forked from p34709852/monkey
Agent: Pass telemetry messenger to PBAs for sending ATT&CK telem
This commit is contained in:
parent
8d4c29fc06
commit
1c24411b26
|
@ -65,8 +65,7 @@ class UsersPBA(PBA):
|
|||
return True
|
||||
return False
|
||||
|
||||
@staticmethod
|
||||
def download_pba_file(dst_dir, filename):
|
||||
def download_pba_file(self, dst_dir, filename):
|
||||
"""
|
||||
Handles post breach action file download
|
||||
:param dst_dir: Destination directory
|
||||
|
@ -84,12 +83,14 @@ class UsersPBA(PBA):
|
|||
if not status:
|
||||
status = ScanStatus.USED
|
||||
|
||||
T1105Telem(
|
||||
status,
|
||||
WormConfiguration.current_server.split(":")[0],
|
||||
get_interface_to_target(WormConfiguration.current_server.split(":")[0]),
|
||||
filename,
|
||||
).send()
|
||||
self._telemetry_messenger.send_telemetry(
|
||||
T1105Telem(
|
||||
status,
|
||||
WormConfiguration.current_server.split(":")[0],
|
||||
get_interface_to_target(WormConfiguration.current_server.split(":")[0]),
|
||||
filename,
|
||||
)
|
||||
)
|
||||
|
||||
if status == ScanStatus.SCANNED:
|
||||
return False
|
||||
|
|
|
@ -5,6 +5,8 @@ from typing import Iterable
|
|||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.i_puppet.i_puppet import PostBreachData
|
||||
from infection_monkey.telemetry.attack.t1064_telem import T1064Telem
|
||||
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
|
||||
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
@ -34,9 +36,12 @@ class PBA:
|
|||
exec_funct = self._execute_default
|
||||
result = exec_funct()
|
||||
if self.scripts_were_used_successfully(result):
|
||||
T1064Telem(
|
||||
ScanStatus.USED, f"Scripts were used to execute {self.name} post breach action."
|
||||
).send()
|
||||
self.telemetry_messenger.send_telemetry(
|
||||
T1064Telem(
|
||||
ScanStatus.USED,
|
||||
f"Scripts were used to execute {self.name} post breach action.",
|
||||
)
|
||||
)
|
||||
self.pba_data.append(PostBreachData(self.name, self.command, result))
|
||||
return self.pba_data
|
||||
else:
|
||||
|
|
Loading…
Reference in New Issue