forked from p15670423/monkey
Island: Add processors for credentials
This commit is contained in:
parent
96bd7bca24
commit
5c5e170296
|
@ -0,0 +1,7 @@
|
||||||
|
from monkey_island.cc.services.telemetry.processing.credentials.credentials_parser import (
|
||||||
|
parse_credentials,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def process_credentials_telemetry(telemetry: dict):
|
||||||
|
parse_credentials(telemetry)
|
|
@ -0,0 +1,39 @@
|
||||||
|
import logging
|
||||||
|
|
||||||
|
from infection_monkey.i_puppet import CredentialType
|
||||||
|
|
||||||
|
from .identities.username_processor import process_username
|
||||||
|
from .secrets.lm_hash_processor import process_lm_hash
|
||||||
|
from .secrets.nt_hash_processor import process_nt_hash
|
||||||
|
from .secrets.password_processor import process_password
|
||||||
|
from .secrets.ssh_key_processor import process_ssh_key
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
SECRET_PROCESSORS = {
|
||||||
|
CredentialType.PASSWORD: process_password,
|
||||||
|
CredentialType.NT_HASH: process_nt_hash,
|
||||||
|
CredentialType.LM_HASH: process_lm_hash,
|
||||||
|
CredentialType.SSH_KEYPAIR: process_ssh_key,
|
||||||
|
}
|
||||||
|
|
||||||
|
IDENTITY_PROCESSORS = {
|
||||||
|
CredentialType.USERNAME: process_username,
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
def parse_credentials(credentials: dict):
|
||||||
|
for credential in credentials["credentials"]:
|
||||||
|
if is_ssh_keypair(credentials):
|
||||||
|
IDENTITY_PROCESSORS[CredentialType.SSH_KEYPAIR](credential, credentials["monkey_guid"])
|
||||||
|
else:
|
||||||
|
for identity in credential["identities"]:
|
||||||
|
IDENTITY_PROCESSORS[identity["type"]](identity)
|
||||||
|
for secret in credential["secrets"]:
|
||||||
|
SECRET_PROCESSORS[secret["type"]](secret)
|
||||||
|
|
||||||
|
|
||||||
|
def is_ssh_keypair(credentials: dict) -> bool:
|
||||||
|
return bool(
|
||||||
|
filter(credentials["secrets"], lambda secret: secret["type"] == CredentialType.SSH_KEYPAIR)
|
||||||
|
)
|
|
@ -0,0 +1,2 @@
|
||||||
|
def process_username():
|
||||||
|
pass
|
|
@ -0,0 +1,5 @@
|
||||||
|
from monkey_island.cc.services.config import ConfigService
|
||||||
|
|
||||||
|
|
||||||
|
def process_lm_hash(lm_hash: dict):
|
||||||
|
ConfigService.creds_add_ntlm_hash(lm_hash["lm_hash"])
|
|
@ -0,0 +1,5 @@
|
||||||
|
from monkey_island.cc.services.config import ConfigService
|
||||||
|
|
||||||
|
|
||||||
|
def process_nt_hash(nt_hash: dict):
|
||||||
|
ConfigService.creds_add_ntlm_hash(nt_hash["nt_hash"])
|
|
@ -0,0 +1,5 @@
|
||||||
|
from monkey_island.cc.services.config import ConfigService
|
||||||
|
|
||||||
|
|
||||||
|
def process_password(password: dict):
|
||||||
|
ConfigService.creds_add_password(password["password"])
|
|
@ -0,0 +1,40 @@
|
||||||
|
from common.common_consts.credentials_type import CredentialsType
|
||||||
|
from monkey_island.cc.models import Monkey
|
||||||
|
from monkey_island.cc.server_utils.encryption import get_datastore_encryptor
|
||||||
|
from monkey_island.cc.services.config import ConfigService
|
||||||
|
|
||||||
|
|
||||||
|
class SSHKeyProcessingError(ValueError):
|
||||||
|
def __init__(self, msg=""):
|
||||||
|
self.msg = f"Error while processing ssh keypair: {msg}"
|
||||||
|
super().__init__(self.msg)
|
||||||
|
|
||||||
|
|
||||||
|
def process_ssh_key(credentials: dict, monkey_guid: str):
|
||||||
|
if len(credentials["identities"]) != 1:
|
||||||
|
raise SSHKeyProcessingError(
|
||||||
|
f'SSH credentials have {len(credentials["identities"])}' f" users associated with it!"
|
||||||
|
)
|
||||||
|
|
||||||
|
for ssh_key in credentials["secrets"]:
|
||||||
|
if not ssh_key["type"] == CredentialsType.SSH_KEYPAIR:
|
||||||
|
raise SSHKeyProcessingError("SSH credentials contain secrets that are not keypairs")
|
||||||
|
|
||||||
|
if not ssh_key["public_key"] or not ssh_key["private_key"]:
|
||||||
|
raise SSHKeyProcessingError("Private or public key missing!")
|
||||||
|
|
||||||
|
# TODO SSH key should be associated with IP that monkey exploited
|
||||||
|
ip = Monkey.get_single_monkey_by_guid(monkey_guid).ip_addresses[0]
|
||||||
|
username = credentials["identities"][0]["username"]
|
||||||
|
|
||||||
|
ConfigService.ssh_add_keys(
|
||||||
|
user=username,
|
||||||
|
public_key=ssh_key["public_key"],
|
||||||
|
private_key=ssh_key["private_key"],
|
||||||
|
ip=ip,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def encrypt_system_info_ssh_keys(ssh_key: dict):
|
||||||
|
for field in ["public_key", "private_key"]:
|
||||||
|
ssh_key[field] = get_datastore_encryptor().encrypt(ssh_key[field])
|
Loading…
Reference in New Issue