p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Refactored scan status to use numeric value and other PR fixes

This commit is contained in:
VakarisZ 2019-07-08 13:44:15 +03:00
parent bc1be8e452
commit 967fec8487
14 changed files with 33 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
monkey/infection_monkey/monkey.py
View File

@ -243,10 +243,8 @@ class InfectionMonkey(object):
@staticmethod
def self_delete():
if utils.remove_monkey_dir():
T1107Telem(ScanStatus.USED, utils.get_monkey_dir_path()).send()
else:
T1107Telem(ScanStatus.SCANNED, utils.get_monkey_dir_path()).send()
status = ScanStatus.USED if utils.remove_monkey_dir() else ScanStatus.SCANNED
T1107Telem(status, utils.get_monkey_dir_path()).send()
if WormConfiguration.self_delete_in_cleanup \
and -1 == sys.executable.find('python'):

2
monkey/monkey_island/cc/services/attack/attack_report.py
View File

@ -58,12 +58,12 @@ class AttackReportService:
Gets latest report (by retrieving it from db or generating a new one).
:return: report dict.
"""
return AttackReportService.generate_new_report()
if AttackReportService.is_report_generated():
telem_time = AttackReportService.get_latest_attack_telem_time()
latest_report = mongo.db.attack_report.find_one({'name': REPORT_NAME})
if telem_time and latest_report['latest_telem_time'] and telem_time == latest_report['latest_telem_time']:
return latest_report
return AttackReportService.generate_new_report()
@staticmethod
def is_report_generated():

2
monkey/monkey_island/cc/services/attack/technique_reports/T1107.py
View File

@ -7,7 +7,7 @@ __author__ = "VakarisZ"
class T1107(AttackTechnique):
tech_id = "T1107"
unscanned_msg = ""
scanned_msg = "Monkey tried to delete files on a system in the network but failed."
scanned_msg = "Monkey tried to delete files on systems in the network, but failed."
used_msg = "Monkey successfully deleted files on systems in the network."
query = [{'$match': {'telem_category': 'attack',

10
monkey/monkey_island/cc/services/attack/technique_reports/__init__.py
View File

@ -55,13 +55,13 @@ class AttackTechnique(object):
if mongo.db.telemetry.find_one({'telem_category': 'attack',
'data.status': ScanStatus.USED.value,
'data.technique': cls.tech_id}):
return ScanStatus.USED
return ScanStatus.USED.value
elif mongo.db.telemetry.find_one({'telem_category': 'attack',
'data.status': ScanStatus.SCANNED.value,
'data.technique': cls.tech_id}):
return ScanStatus.SCANNED
return ScanStatus.SCANNED.value
else:
return ScanStatus.UNSCANNED
return ScanStatus.UNSCANNED.value
@classmethod
def get_message_and_status(cls, status):
@ -70,7 +70,7 @@ class AttackTechnique(object):
:param status: Enum type value from common/attack_utils.py
:return: Dict with message and status
"""
return {'message': cls.get_message_by_status(status), 'status': status.name}
return {'message': cls.get_message_by_status(status), 'status': status.value}
@classmethod
def get_message_by_status(cls, status):
@ -102,7 +102,7 @@ class AttackTechnique(object):
data = {}
status = cls.technique_status()
title = cls.technique_title()
data.update({'status': status.name,
data.update({'status': status,
'title': title,
'message': cls.get_message_by_status(status)})
return data

6
monkey/monkey_island/cc/ui/src/components/attack/techniques/Helpers.js
View File

@ -19,3 +19,9 @@ export function renderMachineFromSystemData(data) {
});
return machineStr + ")"
}
export const scanStatus = {
UNSCANNED: 0,
SCANNED: 1,
USED: 2
};

3
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1003.js
View File

@ -2,6 +2,7 @@ import React from 'react';
import '../../../styles/Collapse.scss'
import '../../report-components/StolenPasswords'
import StolenPasswordsComponent from "../../report-components/StolenPasswords";
import {scanStatus} from "./Helpers"
class T1003 extends React.Component {
@ -15,7 +16,7 @@ class T1003 extends React.Component {
<div>
<div>{this.props.data.message}</div>
<br/>
{this.props.data.status === 'USED' ?
{this.props.data.status === scanStatus.USED ?
<StolenPasswordsComponent data={this.props.reportData.glance.stolen_creds.concat(this.props.reportData.glance.ssh_keys)}/>
: ""}
</div>

4
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js
View File

@ -1,7 +1,7 @@
import React from 'react';
import '../../../styles/Collapse.scss'
import ReactTable from "react-table";
import { renderMachine } from "./Helpers"
import { renderMachine, scanStatus } from "./Helpers"
class T1059 extends React.Component {
@ -25,7 +25,7 @@ class T1059 extends React.Component {
<div>
<div>{this.props.data.message}</div>
<br/>
{this.props.data.status === 'USED' ?
{this.props.data.status === scanStatus.USED ?
<ReactTable
columns={T1059.getCommandColumns()}
data={this.props.data.cmds}

4
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1075.js
View File

@ -1,7 +1,7 @@
import React from 'react';
import '../../../styles/Collapse.scss'
import ReactTable from "react-table";
import { renderMachine } from "./Helpers"
import { renderMachine, scanStatus } from "./Helpers"
class T1075 extends React.Component {
@ -34,7 +34,7 @@ class T1075 extends React.Component {
<div>
<div>{this.props.data.message}</div>
<br/>
{this.props.data.status === 'USED' ?
{this.props.data.status !== scanStatus.UNSCANNED ?
<ReactTable
columns={T1075.getHashColumns()}
data={this.props.data.successful_logins}

4
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1082.js
View File

@ -1,7 +1,7 @@
import React from 'react';
import '../../../styles/Collapse.scss'
import ReactTable from "react-table";
import { renderMachineFromSystemData } from "./Helpers"
import { renderMachineFromSystemData, scanStatus } from "./Helpers"
class T1082 extends React.Component {
@ -33,7 +33,7 @@ class T1082 extends React.Component {
<div>
<div>{this.props.data.message}</div>
<br/>
{this.props.data.status === 'USED' ?
{this.props.data.status === scanStatus.USED ?
<ReactTable
columns={T1082.getSystemInfoColumns()}
data={this.props.data.system_info}

4
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1086.js
View File

@ -1,7 +1,7 @@
import React from 'react';
import '../../../styles/Collapse.scss'
import ReactTable from "react-table";
import { renderMachine } from "./Helpers"
import { renderMachine, scanStatus } from "./Helpers"
class T1086 extends React.Component {
@ -25,7 +25,7 @@ class T1086 extends React.Component {
<div>
<div>{this.props.data.message}</div>
<br/>
{this.props.data.status === 'USED' ?
{this.props.data.status === scanStatus.USED ?
<ReactTable
columns={T1086.getPowershellColumns()}
data={this.props.data.cmds}

2
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1107.js
View File

@ -1,7 +1,7 @@
import React from 'react';
import '../../../styles/Collapse.scss'
import ReactTable from "react-table";
import { renderMachineFromSystemData } from "./Helpers"
import { renderMachineFromSystemData, scanStatus } from "./Helpers"
class T1107 extends React.Component {

4
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1110.js
View File

@ -1,7 +1,7 @@
import React from 'react';
import '../../../styles/Collapse.scss'
import ReactTable from "react-table";
import { renderMachine } from "./Helpers"
import { renderMachine, scanStatus } from "./Helpers"
class T1110 extends React.Component {
@ -32,7 +32,7 @@ class T1110 extends React.Component {
<div>
<div>{this.props.data.message}</div>
<br/>
{(this.props.data.status === 'SCANNED' || this.props.data.status === 'USED') ?
{this.props.data.status !== scanStatus.UNSCANNED ?
<ReactTable
columns={T1110.getServiceColumns()}
data={this.props.data.services}

4
monkey/monkey_island/cc/ui/src/components/attack/techniques/T1145.js
View File

@ -1,7 +1,7 @@
import React from 'react';
import '../../../styles/Collapse.scss'
import ReactTable from "react-table";
import { renderMachineFromSystemData } from "./Helpers"
import { renderMachineFromSystemData, scanStatus } from "./Helpers"
class T1145 extends React.Component {
@ -38,7 +38,7 @@ class T1145 extends React.Component {
<div>
<div>{this.props.data.message}</div>
<br/>
{this.props.data.status === 'USED' ?
{this.props.data.status === scanStatus.USED ?
<ReactTable
columns={T1145.getKeysInfoColumns()}
data={this.props.data.ssh_info}

5
monkey/monkey_island/cc/ui/src/components/report-components/AttackReport.js
View File

@ -4,6 +4,7 @@ import {ReactiveGraph} from 'components/reactive-graph/ReactiveGraph';
import {edgeGroupToColor, options} from 'components/map/MapOptions';
import '../../styles/Collapse.scss';
import AuthComponent from '../AuthComponent';
import {scanStatus} from "../attack/techniques/Helpers";
import Collapse from '@kunukn/react-collapse';
import T1210 from '../attack/techniques/T1210';
import T1197 from '../attack/techniques/T1197';
@ -77,9 +78,9 @@ class AttackReportPageComponent extends AuthComponent {
getComponentClass(tech_id){
switch (this.state.report[tech_id].status) {
case 'SCANNED':
case scanStatus.SCANNED:
return 'collapse-info';
case 'USED':
case scanStatus.USED:
return 'collapse-danger';
default:
return 'collapse-default';