Agent: Use exploiter tag properties

2022-10-05 18:25:40 +00:00 · 2022-10-05 18:25:40 +00:00 · 3e592cfa69
parent 4a0a24dde2
commit 3e592cfa69
1 changed files with 14 additions and 25 deletions
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@ -9,6 +9,7 @@ import logging
 import posixpath
 import random
 import string
+from typing import Tuple

 import requests

@ -32,8 +33,6 @@ from infection_monkey.utils.commands import build_monkey_commandline
 logger = logging.getLogger(__name__)

 HADOOP_EXPLOITER_TAG = "hadoop-exploiter"
-EXPLOIT_TAGS = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
-PROPAGATION_TAGS = (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)


 class HadoopExploiter(WebRCE):
@ -44,6 +43,12 @@ class HadoopExploiter(WebRCE):
    # Random string's length that's used for creating unique app name
    RAN_STR_LEN = 6

+    def _exploiter_tags(self) -> Tuple[str, ...]:
+        return (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
+
+    def _propagation_tags(self) -> Tuple[str, ...]:
+        return (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)
+
    def __init__(self):
        super(HadoopExploiter, self).__init__()

@ -54,10 +59,8 @@ class HadoopExploiter(WebRCE):
        if not self.vulnerable_urls:
            self.exploit.error_message = f"No vulnerable urls has been found for {self.host}"
            self._publish_exploitation_event(
-                target=self.host.ip_addr,
-                exploitation_success=False,
+                False,
                error_message=self.exploit_result.error_message,
-                tags=EXPLOIT_TAGS,
            )
            return self.exploit_result

@ -75,25 +78,15 @@ class HadoopExploiter(WebRCE):
                self.exploit_result.exploitation_success = True
                self.exploit_result.propagation_success = True

-                self._publish_propagation_event(
-                    target=self.host.ip_addr,
-                    propagation_success=True,
-                    tags=PROPAGATION_TAGS,
-                )
+                self._publish_propagation_event(True)
            else:
                error_message = f"Failed to exploit via {self.vulnerable_urls[0]}"
-                self._publish_exploitation_event(
-                    self.host.ip_addr, False, EXPLOIT_TAGS, error_message
-                )
-                self._publish_propagation_event(
-                    self.host.ip_addr, False, PROPAGATION_TAGS, error_message
-                )
+                self._publish_exploitation_event(False, error_message=error_message)
+                self._publish_propagation_event(False, error_message=error_message)
        except requests.RequestException as err:
            error_message = str(err)
-            self._publish_exploitation_event(self.host.ip_addr, False, EXPLOIT_TAGS, error_message)
-            self._publish_propagation_event(
-                self.host.ip_addr, False, PROPAGATION_TAGS, error_message
-            )
+            self._publish_exploitation_event(False, error_message=error_message)
+            self._publish_propagation_event(False, error_message=error_message)
        finally:
            http_thread.join(self.DOWNLOAD_TIMEOUT)
            http_thread.stop()
@ -129,11 +122,7 @@ class HadoopExploiter(WebRCE):

        success = resp.status_code == 202
        if success:
-            self._publish_exploitation_event(
-                target=self.host.ip_addr,
-                exploitation_success=True,
-                tags=EXPLOIT_TAGS,
-            )
+            self._publish_exploitation_event(True)
        return success

    def check_if_exploitable(self, url):