p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Add `interrupted` boolean to ExploiterResultData 

Setting an interrupted flag on the ExploiterResultData is a more useful
way to present the information to anything that uses it. If decisions
need to be made based on whether or not something was interrupted, a
flag can be checked instead of parsing an error message.
This commit is contained in:
Mike Salvatore 2022-03-21 08:59:17 -04:00
parent 83b18debc0
commit b0f03179c1
6 changed files with 22 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/infection_monkey/exploit/HostExploiter.py
View File

@ -100,7 +100,7 @@ class HostExploiter:
# Ideally the user should only do "check_for_interrupt()"
if self.interrupt.is_set():
logger.info("Exploiter has been interrupted")
self.exploit_result.error_message = "Exploiter has been interrupted"
self.exploit_result.interrupted = True
return self.interrupt.is_set()
def post_exploit(self):

1
monkey/infection_monkey/i_puppet/i_puppet.py
View File

@ -24,6 +24,7 @@ class UnknownPluginError(Exception):
class ExploiterResultData:
exploitation_success: bool = False
propagation_success: bool = False
interrupted: bool = False
os: str = ""
info: Mapping = None
attempts: Iterable = None

15
monkey/infection_monkey/puppet/mock_puppet.py
View File

@ -190,17 +190,18 @@ class MockPuppet(IPuppet):
successful_exploiters = {
DOT_1: {
"PowerShellExploiter": ExploiterResultData(
True, True, os_windows, info_powershell, attempts, None
True, True, False, os_windows, info_powershell, attempts, None
),
"ZerologonExploiter": ExploiterResultData(
False, False, os_windows, {}, [], "Zerologon failed"
False, False, False, os_windows, {}, [], "Zerologon failed"
),
"SSHExploiter": ExploiterResultData(
False, False, os_linux, info_ssh, attempts, "Failed exploiting"
False, False, False, os_linux, info_ssh, attempts, "Failed exploiting"
),
},
DOT_3: {
"PowerShellExploiter": ExploiterResultData(
False,
False,
False,
os_windows,
@ -209,9 +210,11 @@ class MockPuppet(IPuppet):
"PowerShell Exploiter Failed",
),
"SSHExploiter": ExploiterResultData(
False, False, os_linux, info_ssh, attempts, "Failed exploiting"
False, False, False, os_linux, info_ssh, attempts, "Failed exploiting"
),
"ZerologonExploiter": ExploiterResultData(
True, False, False, os_windows, {}, [], None
),
"ZerologonExploiter": ExploiterResultData(True, False, os_windows, {}, [], None),
},
}
@ -219,7 +222,7 @@ class MockPuppet(IPuppet):
return successful_exploiters[host.ip_addr][name]
except KeyError:
return ExploiterResultData(
False, False, os_linux, {}, [], f"{name} failed for host {host}"
False, False, False, os_linux, {}, [], f"{name} failed for host {host}"
)
def run_payload(self, name: str, options: Dict, interrupt: threading.Event):

4
monkey/infection_monkey/telemetry/exploit_telem.py
View File

@ -1,9 +1,9 @@
from typing import Dict
from common.common_consts.telem_categories import TelemCategoryEnum
from infection_monkey.i_puppet.i_puppet import ExploiterResultData
from infection_monkey.model.host import VictimHost
from infection_monkey.telemetry.base_telem import BaseTelem
from infection_monkey.i_puppet.i_puppet import ExploiterResultData
class ExploitTelem(BaseTelem):
@ -25,6 +25,7 @@ class ExploitTelem(BaseTelem):
self.host = host.__dict__
self.exploitation_result = result.exploitation_success
self.propagation_result = result.propagation_success
self.interrupted = result.interrupted
self.info = result.info
self.attempts = result.attempts
@ -34,6 +35,7 @@ class ExploitTelem(BaseTelem):
return {
"exploitation_result": self.exploitation_result,
"propagation_result": self.propagation_result,
"interrupted": self.interrupted,
"machine": self.host,
"exploiter": self.name,
"info": self.info,

12
monkey/tests/unit_tests/infection_monkey/master/test_propagator.py
View File

@ -201,38 +201,38 @@ class MockExploiter:
results_callback(
"PowerShellExploiter",
host,
ExploiterResultData(True, True, os_windows, {}, {}, None),
ExploiterResultData(True, True, False, os_windows, {}, {}, None),
)
results_callback(
"SSHExploiter",
host,
ExploiterResultData(False, False, os_linux, {}, {}, "SSH FAILED for .1"),
ExploiterResultData(False, False, False, os_linux, {}, {}, "SSH FAILED for .1"),
)
elif host.ip_addr.endswith(".2"):
results_callback(
"PowerShellExploiter",
host,
ExploiterResultData(
False, False, os_windows, {}, {}, "POWERSHELL FAILED for .2"
False, False, False, os_windows, {}, {}, "POWERSHELL FAILED for .2"
),
)
results_callback(
"SSHExploiter",
host,
ExploiterResultData(False, False, os_linux, {}, {}, "SSH FAILED for .2"),
ExploiterResultData(False, False, False, os_linux, {}, {}, "SSH FAILED for .2"),
)
elif host.ip_addr.endswith(".3"):
results_callback(
"PowerShellExploiter",
host,
ExploiterResultData(
False, False, os_windows, {}, {}, "POWERSHELL FAILED for .3"
False, False, False, os_windows, {}, {}, "POWERSHELL FAILED for .3"
),
)
results_callback(
"SSHExploiter",
host,
ExploiterResultData(True, True, os_linux, {}, {}, None),
ExploiterResultData(True, True, False, os_linux, {}, {}, None),
)

3
monkey/tests/unit_tests/infection_monkey/telemetry/test_exploit_telem.py
View File

@ -40,7 +40,7 @@ def exploit_telem_test_instance():
EXPLOITER_NAME,
HOST,
ExploiterResultData(
RESULT, RESULT, OS_LINUX, EXPLOITER_INFO, EXPLOITER_ATTEMPTS, ERROR_MSG
RESULT, RESULT, False, OS_LINUX, EXPLOITER_INFO, EXPLOITER_ATTEMPTS, ERROR_MSG
),
)
@ -50,6 +50,7 @@ def test_exploit_telem_send(exploit_telem_test_instance, spy_send_telemetry):
expected_data = {
"exploitation_result": RESULT,
"propagation_result": RESULT,
"interrupted": False,
"machine": HOST_AS_DICT,
"exploiter": EXPLOITER_NAME,
"info": EXPLOITER_INFO,