From 9dac64b60e80f0e847a3cefd6ff5185900784716 Mon Sep 17 00:00:00 2001
From: Kekoa Kaaikala <kekoa.kaaikala@gmail.com>
Date: Tue, 4 Oct 2022 20:25:50 +0000
Subject: [PATCH] Agent: Update ssh exploiter tags

---
 monkey/infection_monkey/exploit/sshexec.py | 24 ++++++++--------------
 1 file changed, 9 insertions(+), 15 deletions(-)

diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py
index adbbff028..5c685b7fe 100644
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@@ -37,6 +37,8 @@ SSH_CHANNEL_TIMEOUT = MEDIUM_REQUEST_TIMEOUT
 
 TRANSFER_UPDATE_RATE = 15
 SSH_EXPLOITER_TAG = "ssh-exploiter"
+EXPLOIT_TAGS = (SSH_EXPLOITER_TAG, T1110_ATTACK_TECHNIQUE_TAG, T1021_ATTACK_TECHNIQUE_TAG)
+PROPAGATION_TAGS = (SSH_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG, T1222_ATTACK_TECHNIQUE_TAG)
 
 
 class SSHExploiter(HostExploiter):
@@ -96,11 +98,7 @@ class SSHExploiter(HostExploiter):
                 self._publish_exploitation_event(
                     target=self.host.ip_addr,
                     exploitation_success=True,
-                    tags=(
-                        SSH_EXPLOITER_TAG,
-                        T1110_ATTACK_TECHNIQUE_TAG,
-                        T1021_ATTACK_TECHNIQUE_TAG,
-                    ),
+                    tags=EXPLOIT_TAGS,
                 )
                 self.report_login_attempt(True, user, ssh_key=ssh_string)
                 return ssh
@@ -114,7 +112,7 @@ class SSHExploiter(HostExploiter):
                     target=self.host.ip_addr,
                     exploitation_success=False,
                     error_message=error_message,
-                    tags=(SSH_EXPLOITER_TAG,),
+                    tags=EXPLOIT_TAGS,
                 )
                 self.report_login_attempt(False, user, ssh_key=ssh_string)
                 continue
@@ -157,11 +155,7 @@ class SSHExploiter(HostExploiter):
                 self._publish_exploitation_event(
                     target=self.host.ip_addr,
                     exploitation_success=True,
-                    tags=(
-                        SSH_EXPLOITER_TAG,
-                        T1110_ATTACK_TECHNIQUE_TAG,
-                        T1021_ATTACK_TECHNIQUE_TAG,
-                    ),
+                    tags=EXPLOIT_TAGS,
                 )
                 self.report_login_attempt(True, user, current_password)
                 return ssh
@@ -173,7 +167,7 @@ class SSHExploiter(HostExploiter):
                     target=self.host.ip_addr,
                     exploitation_success=False,
                     error_message=error_message,
-                    tags=(SSH_EXPLOITER_TAG,),
+                    tags=EXPLOIT_TAGS,
                 )
                 self.report_login_attempt(False, user, current_password)
                 ssh.close()
@@ -294,7 +288,7 @@ class SSHExploiter(HostExploiter):
                 target=self.host.ip_addr,
                 propagation_success=False,
                 error_message=self.exploit_result.error_message,
-                tags=(SSH_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG, T1222_ATTACK_TECHNIQUE_TAG),
+                tags=PROPAGATION_TAGS,
             )
             return self.exploit_result
 
@@ -316,7 +310,7 @@ class SSHExploiter(HostExploiter):
             self._publish_propagation_event(
                 target=self.host.ip_addr,
                 propagation_success=True,
-                tags=(SSH_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG, T1222_ATTACK_TECHNIQUE_TAG),
+                tags=PROPAGATION_TAGS,
             )
 
             ssh.close()
@@ -332,7 +326,7 @@ class SSHExploiter(HostExploiter):
                 target=self.host.ip_addr,
                 propagation_success=False,
                 error_message=self.exploit_result.error_message,
-                tags=(SSH_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG, T1222_ATTACK_TECHNIQUE_TAG),
+                tags=PROPAGATION_TAGS,
             )
 
             logger.error(self.exploit_result.error_message)