Split test_machine_exploited into 2 functions

This commit is contained in:
Shay Nehmad 2019-09-02 11:05:57 +03:00
parent 107ac73366
commit 2d7829ca4b
1 changed files with 16 additions and 11 deletions

View File

@ -6,39 +6,44 @@ from monkey_island.cc.models.zero_trust.finding import Finding
def test_machine_exploited(telemetry_json): def test_machine_exploited(telemetry_json):
current_monkey = Monkey.get_single_monkey_by_guid(telemetry_json['monkey_guid']) current_monkey = Monkey.get_single_monkey_by_guid(telemetry_json['monkey_guid'])
target_ip = telemetry_json['data']['machine']['ip_addr']
exploiter = telemetry_json['data']['exploiter']
timestamp = telemetry_json['timestamp']
exploit_successful = telemetry_json['data']['result']
create_findings_from_exploit_data(current_monkey, exploit_successful, exploiter, target_ip, timestamp)
def create_findings_from_exploit_data(current_monkey, exploit_successful, exploiter, target_ip, timestamp):
events = [ events = [
Event.create_event( Event.create_event(
title="Exploit attempt", title="Exploit attempt",
message="Monkey on {} attempted to exploit {} using {}.".format( message="Monkey on {} attempted to exploit {} using {}.".format(
current_monkey.hostname, current_monkey.hostname,
telemetry_json['data']['machine']['ip_addr'], target_ip,
telemetry_json['data']['exploiter']), exploiter),
event_type=EVENT_TYPE_MONKEY_NETWORK, event_type=EVENT_TYPE_MONKEY_NETWORK,
timestamp=telemetry_json['timestamp'] timestamp=timestamp
) )
] ]
status = STATUS_PASSED status = STATUS_PASSED
if exploit_successful:
if telemetry_json['data']['result']:
events.append( events.append(
Event.create_event( Event.create_event(
title="Exploit success!", title="Exploit success!",
message="Monkey on {} successfully exploited {} using {}.".format( message="Monkey on {} successfully exploited {} using {}.".format(
current_monkey.hostname, current_monkey.hostname,
telemetry_json['data']['machine']['ip_addr'], target_ip,
telemetry_json['data']['exploiter']), exploiter),
event_type=EVENT_TYPE_MONKEY_NETWORK, event_type=EVENT_TYPE_MONKEY_NETWORK,
timestamp=telemetry_json['timestamp']) timestamp=timestamp)
) )
status = STATUS_FAILED status = STATUS_FAILED
Finding.save_finding( Finding.save_finding(
test=TEST_MACHINE_EXPLOITED, test=TEST_MACHINE_EXPLOITED,
status=status, status=status,
events=events events=events
) )
Finding.save_finding( Finding.save_finding(
test=TEST_MALICIOUS_ACTIVITY_TIMELINE, test=TEST_MALICIOUS_ACTIVITY_TIMELINE,
status=STATUS_INCONCLUSIVE, status=STATUS_INCONCLUSIVE,