Updated private keys attack technique

This commit is contained in:
VakarisZ 2019-06-26 17:32:31 +03:00
parent 8a96068ddd
commit a8a355afb2
5 changed files with 12 additions and 11 deletions

View File

@ -1,7 +1,6 @@
import logging import logging
from monkey_island.cc.services.attack.technique_reports import T1210, T1197, T1110, T1075, T1003, T1059, T1086, T1082 from monkey_island.cc.services.attack.technique_reports import T1210, T1197, T1110, T1075, T1003, T1059, T1086, T1082
from monkey_island.cc.services.attack.technique_reports import T1145 from monkey_island.cc.services.attack.technique_reports import T1145
from monkey_island.cc.services.attack.attack_telem import AttackTelemService
from monkey_island.cc.services.attack.attack_config import AttackConfig from monkey_island.cc.services.attack.attack_config import AttackConfig
from monkey_island.cc.database import mongo from monkey_island.cc.database import mongo

View File

@ -40,11 +40,11 @@ class T1110(AttackTechnique):
status = ScanStatus.SCANNED status = ScanStatus.SCANNED
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED
data = T1110.get_message_and_status(status) data = T1110.get_base_data_by_status(status)
# Remove data with no successful brute force attempts # Remove data with no successful brute force attempts
attempts = [attempt for attempt in attempts if attempt['attempts']] attempts = [attempt for attempt in attempts if attempt['attempts']]
data.update({'services': attempts, 'title': T1110.technique_title()}) data.update({'services': attempts})
return data return data
@staticmethod @staticmethod

View File

@ -12,7 +12,7 @@ class T1145(AttackTechnique):
used_msg = "Monkey found ssh keys on machines in the network." used_msg = "Monkey found ssh keys on machines in the network."
# Gets data about ssh keys found # Gets data about ssh keys found
query = [{'$match': {'telem_type': 'system_info_collection', query = [{'$match': {'telem_category': 'system_info_collection',
'data.ssh_info': {'$elemMatch': {'private_key': {'$exists': True}}}}}, 'data.ssh_info': {'$elemMatch': {'private_key': {'$exists': True}}}}},
{'$project': {'_id': 0, {'$project': {'_id': 0,
'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'}, 'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'},
@ -23,9 +23,9 @@ class T1145(AttackTechnique):
ssh_info = list(mongo.db.telemetry.aggregate(T1145.query)) ssh_info = list(mongo.db.telemetry.aggregate(T1145.query))
if ssh_info: if ssh_info:
data = T1145.get_base_data_by_status(T1145, ScanStatus.USED) status = ScanStatus.USED
else: else:
data = T1145.get_base_data_by_status(T1145, ScanStatus.UNSCANNED) status = ScanStatus.UNSCANNED
data = T1145.get_base_data_by_status(status)
data.update({'ssh_info': ssh_info}) data.update({'ssh_info': ssh_info})
return data return data

View File

@ -107,8 +107,8 @@ class AttackTechnique(object):
'message': cls.get_message_by_status(status)}) 'message': cls.get_message_by_status(status)})
return data return data
@staticmethod @classmethod
def get_base_data_by_status(technique, status): def get_base_data_by_status(cls, status):
data = technique.get_message_and_status(technique, status) data = cls.get_message_and_status(status)
data.update({'title': technique.technique_title(technique.tech_id)}) data.update({'title': cls.technique_title()})
return data return data

View File

@ -6,6 +6,8 @@ export function renderMachine(val){
) )
} }
/* Function takes data gathered from system info collector and creates a
string representation of machine from that data. */
export function renderMachineFromSystemData(data) { export function renderMachineFromSystemData(data) {
let machineStr = data['hostname'] + " ( "; let machineStr = data['hostname'] + " ( ";
data['ips'].forEach(function(ipInfo){ data['ips'].forEach(function(ipInfo){