p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Island: Add notes/explanations/thoughs in the services

This commit is contained in:
vakarisz 2022-05-18 13:03:24 +03:00
parent 6438afbcd5
commit e0b4037270
3 changed files with 36 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/monkey_island/cc/services/netmap/net_edge.py
View File

@ -21,6 +21,8 @@ class NetEdgeService:
def _get_standard_net_edges():
return [DisplayedEdgeService.edge_to_net_edge(x) for x in EdgeService.get_all_edges()]
# If we save the island machine as a standard machine, we won't need these
# methods
@staticmethod
def _get_uninfected_island_net_edges():
edges = []

44
monkey/monkey_island/cc/services/node.py
View File

@ -80,6 +80,11 @@ class NodeService:
domain_name = " (" + node["domain_name"] + ")"
return node["os"]["version"] + " : " + node["ip_addresses"][0] + domain_name
# A lot of methods like these duplicate between monkey and node.
# That's a result of poor entity model, because both nodes and monkeys
# store the same information. It's best to extract the machine specific data
# to "Machine" entity (like IP's and os) and agent specific data to "Agent" (like alive,
# parent, etc)
@staticmethod
def get_monkey_os(monkey):
os = "unknown"
@ -183,15 +188,15 @@ class NodeService:
tunnel_host_id = NodeService.get_monkey_by_ip(tunnel_host_ip)["_id"]
NodeService.unset_all_monkey_tunnels(monkey_id)
mongo.db.monkey.update(
{"_id": monkey_id}, {"$set": {"tunnel": tunnel_host_id}}, upsert=False
{"_id": monkey_id}, {"$set": {"tunnel": tunnel_host_id}}, upsert=False
)
monkey_label = NodeService.get_label_for_endpoint(monkey_id)
tunnel_host_label = NodeService.get_label_for_endpoint(tunnel_host_id)
tunnel_edge = EdgeService.get_or_create_edge(
src_node_id=monkey_id,
dst_node_id=tunnel_host_id,
src_label=monkey_label,
dst_label=tunnel_host_label,
src_node_id=monkey_id,
dst_node_id=tunnel_host_id,
src_label=monkey_label,
dst_label=tunnel_host_label,
)
tunnel_edge.tunnel = True
tunnel_edge.ip_address = tunnel_host_ip
@ -200,13 +205,13 @@ class NodeService:
@staticmethod
def insert_node(ip_address, domain_name=""):
new_node_insert_result = mongo.db.node.insert_one(
{
"ip_addresses": [ip_address],
"domain_name": domain_name,
"exploited": False,
"propagated": False,
"os": {"type": "unknown", "version": "unknown"},
}
{
"ip_addresses": [ip_address],
"domain_name": domain_name,
"exploited": False,
"propagated": False,
"os": {"type": "unknown", "version": "unknown"},
}
)
return mongo.db.node.find_one({"_id": new_node_insert_result.inserted_id})
@ -221,6 +226,11 @@ class NodeService:
def get_monkey_by_id(monkey_id):
return mongo.db.monkey.find_one({"_id": ObjectId(monkey_id)})
# GUID is generated from uuid.getnode() and represents machine it was ran on
# All monkeys that ran on the same machine will have the same GUID, but
# we can just store the monkeys on the same machine document/have one to many relationship
# GUID could be stored on machine to uniquely identify the same machine even after the
# ip, domain name or other changes. Not entirely sure it's necessary
@staticmethod
def get_monkey_by_guid(monkey_guid):
return mongo.db.monkey.find_one({"guid": monkey_guid})
@ -237,10 +247,12 @@ class NodeService:
def get_node_by_id(node_id):
return mongo.db.node.find_one({"_id": ObjectId(node_id)})
# This is only used to determine if report is the latest or if we need to
# generate a new one. This info should end up in Simulation entity instead.
@staticmethod
def update_monkey_modify_time(monkey_id):
mongo.db.monkey.update(
{"_id": monkey_id}, {"$set": {"modifytime": datetime.now()}}, upsert=False
{"_id": monkey_id}, {"$set": {"modifytime": datetime.now()}}, upsert=False
)
@staticmethod
@ -256,9 +268,11 @@ class NodeService:
@staticmethod
def add_communication_info(monkey, info):
mongo.db.monkey.update(
{"guid": monkey["guid"]}, {"$set": {"command_control_channel": info}}, upsert=False
{"guid": monkey["guid"]}, {"$set": {"command_control_channel": info}}, upsert=False
)
# TODO this returns a mock island agent
# It's better to just initialize the island machine on reset I think
@staticmethod
def get_monkey_island_monkey():
ip_addresses = local_ip_addresses()
@ -329,7 +343,7 @@ class NodeService:
@staticmethod
def get_hostname_by_id(node_id):
return NodeService.get_node_hostname(
mongo.db.monkey.find_one({"_id": node_id}, {"hostname": 1})
mongo.db.monkey.find_one({"_id": node_id}, {"hostname": 1})
)
@staticmethod

5
monkey/monkey_island/cc/services/reporting/report.py
View File

@ -57,6 +57,7 @@ class ReportService:
def initialize(cls, aws_service: AWSService):
cls._aws_service = aws_service
# This should pull from Simulation entity
@staticmethod
def get_first_monkey_time():
return (
@ -88,6 +89,7 @@ class ReportService:
return st
# This shoud be replaced by a query to edges and get tunnel edges?
@staticmethod
def get_tunnels():
return [
@ -103,6 +105,7 @@ class ReportService:
for tunnel in mongo.db.monkey.find({"tunnel": {"$exists": True}}, {"tunnel": 1})
]
# This should be replaced by machine query for "scanned" status
@staticmethod
def get_scanned():
formatted_nodes = []
@ -110,6 +113,8 @@ class ReportService:
nodes = ReportService.get_all_displayed_nodes()
for node in nodes:
# This information should be evident from the map, not sure a table/list is a good way
# to display it anyways
nodes_that_can_access_current_node = node["accessible_from_nodes_hostnames"]
formatted_nodes.append(
{