Rename test victim host telem file

Create new T1197Telem class for new telemetries
2019-06-11 16:34:54 +03:00 · 2019-06-11 16:34:54 +03:00 · 4d962feafe
parent 93d6280d1a
commit 4d962feafe
6 changed files with 30 additions and 7 deletions
--- a/monkey/common/utils/attack_utils.py
+++ b/monkey/common/utils/attack_utils.py
@ -9,8 +9,9 @@ class ScanStatus(Enum):
    # Technique was attempted and succeeded
    USED = 2
 # Dict that describes what BITS job was used for
-BITS_UPLOAD_STRING = {"usage": "BITS job was used to upload monkey to a remote system."}
+BITS_UPLOAD_STRING = "BITS job was used to upload monkey to a remote system."
 def format_time(time):
--- a/monkey/infection_monkey/exploit/elasticgroovy.py
+++ b/monkey/infection_monkey/exploit/elasticgroovy.py
@ -11,7 +11,7 @@ from infection_monkey.exploit.web_rce import WebRCE
 from infection_monkey.model import WGET_HTTP_UPLOAD, RDP_CMDLINE_HTTP, CHECK_COMMAND, ID_STRING, CMD_PREFIX,\
    DOWNLOAD_TIMEOUT
 from infection_monkey.network.elasticfinger import ES_PORT, ES_SERVICE
-from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
+from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
 from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
 import re
@ -64,7 +64,7 @@ class ElasticGroovyExploiter(WebRCE):
    def upload_monkey(self, url, commands=None):
        result = super(ElasticGroovyExploiter, self).upload_monkey(url, commands)
        if 'windows' in self.host.os['type'] and result:
-            VictimHostTelem("T1197", ScanStatus.USED, self.host, BITS_UPLOAD_STRING).send()
+            T1197Telem(ScanStatus.USED, self.host, BITS_UPLOAD_STRING).send()
        return result
    def get_results(self, response):
--- a/monkey/infection_monkey/exploit/rdpgrinder.py
+++ b/monkey/infection_monkey/exploit/rdpgrinder.py
@ -15,9 +15,9 @@ from infection_monkey.exploit.tools import get_target_monkey
 from infection_monkey.model import RDP_CMDLINE_HTTP_BITS, RDP_CMDLINE_HTTP_VBS
 from infection_monkey.network.tools import check_tcp_port
 from infection_monkey.exploit.tools import build_monkey_commandline
 from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
 from infection_monkey.utils import utf_to_ascii
 from common.utils.exploit_enum import ExploitType
 from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
 from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
 __author__ = 'hoffer'
@ -316,7 +316,7 @@ class RdpExploiter(HostExploiter):
                if client_factory.success:
                    if not self._config.rdp_use_vbs_download:
-                        VictimHostTelem("T1197", ScanStatus.USED, self.host, BITS_UPLOAD_STRING).send()
+                        T1197Telem(ScanStatus.USED, self.host, BITS_UPLOAD_STRING).send()
                    self.add_vuln_port(RDP_PORT)
                    exploited = True
                    self.report_login_attempt(True, user, password)
--- a/monkey/infection_monkey/exploit/web_rce.py
+++ b/monkey/infection_monkey/exploit/web_rce.py
@ -7,7 +7,7 @@ from infection_monkey.exploit import HostExploiter
 from infection_monkey.model import *
 from infection_monkey.exploit.tools import get_target_monkey, get_monkey_depth, build_monkey_commandline, HTTPTools
 from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service
-from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
+from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
 from common.utils.attack_utils import ScanStatus, BITS_UPLOAD_STRING
 __author__ = 'VakarisZ'
@ -307,7 +307,7 @@ class WebRCE(HostExploiter):
        if not isinstance(resp, bool) and POWERSHELL_NOT_FOUND in resp:
            LOG.info("Powershell not found in host. Using bitsadmin to download.")
            backup_command = RDP_CMDLINE_HTTP % {'monkey_path': dest_path, 'http_path': http_path}
-            VictimHostTelem("T1197", ScanStatus.USED, self.host, BITS_UPLOAD_STRING).send()
+            T1197Telem(ScanStatus.USED, self.host, BITS_UPLOAD_STRING).send()
            resp = self.exploit(url, backup_command)
        return resp
--- a/monkey/infection_monkey/telemetry/attack/t1197_telem.py
+++ b/monkey/infection_monkey/telemetry/attack/t1197_telem.py
@ -0,0 +1,22 @@
 from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
 __author__ = "itay.mizeretz"
 class T1197Telem(VictimHostTelem):
    def __init__(self, status, machine, usage):
        """
        T1197 telemetry.
        :param status: ScanStatus of technique
        :param machine: VictimHost obj from model/host.py
        :param usage: Usage string
        """
        super(T1197Telem, self).__init__('T1197', status, machine)
        self.usage = usage
    def get_data(self):
        data = super(T1197Telem, self).get_data()
        data.update({
            'usage': self.usage
        })
        return data
--- a/monkey/infection_monkey/telemetry/attack/test_victim_host_telem.py
+++ b/monkey/infection_monkey/telemetry/attack/test_victim_host_telem.py