Changed cmds from array to dict

2019-06-10 12:32:01 +03:00 · 2019-06-10 12:32:01 +03:00 · 6636cd23e8
parent 908c531696
commit 6636cd23e8
11 changed files with 14 additions and 11 deletions
--- a/monkey/infection_monkey/exploit/init.py
+++ b/monkey/infection_monkey/exploit/init.py
@ -25,7 +25,7 @@ class HostExploiter(object):
                              'finished': '',
                              'vulnerable_urls': [],
                              'vulnerable_ports': [],
-                              'executed_cmds': []}
+                              'executed_cmds': {}}
        self._exploit_attempts = []
        self.host = host

@ -59,6 +59,9 @@ class HostExploiter(object):
    def add_vuln_port(self, port):
        self._exploit_info['vulnerable_ports'].append(port)

+    def add_example_cmd(self, cmd):
+        self._exploit_info['executed_cmds']['example'] = cmd
+

 from infection_monkey.exploit.win_ms08_067 import Ms08_067_Exploiter
 from infection_monkey.exploit.wmiexec import WmiExploiter
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@ -49,7 +49,7 @@ class HadoopExploiter(WebRCE):
            return False
        http_thread.join(self.DOWNLOAD_TIMEOUT)
        http_thread.stop()
-        self._exploit_info['executed_cmds'].append(command)
+        self.add_example_cmd(command)
        return True

    def exploit(self, url, command):
--- a/monkey/infection_monkey/exploit/mssqlexec.py
+++ b/monkey/infection_monkey/exploit/mssqlexec.py
@ -76,7 +76,7 @@ class MSSQLExploiter(HostExploiter):
        commands.extend(monkey_args)
        MSSQLExploiter.execute_command(cursor, commands)
        MSSQLExploiter.run_file(cursor, tmp_file_path)
-        self._exploit_info['executed_cmds'].append(commands[-1])
+        self.add_example_cmd(commands[-1])
        return True

    @staticmethod
--- a/monkey/infection_monkey/exploit/rdpgrinder.py
+++ b/monkey/infection_monkey/exploit/rdpgrinder.py
@ -343,5 +343,5 @@ class RdpExploiter(HostExploiter):

        LOG.info("Executed monkey '%s' on remote victim %r",
                 os.path.basename(src_path), self.host)
-        self._exploit_info['executed_cmds'].append(command)
+        self.add_example_cmd(command)
        return True
--- a/monkey/infection_monkey/exploit/shellshock.py
+++ b/monkey/infection_monkey/exploit/shellshock.py
@ -144,7 +144,7 @@ class ShellShockExploiter(HostExploiter):
            if not (self.check_remote_file_exists(url, header, exploit, self._config.monkey_log_path_linux)):
                LOG.info("Log file does not exist, monkey might not have run")
                continue
-            self._exploit_info['executed_cmds'].append(cmdline)
+            self.add_example_cmd(cmdline)
            return True

        return False
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@ -178,7 +178,7 @@ class SSHExploiter(HostExploiter):
                     self._config.dropper_target_path_linux, self.host, cmdline)

            ssh.close()
-            self._exploit_info['executed_cmds'].append(cmdline)
+            self.add_example_cmd(cmdline)
            return True

        except Exception as exc:
--- a/monkey/infection_monkey/exploit/vsftpd.py
+++ b/monkey/infection_monkey/exploit/vsftpd.py
@ -138,7 +138,7 @@ class VSFTPDExploiter(HostExploiter):
        if backdoor_socket.send(run_monkey):
            LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", self._config.dropper_target_path_linux,
                     self.host, run_monkey)
-            self._exploit_info['executed_cmds'].append(run_monkey)
+            self.add_example_cmd(run_monkey)
            return True
        else:
            return False
--- a/monkey/infection_monkey/exploit/web_rce.py
+++ b/monkey/infection_monkey/exploit/web_rce.py
@ -420,7 +420,7 @@ class WebRCE(HostExploiter):
            return False
        LOG.info("Execution attempt finished")

-        self._exploit_info['executed_cmds'].append(command)
+        self.add_example_cmd(command)
        return resp

    def get_monkey_upload_path(self, url_to_monkey):
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@ -114,7 +114,7 @@ class WmiExploiter(HostExploiter):

            result.RemRelease()
            wmi_connection.close()
-
+            self.add_example_cmd(cmdline)
            return success

        return False
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py
@ -13,7 +13,7 @@ class T1059(AttackTechnique):
    used_msg = "Monkey successfully ran commands on exploited machines in the network."

    query = [{'$match': {'telem_type': 'exploit',
-                         'data.info.executed_cmds': {'$not': {'$size': 0}}}},
+                         'data.info.executed_cmds.example': {'$exists': True}}},
             {'$project': {'_id': 0,
                           'machine': '$data.machine',
                           'info': '$data.info'}},
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js
@ -15,7 +15,7 @@ class T1059 extends React.Component {
      columns: [
        {Header: 'Machine', id: 'machine', accessor: x => RenderMachine(x.data[0].machine), style: { 'whiteSpace': 'unset'}, width: 160 },
        {Header: 'Approx. Time', id: 'time', accessor: x => x.data[0].info.finished, style: { 'whiteSpace': 'unset' }},
-        {Header: 'Command', id: 'command', accessor: x => x.data[0].info.executed_cmds[0], style: { 'whiteSpace': 'unset' }},
+        {Header: 'Command', id: 'command', accessor: x => x.data[0].info.executed_cmds.example, style: { 'whiteSpace': 'unset' }},
        ]
    }])};