forked from p34709852/monkey
Updated branch according to changes in dev.
This commit is contained in:
VakarisZ
parent
f8d5247f81
commit
36f917bc8d
|
|
@ -12,7 +12,7 @@ class T1003(AttackTechnique):
|
|||
scanned_msg = ""
|
||||
used_msg = "Monkey successfully obtained some credentials from systems on the network."
|
||||
|
||||
query = {'telem_type': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
|
||||
query = {'telem_category': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
|
||||
# $gt: {} checks if field is not an empty object
|
||||
{'data.credentials': {'$gt': {}}}]}
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ class T1059(AttackTechnique):
|
|||
scanned_msg = ""
|
||||
used_msg = "Monkey successfully ran commands on exploited machines in the network."
|
||||
|
||||
query = [{'$match': {'telem_type': 'exploit',
|
||||
query = [{'$match': {'telem_category': 'exploit',
|
||||
'data.info.executed_cmds': {'$exists': True, '$ne': []}}},
|
||||
{'$project': {'_id': 0,
|
||||
'machine': '$data.machine',
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ class T1110(AttackTechnique):
|
|||
used_msg = "Monkey successfully used brute force in the network."
|
||||
|
||||
# Gets data about brute force attempts
|
||||
query = [{'$match': {'telem_type': 'exploit',
|
||||
query = [{'$match': {'telem_category': 'exploit',
|
||||
'data.attempts': {'$not': {'$size': 0}}}},
|
||||
{'$project': {'_id': 0,
|
||||
'machine': '$data.machine',
|
||||
|
|
|
|||
|
|
@ -13,13 +13,15 @@ class T1197(AttackTechnique):
|
|||
@staticmethod
|
||||
def get_report_data():
|
||||
data = T1197.get_tech_base_data()
|
||||
bits_results = mongo.db.telemetry.aggregate([{'$match': {'telem_category': 'attack', 'data.technique': T1197.tech_id}},
|
||||
{'$group': {'_id': {'ip_addr': '$data.machine.ip_addr', 'usage': '$data.usage'},
|
||||
'ip_addr': {'$first': '$data.machine.ip_addr'},
|
||||
'domain_name': {'$first': '$data.machine.domain_name'},
|
||||
'usage': {'$first': '$data.usage'},
|
||||
'time': {'$first': '$timestamp'}}
|
||||
}])
|
||||
bits_results = mongo.db.telemetry.aggregate([{'$match': {'telem_category': 'attack',
|
||||
'data.technique': T1197.tech_id}},
|
||||
{'$group': {'_id': {'ip_addr': '$data.machine.ip_addr',
|
||||
'usage': '$data.usage'},
|
||||
'ip_addr': {'$first': '$data.machine.ip_addr'},
|
||||
'domain_name': {'$first': '$data.machine.domain_name'},
|
||||
'usage': {'$first': '$data.usage'},
|
||||
'time': {'$first': '$timestamp'}}
|
||||
}])
|
||||
bits_results = list(bits_results)
|
||||
data.update({'bits_jobs': bits_results})
|
||||
return data
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
import React from 'react';
|
||||
import '../../../styles/Collapse.scss'
|
||||
import ReactTable from "react-table";
|
||||
import { RenderMachine } from "./Helpers"
|
||||
import { renderMachine } from "./Helpers"
|
||||
|
||||
|
||||
class T1059 extends React.Component {
|
||||
|
|
@ -14,13 +14,14 @@ class T1059 extends React.Component {
|
|||
return ([{
|
||||
Header: 'Example commands used',
|
||||
columns: [
|
||||
{Header: 'Machine', id: 'machine', accessor: x => RenderMachine(x.data[0].machine), style: { 'whiteSpace': 'unset'}, width: 160 },
|
||||
{Header: 'Machine', id: 'machine', accessor: x => renderMachine(x.data[0].machine), style: { 'whiteSpace': 'unset'}, width: 160 },
|
||||
{Header: 'Approx. Time', id: 'time', accessor: x => x.data[0].info.finished, style: { 'whiteSpace': 'unset' }},
|
||||
{Header: 'Command', id: 'command', accessor: x => x.data[0].info.executed_cmds[0].cmd, style: { 'whiteSpace': 'unset' }},
|
||||
]
|
||||
}])};
|
||||
|
||||
render() {
|
||||
console.log(this.props.data);
|
||||
return (
|
||||
<div>
|
||||
<div>{this.props.data.message}</div>
|
||||
|
|
|
|||
Loading…
Reference in New Issue