p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Island, Agent, Common: rename CredentialsType to CredentialComponentType

This commit is contained in:
vakarisz 2022-02-22 16:12:02 +02:00
parent c87297eb2a
commit 719d8dd2ad
9 changed files with 36 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/common/common_consts/credentials_type.py → monkey/common/common_consts/credential_component_type.py
View File

@ -1,7 +1,7 @@
from enum import Enum
class CredentialsType(Enum):
class CredentialComponentType(Enum):
USERNAME = "username"
PASSWORD = "password"
NT_HASH = "nt_hash"

6
monkey/infection_monkey/credential_collectors/credential_components/lm_hash.py
View File

@ -1,10 +1,12 @@
from dataclasses import dataclass, field
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credential_component_type import CredentialComponentType
from infection_monkey.i_puppet import ICredentialComponent
@dataclass(frozen=True)
class LMHash(ICredentialComponent):
credential_type: CredentialsType = field(default=CredentialsType.LM_HASH.value, init=False)
credential_type: CredentialComponentType = field(
default=CredentialComponentType.LM_HASH.value, init=False
)
lm_hash: str

6
monkey/infection_monkey/credential_collectors/credential_components/nt_hash.py
View File

@ -1,10 +1,12 @@
from dataclasses import dataclass, field
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credential_component_type import CredentialComponentType
from infection_monkey.i_puppet import ICredentialComponent
@dataclass(frozen=True)
class NTHash(ICredentialComponent):
credential_type: CredentialsType = field(default=CredentialsType.NT_HASH.value, init=False)
credential_type: CredentialComponentType = field(
default=CredentialComponentType.NT_HASH.value, init=False
)
nt_hash: str

6
monkey/infection_monkey/credential_collectors/credential_components/password.py
View File

@ -1,10 +1,12 @@
from dataclasses import dataclass, field
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credential_component_type import CredentialComponentType
from infection_monkey.i_puppet import ICredentialComponent
@dataclass(frozen=True)
class Password(ICredentialComponent):
credential_type: CredentialsType = field(default=CredentialsType.PASSWORD.value, init=False)
credential_type: CredentialComponentType = field(
default=CredentialComponentType.PASSWORD.value, init=False
)
password: str

6
monkey/infection_monkey/credential_collectors/credential_components/ssh_keypair.py
View File

@ -1,11 +1,13 @@
from dataclasses import dataclass, field
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credential_component_type import CredentialComponentType
from infection_monkey.i_puppet import ICredentialComponent
@dataclass(frozen=True)
class SSHKeypair(ICredentialComponent):
credential_type: CredentialsType = field(default=CredentialsType.SSH_KEYPAIR.value, init=False)
credential_type: CredentialComponentType = field(
default=CredentialComponentType.SSH_KEYPAIR.value, init=False
)
private_key: str
public_key: str

6
monkey/infection_monkey/credential_collectors/credential_components/username.py
View File

@ -1,10 +1,12 @@
from dataclasses import dataclass, field
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credential_component_type import CredentialComponentType
from infection_monkey.i_puppet import ICredentialComponent
@dataclass(frozen=True)
class Username(ICredentialComponent):
credential_type: CredentialsType = field(default=CredentialsType.USERNAME.value, init=False)
credential_type: CredentialComponentType = field(
default=CredentialComponentType.USERNAME.value, init=False
)
username: str

4
monkey/infection_monkey/i_puppet/credential_collection/i_credential_component.py
View File

@ -1,10 +1,10 @@
from abc import ABC, abstractmethod
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credential_component_type import CredentialComponentType
class ICredentialComponent(ABC):
@property
@abstractmethod
def credential_type(self) -> CredentialsType:
def credential_type(self) -> CredentialComponentType:
pass

37
monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py
View File

@ -1,44 +1,29 @@
import logging
from typing import Mapping
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credential_component_type import CredentialComponentType
from .identities.username_processor import process_username
from .secrets.lm_hash_processor import process_lm_hash
from .secrets.nt_hash_processor import process_nt_hash
from .secrets.password_processor import process_password
from .secrets.ssh_key_processor import process_ssh_key
logger = logging.getLogger(__name__)
SECRET_PROCESSORS = {
CredentialsType.PASSWORD.value: process_password,
CredentialsType.NT_HASH.value: process_nt_hash,
CredentialsType.LM_HASH.value: process_lm_hash,
CredentialsType.SSH_KEYPAIR.value: process_ssh_key,
CredentialComponentType.PASSWORD.value: process_password,
CredentialComponentType.NT_HASH.value: process_nt_hash,
CredentialComponentType.LM_HASH.value: process_lm_hash,
}
IDENTITY_PROCESSORS = {
CredentialsType.USERNAME.value: process_username,
CredentialComponentType.USERNAME.value: process_username,
}
def parse_credentials(credentials: dict):
def parse_credentials(credentials: Mapping):
for credential in credentials["data"]:
if is_ssh_keypair(credential):
SECRET_PROCESSORS[CredentialsType.SSH_KEYPAIR.value](credential, credentials["monkey_guid"])
else:
for identity in credential["identities"]:
IDENTITY_PROCESSORS[identity["credential_type"]](identity)
for secret in credential["secrets"]:
SECRET_PROCESSORS[secret["credential_type"]](secret)
def is_ssh_keypair(credential: dict) -> bool:
return bool(
[
secret
for secret in credential["secrets"]
if secret["credential_type"] == CredentialsType.SSH_KEYPAIR.value
]
)
for identity in credential["identities"]:
IDENTITY_PROCESSORS[identity["credential_type"]](identity)
for secret in credential["secrets"]:
SECRET_PROCESSORS[secret["credential_type"]](secret)

4
monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py
View File

@ -1,4 +1,4 @@
from common.common_consts.credentials_type import CredentialsType
from common.common_consts.credentials_type import CredentialComponentType
from monkey_island.cc.models import Monkey
from monkey_island.cc.server_utils.encryption import get_datastore_encryptor
from monkey_island.cc.services.config import ConfigService
@ -17,7 +17,7 @@ def process_ssh_key(credentials: dict, monkey_guid: str):
)
for ssh_key in credentials["secrets"]:
if not ssh_key["credential_type"] == CredentialsType.SSH_KEYPAIR.value:
if not ssh_key["credential_type"] == CredentialComponentType.SSH_KEYPAIR.value:
raise SSHKeyProcessingError("SSH credentials contain secrets that are not keypairs")
if not ssh_key["public_key"] or not ssh_key["private_key"]: