Fixed host IP address retrieval and system_info_collection bugs
This commit is contained in:
parent
eb574c8fff
commit
a91421aaf0
|
@ -270,8 +270,8 @@ class SambaCryExploiter(HostExploiter):
|
|||
with monkeyfs.open(monkey_bin_64_src_path, "rb") as monkey_bin_file:
|
||||
smb_client.putFile(share, "\\%s" % self.SAMBACRY_MONKEY_FILENAME_64, monkey_bin_file.read)
|
||||
T1105Telem(ScanStatus.USED,
|
||||
get_interface_to_target(self.host.ip_addr[0]),
|
||||
self.host.ip_addr[0],
|
||||
get_interface_to_target(self.host.ip_addr),
|
||||
self.host.ip_addr,
|
||||
monkey_bin_64_src_path).send()
|
||||
smb_client.disconnectTree(tree_id)
|
||||
|
||||
|
|
|
@ -165,15 +165,15 @@ class SSHExploiter(HostExploiter):
|
|||
callback=self.log_transfer)
|
||||
ftp.chmod(self._config.dropper_target_path_linux, 0o777)
|
||||
T1105Telem(ScanStatus.USED,
|
||||
get_interface_to_target(self.host.ip_addr[0]),
|
||||
self.host.ip_addr[0],
|
||||
get_interface_to_target(self.host.ip_addr),
|
||||
self.host.ip_addr,
|
||||
src_path).send()
|
||||
ftp.close()
|
||||
except Exception as exc:
|
||||
LOG.debug("Error uploading file into victim %r: (%s)", self.host, exc)
|
||||
T1105Telem(ScanStatus.SCANNED,
|
||||
get_interface_to_target(self.host.ip_addr[0]),
|
||||
self.host.ip_addr[0],
|
||||
get_interface_to_target(self.host.ip_addr),
|
||||
self.host.ip_addr,
|
||||
src_path).send()
|
||||
return False
|
||||
|
||||
|
|
|
@ -140,8 +140,8 @@ class SmbTools(object):
|
|||
|
||||
file_uploaded = True
|
||||
T1105Telem(ScanStatus.USED,
|
||||
get_interface_to_target(host.ip_addr[0]),
|
||||
host.ip_addr[0],
|
||||
get_interface_to_target(host.ip_addr),
|
||||
host.ip_addr,
|
||||
dst_path).send()
|
||||
LOG.info("Copied monkey file '%s' to remote share '%s' [%s] on victim %r",
|
||||
src_path, share_name, share_path, host)
|
||||
|
@ -151,8 +151,8 @@ class SmbTools(object):
|
|||
LOG.debug("Error uploading monkey to share '%s' on victim %r: %s",
|
||||
share_name, host, exc)
|
||||
T1105Telem(ScanStatus.SCANNED,
|
||||
get_interface_to_target(host.ip_addr[0]),
|
||||
host.ip_addr[0],
|
||||
get_interface_to_target(host.ip_addr),
|
||||
host.ip_addr,
|
||||
dst_path).send()
|
||||
continue
|
||||
finally:
|
||||
|
|
|
@ -12,9 +12,9 @@ class T1003(AttackTechnique):
|
|||
scanned_msg = ""
|
||||
used_msg = "Monkey successfully obtained some credentials from systems on the network."
|
||||
|
||||
query = {'telem_category': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
|
||||
# $gt: {} checks if field is not an empty object
|
||||
{'data.credentials': {'$gt': {}}}]}
|
||||
query = {'telem_category': 'system_info', '$and': [{'data.credentials': {'$exists': True}},
|
||||
# $gt: {} checks if field is not an empty object
|
||||
{'data.credentials': {'$gt': {}}}]}
|
||||
|
||||
@staticmethod
|
||||
def get_report_data():
|
||||
|
|
|
@ -12,7 +12,7 @@ class T1082(AttackTechnique):
|
|||
scanned_msg = ""
|
||||
used_msg = "Monkey gathered system info from machines in the network."
|
||||
|
||||
query = [{'$match': {'telem_category': 'system_info_collection'}},
|
||||
query = [{'$match': {'telem_category': 'system_info'}},
|
||||
{'$project': {'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'},
|
||||
'aws': '$data.aws',
|
||||
'netstat': '$data.network_info.netstat',
|
||||
|
|
Loading…
Reference in New Issue