Merge pull request #2393 from guardicore/2269-update-hostexploiter
2269 update hostexploiter
This commit is contained in:
commit
a691a16625
|
@ -2,13 +2,16 @@ import logging
|
|||
import threading
|
||||
from abc import abstractmethod
|
||||
from datetime import datetime
|
||||
from typing import Dict, Sequence
|
||||
from ipaddress import IPv4Address
|
||||
from typing import Dict, Sequence, Tuple
|
||||
|
||||
from common.agent_events import ExploitationEvent, PropagationEvent
|
||||
from common.event_queue import IAgentEventQueue
|
||||
from common.utils.exceptions import FailedExploitationError
|
||||
from infection_monkey.i_puppet import ExploiterResultData
|
||||
from infection_monkey.model import VictimHost
|
||||
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
|
||||
from infection_monkey.utils.ids import get_agent_id
|
||||
|
||||
from . import IAgentBinaryRepository
|
||||
|
||||
|
@ -33,7 +36,7 @@ class HostExploiter:
|
|||
self.exploit_attempts = []
|
||||
self.host = None
|
||||
self.telemetry_messenger = None
|
||||
self.event_queue = None
|
||||
self.agent_event_queue = None
|
||||
self.options = {}
|
||||
self.exploit_result = {}
|
||||
self.servers = []
|
||||
|
@ -62,7 +65,7 @@ class HostExploiter:
|
|||
servers: Sequence[str],
|
||||
current_depth: int,
|
||||
telemetry_messenger: ITelemetryMessenger,
|
||||
event_queue: IAgentEventQueue,
|
||||
agent_event_queue: IAgentEventQueue,
|
||||
agent_binary_repository: IAgentBinaryRepository,
|
||||
options: Dict,
|
||||
interrupt: threading.Event,
|
||||
|
@ -71,7 +74,7 @@ class HostExploiter:
|
|||
self.servers = servers
|
||||
self.current_depth = current_depth
|
||||
self.telemetry_messenger = telemetry_messenger
|
||||
self.event_queue = event_queue
|
||||
self.agent_event_queue = agent_event_queue
|
||||
self.agent_binary_repository = agent_binary_repository
|
||||
self.options = options
|
||||
self.interrupt = interrupt
|
||||
|
@ -124,3 +127,37 @@ class HostExploiter:
|
|||
"""
|
||||
powershell = True if "powershell" in cmd.lower() else False
|
||||
self.exploit_info["executed_cmds"].append({"cmd": cmd, "powershell": powershell})
|
||||
|
||||
def _publish_exploitation_event(
|
||||
self,
|
||||
target: str,
|
||||
exploitation_success: bool,
|
||||
tags: Tuple[str, ...] = tuple(),
|
||||
error_message: str = "",
|
||||
):
|
||||
exploitation_event = ExploitationEvent(
|
||||
source=get_agent_id(),
|
||||
target=IPv4Address(target),
|
||||
success=exploitation_success,
|
||||
exploiter_name=self.__class__.__name__,
|
||||
error_message=error_message,
|
||||
tags=frozenset(tags),
|
||||
)
|
||||
self.agent_event_queue.publish(exploitation_event)
|
||||
|
||||
def _publish_propagation_event(
|
||||
self,
|
||||
target: str,
|
||||
propagation_success: bool,
|
||||
tags: Tuple[str, ...] = tuple(),
|
||||
error_message: str = "",
|
||||
):
|
||||
propagation_event = PropagationEvent(
|
||||
source=get_agent_id(),
|
||||
target=IPv4Address(target),
|
||||
success=propagation_success,
|
||||
exploiter_name=self.__class__.__name__,
|
||||
error_message=error_message,
|
||||
tags=frozenset(tags),
|
||||
)
|
||||
self.agent_event_queue.publish(propagation_event)
|
||||
|
|
|
@ -38,7 +38,7 @@ def powershell_arguments(http_and_https_both_enabled_host):
|
|||
"options": options,
|
||||
"current_depth": 2,
|
||||
"telemetry_messenger": MagicMock(),
|
||||
"event_queue": MagicMock(),
|
||||
"agent_event_queue": MagicMock(),
|
||||
"agent_binary_repository": mock_agent_binary_repository,
|
||||
"interrupt": threading.Event(),
|
||||
}
|
||||
|
|
|
@ -10,6 +10,10 @@ from common.agent_configuration.agent_sub_configurations import (
|
|||
from common.agent_events import ExploitationEvent, PingScanEvent, PropagationEvent, TCPScanEvent
|
||||
from common.credentials import Credentials, LMHash, NTHash
|
||||
from common.types import NetworkPort
|
||||
from infection_monkey.exploit.HostExploiter.HostExploiter import (
|
||||
_publish_exploitation_event,
|
||||
_publish_propagation_event,
|
||||
)
|
||||
from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory
|
||||
from monkey_island.cc.event_queue import IslandEventTopic, PyPubSubIslandEventQueue
|
||||
from monkey_island.cc.models import Report
|
||||
|
@ -316,8 +320,8 @@ TCPScanEvent
|
|||
TCPScanEvent.port_status
|
||||
|
||||
# TODO: Remove once #2269 is close
|
||||
PropagationEvent
|
||||
ExploitationEvent
|
||||
_publish_exploitation_event,
|
||||
_publish_propagation_event,
|
||||
|
||||
# pydantic base models
|
||||
underscore_attrs_are_private
|
||||
|
|
Loading…
Reference in New Issue