From 28ca462ce574d2f389d133c6e225f939a02b7200 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Thu, 29 Sep 2022 18:40:56 +0200 Subject: [PATCH] Common: Add TCPScanEvent to agent events --- monkey/common/agent_events/__init__.py | 1 + monkey/common/agent_events/tcp_scan_event.py | 23 ++++++++++++++++++++ vulture_allowlist.py | 6 ++++- 3 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 monkey/common/agent_events/tcp_scan_event.py diff --git a/monkey/common/agent_events/__init__.py b/monkey/common/agent_events/__init__.py index ec9d21448..3ac5a343d 100644 --- a/monkey/common/agent_events/__init__.py +++ b/monkey/common/agent_events/__init__.py @@ -1,3 +1,4 @@ from .abstract_agent_event import AbstractAgentEvent from .credentials_stolen_events import CredentialsStolenEvent from .ping_scan_event import PingScanEvent +from .tcp_scan_event import TCPScanEvent diff --git a/monkey/common/agent_events/tcp_scan_event.py b/monkey/common/agent_events/tcp_scan_event.py new file mode 100644 index 000000000..dffba5f96 --- /dev/null +++ b/monkey/common/agent_events/tcp_scan_event.py @@ -0,0 +1,23 @@ +from ipaddress import IPv4Address + +from common.types import NetworkPort, PortStatus + +from . import AbstractAgentEvent + + +class TCPScanEvent(AbstractAgentEvent): + """ + An event that occurs when the Agent performs a TCP scan on its network + + Attributes: + :param port: Port on which the scan was performed + :param port_status: Status of the port (closed/open) + :param banner: Information from the tcp response + :param service: Name of the service which runs on the port + """ + + target: IPv4Address + port: NetworkPort + port_status: PortStatus + banner: str + service: str diff --git a/vulture_allowlist.py b/vulture_allowlist.py index fd4e3fbf3..e19c2c79b 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -7,7 +7,7 @@ from common.agent_configuration.agent_sub_configurations import ( CustomPBAConfiguration, ScanTargetConfiguration, ) -from common.agent_events import PingScanEvent +from common.agent_events import PingScanEvent, TCPScanEvent from common.credentials import Credentials, LMHash, NTHash from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory from monkey_island.cc.event_queue import IslandEventTopic, PyPubSubIslandEventQueue @@ -313,6 +313,10 @@ IAgentLogRepository.get_agent_log # TODO: Remove once #2268 is closed PingScanEvent +# TODO: Remove once #2267 is closed +TCPScanEvent +TCPScanEvent.port_status + # pydantic base models underscore_attrs_are_private extra