From a7872d69cf2458c767df0565d846134ad0c74b97 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Mon, 3 Oct 2022 15:21:19 +0200 Subject: [PATCH] Common: Add ExploitationEvent to agent_events --- monkey/common/agent_events/__init__.py | 1 + .../common/agent_events/exploitation_event.py | 22 +++++++++++++++++++ vulture_allowlist.py | 3 ++- 3 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 monkey/common/agent_events/exploitation_event.py diff --git a/monkey/common/agent_events/__init__.py b/monkey/common/agent_events/__init__.py index e185de1fa..8258bc831 100644 --- a/monkey/common/agent_events/__init__.py +++ b/monkey/common/agent_events/__init__.py @@ -3,3 +3,4 @@ from .credentials_stolen_events import CredentialsStolenEvent from .ping_scan_event import PingScanEvent from .tcp_scan_event import TCPScanEvent from .propagation_event import PropagationEvent +from .exploitation_event import ExploitationEvent diff --git a/monkey/common/agent_events/exploitation_event.py b/monkey/common/agent_events/exploitation_event.py new file mode 100644 index 000000000..b51a4054a --- /dev/null +++ b/monkey/common/agent_events/exploitation_event.py @@ -0,0 +1,22 @@ +from ipaddress import IPv4Address + +from pydantic import Field + +from . import AbstractAgentEvent + + +class ExploitationEvent(AbstractAgentEvent): + """ + An event that occurs when the Agent exploits a host + + Attributes: + :param target: IP address of the exploited system + :param success: Status of the exploitation + :param exploiter_name: Name of the exploiter that triggered the event + :param error_message: Message if an error occurs during exploitation + """ + + target: IPv4Address + success: bool + exploiter_name: str + error_message: str = Field(default="") diff --git a/vulture_allowlist.py b/vulture_allowlist.py index 45c700094..a844caddb 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -7,7 +7,7 @@ from common.agent_configuration.agent_sub_configurations import ( CustomPBAConfiguration, ScanTargetConfiguration, ) -from common.agent_events import PingScanEvent, PropagationEvent, TCPScanEvent +from common.agent_events import ExploitationEvent, PingScanEvent, PropagationEvent, TCPScanEvent from common.credentials import Credentials, LMHash, NTHash from common.types import NetworkPort from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory @@ -317,6 +317,7 @@ TCPScanEvent.port_status # TODO: Remove once #2269 is close PropagationEvent +ExploitationEvent # pydantic base models underscore_attrs_are_private