Agent, Island: remove hostname collector

This commit is contained in:
VakarisZ 2021-11-17 11:30:12 +02:00
parent c0f4435e5c
commit a8d6f936f1
9 changed files with 3 additions and 63 deletions

View File

@ -1,4 +1,3 @@
AWS_COLLECTOR = "AwsCollector" AWS_COLLECTOR = "AwsCollector"
HOSTNAME_COLLECTOR = "HostnameCollector"
PROCESS_LIST_COLLECTOR = "ProcessListCollector" PROCESS_LIST_COLLECTOR = "ProcessListCollector"
MIMIKATZ_COLLECTOR = "MimikatzCollector" MIMIKATZ_COLLECTOR = "MimikatzCollector"

View File

@ -1,15 +0,0 @@
import logging
import socket
from common.common_consts.system_info_collectors_names import HOSTNAME_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
logger = logging.getLogger(__name__)
class HostnameCollector(SystemInfoCollector):
def __init__(self):
super().__init__(name=HOSTNAME_COLLECTOR)
def collect(self) -> dict:
return {"hostname": socket.getfqdn()}

View File

@ -122,16 +122,6 @@ class Monkey(Document):
""" """
return Monkey.get_single_monkey_by_id(object_id).hostname return Monkey.get_single_monkey_by_id(object_id).hostname
def set_hostname(self, hostname):
"""
Sets a new hostname for a machine and clears the cache for getting it.
:param hostname: The new hostname for the machine.
"""
self.hostname = hostname
self.save()
Monkey.get_hostname_by_id.delete(self.id)
Monkey.get_label_by_id.delete(self.id)
def get_network_info(self): def get_network_info(self):
""" """
Formats network info from monkey's model Formats network info from monkey's model
@ -139,10 +129,8 @@ class Monkey(Document):
""" """
return {"ips": self.ip_addresses, "hostname": self.hostname} return {"ips": self.ip_addresses, "hostname": self.hostname}
@ring.lru(
# data has TTL of 1 second. This is useful for rapid calls for report generation. # data has TTL of 1 second. This is useful for rapid calls for report generation.
expire=1 @ring.lru(expire=1)
)
@staticmethod @staticmethod
def is_monkey(object_id): def is_monkey(object_id):
try: try:

View File

@ -1,6 +1,5 @@
from common.common_consts.system_info_collectors_names import ( from common.common_consts.system_info_collectors_names import (
AWS_COLLECTOR, AWS_COLLECTOR,
HOSTNAME_COLLECTOR,
MIMIKATZ_COLLECTOR, MIMIKATZ_COLLECTOR,
PROCESS_LIST_COLLECTOR, PROCESS_LIST_COLLECTOR,
) )
@ -27,14 +26,6 @@ SYSTEM_INFO_COLLECTOR_CLASSES = {
"currently running on.", "currently running on.",
"attack_techniques": ["T1082"], "attack_techniques": ["T1082"],
}, },
{
"type": "string",
"enum": [HOSTNAME_COLLECTOR],
"title": "Hostname Collector",
"safe": True,
"info": "Collects machine's hostname.",
"attack_techniques": ["T1082", "T1016"],
},
{ {
"type": "string", "type": "string",
"enum": [PROCESS_LIST_COLLECTOR], "enum": [PROCESS_LIST_COLLECTOR],

View File

@ -1,6 +1,5 @@
from common.common_consts.system_info_collectors_names import ( from common.common_consts.system_info_collectors_names import (
AWS_COLLECTOR, AWS_COLLECTOR,
HOSTNAME_COLLECTOR,
MIMIKATZ_COLLECTOR, MIMIKATZ_COLLECTOR,
PROCESS_LIST_COLLECTOR, PROCESS_LIST_COLLECTOR,
) )
@ -88,7 +87,6 @@ MONKEY = {
"items": {"$ref": "#/definitions/system_info_collector_classes"}, "items": {"$ref": "#/definitions/system_info_collector_classes"},
"default": [ "default": [
AWS_COLLECTOR, AWS_COLLECTOR,
HOSTNAME_COLLECTOR,
PROCESS_LIST_COLLECTOR, PROCESS_LIST_COLLECTOR,
MIMIKATZ_COLLECTOR, MIMIKATZ_COLLECTOR,
], ],

View File

@ -1,9 +0,0 @@
import logging
from monkey_island.cc.models.monkey import Monkey
logger = logging.getLogger(__name__)
def process_hostname_telemetry(collector_results, monkey_guid):
Monkey.get_single_monkey_by_guid(monkey_guid).set_hostname(collector_results["hostname"])

View File

@ -1,17 +1,10 @@
import logging import logging
import typing import typing
from common.common_consts.system_info_collectors_names import ( from common.common_consts.system_info_collectors_names import AWS_COLLECTOR, PROCESS_LIST_COLLECTOR
AWS_COLLECTOR,
HOSTNAME_COLLECTOR,
PROCESS_LIST_COLLECTOR,
)
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import ( from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import (
process_aws_telemetry, process_aws_telemetry,
) )
from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (
process_hostname_telemetry,
)
from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import ( from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import (
check_antivirus_existence, check_antivirus_existence,
) )
@ -20,7 +13,6 @@ logger = logging.getLogger(__name__)
SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = { SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
AWS_COLLECTOR: [process_aws_telemetry], AWS_COLLECTOR: [process_aws_telemetry],
HOSTNAME_COLLECTOR: [process_hostname_telemetry],
PROCESS_LIST_COLLECTOR: [check_antivirus_existence], PROCESS_LIST_COLLECTOR: [check_antivirus_existence],
} }

View File

@ -134,9 +134,6 @@ class TestMonkey:
assert cache_info_after_query_2.hits == 1 assert cache_info_after_query_2.hits == 1
assert cache_info_after_query_2.misses == 1 assert cache_info_after_query_2.misses == 1
# set hostname deletes the id from the cache.
linux_monkey.set_hostname("Another hostname")
# should be a miss # should be a miss
label = Monkey.get_label_by_id(linux_monkey.id) label = Monkey.get_label_by_id(linux_monkey.id)
logger.debug("3) ID: {} label: {}".format(linux_monkey.id, label)) logger.debug("3) ID: {} label: {}".format(linux_monkey.id, label))

View File

@ -97,7 +97,6 @@ Timestomping # unused class (monkey/infection_monkey/post_breach/actions/timest
SignedScriptProxyExecution # unused class (monkey/infection_monkey/post_breach/actions/use_signed_scripts.py:15) SignedScriptProxyExecution # unused class (monkey/infection_monkey/post_breach/actions/use_signed_scripts.py:15)
AwsCollector # unused class (monkey/infection_monkey/system_info/collectors/aws_collector.py:15) AwsCollector # unused class (monkey/infection_monkey/system_info/collectors/aws_collector.py:15)
EnvironmentCollector # unused class (monkey/infection_monkey/system_info/collectors/environment_collector.py:19) EnvironmentCollector # unused class (monkey/infection_monkey/system_info/collectors/environment_collector.py:19)
HostnameCollector # unused class (monkey/infection_monkey/system_info/collectors/hostname_collector.py:10)
ProcessListCollector # unused class (monkey/infection_monkey/system_info/collectors/process_list_collector.py:18) ProcessListCollector # unused class (monkey/infection_monkey/system_info/collectors/process_list_collector.py:18)
_.coinit_flags # unused attribute (monkey/infection_monkey/system_info/windows_info_collector.py:11) _.coinit_flags # unused attribute (monkey/infection_monkey/system_info/windows_info_collector.py:11)
_.representations # unused attribute (monkey/monkey_island/cc/app.py:180) _.representations # unused attribute (monkey/monkey_island/cc/app.py:180)