Island: Add formatting credentials for report

2022-07-15 15:22:30 +02:00 · 2022-07-15 15:22:30 +02:00 · c83f76b02b
parent c75ee22c29
commit c83f76b02b
2 changed files with 39 additions and 68 deletions
--- a/monkey/monkey_island/cc/services/reporting/stolen_credentials.py
+++ b/monkey/monkey_island/cc/services/reporting/stolen_credentials.py
@ -1,48 +1,35 @@
 import logging
 from typing import Mapping, Sequence

-from common.credentials import CredentialComponentType
-from monkey_island.cc.models import StolenCredentials
+from common.credentials import CredentialComponentType, Credentials

 logger = logging.getLogger(__name__)


-def get_stolen_creds() -> Sequence[Mapping]:
-    stolen_creds = _fetch_from_db()
-    stolen_creds = _format_creds_for_reporting(stolen_creds)
-
+def format_creds_for_reporting(credentials: Sequence[Credentials]) -> Sequence[Mapping]:
    logger.info("Stolen creds generated for reporting")
-    return stolen_creds

-
-def _fetch_from_db() -> Sequence[StolenCredentials]:
-    return list(StolenCredentials.objects())
-
-
-def _format_creds_for_reporting(credentials: Sequence[StolenCredentials]):
    formatted_creds = []
    cred_type_dict = {
-        CredentialComponentType.PASSWORD.name: "Clear Password",
-        CredentialComponentType.LM_HASH.name: "LM hash",
-        CredentialComponentType.NT_HASH.name: "NTLM hash",
-        CredentialComponentType.SSH_KEYPAIR.name: "Clear SSH private key",
+        CredentialComponentType.PASSWORD: "Clear Password",
+        CredentialComponentType.LM_HASH: "LM hash",
+        CredentialComponentType.NT_HASH: "NTLM hash",
+        CredentialComponentType.SSH_KEYPAIR: "Clear SSH private key",
    }
-
    for cred in credentials:
        for secret_type in cred.secrets:
-            if secret_type not in cred_type_dict:
+            if secret_type.credential_type not in cred_type_dict:
                continue
            username = _get_username(cred)
            cred_row = {
                "username": username,
-                "_type": secret_type,
-                "type": cred_type_dict[secret_type],
-                "origin": cred.monkey.hostname,
+                "_type": secret_type.credential_type.name,
+                "type": cred_type_dict[secret_type.credential_type],
            }
            if cred_row not in formatted_creds:
                formatted_creds.append(cred_row)
    return formatted_creds


-def _get_username(credentials: StolenCredentials) -> str:
-    return credentials.identities[0]["username"] if credentials.identities else ""
+def _get_username(credentials: Credentials) -> str:
+    return credentials.identities[0].username if credentials.identities else ""
--- a/monkey/tests/unit_tests/monkey_island/cc/services/reporting/test_stolen_credentials.py
+++ b/monkey/tests/unit_tests/monkey_island/cc/services/reporting/test_stolen_credentials.py
@ -1,70 +1,54 @@
-import pytest
-
-from common.credentials import CredentialComponentType
-from monkey_island.cc.models import Monkey, StolenCredentials
-from monkey_island.cc.services.reporting.stolen_credentials import get_stolen_creds
+from common.credentials import (
+    CredentialComponentType,
+    Credentials,
+    LMHash,
+    NTHash,
+    Password,
+    SSHKeypair,
+    Username,
+)
+from monkey_island.cc.services.reporting.stolen_credentials import format_creds_for_reporting

 monkey_hostname = "fake_hostname"
 fake_monkey_guid = "abc"

-fake_username = "m0nk3y_user"
-fake_nt_hash = "c1c58f96cdf212b50837bc11a00be47c"
-fake_lm_hash = "299BD128C1101FD6"
-fake_password = "trytostealthis"
-fake_ssh_key = "RSA_fake_key"
-fake_credentials = {
-    "identities": [{"username": fake_username, "credential_type": "USERNAME"}],
-    "secrets": [
-        CredentialComponentType.NT_HASH.name,
-        CredentialComponentType.LM_HASH.name,
-        CredentialComponentType.PASSWORD.name,
-        CredentialComponentType.SSH_KEYPAIR.name,
-    ],
-}
+fake_username = Username("m0nk3y_user")
+fake_nt_hash = NTHash("AEBD4DE384C7EC43AAD3B435B51404EE")
+fake_lm_hash = LMHash("7A21990FCD3D759941E45C490F143D5F")
+fake_password = Password("trytostealthis")
+fake_ssh_public_key = "RSA_public_key"
+fake_ssh_private_key = "RSA_private_key"
+fake_ssh_key = SSHKeypair(fake_ssh_private_key, fake_ssh_public_key)
+
+identities = (fake_username,)
+secrets = (fake_nt_hash, fake_lm_hash, fake_password, fake_ssh_key)
+
+fake_credentials = [Credentials(identities, secrets)]


-@pytest.fixture
-def fake_monkey():
-    monkey = Monkey()
-    monkey.guid = fake_monkey_guid
-    monkey.hostname = monkey_hostname
-    monkey.save()
-    return monkey.id
+def test_formatting_credentials_for_report():

-
-@pytest.mark.usefixtures("uses_database")
-def test_get_credentials(fake_monkey):
-    StolenCredentials(
-        identities=fake_credentials["identities"],
-        secrets=fake_credentials["secrets"],
-        monkey=fake_monkey,
-    ).save()
-
-    credentials = get_stolen_creds()
+    credentials = format_creds_for_reporting(fake_credentials)

    result1 = {
-        "origin": monkey_hostname,
        "_type": CredentialComponentType.NT_HASH.name,
        "type": "NTLM hash",
-        "username": fake_username,
+        "username": fake_username.username,
    }
    result2 = {
-        "origin": monkey_hostname,
        "_type": CredentialComponentType.LM_HASH.name,
        "type": "LM hash",
-        "username": fake_username,
+        "username": fake_username.username,
    }
    result3 = {
-        "origin": monkey_hostname,
        "_type": CredentialComponentType.PASSWORD.name,
        "type": "Clear Password",
-        "username": fake_username,
+        "username": fake_username.username,
    }
    result4 = {
-        "origin": monkey_hostname,
        "_type": CredentialComponentType.SSH_KEYPAIR.name,
        "type": "Clear SSH private key",
-        "username": fake_username,
+        "username": fake_username.username,
    }
    assert result1 in credentials
    assert result2 in credentials