From 35c496812f8403cc343e467d343a2291f0879f9d Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Fri, 2 Aug 2019 13:11:16 +0300
Subject: [PATCH 1/2] Fixed CR comments and implemented test for proxy attack
techniques
---
monkey/monkey_island/cc/models/monkey.py | 16 +++++-------
monkey/monkey_island/cc/models/test_monkey.py | 26 +++++++++++++++++--
.../attack/technique_reports/T1090.py | 7 ++---
.../attack/technique_reports/T1188.py | 9 +++----
.../components/attack/techniques/Helpers.js | 1 +
.../src/components/attack/techniques/T1090.js | 16 +++++++-----
.../src/components/attack/techniques/T1188.js | 2 +-
7 files changed, 47 insertions(+), 30 deletions(-)
diff --git a/monkey/monkey_island/cc/models/monkey.py b/monkey/monkey_island/cc/models/monkey.py
index 418cec03f..f9f556844 100644
--- a/monkey/monkey_island/cc/models/monkey.py
+++ b/monkey/monkey_island/cc/models/monkey.py
@@ -68,19 +68,17 @@ class Monkey(Document):
os = "windows"
return os
+ def get_network_info(self):
+ """
+ Formats network info from monkey's model
+ :return: dictionary with an array of IP's and a hostname
+ """
+ return {'ips': self.ip_addresses, 'hostname': self.hostname}
+
@staticmethod
def get_tunneled_monkeys():
return Monkey.objects(tunnel__exists=True)
- @staticmethod
- def get_network_info(monkey):
- """
- Formats network info from monkey's model
- :param monkey: monkey model
- :return: dictionary with an array of IP's and a hostname
- """
- return {'ips': monkey.ip_addresses, 'hostname': monkey.hostname}
-
class MonkeyNotFoundError(Exception):
pass
diff --git a/monkey/monkey_island/cc/models/test_monkey.py b/monkey/monkey_island/cc/models/test_monkey.py
index a744db6b6..a44512995 100644
--- a/monkey/monkey_island/cc/models/test_monkey.py
+++ b/monkey/monkey_island/cc/models/test_monkey.py
@@ -9,11 +9,11 @@ from monkey_ttl import MonkeyTtl
class TestMonkey(IslandTestCase):
"""
- Make sure to set server environment to `testing` in server.json! Otherwise this will mess up your mongo instance and
+ Make sure to set server environment to `testing` in server_config.json! Otherwise this will mess up your mongo instance and
won't work.
Also, the working directory needs to be the working directory from which you usually run the island so the
- server.json file is found and loaded.
+ server_config.json file is found and loaded.
"""
def test_is_dead(self):
@@ -77,3 +77,25 @@ class TestMonkey(IslandTestCase):
self.assertEquals(1, len(filter(lambda m: m.get_os() == "windows", Monkey.objects())))
self.assertEquals(1, len(filter(lambda m: m.get_os() == "linux", Monkey.objects())))
self.assertEquals(1, len(filter(lambda m: m.get_os() == "unknown", Monkey.objects())))
+
+ def test_get_tunneled_monkeys(self):
+ self.fail_if_not_testing_env()
+ self.clean_monkey_db()
+
+ linux_monkey = Monkey(guid=str(uuid.uuid4()),
+ description="Linux shay-Virtual-Machine")
+ windows_monkey = Monkey(guid=str(uuid.uuid4()),
+ description="Windows bla bla bla",
+ tunneling=linux_monkey)
+ unknown_monkey = Monkey(guid=str(uuid.uuid4()),
+ description="bla bla bla",
+ tunneling=windows_monkey)
+ linux_monkey.save()
+ windows_monkey.save()
+ unknown_monkey.save()
+ tunneled_monkeys = Monkey.get_tunneled_monkeys()
+ test = bool(windows_monkey in tunneled_monkeys
+ and unknown_monkey in tunneled_monkeys
+ and linux_monkey not in tunneled_monkeys
+ and len(tunneled_monkeys) == 2)
+ self.assertTrue(test, "Tunneling test")
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1090.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1090.py
index 0e48d2198..f0835aff9 100644
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1090.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1090.py
@@ -15,11 +15,8 @@ class T1090(AttackTechnique):
@staticmethod
def get_report_data():
monkeys = Monkey.get_tunneled_monkeys()
- monkeys = [Monkey.get_network_info(monkey) for monkey in monkeys]
- if monkeys:
- status = ScanStatus.USED.value
- else:
- status = ScanStatus.UNSCANNED.value
+ monkeys = [monkey.get_network_info() for monkey in monkeys]
+ status = ScanStatus.USED.value if monkeys else ScanStatus.UNSCANNED.value
data = T1090.get_base_data_by_status(status)
data.update({'proxies': monkeys})
return data
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1188.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1188.py
index 6e35f7c7f..32187696a 100644
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1188.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1188.py
@@ -23,13 +23,10 @@ class T1188(AttackTechnique):
proxy_count += 1
proxy = proxy.tunnel
if proxy_count > 1:
- hops.append({'from': Monkey.get_network_info(initial),
- 'to': Monkey.get_network_info(proxy),
+ hops.append({'from': initial.get_network_info(),
+ 'to': proxy.get_network_info(),
'count': proxy_count})
- if hops:
- status = ScanStatus.USED.value
- else:
- status = ScanStatus.UNSCANNED.value
+ status = ScanStatus.USED.value if hops else ScanStatus.UNSCANNED.value
data = T1188.get_base_data_by_status(status)
data.update({'hops': hops})
return data
diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/Helpers.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/Helpers.js
index adc0d2583..18df4b58f 100644
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/Helpers.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/Helpers.js
@@ -17,6 +17,7 @@ export function renderMachineFromSystemData(data) {
machineStr += ipInfo + ", ";
}
});
+ // Replaces " ," with " )" to finish a list of IP's
return machineStr.slice(0, -2) + " )"
}
diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1090.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1090.js
index 99660cf65..d5fed289f 100644
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1090.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1090.js
@@ -12,7 +12,6 @@ class T1090 extends React.Component {
static getProxyColumns() {
return ([{
- Header: "Proxies were used to communicate with:",
columns: [
{Header: 'Machines',
id: 'machine',
@@ -26,12 +25,15 @@ class T1090 extends React.Component {
<div>{this.props.data.message}</div>
<br/>
{this.props.data.status === scanStatus.USED ?
- <ReactTable
- columns={T1090.getProxyColumns()}
- data={this.props.data.proxies}
- showPagination={false}
- defaultPageSize={this.props.data.proxies.length}
- /> : ""}
+ <div>
+ <p>Proxies were used to communicate with:</p>
+ <ReactTable
+ columns={T1090.getProxyColumns()}
+ data={this.props.data.proxies}
+ showPagination={false}
+ defaultPageSize={this.props.data.proxies.length}
+ />
+ </div>: ""}
</div>
);
}
diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1188.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1188.js
index f938c5e3f..c28a8092c 100644
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1188.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1188.js
@@ -12,7 +12,7 @@ class T1188 extends React.Component {
static getHopColumns() {
return ([{
- Header: "Communications trough multi-hop proxies",
+ Header: "Communications through multi-hop proxies",
columns: [
{Header: 'From',
id: 'from',
From e9d39577eedbaa14abebf30fbc4f87fad6c790ad Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Mon, 19 Aug 2019 15:17:48 +0300
Subject: [PATCH 2/2] Fixed bug in unit test for tunneling
---
monkey/monkey_island/cc/models/test_monkey.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/monkey/monkey_island/cc/models/test_monkey.py b/monkey/monkey_island/cc/models/test_monkey.py
index a44512995..ba8ff10fc 100644
--- a/monkey/monkey_island/cc/models/test_monkey.py
+++ b/monkey/monkey_island/cc/models/test_monkey.py
@@ -86,10 +86,10 @@ class TestMonkey(IslandTestCase):
description="Linux shay-Virtual-Machine")
windows_monkey = Monkey(guid=str(uuid.uuid4()),
description="Windows bla bla bla",
- tunneling=linux_monkey)
+ tunnel=linux_monkey)
unknown_monkey = Monkey(guid=str(uuid.uuid4()),
description="bla bla bla",
- tunneling=windows_monkey)
+ tunnel=windows_monkey)
linux_monkey.save()
windows_monkey.save()
unknown_monkey.save()