p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Island, Agent: remove environment collector

This commit is contained in:
VakarisZ 2021-11-16 11:35:08 +02:00
parent 13f70297c3
commit 0175199540
7 changed files with 4 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.swm/OwcKMnALpn7tuBaJY1US.swm
View File

@ -5,7 +5,7 @@
"dod": "Add a system info collector that collects the machine hostname.", "dod": "Add a system info collector that collects the machine hostname.",
"tests": [], "tests": [],
"hints": [ "hints": [
"First thing you should do is take a look at a different collector (like EnvironmentCollector) and 100% understand how it runs, how results are relayed back to the server, and how the server processes the data.", "First thing you should do is take a look at a different collector (like HostnameCollector) and 100% understand how it runs, how results are relayed back to the server, and how the server processes the data.",
"Try to run \"socket.getfqdn()\".", "Try to run \"socket.getfqdn()\".",
"Take a look at SystemInfoCollector - that's the base class you'll need to implement.", "Take a look at SystemInfoCollector - that's the base class you'll need to implement.",
"Make sure you add the new collector to the configuration in all relevant places, including making it ON by default!" "Make sure you add the new collector to the configuration in all relevant places, including making it ON by default!"
@ -25,7 +25,6 @@
" AWS_COLLECTOR = \"AwsCollector\"", " AWS_COLLECTOR = \"AwsCollector\"",
"*HOSTNAME_COLLECTOR = \"HostnameCollector\"", "*HOSTNAME_COLLECTOR = \"HostnameCollector\"",
"+# SWIMMER: Collector name goes here.", "+# SWIMMER: Collector name goes here.",
" ENVIRONMENT_COLLECTOR = \"EnvironmentCollector\"",
" PROCESS_LIST_COLLECTOR = \"ProcessListCollector\"", " PROCESS_LIST_COLLECTOR = \"ProcessListCollector\"",
" MIMIKATZ_COLLECTOR = \"MimikatzCollector\"" " MIMIKATZ_COLLECTOR = \"MimikatzCollector\""
] ]
@ -60,7 +59,6 @@
"comments": [], "comments": [],
"firstLineNumber": 4, "firstLineNumber": 4,
"lines": [ "lines": [
" ENVIRONMENT_COLLECTOR,",
"* HOSTNAME_COLLECTOR,", "* HOSTNAME_COLLECTOR,",
" MIMIKATZ_COLLECTOR,", " MIMIKATZ_COLLECTOR,",
" PROCESS_LIST_COLLECTOR,", " PROCESS_LIST_COLLECTOR,",
@ -97,7 +95,6 @@
"lines": [ "lines": [
" from common.common_consts.system_info_collectors_names import (", " from common.common_consts.system_info_collectors_names import (",
" AWS_COLLECTOR,", " AWS_COLLECTOR,",
" ENVIRONMENT_COLLECTOR,",
"* HOSTNAME_COLLECTOR,", "* HOSTNAME_COLLECTOR,",
" MIMIKATZ_COLLECTOR,", " MIMIKATZ_COLLECTOR,",
" PROCESS_LIST_COLLECTOR,", " PROCESS_LIST_COLLECTOR,",
@ -111,7 +108,6 @@
"firstLineNumber": 91, "firstLineNumber": 91,
"lines": [ "lines": [
" \"default\": [", " \"default\": [",
" ENVIRONMENT_COLLECTOR,",
" AWS_COLLECTOR,", " AWS_COLLECTOR,",
"* HOSTNAME_COLLECTOR,", "* HOSTNAME_COLLECTOR,",
" PROCESS_LIST_COLLECTOR,", " PROCESS_LIST_COLLECTOR,",
@ -149,7 +145,6 @@
" ", " ",
" from common.common_consts.system_info_collectors_names import (", " from common.common_consts.system_info_collectors_names import (",
" AWS_COLLECTOR,", " AWS_COLLECTOR,",
" ENVIRONMENT_COLLECTOR,",
"* HOSTNAME_COLLECTOR," "* HOSTNAME_COLLECTOR,"
] ]
}, },
@ -161,7 +156,6 @@
"lines": [ "lines": [
" SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {", " SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {",
" AWS_COLLECTOR: [process_aws_telemetry],", " AWS_COLLECTOR: [process_aws_telemetry],",
" ENVIRONMENT_COLLECTOR: [process_environment_telemetry],",
"* HOSTNAME_COLLECTOR: [process_hostname_telemetry],", "* HOSTNAME_COLLECTOR: [process_hostname_telemetry],",
" PROCESS_LIST_COLLECTOR: [check_antivirus_existence],", " PROCESS_LIST_COLLECTOR: [check_antivirus_existence],",
" }", " }",
@ -171,10 +165,6 @@
{ {
"type": "snippet", "type": "snippet",
"lines": [ "lines": [
" )",
" from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import (",
" process_environment_telemetry,",
" )",
"*from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (", "*from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (",
"* process_hostname_telemetry,", "* process_hostname_telemetry,",
"*)", "*)",

6
docs/content/development/adding-system-info-collectors.md
View File

@ -39,7 +39,7 @@ class MyNewCollector(SystemInfoCollector):
#### Implementation #### Implementation
Override the `collect` method with your own implementation. See the `EnvironmentCollector.py` System Info Collector for reference. You can log during collection as well. Override the `collect` method with your own implementation. See the `hostname_collector.py` System Info Collector for reference. You can log during collection as well.
### Modify the Monkey Island ### Modify the Monkey Island
@ -57,7 +57,7 @@ You'll need to add your Sytem Info Collector to the `monkey_island/cc/services/c
{ {
"type": "string", "type": "string",
"enum": [ "enum": [
"EnvironmentCollector" "HostnameCollector"
], ],
"title": "Which Environment this machine is on (on prem/cloud)", "title": "Which Environment this machine is on (on prem/cloud)",
"attack_techniques": [] "attack_techniques": []
@ -87,7 +87,7 @@ Also, you can add the System Info Collector to be used by default by adding it t
"$ref": "#/definitions/system_info_collectors_classes" "$ref": "#/definitions/system_info_collectors_classes"
}, },
"default": [ "default": [
"EnvironmentCollector", "HostnameCollector",
"MyNewCollector" <================================= "MyNewCollector" <=================================
], ],
"description": "Determines which system information collectors will collect information." "description": "Determines which system information collectors will collect information."

24
monkey/infection_monkey/system_info/collectors/environment_collector.py
View File

@ -1,24 +0,0 @@
from common.cloud.all_instances import get_all_cloud_instances
from common.cloud.environment_names import Environment
from common.common_consts.system_info_collectors_names import ENVIRONMENT_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
def get_monkey_environment() -> str:
"""
Get the Monkey's running environment.
:return: One of the cloud providers if on cloud; otherwise, assumes "on premise".
"""
for instance in get_all_cloud_instances():
if instance.is_instance():
return instance.get_cloud_provider_name().value
return Environment.ON_PREMISE.value
class EnvironmentCollector(SystemInfoCollector):
def __init__(self):
super().__init__(name=ENVIRONMENT_COLLECTOR)
def collect(self) -> dict:
return {"environment": get_monkey_environment()}

12
monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/environment.py
View File

@ -1,12 +0,0 @@
import logging
from monkey_island.cc.models.monkey import Monkey
logger = logging.getLogger(__name__)
def process_environment_telemetry(collector_results, monkey_guid):
relevant_monkey = Monkey.get_single_monkey_by_guid(monkey_guid)
relevant_monkey.environment = collector_results["environment"]
relevant_monkey.save()
logger.debug("Updated Monkey {} with env {}".format(str(relevant_monkey), collector_results))

5
monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py
View File

@ -3,16 +3,12 @@ import typing
from common.common_consts.system_info_collectors_names import ( from common.common_consts.system_info_collectors_names import (
AWS_COLLECTOR, AWS_COLLECTOR,
ENVIRONMENT_COLLECTOR,
HOSTNAME_COLLECTOR, HOSTNAME_COLLECTOR,
PROCESS_LIST_COLLECTOR, PROCESS_LIST_COLLECTOR,
) )
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import ( from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import (
process_aws_telemetry, process_aws_telemetry,
) )
from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import (
process_environment_telemetry,
)
from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import ( from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (
process_hostname_telemetry, process_hostname_telemetry,
) )
@ -24,7 +20,6 @@ logger = logging.getLogger(__name__)
SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = { SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
AWS_COLLECTOR: [process_aws_telemetry], AWS_COLLECTOR: [process_aws_telemetry],
ENVIRONMENT_COLLECTOR: [process_environment_telemetry],
HOSTNAME_COLLECTOR: [process_hostname_telemetry], HOSTNAME_COLLECTOR: [process_hostname_telemetry],
PROCESS_LIST_COLLECTOR: [check_antivirus_existence], PROCESS_LIST_COLLECTOR: [check_antivirus_existence],
} }

28
monkey/tests/unit_tests/monkey_island/cc/services/telemetry/processing/system_info_collectors/test_environment_telemetry_processing.py
View File

@ -1,28 +0,0 @@
import uuid
from monkey_island.cc.models import Monkey
from monkey_island.cc.services.telemetry.processing.system_info_collectors.system_info_telemetry_dispatcher import ( # noqa: E501
SystemInfoTelemetryDispatcher,
)
class TestEnvironmentTelemetryProcessing:
def test_process_environment_telemetry(self):
# Arrange
monkey_guid = str(uuid.uuid4())
a_monkey = Monkey(guid=monkey_guid)
a_monkey.save()
dispatcher = SystemInfoTelemetryDispatcher()
on_premise = "On Premise"
telem_json = {
"data": {
"collectors": {
"EnvironmentCollector": {"environment": on_premise},
}
},
"monkey_guid": monkey_guid,
}
dispatcher.dispatch_collector_results_to_relevant_processors(telem_json)
assert Monkey.get_single_monkey_by_guid(monkey_guid).environment == on_premise

1
vulture_allowlist.py
View File

@ -199,7 +199,6 @@ LOG_DIR_NAME # unused variable (envs/monkey_zoo/blackbox/log_handlers/test_logs
delete_logs # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:85) delete_logs # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:85)
MongoQueryJSONEncoder # unused class (envs/monkey_zoo/blackbox/utils/json_encoder.py:6) MongoQueryJSONEncoder # unused class (envs/monkey_zoo/blackbox/utils/json_encoder.py:6)
environment # unused variable (monkey/monkey_island/cc/models/monkey.py:59) environment # unused variable (monkey/monkey_island/cc/models/monkey.py:59)
_.environment # unused attribute (monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/environment.py:10)
_.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:35) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:35)
_.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:64) _.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:64)
GCPHandler # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:57) GCPHandler # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:57)