Minor PR fixes.

monkey/infection_monkey/exploit/sambacry.py

@@ -51,6 +51,8 @@ class SambaCryExploiter(HostExploiter):
     SAMBACRY_MONKEY_COPY_FILENAME_32 = "monkey32_2"
     # Monkey copy filename on share (64 bit)
     SAMBACRY_MONKEY_COPY_FILENAME_64 = "monkey64_2"
+    # Supported samba port
+    SAMBA_PORT = 445
 
     def __init__(self, host):
         super(SambaCryExploiter, self).__init__(host)
@@ -80,6 +82,7 @@ class SambaCryExploiter(HostExploiter):
                 trigger_result is not None, creds['username'], creds['password'], creds['lm_hash'], creds['ntlm_hash'])
             if trigger_result is not None:
                 successfully_triggered_shares.append((share, trigger_result))
+                self.add_vuln_port(self.SAMBA_PORT)
             self.clean_share(self.host.ip_addr, share, writable_shares_creds_dict[share])
 
         for share, fullpath in successfully_triggered_shares:
@@ -89,10 +92,6 @@ class SambaCryExploiter(HostExploiter):
             LOG.info(
                 "Shares triggered successfully on host %s: %s" % (
                     self.host.ip_addr, str(successfully_triggered_shares)))
-            # TODO: add vulnerable url
-            #for share, fullpath in successfully_triggered_shares:
-            #    self.add_vuln_url("smb://<username>@<hostname/ip>:<port>/<share_name>" % False,
-            #                      self.host.ip_addr, False, share)
             return True
         else:
             LOG.info("No shares triggered successfully on host %s" % self.host.ip_addr)

monkey/monkey_island/cc/services/attack/technique_reports/__init__.py

@@ -7,35 +7,51 @@ from common.utils.code_utils import abstractstatic
 
 
 class AttackTechnique(object):
+    """ Abstract class for ATT&CK report components """
     __metaclass__ = abc.ABCMeta
 
     @abc.abstractproperty
     def unscanned_msg(self):
+        """
+        :return: Message that will be displayed in case attack technique was not scanned.
+        """
         pass
 
     @abc.abstractproperty
     def scanned_msg(self):
+        """
+        :return: Message that will be displayed in case attack technique was scanned.
+        """
         pass
 
     @abc.abstractproperty
     def used_msg(self):
+        """
+        :return: Message that will be displayed in case attack technique was used by the scanner.
+        """
         pass
 
     @abc.abstractproperty
     def tech_id(self):
+        """
+        :return: Message that will be displayed in case of attack technique not being scanned.
+        """
         pass
 
     @staticmethod
     @abstractstatic
     def get_report_data():
+        """
+        :return: Report data aggregated from the database.
+        """
         pass
 
     @staticmethod
     def technique_status(technique):
         """
-        Gets status of certain attack technique. If
+        Gets the status of a certain attack technique.
-        :param technique:
+        :param technique: technique's id.
-        :return:
+        :return: ScanStatus Enum object
         """
         if mongo.db.attack_results.find_one({'status': ScanStatus.USED.value, 'technique': technique}):
             return ScanStatus.USED
@@ -46,10 +62,19 @@ class AttackTechnique(object):
 
     @staticmethod
     def technique_title(technique):
+        """
+        :param technique: Technique's id. E.g. T1110
+        :return: techniques title. E.g. "T1110 Brute force"
+        """
         return AttackConfig.get_technique(technique)['title']
 
     @staticmethod
     def get_tech_base_data(technique):
+        """
+        Gathers basic attack technique data into a dict.
+        :param technique: Technique's id. E.g. T1110
+        :return: dict E.g. {'message': 'Brute force used', 'status': 'Used', 'title': 'T1110 Brute force'}
+        """
         data = {}
         status = AttackTechnique.technique_status(technique.tech_id)
         title = AttackTechnique.technique_title(technique.tech_id)