Island: Add formatting credentials for report

monkey/monkey_island/cc/services/reporting/stolen_credentials.py

@@ -1,48 +1,35 @@
 import logging
 from typing import Mapping, Sequence
 
-from common.credentials import CredentialComponentType
+from common.credentials import CredentialComponentType, Credentials
-from monkey_island.cc.models import StolenCredentials
 
 logger = logging.getLogger(__name__)
 
 
-def get_stolen_creds() -> Sequence[Mapping]:
+def format_creds_for_reporting(credentials: Sequence[Credentials]) -> Sequence[Mapping]:
-    stolen_creds = _fetch_from_db()
-    stolen_creds = _format_creds_for_reporting(stolen_creds)
-
     logger.info("Stolen creds generated for reporting")
-    return stolen_creds
 
-
-def _fetch_from_db() -> Sequence[StolenCredentials]:
-    return list(StolenCredentials.objects())
-
-
-def _format_creds_for_reporting(credentials: Sequence[StolenCredentials]):
     formatted_creds = []
     cred_type_dict = {
-        CredentialComponentType.PASSWORD.name: "Clear Password",
+        CredentialComponentType.PASSWORD: "Clear Password",
-        CredentialComponentType.LM_HASH.name: "LM hash",
+        CredentialComponentType.LM_HASH: "LM hash",
-        CredentialComponentType.NT_HASH.name: "NTLM hash",
+        CredentialComponentType.NT_HASH: "NTLM hash",
-        CredentialComponentType.SSH_KEYPAIR.name: "Clear SSH private key",
+        CredentialComponentType.SSH_KEYPAIR: "Clear SSH private key",
     }
-
     for cred in credentials:
         for secret_type in cred.secrets:
-            if secret_type not in cred_type_dict:
+            if secret_type.credential_type not in cred_type_dict:
                 continue
             username = _get_username(cred)
             cred_row = {
                 "username": username,
-                "_type": secret_type,
+                "_type": secret_type.credential_type.name,
-                "type": cred_type_dict[secret_type],
+                "type": cred_type_dict[secret_type.credential_type],
-                "origin": cred.monkey.hostname,
             }
             if cred_row not in formatted_creds:
                 formatted_creds.append(cred_row)
     return formatted_creds
 
 
-def _get_username(credentials: StolenCredentials) -> str:
+def _get_username(credentials: Credentials) -> str:
-    return credentials.identities[0]["username"] if credentials.identities else ""
+    return credentials.identities[0].username if credentials.identities else ""

monkey/tests/unit_tests/monkey_island/cc/services/reporting/test_stolen_credentials.py

@@ -1,70 +1,54 @@
-import pytest
+from common.credentials import (
-
+    CredentialComponentType,
-from common.credentials import CredentialComponentType
+    Credentials,
-from monkey_island.cc.models import Monkey, StolenCredentials
+    LMHash,
-from monkey_island.cc.services.reporting.stolen_credentials import get_stolen_creds
+    NTHash,
+    Password,
+    SSHKeypair,
+    Username,
+)
+from monkey_island.cc.services.reporting.stolen_credentials import format_creds_for_reporting
 
 monkey_hostname = "fake_hostname"
 fake_monkey_guid = "abc"
 
-fake_username = "m0nk3y_user"
+fake_username = Username("m0nk3y_user")
-fake_nt_hash = "c1c58f96cdf212b50837bc11a00be47c"
+fake_nt_hash = NTHash("AEBD4DE384C7EC43AAD3B435B51404EE")
-fake_lm_hash = "299BD128C1101FD6"
+fake_lm_hash = LMHash("7A21990FCD3D759941E45C490F143D5F")
-fake_password = "trytostealthis"
+fake_password = Password("trytostealthis")
-fake_ssh_key = "RSA_fake_key"
+fake_ssh_public_key = "RSA_public_key"
-fake_credentials = {
+fake_ssh_private_key = "RSA_private_key"
-    "identities": [{"username": fake_username, "credential_type": "USERNAME"}],
+fake_ssh_key = SSHKeypair(fake_ssh_private_key, fake_ssh_public_key)
-    "secrets": [
+
-        CredentialComponentType.NT_HASH.name,
+identities = (fake_username,)
-        CredentialComponentType.LM_HASH.name,
+secrets = (fake_nt_hash, fake_lm_hash, fake_password, fake_ssh_key)
-        CredentialComponentType.PASSWORD.name,
+
-        CredentialComponentType.SSH_KEYPAIR.name,
+fake_credentials = [Credentials(identities, secrets)]
-    ],
-}
 
 
-@pytest.fixture
+def test_formatting_credentials_for_report():
-def fake_monkey():
-    monkey = Monkey()
-    monkey.guid = fake_monkey_guid
-    monkey.hostname = monkey_hostname
-    monkey.save()
-    return monkey.id
 
-
+    credentials = format_creds_for_reporting(fake_credentials)
-@pytest.mark.usefixtures("uses_database")
-def test_get_credentials(fake_monkey):
-    StolenCredentials(
-        identities=fake_credentials["identities"],
-        secrets=fake_credentials["secrets"],
-        monkey=fake_monkey,
-    ).save()
-
-    credentials = get_stolen_creds()
 
     result1 = {
-        "origin": monkey_hostname,
         "_type": CredentialComponentType.NT_HASH.name,
         "type": "NTLM hash",
-        "username": fake_username,
+        "username": fake_username.username,
     }
     result2 = {
-        "origin": monkey_hostname,
         "_type": CredentialComponentType.LM_HASH.name,
         "type": "LM hash",
-        "username": fake_username,
+        "username": fake_username.username,
     }
     result3 = {
-        "origin": monkey_hostname,
         "_type": CredentialComponentType.PASSWORD.name,
         "type": "Clear Password",
-        "username": fake_username,
+        "username": fake_username.username,
     }
     result4 = {
-        "origin": monkey_hostname,
         "_type": CredentialComponentType.SSH_KEYPAIR.name,
         "type": "Clear SSH private key",
-        "username": fake_username,
+        "username": fake_username.username,
     }
     assert result1 in credentials
     assert result2 in credentials