Changes report components to use ScanStatus value

This commit is contained in:
VakarisZ 2019-07-08 17:50:48 +03:00
parent 3060f53ace
commit 8c9787f2c7
10 changed files with 25 additions and 25 deletions

View File

@ -20,8 +20,8 @@ class T1003(AttackTechnique):
def get_report_data(): def get_report_data():
data = {'title': T1003.technique_title()} data = {'title': T1003.technique_title()}
if mongo.db.telemetry.count_documents(T1003.query): if mongo.db.telemetry.count_documents(T1003.query):
status = ScanStatus.USED status = ScanStatus.USED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data.update(T1003.get_message_and_status(status)) data.update(T1003.get_message_and_status(status))
return data return data

View File

@ -27,8 +27,8 @@ class T1059(AttackTechnique):
cmd_data = list(mongo.db.telemetry.aggregate(T1059.query)) cmd_data = list(mongo.db.telemetry.aggregate(T1059.query))
data = {'title': T1059.technique_title(), 'cmds': cmd_data} data = {'title': T1059.technique_title(), 'cmds': cmd_data}
if cmd_data: if cmd_data:
status = ScanStatus.USED status = ScanStatus.USED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data.update(T1059.get_message_and_status(status)) data.update(T1059.get_message_and_status(status))
return data return data

View File

@ -17,4 +17,4 @@ class T1065(AttackTechnique):
def get_report_data(): def get_report_data():
port = ConfigService.get_config_value(['cnc', 'servers', 'current_server']).split(':')[1] port = ConfigService.get_config_value(['cnc', 'servers', 'current_server']).split(':')[1]
T1065.used_msg = T1065.message % port T1065.used_msg = T1065.message % port
return T1065.get_base_data_by_status(ScanStatus.USED) return T1065.get_base_data_by_status(ScanStatus.USED.value)

View File

@ -35,10 +35,10 @@ class T1075(AttackTechnique):
successful_logins = list(mongo.db.telemetry.aggregate(T1075.query)) successful_logins = list(mongo.db.telemetry.aggregate(T1075.query))
data.update({'successful_logins': successful_logins}) data.update({'successful_logins': successful_logins})
if successful_logins: if successful_logins:
status = ScanStatus.USED status = ScanStatus.USED.value
elif mongo.db.telemetry.count_documents(T1075.login_attempt_query): elif mongo.db.telemetry.count_documents(T1075.login_attempt_query):
status = ScanStatus.SCANNED status = ScanStatus.SCANNED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data.update(T1075.get_message_and_status(status)) data.update(T1075.get_message_and_status(status))
return data return data

View File

@ -40,8 +40,8 @@ class T1082(AttackTechnique):
system_info = list(mongo.db.telemetry.aggregate(T1082.query)) system_info = list(mongo.db.telemetry.aggregate(T1082.query))
data.update({'system_info': system_info}) data.update({'system_info': system_info})
if system_info: if system_info:
status = ScanStatus.USED status = ScanStatus.USED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data.update(T1082.get_message_and_status(status)) data.update(T1082.get_message_and_status(status))
return data return data

View File

@ -29,8 +29,8 @@ class T1086(AttackTechnique):
cmd_data = list(mongo.db.telemetry.aggregate(T1086.query)) cmd_data = list(mongo.db.telemetry.aggregate(T1086.query))
data = {'title': T1086.technique_title(), 'cmds': cmd_data} data = {'title': T1086.technique_title(), 'cmds': cmd_data}
if cmd_data: if cmd_data:
status = ScanStatus.USED status = ScanStatus.USED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data.update(T1086.get_message_and_status(status)) data.update(T1086.get_message_and_status(status))
return data return data

View File

@ -35,11 +35,11 @@ class T1110(AttackTechnique):
result['successful_creds'].append(T1110.parse_creds(attempt)) result['successful_creds'].append(T1110.parse_creds(attempt))
if succeeded: if succeeded:
status = ScanStatus.USED status = ScanStatus.USED.value
elif attempts: elif attempts:
status = ScanStatus.SCANNED status = ScanStatus.SCANNED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data = T1110.get_base_data_by_status(status) data = T1110.get_base_data_by_status(status)
# Remove data with no successful brute force attempts # Remove data with no successful brute force attempts
attempts = [attempt for attempt in attempts if attempt['attempts']] attempts = [attempt for attempt in attempts if attempt['attempts']]

View File

@ -23,9 +23,9 @@ class T1145(AttackTechnique):
ssh_info = list(mongo.db.telemetry.aggregate(T1145.query)) ssh_info = list(mongo.db.telemetry.aggregate(T1145.query))
if ssh_info: if ssh_info:
status = ScanStatus.USED status = ScanStatus.USED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data = T1145.get_base_data_by_status(status) data = T1145.get_base_data_by_status(status)
data.update({'ssh_info': ssh_info}) data.update({'ssh_info': ssh_info})
return data return data

View File

@ -18,11 +18,11 @@ class T1210(AttackTechnique):
scanned_services = T1210.get_scanned_services() scanned_services = T1210.get_scanned_services()
exploited_services = T1210.get_exploited_services() exploited_services = T1210.get_exploited_services()
if exploited_services: if exploited_services:
status = ScanStatus.USED status = ScanStatus.USED.value
elif scanned_services: elif scanned_services:
status = ScanStatus.SCANNED status = ScanStatus.SCANNED.value
else: else:
status = ScanStatus.UNSCANNED status = ScanStatus.UNSCANNED.value
data.update(T1210.get_message_and_status(status)) data.update(T1210.get_message_and_status(status))
data.update({'scanned_services': scanned_services, 'exploited_services': exploited_services}) data.update({'scanned_services': scanned_services, 'exploited_services': exploited_services})
return data return data

View File

@ -67,21 +67,21 @@ class AttackTechnique(object):
def get_message_and_status(cls, status): def get_message_and_status(cls, status):
""" """
Returns a dict with attack technique's message and status. Returns a dict with attack technique's message and status.
:param status: Enum type value from common/attack_utils.py :param status: Enum from common/attack_utils.py integer value
:return: Dict with message and status :return: Dict with message and status
""" """
return {'message': cls.get_message_by_status(status), 'status': status.value} return {'message': cls.get_message_by_status(status), 'status': status}
@classmethod @classmethod
def get_message_by_status(cls, status): def get_message_by_status(cls, status):
""" """
Picks a message to return based on status. Picks a message to return based on status.
:param status: Enum type value from common/attack_utils.py :param status: Enum from common/attack_utils.py integer value
:return: message string :return: message string
""" """
if status == ScanStatus.UNSCANNED: if status == ScanStatus.UNSCANNED.value:
return cls.unscanned_msg return cls.unscanned_msg
elif status == ScanStatus.SCANNED: elif status == ScanStatus.SCANNED.value:
return cls.scanned_msg return cls.scanned_msg
else: else:
return cls.used_msg return cls.used_msg