From f6ebf0b51c445c491a76dab9f446015101e8e661 Mon Sep 17 00:00:00 2001 From: Oran Nadler Date: Tue, 15 May 2018 16:29:02 +0300 Subject: [PATCH] fix bug not running the edge generation functions due to caching --- monkey_island/cc/resources/pthmap.py | 13 +++++---- monkey_island/cc/resources/pthreport.py | 37 +++++++++++++++++++------ 2 files changed, 36 insertions(+), 14 deletions(-) diff --git a/monkey_island/cc/resources/pthmap.py b/monkey_island/cc/resources/pthmap.py index c59bb90cd..5230ef30e 100644 --- a/monkey_island/cc/resources/pthmap.py +++ b/monkey_island/cc/resources/pthmap.py @@ -2,7 +2,7 @@ import hashlib import binascii import copy import flask_restful -from pthreport import PassTheHashReport +from pthreport import PassTheHashReport, Machine from cc.auth import jwt_required from cc.services.edge import EdgeService @@ -12,10 +12,13 @@ from cc.database import mongo class PthMap(flask_restful.Resource): @jwt_required() def get(self, **kw): - graph = PassTheHashReport() - + pth = PassTheHashReport() + + v = copy.deepcopy(pth.vertices) + e = copy.deepcopy(pth.edges) + return \ { - "nodes": [{"id": x, "label": Machine(x).GetIp()} for x in graph.vertices], - "edges": [{"id": str(s) + str(t), "from": s, "to": t, "label": label} for s, t, label in graph.edges] + "nodes": [{"id": x, "label": Machine(x).GetIp()} for x in v], + "edges": [{"id": str(s) + str(t), "from": s, "to": t, "label": label} for s, t, label in e] } diff --git a/monkey_island/cc/resources/pthreport.py b/monkey_island/cc/resources/pthreport.py index f3707135c..313ef6a20 100644 --- a/monkey_island/cc/resources/pthreport.py +++ b/monkey_island/cc/resources/pthreport.py @@ -542,14 +542,21 @@ class Machine(object): return names class PassTheHashReport(object): + #_instance = None + #def __new__(class_, *args, **kwargs): + # if not class_._instance: + # class_._instance = object.__new__(class_, *args, **kwargs) + # + # return class_._instance + def __init__(self): self.vertices = self.GetAllMachines() - self.edges = set() self.machines = map(Machine, self.vertices) - self.GenerateEdgesBySid() # Useful for non-cached domain users - self.GenerateEdgesBySamHash() # This will add edges based only on password hash without caring about username + self.edges = set() + self.edges |= self.GetEdgesBySid() # Useful for non-cached domain users + self.edges |= self.GetEdgesBySamHash() # This will add edges based only on password hash without caring about username @cache def GetAllMachines(self): @@ -587,7 +594,9 @@ class PassTheHashReport(object): return ",\n".join(label) @cache - def GenerateEdgesBySid(self): + def GetEdgesBySid(self): + edges = set() + for attacker in self.vertices: cached = self.GetCachedSids(Machine(attacker)) @@ -599,10 +608,14 @@ class PassTheHashReport(object): if len(cached & admins) > 0: label = self.ReprSidList(cached & admins, attacker, victim) - self.edges.add((attacker, victim, label)) + edges.add((attacker, victim, label)) + + return edges @cache - def GenerateEdgesBySamHash(self): + def GetEdgesBySamHash(self): + edges = set() + for attacker in self.vertices: cached_creds = set(Machine(attacker).GetCachedCreds().items()) @@ -614,10 +627,14 @@ class PassTheHashReport(object): if len(cached_creds & admin_creds) > 0: label = self.ReprSecretList(set(dict(cached_creds & admin_creds).values()), victim) - self.edges.add((attacker, victim, label)) + edges.add((attacker, victim, label)) + + return edges @cache - def GenerateEdgesByUsername(self): + def GetEdgesByUsername(self): + edges = set() + for attacker in self.vertices: cached = Machine(attacker).GetCachedUsernames() @@ -628,7 +645,9 @@ class PassTheHashReport(object): admins = Machine(victim).GetAdminNames() if len(cached & admins) > 0: - self.edges.add((attacker, victim)) + edges.add((attacker, victim)) + + return edges @cache def Print(self):