Agent: Revise event publishing in SSHExploiter

2022-10-04 12:46:28 +02:00 · 2022-10-04 12:46:28 +02:00 · ddaada1f09
parent e2453e481c
commit ddaada1f09
1 changed files with 43 additions and 0 deletions
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@ -188,12 +188,23 @@ class SSHExploiter(HostExploiter):
                    self.exploit_result.error_message = f"SSH Skipping unknown os: {uname_os}"

                    if not uname_os:
+                        self._publish_propagation_event(
+                            target=self.host.ip_addr,
+                            propagation_success=False,
+                            error_message=self.exploit_result.error_message,
+                        )
+
                        logger.error(self.exploit_result.error_message)
                    return self.exploit_result
            except Exception as exc:
                self.exploit_result.error_message = (
                    f"Error running uname os command on victim {self.host}: ({exc})"
                )
+                self._publish_propagation_event(
+                    target=self.host.ip_addr,
+                    propagation_success=False,
+                    error_message=self.exploit_result.error_message,
+                )

                logger.error(self.exploit_result.error_message)
                return self.exploit_result
@ -207,6 +218,12 @@ class SSHExploiter(HostExploiter):
                f"Can't find suitable monkey executable for host {self.host}"
            )

+            self._publish_propagation_event(
+                target=self.host.ip_addr,
+                propagation_success=False,
+                error_message=self.exploit_result.error_message,
+            )
+
            logger.error(self.exploit_result.error_message)
            return self.exploit_result

@ -242,7 +259,14 @@ class SSHExploiter(HostExploiter):
                monkey_path_on_victim,
            )
        )
+
        if status == ScanStatus.SCANNED:
+            self._publish_propagation_event(
+                target=self.host.ip_addr,
+                propagation_success=False,
+                error_message=self.exploit_result.error_message,
+                tags=frozenset((T1105_ATTACK_TECHNIQUE_TAG,)),
+            )
            return self.exploit_result

        try:
@ -260,6 +284,12 @@ class SSHExploiter(HostExploiter):

            self.exploit_result.propagation_success = True

+            self._publish_propagation_event(
+                target=self.host.ip_addr,
+                propagation_success=True,
+                tags=frozenset((T1105_ATTACK_TECHNIQUE_TAG,)),
+            )
+
            ssh.close()
            self.add_executed_cmd(cmdline)
            return self.exploit_result
@ -269,6 +299,13 @@ class SSHExploiter(HostExploiter):
                f"Error running monkey on victim {self.host}: ({exc})"
            )

+            self._publish_propagation_event(
+                target=self.host.ip_addr,
+                propagation_success=False,
+                error_message=self.exploit_result.error_message,
+                tags=frozenset((T1105_ATTACK_TECHNIQUE_TAG,)),
+            )
+
            logger.error(self.exploit_result.error_message)
            return self.exploit_result

@ -283,3 +320,9 @@ class SSHExploiter(HostExploiter):
                self.host,
            )
        )
+
+        self._publish_propagation_event(
+            target=self.host.ip_addr,
+            propagation_success=False,
+            tags=frozenset((T1222_ATTACK_TECHNIQUE_TAG,)),
+        )