forked from p15670423/monkey
Added node and edge based on bootloader telemetry.
This commit is contained in:
VakarisZ
parent
0c157986b7
commit
72d266a1b8
|
|
@ -27,6 +27,7 @@ class BootloaderHTTPRequestHandler(BaseHTTPRequestHandler):
|
||||||
conf = self.server.mongo_client['monkeyisland']['config'].find_one({'name': 'initial'})
|
conf = self.server.mongo_client['monkeyisland']['config'].find_one({'name': 'initial'})
|
||||||
island_server_path = BootloaderHTTPRequestHandler.get_bootloader_resource_path_from_config(conf)
|
island_server_path = BootloaderHTTPRequestHandler.get_bootloader_resource_path_from_config(conf)
|
||||||
r = requests.post(url=island_server_path, data=post_data, verify=False)
|
r = requests.post(url=island_server_path, data=post_data, verify=False)
|
||||||
|
|
||||||
if r.status_code != 200:
|
if r.status_code != 200:
|
||||||
self.send_response(404)
|
self.send_response(404)
|
||||||
else:
|
else:
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,11 @@
|
||||||
|
import json
|
||||||
|
|
||||||
import flask_restful
|
import flask_restful
|
||||||
from flask import request, make_response
|
from flask import request, make_response
|
||||||
|
|
||||||
|
from monkey_island.cc.database import mongo
|
||||||
|
from monkey_island.cc.services.node import NodeService
|
||||||
|
|
||||||
WINDOWS_VERSIONS = {
|
WINDOWS_VERSIONS = {
|
||||||
"5.0": "Windows 2000",
|
"5.0": "Windows 2000",
|
||||||
"5.1": "Windows XP",
|
"5.1": "Windows XP",
|
||||||
|
|
@ -17,9 +22,11 @@ class Bootloader(flask_restful.Resource):
|
||||||
|
|
||||||
# Used by monkey. can't secure.
|
# Used by monkey. can't secure.
|
||||||
def post(self, **kw):
|
def post(self, **kw):
|
||||||
os_version = request.data.decode().split(" ")
|
data = json.loads(request.data.decode().replace("\n", ""))
|
||||||
if (os_version[0][0] == "W"):
|
local_addr = [i for i in data["ips"] if i.startswith("127")]
|
||||||
os_type = "windows"
|
if local_addr:
|
||||||
os_version = os_version[1:]
|
data["ips"].remove(local_addr[0])
|
||||||
|
mongo.db.bootloader_telems.insert(data)
|
||||||
|
node_id = NodeService.get_or_create_node_from_bootloader_telem(data)
|
||||||
|
|
||||||
return make_response({"status": "OK"}, 200)
|
return make_response({"status": "OK"}, 200)
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ from bson import ObjectId
|
||||||
|
|
||||||
from monkey_island.cc.database import mongo
|
from monkey_island.cc.database import mongo
|
||||||
import monkey_island.cc.services.node
|
import monkey_island.cc.services.node
|
||||||
from monkey_island.cc.models import Monkey
|
from monkey_island.cc.models.monkey import Monkey, MonkeyNotFoundError
|
||||||
|
|
||||||
__author__ = "itay.mizeretz"
|
__author__ = "itay.mizeretz"
|
||||||
|
|
||||||
|
|
@ -145,7 +145,10 @@ class EdgeService:
|
||||||
from_id = edge["from"]
|
from_id = edge["from"]
|
||||||
to_id = edge["to"]
|
to_id = edge["to"]
|
||||||
|
|
||||||
|
try:
|
||||||
from_label = Monkey.get_label_by_id(from_id)
|
from_label = Monkey.get_label_by_id(from_id)
|
||||||
|
except MonkeyNotFoundError:
|
||||||
|
from_label = node_service.get_node_by_id(from_id)['domain_name']
|
||||||
|
|
||||||
if to_id == ObjectId("000000000000000000000000"):
|
if to_id == ObjectId("000000000000000000000000"):
|
||||||
to_label = 'MonkeyIsland'
|
to_label = 'MonkeyIsland'
|
||||||
|
|
|
||||||
|
|
@ -207,6 +207,42 @@ class NodeService:
|
||||||
})
|
})
|
||||||
return mongo.db.node.find_one({"_id": new_node_insert_result.inserted_id})
|
return mongo.db.node.find_one({"_id": new_node_insert_result.inserted_id})
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def create_node_from_bootloader_telem(bootloader_telem):
|
||||||
|
new_node_insert_result = mongo.db.node.insert_one(
|
||||||
|
{
|
||||||
|
"ip_addresses": bootloader_telem['ips'],
|
||||||
|
"domain_name": bootloader_telem['hostname'],
|
||||||
|
"exploited": False,
|
||||||
|
"creds": [],
|
||||||
|
"os":
|
||||||
|
{
|
||||||
|
"type": bootloader_telem['system'],
|
||||||
|
"version": bootloader_telem['os_version']
|
||||||
|
}
|
||||||
|
})
|
||||||
|
return mongo.db.node.find_one({"_id": new_node_insert_result.inserted_id})
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_or_create_node_from_bootloader_telem(bootloader_telem):
|
||||||
|
new_node = mongo.db.node.find_one({"domain_name": bootloader_telem['hostname'],
|
||||||
|
"ip_addresses": bootloader_telem['ips']})
|
||||||
|
if new_node is None:
|
||||||
|
new_node = NodeService.create_node_from_bootloader_telem(bootloader_telem)
|
||||||
|
if bootloader_telem['tunnel']:
|
||||||
|
dst_node = NodeService.get_node_or_monkey_by_ip(bootloader_telem['tunnel'])
|
||||||
|
else:
|
||||||
|
dst_node = NodeService.get_monkey_island_node()
|
||||||
|
edge = EdgeService.get_or_create_edge(new_node['_id'], dst_node['id'])
|
||||||
|
mongo.db.edge.update({"_id": edge["_id"]},
|
||||||
|
{'$set': {'tunnel': bool(bootloader_telem['tunnel']),
|
||||||
|
'exploited': (not bool(bootloader_telem['tunnel'])),
|
||||||
|
'ip_address': bootloader_telem['ips'][0],
|
||||||
|
'group': 'island'}},
|
||||||
|
upsert=False)
|
||||||
|
|
||||||
|
return new_node
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_or_create_node(ip_address, domain_name=''):
|
def get_or_create_node(ip_address, domain_name=''):
|
||||||
new_node = mongo.db.node.find_one({"ip_addresses": ip_address})
|
new_node = mongo.db.node.find_one({"ip_addresses": ip_address})
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue