forked from p15670423/monkey
Agent, Island: remove hostname collector
This commit is contained in:
parent
c0f4435e5c
commit
a8d6f936f1
|
@ -1,4 +1,3 @@
|
||||||
AWS_COLLECTOR = "AwsCollector"
|
AWS_COLLECTOR = "AwsCollector"
|
||||||
HOSTNAME_COLLECTOR = "HostnameCollector"
|
|
||||||
PROCESS_LIST_COLLECTOR = "ProcessListCollector"
|
PROCESS_LIST_COLLECTOR = "ProcessListCollector"
|
||||||
MIMIKATZ_COLLECTOR = "MimikatzCollector"
|
MIMIKATZ_COLLECTOR = "MimikatzCollector"
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
import logging
|
|
||||||
import socket
|
|
||||||
|
|
||||||
from common.common_consts.system_info_collectors_names import HOSTNAME_COLLECTOR
|
|
||||||
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
|
||||||
|
|
||||||
|
|
||||||
class HostnameCollector(SystemInfoCollector):
|
|
||||||
def __init__(self):
|
|
||||||
super().__init__(name=HOSTNAME_COLLECTOR)
|
|
||||||
|
|
||||||
def collect(self) -> dict:
|
|
||||||
return {"hostname": socket.getfqdn()}
|
|
|
@ -122,16 +122,6 @@ class Monkey(Document):
|
||||||
"""
|
"""
|
||||||
return Monkey.get_single_monkey_by_id(object_id).hostname
|
return Monkey.get_single_monkey_by_id(object_id).hostname
|
||||||
|
|
||||||
def set_hostname(self, hostname):
|
|
||||||
"""
|
|
||||||
Sets a new hostname for a machine and clears the cache for getting it.
|
|
||||||
:param hostname: The new hostname for the machine.
|
|
||||||
"""
|
|
||||||
self.hostname = hostname
|
|
||||||
self.save()
|
|
||||||
Monkey.get_hostname_by_id.delete(self.id)
|
|
||||||
Monkey.get_label_by_id.delete(self.id)
|
|
||||||
|
|
||||||
def get_network_info(self):
|
def get_network_info(self):
|
||||||
"""
|
"""
|
||||||
Formats network info from monkey's model
|
Formats network info from monkey's model
|
||||||
|
@ -139,10 +129,8 @@ class Monkey(Document):
|
||||||
"""
|
"""
|
||||||
return {"ips": self.ip_addresses, "hostname": self.hostname}
|
return {"ips": self.ip_addresses, "hostname": self.hostname}
|
||||||
|
|
||||||
@ring.lru(
|
# data has TTL of 1 second. This is useful for rapid calls for report generation.
|
||||||
# data has TTL of 1 second. This is useful for rapid calls for report generation.
|
@ring.lru(expire=1)
|
||||||
expire=1
|
|
||||||
)
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def is_monkey(object_id):
|
def is_monkey(object_id):
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
from common.common_consts.system_info_collectors_names import (
|
from common.common_consts.system_info_collectors_names import (
|
||||||
AWS_COLLECTOR,
|
AWS_COLLECTOR,
|
||||||
HOSTNAME_COLLECTOR,
|
|
||||||
MIMIKATZ_COLLECTOR,
|
MIMIKATZ_COLLECTOR,
|
||||||
PROCESS_LIST_COLLECTOR,
|
PROCESS_LIST_COLLECTOR,
|
||||||
)
|
)
|
||||||
|
@ -27,14 +26,6 @@ SYSTEM_INFO_COLLECTOR_CLASSES = {
|
||||||
"currently running on.",
|
"currently running on.",
|
||||||
"attack_techniques": ["T1082"],
|
"attack_techniques": ["T1082"],
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"type": "string",
|
|
||||||
"enum": [HOSTNAME_COLLECTOR],
|
|
||||||
"title": "Hostname Collector",
|
|
||||||
"safe": True,
|
|
||||||
"info": "Collects machine's hostname.",
|
|
||||||
"attack_techniques": ["T1082", "T1016"],
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"type": "string",
|
"type": "string",
|
||||||
"enum": [PROCESS_LIST_COLLECTOR],
|
"enum": [PROCESS_LIST_COLLECTOR],
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
from common.common_consts.system_info_collectors_names import (
|
from common.common_consts.system_info_collectors_names import (
|
||||||
AWS_COLLECTOR,
|
AWS_COLLECTOR,
|
||||||
HOSTNAME_COLLECTOR,
|
|
||||||
MIMIKATZ_COLLECTOR,
|
MIMIKATZ_COLLECTOR,
|
||||||
PROCESS_LIST_COLLECTOR,
|
PROCESS_LIST_COLLECTOR,
|
||||||
)
|
)
|
||||||
|
@ -88,7 +87,6 @@ MONKEY = {
|
||||||
"items": {"$ref": "#/definitions/system_info_collector_classes"},
|
"items": {"$ref": "#/definitions/system_info_collector_classes"},
|
||||||
"default": [
|
"default": [
|
||||||
AWS_COLLECTOR,
|
AWS_COLLECTOR,
|
||||||
HOSTNAME_COLLECTOR,
|
|
||||||
PROCESS_LIST_COLLECTOR,
|
PROCESS_LIST_COLLECTOR,
|
||||||
MIMIKATZ_COLLECTOR,
|
MIMIKATZ_COLLECTOR,
|
||||||
],
|
],
|
||||||
|
|
|
@ -1,9 +0,0 @@
|
||||||
import logging
|
|
||||||
|
|
||||||
from monkey_island.cc.models.monkey import Monkey
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
|
||||||
|
|
||||||
|
|
||||||
def process_hostname_telemetry(collector_results, monkey_guid):
|
|
||||||
Monkey.get_single_monkey_by_guid(monkey_guid).set_hostname(collector_results["hostname"])
|
|
|
@ -1,17 +1,10 @@
|
||||||
import logging
|
import logging
|
||||||
import typing
|
import typing
|
||||||
|
|
||||||
from common.common_consts.system_info_collectors_names import (
|
from common.common_consts.system_info_collectors_names import AWS_COLLECTOR, PROCESS_LIST_COLLECTOR
|
||||||
AWS_COLLECTOR,
|
|
||||||
HOSTNAME_COLLECTOR,
|
|
||||||
PROCESS_LIST_COLLECTOR,
|
|
||||||
)
|
|
||||||
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import (
|
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import (
|
||||||
process_aws_telemetry,
|
process_aws_telemetry,
|
||||||
)
|
)
|
||||||
from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (
|
|
||||||
process_hostname_telemetry,
|
|
||||||
)
|
|
||||||
from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import (
|
from monkey_island.cc.services.telemetry.zero_trust_checks.antivirus_existence import (
|
||||||
check_antivirus_existence,
|
check_antivirus_existence,
|
||||||
)
|
)
|
||||||
|
@ -20,7 +13,6 @@ logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
|
SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
|
||||||
AWS_COLLECTOR: [process_aws_telemetry],
|
AWS_COLLECTOR: [process_aws_telemetry],
|
||||||
HOSTNAME_COLLECTOR: [process_hostname_telemetry],
|
|
||||||
PROCESS_LIST_COLLECTOR: [check_antivirus_existence],
|
PROCESS_LIST_COLLECTOR: [check_antivirus_existence],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -134,9 +134,6 @@ class TestMonkey:
|
||||||
assert cache_info_after_query_2.hits == 1
|
assert cache_info_after_query_2.hits == 1
|
||||||
assert cache_info_after_query_2.misses == 1
|
assert cache_info_after_query_2.misses == 1
|
||||||
|
|
||||||
# set hostname deletes the id from the cache.
|
|
||||||
linux_monkey.set_hostname("Another hostname")
|
|
||||||
|
|
||||||
# should be a miss
|
# should be a miss
|
||||||
label = Monkey.get_label_by_id(linux_monkey.id)
|
label = Monkey.get_label_by_id(linux_monkey.id)
|
||||||
logger.debug("3) ID: {} label: {}".format(linux_monkey.id, label))
|
logger.debug("3) ID: {} label: {}".format(linux_monkey.id, label))
|
||||||
|
|
|
@ -97,7 +97,6 @@ Timestomping # unused class (monkey/infection_monkey/post_breach/actions/timest
|
||||||
SignedScriptProxyExecution # unused class (monkey/infection_monkey/post_breach/actions/use_signed_scripts.py:15)
|
SignedScriptProxyExecution # unused class (monkey/infection_monkey/post_breach/actions/use_signed_scripts.py:15)
|
||||||
AwsCollector # unused class (monkey/infection_monkey/system_info/collectors/aws_collector.py:15)
|
AwsCollector # unused class (monkey/infection_monkey/system_info/collectors/aws_collector.py:15)
|
||||||
EnvironmentCollector # unused class (monkey/infection_monkey/system_info/collectors/environment_collector.py:19)
|
EnvironmentCollector # unused class (monkey/infection_monkey/system_info/collectors/environment_collector.py:19)
|
||||||
HostnameCollector # unused class (monkey/infection_monkey/system_info/collectors/hostname_collector.py:10)
|
|
||||||
ProcessListCollector # unused class (monkey/infection_monkey/system_info/collectors/process_list_collector.py:18)
|
ProcessListCollector # unused class (monkey/infection_monkey/system_info/collectors/process_list_collector.py:18)
|
||||||
_.coinit_flags # unused attribute (monkey/infection_monkey/system_info/windows_info_collector.py:11)
|
_.coinit_flags # unused attribute (monkey/infection_monkey/system_info/windows_info_collector.py:11)
|
||||||
_.representations # unused attribute (monkey/monkey_island/cc/app.py:180)
|
_.representations # unused attribute (monkey/monkey_island/cc/app.py:180)
|
||||||
|
|
Loading…
Reference in New Issue