diff --git a/monkey/common/common_consts/credentials_type.py b/monkey/common/common_consts/credential_component_type.py similarity index 80% rename from monkey/common/common_consts/credentials_type.py rename to monkey/common/common_consts/credential_component_type.py index 0aeb79630..76326e50e 100644 --- a/monkey/common/common_consts/credentials_type.py +++ b/monkey/common/common_consts/credential_component_type.py @@ -1,7 +1,7 @@ from enum import Enum -class CredentialsType(Enum): +class CredentialComponentType(Enum): USERNAME = "username" PASSWORD = "password" NT_HASH = "nt_hash" diff --git a/monkey/infection_monkey/credential_collectors/credential_components/lm_hash.py b/monkey/infection_monkey/credential_collectors/credential_components/lm_hash.py index 721e5a822..1fef78437 100644 --- a/monkey/infection_monkey/credential_collectors/credential_components/lm_hash.py +++ b/monkey/infection_monkey/credential_collectors/credential_components/lm_hash.py @@ -1,10 +1,12 @@ from dataclasses import dataclass, field -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credential_component_type import CredentialComponentType from infection_monkey.i_puppet import ICredentialComponent @dataclass(frozen=True) class LMHash(ICredentialComponent): - credential_type: CredentialsType = field(default=CredentialsType.LM_HASH.value, init=False) + credential_type: CredentialComponentType = field( + default=CredentialComponentType.LM_HASH.value, init=False + ) lm_hash: str diff --git a/monkey/infection_monkey/credential_collectors/credential_components/nt_hash.py b/monkey/infection_monkey/credential_collectors/credential_components/nt_hash.py index c7d0de042..07b9f859a 100644 --- a/monkey/infection_monkey/credential_collectors/credential_components/nt_hash.py +++ b/monkey/infection_monkey/credential_collectors/credential_components/nt_hash.py @@ -1,10 +1,12 @@ from dataclasses import dataclass, field -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credential_component_type import CredentialComponentType from infection_monkey.i_puppet import ICredentialComponent @dataclass(frozen=True) class NTHash(ICredentialComponent): - credential_type: CredentialsType = field(default=CredentialsType.NT_HASH.value, init=False) + credential_type: CredentialComponentType = field( + default=CredentialComponentType.NT_HASH.value, init=False + ) nt_hash: str diff --git a/monkey/infection_monkey/credential_collectors/credential_components/password.py b/monkey/infection_monkey/credential_collectors/credential_components/password.py index 5615c20f7..3a05e3599 100644 --- a/monkey/infection_monkey/credential_collectors/credential_components/password.py +++ b/monkey/infection_monkey/credential_collectors/credential_components/password.py @@ -1,10 +1,12 @@ from dataclasses import dataclass, field -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credential_component_type import CredentialComponentType from infection_monkey.i_puppet import ICredentialComponent @dataclass(frozen=True) class Password(ICredentialComponent): - credential_type: CredentialsType = field(default=CredentialsType.PASSWORD.value, init=False) + credential_type: CredentialComponentType = field( + default=CredentialComponentType.PASSWORD.value, init=False + ) password: str diff --git a/monkey/infection_monkey/credential_collectors/credential_components/ssh_keypair.py b/monkey/infection_monkey/credential_collectors/credential_components/ssh_keypair.py index 29f91a15d..6abd314bb 100644 --- a/monkey/infection_monkey/credential_collectors/credential_components/ssh_keypair.py +++ b/monkey/infection_monkey/credential_collectors/credential_components/ssh_keypair.py @@ -1,11 +1,13 @@ from dataclasses import dataclass, field -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credential_component_type import CredentialComponentType from infection_monkey.i_puppet import ICredentialComponent @dataclass(frozen=True) class SSHKeypair(ICredentialComponent): - credential_type: CredentialsType = field(default=CredentialsType.SSH_KEYPAIR.value, init=False) + credential_type: CredentialComponentType = field( + default=CredentialComponentType.SSH_KEYPAIR.value, init=False + ) private_key: str public_key: str diff --git a/monkey/infection_monkey/credential_collectors/credential_components/username.py b/monkey/infection_monkey/credential_collectors/credential_components/username.py index 7ed37e89c..791dd6abe 100644 --- a/monkey/infection_monkey/credential_collectors/credential_components/username.py +++ b/monkey/infection_monkey/credential_collectors/credential_components/username.py @@ -1,10 +1,12 @@ from dataclasses import dataclass, field -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credential_component_type import CredentialComponentType from infection_monkey.i_puppet import ICredentialComponent @dataclass(frozen=True) class Username(ICredentialComponent): - credential_type: CredentialsType = field(default=CredentialsType.USERNAME.value, init=False) + credential_type: CredentialComponentType = field( + default=CredentialComponentType.USERNAME.value, init=False + ) username: str diff --git a/monkey/infection_monkey/i_puppet/credential_collection/i_credential_component.py b/monkey/infection_monkey/i_puppet/credential_collection/i_credential_component.py index 5846c7ecf..c4471ebfb 100644 --- a/monkey/infection_monkey/i_puppet/credential_collection/i_credential_component.py +++ b/monkey/infection_monkey/i_puppet/credential_collection/i_credential_component.py @@ -1,10 +1,10 @@ from abc import ABC, abstractmethod -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credential_component_type import CredentialComponentType class ICredentialComponent(ABC): @property @abstractmethod - def credential_type(self) -> CredentialsType: + def credential_type(self) -> CredentialComponentType: pass diff --git a/monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py b/monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py index 47be30a63..9c4661e1d 100644 --- a/monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py +++ b/monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py @@ -1,44 +1,29 @@ import logging +from typing import Mapping -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credential_component_type import CredentialComponentType from .identities.username_processor import process_username from .secrets.lm_hash_processor import process_lm_hash from .secrets.nt_hash_processor import process_nt_hash from .secrets.password_processor import process_password -from .secrets.ssh_key_processor import process_ssh_key logger = logging.getLogger(__name__) SECRET_PROCESSORS = { - CredentialsType.PASSWORD.value: process_password, - CredentialsType.NT_HASH.value: process_nt_hash, - CredentialsType.LM_HASH.value: process_lm_hash, - CredentialsType.SSH_KEYPAIR.value: process_ssh_key, + CredentialComponentType.PASSWORD.value: process_password, + CredentialComponentType.NT_HASH.value: process_nt_hash, + CredentialComponentType.LM_HASH.value: process_lm_hash, } IDENTITY_PROCESSORS = { - CredentialsType.USERNAME.value: process_username, + CredentialComponentType.USERNAME.value: process_username, } -def parse_credentials(credentials: dict): - +def parse_credentials(credentials: Mapping): for credential in credentials["data"]: - if is_ssh_keypair(credential): - SECRET_PROCESSORS[CredentialsType.SSH_KEYPAIR.value](credential, credentials["monkey_guid"]) - else: - for identity in credential["identities"]: - IDENTITY_PROCESSORS[identity["credential_type"]](identity) - for secret in credential["secrets"]: - SECRET_PROCESSORS[secret["credential_type"]](secret) - - -def is_ssh_keypair(credential: dict) -> bool: - return bool( - [ - secret - for secret in credential["secrets"] - if secret["credential_type"] == CredentialsType.SSH_KEYPAIR.value - ] - ) + for identity in credential["identities"]: + IDENTITY_PROCESSORS[identity["credential_type"]](identity) + for secret in credential["secrets"]: + SECRET_PROCESSORS[secret["credential_type"]](secret) diff --git a/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py b/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py index 61d03b2d1..b6b898fda 100644 --- a/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py +++ b/monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py @@ -1,4 +1,4 @@ -from common.common_consts.credentials_type import CredentialsType +from common.common_consts.credentials_type import CredentialComponentType from monkey_island.cc.models import Monkey from monkey_island.cc.server_utils.encryption import get_datastore_encryptor from monkey_island.cc.services.config import ConfigService @@ -17,7 +17,7 @@ def process_ssh_key(credentials: dict, monkey_guid: str): ) for ssh_key in credentials["secrets"]: - if not ssh_key["credential_type"] == CredentialsType.SSH_KEYPAIR.value: + if not ssh_key["credential_type"] == CredentialComponentType.SSH_KEYPAIR.value: raise SSHKeyProcessingError("SSH credentials contain secrets that are not keypairs") if not ssh_key["public_key"] or not ssh_key["private_key"]: