diff --git a/monkey/infection_monkey/exploit/elasticgroovy.py b/monkey/infection_monkey/exploit/elasticgroovy.py index 522c348b1..6c2751418 100644 --- a/monkey/infection_monkey/exploit/elasticgroovy.py +++ b/monkey/infection_monkey/exploit/elasticgroovy.py @@ -22,7 +22,7 @@ from infection_monkey.model import ( ID_STRING, WGET_HTTP_UPLOAD, ) -from infection_monkey.network.elasticfinger import ES_PORT +from infection_monkey.network_scanning.elasticfinger import ES_PORT from infection_monkey.telemetry.attack.t1197_telem import T1197Telem logger = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/exploit/smbexec.py b/monkey/infection_monkey/exploit/smbexec.py index 4dac63cd9..df027255a 100644 --- a/monkey/infection_monkey/exploit/smbexec.py +++ b/monkey/infection_monkey/exploit/smbexec.py @@ -8,8 +8,8 @@ from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.model import DROPPER_CMDLINE_DETACHED_WINDOWS, MONKEY_CMDLINE_DETACHED_WINDOWS -from infection_monkey.network.smbfinger import SMBFinger from infection_monkey.network.tools import check_tcp_port +from infection_monkey.network_scanning.smbfinger import SMBFinger from infection_monkey.telemetry.attack.t1035_telem import T1035Telem from infection_monkey.utils.commands import build_monkey_commandline diff --git a/monkey/infection_monkey/master/propagator.py b/monkey/infection_monkey/master/propagator.py index a8437cc94..45fc0955b 100644 --- a/monkey/infection_monkey/master/propagator.py +++ b/monkey/infection_monkey/master/propagator.py @@ -12,7 +12,7 @@ from infection_monkey.i_puppet import ( ) from infection_monkey.model import VictimHost, VictimHostFactory from infection_monkey.network import NetworkAddress, NetworkInterface -from infection_monkey.network.scan_target_generator import compile_scan_target_list +from infection_monkey.network_scanning.scan_target_generator import compile_scan_target_list from infection_monkey.telemetry.exploit_telem import ExploitTelem from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger from infection_monkey.telemetry.scan_telem import ScanTelem diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py index 5c36b0278..087fa9959 100644 --- a/monkey/infection_monkey/monkey.py +++ b/monkey/infection_monkey/monkey.py @@ -22,13 +22,13 @@ from infection_monkey.master import AutomatedMaster from infection_monkey.master.control_channel import ControlChannel from infection_monkey.model import DELAY_DELETE_CMD, VictimHostFactory from infection_monkey.network import NetworkInterface -from infection_monkey.network.elasticsearch_fingerprinter import ElasticSearchFingerprinter from infection_monkey.network.firewall import app as firewall -from infection_monkey.network.http_fingerprinter import HTTPFingerprinter from infection_monkey.network.info import get_local_network_interfaces -from infection_monkey.network.mssql_fingerprinter import MSSQLFingerprinter -from infection_monkey.network.smb_fingerprinter import SMBFingerprinter -from infection_monkey.network.ssh_fingerprinter import SSHFingerprinter +from infection_monkey.network_scanning.elasticsearch_fingerprinter import ElasticSearchFingerprinter +from infection_monkey.network_scanning.http_fingerprinter import HTTPFingerprinter +from infection_monkey.network_scanning.mssql_fingerprinter import MSSQLFingerprinter +from infection_monkey.network_scanning.smb_fingerprinter import SMBFingerprinter +from infection_monkey.network_scanning.ssh_fingerprinter import SSHFingerprinter from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload from infection_monkey.puppet.puppet import Puppet from infection_monkey.system_singleton import SystemSingleton diff --git a/monkey/infection_monkey/network/__init__.py b/monkey/infection_monkey/network/__init__.py index 633b59ed6..ba42da1ba 100644 --- a/monkey/infection_monkey/network/__init__.py +++ b/monkey/infection_monkey/network/__init__.py @@ -1,3 +1 @@ -from .scan_target_generator import NetworkAddress, NetworkInterface -from .ping_scanner import ping -from .tcp_scanner import scan_tcp_ports +from .info import NetworkAddress, NetworkInterface diff --git a/monkey/infection_monkey/network/info.py b/monkey/infection_monkey/network/info.py index 0ab426fa3..9544675d4 100644 --- a/monkey/infection_monkey/network/info.py +++ b/monkey/infection_monkey/network/info.py @@ -1,6 +1,7 @@ import itertools import socket import struct +from collections import namedtuple from ipaddress import IPv4Network from random import randint # noqa: DUO102 from typing import List @@ -11,8 +12,6 @@ import psutil from common.network.network_range import CidrRange from infection_monkey.utils.environment import is_windows_os -from . import NetworkInterface - # Timeout for monkey connections TIMEOUT = 15 LOOPBACK_NAME = b"lo" @@ -21,6 +20,9 @@ SIOCGIFNETMASK = 0x891B # get network PA mask RTF_UP = 0x0001 # Route usable RTF_REJECT = 0x0200 +NetworkInterface = namedtuple("NetworkInterface", ("address", "netmask")) +NetworkAddress = namedtuple("NetworkAddress", ("ip", "domain")) + def get_local_network_interfaces() -> List[NetworkInterface]: network_interfaces = [] diff --git a/monkey/infection_monkey/network_scanning/__init__.py b/monkey/infection_monkey/network_scanning/__init__.py new file mode 100644 index 000000000..8e97b0ec4 --- /dev/null +++ b/monkey/infection_monkey/network_scanning/__init__.py @@ -0,0 +1,2 @@ +from .ping_scanner import ping +from .tcp_scanner import scan_tcp_ports diff --git a/monkey/infection_monkey/network/elasticsearch_fingerprinter.py b/monkey/infection_monkey/network_scanning/elasticsearch_fingerprinter.py similarity index 100% rename from monkey/infection_monkey/network/elasticsearch_fingerprinter.py rename to monkey/infection_monkey/network_scanning/elasticsearch_fingerprinter.py diff --git a/monkey/infection_monkey/network/http_fingerprinter.py b/monkey/infection_monkey/network_scanning/http_fingerprinter.py similarity index 100% rename from monkey/infection_monkey/network/http_fingerprinter.py rename to monkey/infection_monkey/network_scanning/http_fingerprinter.py diff --git a/monkey/infection_monkey/network/mssql_fingerprinter.py b/monkey/infection_monkey/network_scanning/mssql_fingerprinter.py similarity index 100% rename from monkey/infection_monkey/network/mssql_fingerprinter.py rename to monkey/infection_monkey/network_scanning/mssql_fingerprinter.py diff --git a/monkey/infection_monkey/network/ping_scanner.py b/monkey/infection_monkey/network_scanning/ping_scanner.py similarity index 100% rename from monkey/infection_monkey/network/ping_scanner.py rename to monkey/infection_monkey/network_scanning/ping_scanner.py diff --git a/monkey/infection_monkey/network/scan_target_generator.py b/monkey/infection_monkey/network_scanning/scan_target_generator.py similarity index 96% rename from monkey/infection_monkey/network/scan_target_generator.py rename to monkey/infection_monkey/network_scanning/scan_target_generator.py index 6cec82223..4c8f9815d 100644 --- a/monkey/infection_monkey/network/scan_target_generator.py +++ b/monkey/infection_monkey/network_scanning/scan_target_generator.py @@ -1,13 +1,10 @@ import itertools import logging import socket -from collections import namedtuple from typing import List from common.network.network_range import InvalidNetworkRangeError, NetworkRange - -NetworkInterface = namedtuple("NetworkInterface", ("address", "netmask")) -NetworkAddress = namedtuple("NetworkAddress", ("ip", "domain")) +from infection_monkey.network import NetworkAddress, NetworkInterface logger = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/network/smb_fingerprinter.py b/monkey/infection_monkey/network_scanning/smb_fingerprinter.py similarity index 100% rename from monkey/infection_monkey/network/smb_fingerprinter.py rename to monkey/infection_monkey/network_scanning/smb_fingerprinter.py diff --git a/monkey/infection_monkey/network/ssh_fingerprinter.py b/monkey/infection_monkey/network_scanning/ssh_fingerprinter.py similarity index 100% rename from monkey/infection_monkey/network/ssh_fingerprinter.py rename to monkey/infection_monkey/network_scanning/ssh_fingerprinter.py diff --git a/monkey/infection_monkey/network/tcp_scanner.py b/monkey/infection_monkey/network_scanning/tcp_scanner.py similarity index 100% rename from monkey/infection_monkey/network/tcp_scanner.py rename to monkey/infection_monkey/network_scanning/tcp_scanner.py diff --git a/monkey/infection_monkey/puppet/puppet.py b/monkey/infection_monkey/puppet/puppet.py index 1e4ce7e96..c06f047bf 100644 --- a/monkey/infection_monkey/puppet/puppet.py +++ b/monkey/infection_monkey/puppet/puppet.py @@ -2,7 +2,7 @@ import logging import threading from typing import Dict, List, Sequence -from infection_monkey import network +from infection_monkey import network_scanning from infection_monkey.i_puppet import ( Credentials, ExploiterResultData, @@ -40,12 +40,12 @@ class Puppet(IPuppet): return self._mock_puppet.run_pba(name, options) def ping(self, host: str, timeout: float = 1) -> PingScanData: - return network.ping(host, timeout) + return network_scanning.ping(host, timeout) def scan_tcp_ports( self, host: str, ports: List[int], timeout: float = 3 ) -> Dict[int, PortScanData]: - return network.scan_tcp_ports(host, ports, timeout) + return network_scanning.scan_tcp_ports(host, ports, timeout) def fingerprint( self, diff --git a/monkey/tests/unit_tests/infection_monkey/model/test_victim_host_factory.py b/monkey/tests/unit_tests/infection_monkey/model/test_victim_host_factory.py index 2b7c10864..766ef0392 100644 --- a/monkey/tests/unit_tests/infection_monkey/model/test_victim_host_factory.py +++ b/monkey/tests/unit_tests/infection_monkey/model/test_victim_host_factory.py @@ -3,7 +3,7 @@ from unittest.mock import MagicMock import pytest from infection_monkey.model import VictimHostFactory -from infection_monkey.network.scan_target_generator import NetworkAddress +from infection_monkey.network import NetworkAddress @pytest.fixture diff --git a/monkey/tests/unit_tests/infection_monkey/network/test_elasticsearch_fingerprinter.py b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_elasticsearch_fingerprinter.py similarity index 86% rename from monkey/tests/unit_tests/infection_monkey/network/test_elasticsearch_fingerprinter.py rename to monkey/tests/unit_tests/infection_monkey/network_scanning/test_elasticsearch_fingerprinter.py index f15afa60e..758dc4f35 100644 --- a/monkey/tests/unit_tests/infection_monkey/network/test_elasticsearch_fingerprinter.py +++ b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_elasticsearch_fingerprinter.py @@ -4,7 +4,10 @@ import pytest from common.common_consts.network_consts import ES_SERVICE from infection_monkey.i_puppet import PortScanData, PortStatus -from infection_monkey.network.elasticsearch_fingerprinter import ES_PORT, ElasticSearchFingerprinter +from infection_monkey.network_scanning.elasticsearch_fingerprinter import ( + ES_PORT, + ElasticSearchFingerprinter, +) PORT_SCAN_DATA_OPEN = {ES_PORT: PortScanData(ES_PORT, PortStatus.OPEN, "", f"tcp-{ES_PORT}")} PORT_SCAN_DATA_CLOSED = {ES_PORT: PortScanData(ES_PORT, PortStatus.CLOSED, "", f"tcp-{ES_PORT}")} @@ -26,7 +29,7 @@ def test_successful(monkeypatch, fingerprinter): "version": {"number": "1.0.0"}, } monkeypatch.setattr( - "infection_monkey.network.elasticsearch_fingerprinter._query_elasticsearch", + "infection_monkey.network_scanning.elasticsearch_fingerprinter._query_elasticsearch", lambda _: successful_server_response, ) @@ -49,7 +52,7 @@ def test_successful(monkeypatch, fingerprinter): def test_fingerprinting_skipped_if_port_closed(monkeypatch, fingerprinter, port_scan_data): mock_query_elasticsearch = MagicMock() monkeypatch.setattr( - "infection_monkey.network.elasticsearch_fingerprinter._query_elasticsearch", + "infection_monkey.network_scanning.elasticsearch_fingerprinter._query_elasticsearch", mock_query_elasticsearch, ) @@ -70,7 +73,7 @@ def test_fingerprinting_skipped_if_port_closed(monkeypatch, fingerprinter, port_ ) def test_no_response_from_server(monkeypatch, fingerprinter, mock_query_function): monkeypatch.setattr( - "infection_monkey.network.elasticsearch_fingerprinter._query_elasticsearch", + "infection_monkey.network_scanning.elasticsearch_fingerprinter._query_elasticsearch", mock_query_function, ) diff --git a/monkey/tests/unit_tests/infection_monkey/network/test_http_fingerprinter.py b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_http_fingerprinter.py similarity index 96% rename from monkey/tests/unit_tests/infection_monkey/network/test_http_fingerprinter.py rename to monkey/tests/unit_tests/infection_monkey/network_scanning/test_http_fingerprinter.py index 5b2a89445..8baa97782 100644 --- a/monkey/tests/unit_tests/infection_monkey/network/test_http_fingerprinter.py +++ b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_http_fingerprinter.py @@ -3,7 +3,7 @@ from unittest.mock import MagicMock import pytest from infection_monkey.i_puppet import PortScanData, PortStatus -from infection_monkey.network.http_fingerprinter import HTTPFingerprinter +from infection_monkey.network_scanning.http_fingerprinter import HTTPFingerprinter OPTIONS = {"http_ports": [80, 443, 8080, 9200]} @@ -24,7 +24,7 @@ def mock_get_server_from_headers(): @pytest.fixture(autouse=True) def patch_get_server_from_headers(monkeypatch, mock_get_server_from_headers): monkeypatch.setattr( - "infection_monkey.network.http_fingerprinter._get_server_from_headers", + "infection_monkey.network_scanning.http_fingerprinter._get_server_from_headers", mock_get_server_from_headers, ) diff --git a/monkey/tests/unit_tests/infection_monkey/network/test_mssql_fingerprinter.py b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_mssql_fingerprinter.py similarity index 89% rename from monkey/tests/unit_tests/infection_monkey/network/test_mssql_fingerprinter.py rename to monkey/tests/unit_tests/infection_monkey/network_scanning/test_mssql_fingerprinter.py index 93c40125e..8ae7d7fca 100644 --- a/monkey/tests/unit_tests/infection_monkey/network/test_mssql_fingerprinter.py +++ b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_mssql_fingerprinter.py @@ -4,7 +4,7 @@ from unittest.mock import MagicMock import pytest from infection_monkey.i_puppet import PortScanData, PortStatus -from infection_monkey.network.mssql_fingerprinter import ( +from infection_monkey.network_scanning.mssql_fingerprinter import ( MSSQL_SERVICE, SQL_BROWSER_DEFAULT_PORT, MSSQLFingerprinter, @@ -36,7 +36,7 @@ def test_mssql_fingerprint_successful(monkeypatch, fingerprinter): b"IsClustered;No;Version;11.1.1111.111;tcp;1433;np;blah_blah;;" ) monkeypatch.setattr( - "infection_monkey.network.mssql_fingerprinter._query_mssql_for_instance_data", + "infection_monkey.network_scanning.mssql_fingerprinter._query_mssql_for_instance_data", lambda _: successful_server_response, ) @@ -69,7 +69,7 @@ def test_mssql_fingerprint_successful(monkeypatch, fingerprinter): ) def test_mssql_no_response_from_server(monkeypatch, fingerprinter, mock_query_function): monkeypatch.setattr( - "infection_monkey.network.mssql_fingerprinter._query_mssql_for_instance_data", + "infection_monkey.network_scanning.mssql_fingerprinter._query_mssql_for_instance_data", mock_query_function, ) @@ -89,7 +89,7 @@ def test_mssql_wrong_response_from_server(monkeypatch, fingerprinter): b"Pellentesque ultrices ornare libero, ;;" ) monkeypatch.setattr( - "infection_monkey.network.mssql_fingerprinter._query_mssql_for_instance_data", + "infection_monkey.network_scanning.mssql_fingerprinter._query_mssql_for_instance_data", lambda _: mangled_server_response, ) diff --git a/monkey/tests/unit_tests/infection_monkey/network/test_ping.py b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_ping.py similarity index 98% rename from monkey/tests/unit_tests/infection_monkey/network/test_ping.py rename to monkey/tests/unit_tests/infection_monkey/network_scanning/test_ping.py index 422f234f7..45cd523b4 100644 --- a/monkey/tests/unit_tests/infection_monkey/network/test_ping.py +++ b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_ping.py @@ -3,7 +3,7 @@ from unittest.mock import MagicMock import pytest -from infection_monkey.network import ping +from infection_monkey.network_scanning import ping LINUX_SUCCESS_OUTPUT = """ PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. diff --git a/monkey/tests/unit_tests/infection_monkey/network/test_scan_target_generator.py b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_scan_target_generator.py similarity index 98% rename from monkey/tests/unit_tests/infection_monkey/network/test_scan_target_generator.py rename to monkey/tests/unit_tests/infection_monkey/network_scanning/test_scan_target_generator.py index 03febe44c..631d65fa8 100644 --- a/monkey/tests/unit_tests/infection_monkey/network/test_scan_target_generator.py +++ b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_scan_target_generator.py @@ -3,11 +3,8 @@ from itertools import chain import pytest from common.network.network_range import InvalidNetworkRangeError -from infection_monkey.network.scan_target_generator import ( - NetworkAddress, - NetworkInterface, - compile_scan_target_list, -) +from infection_monkey.network import NetworkAddress, NetworkInterface +from infection_monkey.network_scanning.scan_target_generator import compile_scan_target_list def compile_ranges_only(ranges): diff --git a/monkey/tests/unit_tests/infection_monkey/network/test_ssh_fingerprinter.py b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_ssh_fingerprinter.py similarity index 97% rename from monkey/tests/unit_tests/infection_monkey/network/test_ssh_fingerprinter.py rename to monkey/tests/unit_tests/infection_monkey/network_scanning/test_ssh_fingerprinter.py index b3df98cd9..69c8eb580 100644 --- a/monkey/tests/unit_tests/infection_monkey/network/test_ssh_fingerprinter.py +++ b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_ssh_fingerprinter.py @@ -1,7 +1,7 @@ import pytest from infection_monkey.i_puppet import FingerprintData, PortScanData, PortStatus -from infection_monkey.network.ssh_fingerprinter import SSHFingerprinter +from infection_monkey.network_scanning.ssh_fingerprinter import SSHFingerprinter @pytest.fixture diff --git a/monkey/tests/unit_tests/infection_monkey/network/test_tcp_scanning.py b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_tcp_scanning.py similarity index 92% rename from monkey/tests/unit_tests/infection_monkey/network/test_tcp_scanning.py rename to monkey/tests/unit_tests/infection_monkey/network_scanning/test_tcp_scanning.py index e383e1004..725a3aaa0 100644 --- a/monkey/tests/unit_tests/infection_monkey/network/test_tcp_scanning.py +++ b/monkey/tests/unit_tests/infection_monkey/network_scanning/test_tcp_scanning.py @@ -1,7 +1,7 @@ import pytest from infection_monkey.i_puppet import PortStatus -from infection_monkey.network import scan_tcp_ports +from infection_monkey.network_scanning import scan_tcp_ports PORTS_TO_SCAN = [22, 80, 8080, 143, 445, 2222] @@ -11,7 +11,7 @@ OPEN_PORTS_DATA = {22: "SSH-banner", 80: "", 2222: "SSH2-banner"} @pytest.fixture def patch_check_tcp_ports(monkeypatch, open_ports_data): monkeypatch.setattr( - "infection_monkey.network.tcp_scanner._check_tcp_ports", + "infection_monkey.network_scanning.tcp_scanner._check_tcp_ports", lambda *_: open_ports_data, )