p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Island: Compare Enums instead of strings in parse_credentials()

This commit is contained in:
Mike Salvatore 2022-02-23 08:44:02 -05:00
parent dc4273f970
commit 7c9c4cf9fb
2 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py
View File

@ -11,19 +11,21 @@ from .secrets.password_processor import process_password
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
SECRET_PROCESSORS = { SECRET_PROCESSORS = {
CredentialComponentType.PASSWORD.value: process_password, CredentialComponentType.PASSWORD: process_password,
CredentialComponentType.NT_HASH.value: process_nt_hash, CredentialComponentType.NT_HASH: process_nt_hash,
CredentialComponentType.LM_HASH.value: process_lm_hash, CredentialComponentType.LM_HASH: process_lm_hash,
} }
IDENTITY_PROCESSORS = { IDENTITY_PROCESSORS = {
CredentialComponentType.USERNAME.value: process_username, CredentialComponentType.USERNAME: process_username,
} }
def parse_credentials(credentials: Mapping): def parse_credentials(credentials: Mapping):
for credential in credentials["data"]: for credential in credentials["data"]:
for identity in credential["identities"]: for identity in credential["identities"]:
IDENTITY_PROCESSORS[identity["credential_type"]](identity) credential_type = CredentialComponentType[identity["credential_type"]]
IDENTITY_PROCESSORS[credential_type](identity)
for secret in credential["secrets"]: for secret in credential["secrets"]:
SECRET_PROCESSORS[secret["credential_type"]](secret) credential_type = CredentialComponentType[secret["credential_type"]]
SECRET_PROCESSORS[credential_type](secret)

10
monkey/tests/unit_tests/monkey_island/cc/services/telemetry/processing/credentials/test_credential_processing.py
View File

@ -27,7 +27,7 @@ CREDENTIAL_TELEM_TEMPLATE = {
fake_username = "m0nk3y_user" fake_username = "m0nk3y_user"
cred_telem_usernames = deepcopy(CREDENTIAL_TELEM_TEMPLATE) cred_telem_usernames = deepcopy(CREDENTIAL_TELEM_TEMPLATE)
cred_telem_usernames["data"] = [ cred_telem_usernames["data"] = [
{"identities": [{"username": fake_username, "credential_type": "username"}], "secrets": []} {"identities": [{"username": fake_username, "credential_type": "USERNAME"}], "secrets": []}
] ]
fake_nt_hash = "c1c58f96cdf212b50837bc11a00be47c" fake_nt_hash = "c1c58f96cdf212b50837bc11a00be47c"
@ -36,11 +36,11 @@ fake_password = "trytostealthis"
cred_telem = deepcopy(CREDENTIAL_TELEM_TEMPLATE) cred_telem = deepcopy(CREDENTIAL_TELEM_TEMPLATE)
cred_telem["data"] = [ cred_telem["data"] = [
{ {
"identities": [{"username": fake_username, "credential_type": "username"}], "identities": [{"username": fake_username, "credential_type": "USERNAME"}],
"secrets": [ "secrets": [
{"nt_hash": fake_nt_hash, "credential_type": "nt_hash"}, {"nt_hash": fake_nt_hash, "credential_type": "NT_HASH"},
{"lm_hash": fake_lm_hash, "credential_type": "lm_hash"}, {"lm_hash": fake_lm_hash, "credential_type": "LM_HASH"},
{"password": fake_password, "credential_type": "password"}, {"password": fake_password, "credential_type": "PASSWORD"},
], ],
} }
] ]