From f2b631745d34f389a52c5b0702b0c7e38a4cf54e Mon Sep 17 00:00:00 2001 From: Itay Mizeretz Date: Tue, 12 Dec 2017 15:45:32 +0200 Subject: [PATCH] Fix bug where stolen credentials had '.' in username --- monkey_island/cc/resources/telemetry.py | 14 ++++++++++++-- monkey_island/cc/services/report.py | 15 +++++++++------ 2 files changed, 21 insertions(+), 8 deletions(-) diff --git a/monkey_island/cc/resources/telemetry.py b/monkey_island/cc/resources/telemetry.py index 666bfc16c..7b3a6e616 100644 --- a/monkey_island/cc/resources/telemetry.py +++ b/monkey_island/cc/resources/telemetry.py @@ -39,7 +39,6 @@ class Telemetry(flask_restful.Resource): telemetry_json = json.loads(request.data) telemetry_json['timestamp'] = datetime.now() - telem_id = mongo.db.telemetry.insert(telemetry_json) monkey = NodeService.get_monkey_by_guid(telemetry_json['monkey_guid']) try: @@ -53,6 +52,7 @@ class Telemetry(flask_restful.Resource): print("Exception caught while processing telemetry: %s" % str(ex)) traceback.print_exc() + telem_id = mongo.db.telemetry.insert(telemetry_json) return mongo.db.telemetry.find_one_or_404({"_id": telem_id}) @staticmethod @@ -70,6 +70,11 @@ class Telemetry(flask_restful.Resource): monkey_label = telem_monkey_guid x["monkey"] = monkey_label objects.append(x) + if x['telem_type'] == 'system_info_collection' and 'credentials' in x['data']: + for user in x['data']['credentials']: + if -1 != user.find(','): + new_user = user.replace(',', '.') + x['data']['credentials'][new_user] = x['data']['credentials'].pop(user) return objects @@ -159,7 +164,6 @@ class Telemetry(flask_restful.Resource): creds = telemetry_json['data']['credentials'] for user in creds: ConfigService.creds_add_username(user) - creds[user]['user'] = user if 'password' in creds[user]: ConfigService.creds_add_password(creds[user]['password']) if 'lm_hash' in creds[user]: @@ -167,11 +171,17 @@ class Telemetry(flask_restful.Resource): if 'ntlm_hash' in creds[user]: ConfigService.creds_add_ntlm_hash(creds[user]['ntlm_hash']) + for user in creds: + if -1 != user.find('.'): + new_user = user.replace('.', ',') + creds[new_user] = creds.pop(user) + @staticmethod def process_trace_telemetry(telemetry_json): # Nothing to do return + TELEM_PROCESS_DICT = \ { 'tunnel': Telemetry.process_tunnel_telemetry, diff --git a/monkey_island/cc/services/report.py b/monkey_island/cc/services/report.py index 8261b7e7b..ab6c9fb13 100644 --- a/monkey_island/cc/services/report.py +++ b/monkey_island/cc/services/report.py @@ -117,7 +117,7 @@ class ReportService: for pass_type in monkey_creds[user]: creds.append( { - 'username': user, + 'username': user.replace(',', '.'), 'type': PASS_TYPE_DICT[pass_type], 'origin': origin } @@ -231,14 +231,17 @@ class ReportService: @staticmethod def get_monkey_subnets(monkey_guid): + network_info = mongo.db.telemetry.find_one( + {'telem_type': 'system_info_collection', 'monkey_guid': monkey_guid}, + {'data.network_info.networks': 1} + ) + if network_info is None: + return [] + return \ [ ipaddress.ip_interface(unicode(network['addr'] + '/' + network['netmask'])).network - for network in - mongo.db.telemetry.find_one( - {'telem_type': 'system_info_collection', 'monkey_guid': monkey_guid}, - {'data.network_info.networks': 1} - )['data']['network_info']['networks'] + for network in network_info['data']['network_info']['networks'] ] @staticmethod