbox.analyzers.analyzer_log import AnalyzerLog
|
from envs.monkey_zoo.blackbox.analyzers.analyzer_log import AnalyzerLog
|
||||||
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
from envs.monkey_zoo.blackbox.island_client.monkey_island_client import MonkeyIslandClient
|
||||||
|
@ -26,19 +27,23 @@ class ZerologonAnalyzer(Analyzer):
|
||||||
return is_creds_gathered and is_creds_restored
|
return is_creds_gathered and is_creds_restored
|
||||||
|
|
||||||
def _analyze_credential_gathering(self) -> bool:
|
def _analyze_credential_gathering(self) -> bool:
|
||||||
config = self.island_client.get_config()
|
propagation_credentials = self.island_client.get_propagation_credentials()
|
||||||
credentials_on_island = ZerologonAnalyzer._get_relevant_credentials(config)
|
credentials_on_island = ZerologonAnalyzer._get_relevant_credentials(propagation_credentials)
|
||||||
return self._is_all_credentials_in_list(credentials_on_island)
|
return self._is_all_credentials_in_list(credentials_on_island)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _get_relevant_credentials(config: dict):
|
def _get_relevant_credentials(propagation_credentials: Credentials) -> List[str]:
|
||||||
credentials_on_island = []
|
credentials_on_island = set()
|
||||||
# TODO: Pull configured credentials and put usernames, nt and lm hashes into
|
|
||||||
# credentials_island
|
for credentials in propagation_credentials:
|
||||||
# credentials_on_island.extend(dpath.util.get(config["configuration"], USER_LIST_PATH))
|
if credentials.identity.credential_type is CredentialComponentType.USERNAME:
|
||||||
# credentials_on_island.extend(dpath.util.get(config["configuration"], NTLM_HASH_LIST_PATH))
|
credentials_on_island.update([credentials.identity.username])
|
||||||
# credentials_on_island.extend(dpath.util.get(config["configuration"], LM_HASH_LIST_PATH))
|
if credentials.secret.credential_type is CredentialComponentType.NT_HASH:
|
||||||
return credentials_on_island
|
credentials_on_island.update([credentials.secret.nt_hash])
|
||||||
|
if credentials.secret.credential_type is CredentialComponentType.LM_HASH:
|
||||||
|
credentials_on_island.update([credentials.secret.lm_hash])
|
||||||
|
|
||||||
|
return list(credentials_on_island)
|
||||||
|
|
||||||
def _is_all_credentials_in_list(self, all_creds: List[str]) -> bool:
|
def _is_all_credentials_in_list(self, all_creds: List[str]) -> bool:
|
||||||
credentials_missing = [cred for cred in self.expected_credentials if cred not in all_creds]
|
credentials_missing = [cred for cred in self.expected_credentials if cred not in all_creds]
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import json
|
import json
|
||||||
import logging
|
import logging
|
||||||
import time
|
import time
|
||||||
from typing import Union
|
from typing import Sequence, Union
|
||||||
|
|
||||||
from bson import json_util
|
from bson import json_util
|
||||||
|
|
||||||
|
@ -29,8 +29,9 @@ class MonkeyIslandClient(object):
|
||||||
def get_api_status(self):
|
def get_api_status(self):
|
||||||
return self.requests.get("api")
|
return self.requests.get("api")
|
||||||
|
|
||||||
def get_config(self):
|
def get_propagation_credentials(self) -> Sequence[Credentials]:
|
||||||
return json.loads(self.requests.get("api/agent-configuration").content)
|
response = self.requests.get("api/propagation-credentials")
|
||||||
|
return [Credentials.from_mapping(credentials) for credentials in response.json()]
|
||||||
|
|
||||||
@avoid_race_condition
|
@avoid_race_condition
|
||||||
def import_config(self, test_configuration: TestConfiguration):
|
def import_config(self, test_configuration: TestConfiguration):
|
||||||
|
|
Loading…
Reference in New Issue