forked from p34709852/monkey
Small PEP improvements all around, unused method deleted on displayed_edge.py
This commit is contained in:
VakarisZ
parent
0a52158a61
commit
a160e3396b
|
|
@ -29,7 +29,8 @@ class BootloaderHTTPRequestHandler(BaseHTTPRequestHandler):
|
|||
post_data = self.rfile.read(content_length).decode()
|
||||
island_server_path = BootloaderHTTPRequestHandler.get_bootloader_resource_url(self.request.getsockname()[0])
|
||||
island_server_path = parse.urljoin(island_server_path, self.path[1:])
|
||||
# The island server doesn't always have a correct SSL cert installed (By default it comes with a self signed one),
|
||||
# The island server doesn't always have a correct SSL cert installed
|
||||
# (By default it comes with a self signed one),
|
||||
# that's why we're not verifying the cert in this request.
|
||||
r = requests.post(url=island_server_path, data=post_data, verify=False) # noqa: DUO123
|
||||
|
||||
|
|
|
|||
|
|
@ -88,7 +88,8 @@ class Monkey(flask_restful.Resource):
|
|||
parent_to_add = (monkey_json.get('guid'), None) # default values in case of manual run
|
||||
if parent and parent != monkey_json.get('guid'): # current parent is known
|
||||
exploit_telem = [x for x in
|
||||
mongo.db.telemetry.find({'telem_category': {'$eq': 'exploit'}, 'data.result': {'$eq': True},
|
||||
mongo.db.telemetry.find({'telem_category': {'$eq': 'exploit'},
|
||||
'data.result': {'$eq': True},
|
||||
'data.machine.ip_addr': {'$in': monkey_json['ip_addresses']},
|
||||
'monkey_guid': {'$eq': parent}})]
|
||||
if 1 == len(exploit_telem):
|
||||
|
|
@ -97,7 +98,8 @@ class Monkey(flask_restful.Resource):
|
|||
parent_to_add = (parent, None)
|
||||
elif (not parent or parent == monkey_json.get('guid')) and 'ip_addresses' in monkey_json:
|
||||
exploit_telem = [x for x in
|
||||
mongo.db.telemetry.find({'telem_category': {'$eq': 'exploit'}, 'data.result': {'$eq': True},
|
||||
mongo.db.telemetry.find({'telem_category': {'$eq': 'exploit'},
|
||||
'data.result': {'$eq': True},
|
||||
'data.machine.ip_addr': {'$in': monkey_json['ip_addresses']}})]
|
||||
|
||||
if 1 == len(exploit_telem):
|
||||
|
|
|
|||
|
|
@ -13,8 +13,8 @@ logger = logging.getLogger(__name__)
|
|||
|
||||
class ClearCaches(flask_restful.Resource):
|
||||
"""
|
||||
Used for timing tests - we want to get actual execution time of functions in BlackBox without caching - so we use this
|
||||
to clear the caches.
|
||||
Used for timing tests - we want to get actual execution time of functions in BlackBox without caching -
|
||||
so we use this to clear the caches.
|
||||
:note: DO NOT CALL THIS IN PRODUCTION CODE as this will slow down the user experience.
|
||||
"""
|
||||
@jwt_required()
|
||||
|
|
|
|||
|
|
@ -23,7 +23,8 @@ class T1082(AttackTechnique):
|
|||
'collections': [
|
||||
{'used': {'$and': [{'$ifNull': ['$netstat', False]}, {'$gt': ['$aws', {}]}]},
|
||||
'name': {'$literal': 'Amazon Web Services info'}},
|
||||
{'used': {'$and': [{'$ifNull': ['$process_list', False]}, {'$gt': ['$process_list', {}]}]},
|
||||
{'used': {'$and': [{'$ifNull': ['$process_list', False]},
|
||||
{'$gt': ['$process_list', {}]}]},
|
||||
'name': {'$literal': 'Running process list'}},
|
||||
{'used': {'$and': [{'$ifNull': ['$netstat', False]}, {'$ne': ['$netstat', []]}]},
|
||||
'name': {'$literal': 'Network connections'}},
|
||||
|
|
|
|||
|
|
@ -2,8 +2,6 @@ from copy import deepcopy
|
|||
|
||||
from bson import ObjectId
|
||||
|
||||
from monkey_island.cc.database import mongo
|
||||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.models.edge import Edge
|
||||
from monkey_island.cc.services.edge.edge import EdgeService
|
||||
|
||||
|
|
@ -58,25 +56,6 @@ class DisplayedEdgeService:
|
|||
edge["_label"] = EdgeService.get_edge_label(edge)
|
||||
return edge
|
||||
|
||||
@staticmethod
|
||||
def get_infected_monkey_island_pseudo_edges(monkey_island_monkey):
|
||||
existing_ids = [x.src_node_id for x in Edge.objects(dst_node_id=monkey_island_monkey["_id"])]
|
||||
monkey_ids = [x["_id"] for x in mongo.db.monkey.find({})
|
||||
if ("tunnel" not in x) and
|
||||
(x["_id"] not in existing_ids) and
|
||||
(x["_id"] != monkey_island_monkey["_id"])]
|
||||
edges = []
|
||||
|
||||
# We're using fake ids because the frontend graph module requires unique ids.
|
||||
# Collision with real id is improbable.
|
||||
count = 0
|
||||
for monkey_id in monkey_ids:
|
||||
count += 1
|
||||
edges.append(DisplayedEdgeService.generate_pseudo_edge(
|
||||
ObjectId(hex(count)[2:].zfill(24)), monkey_id, monkey_island_monkey["_id"]))
|
||||
|
||||
return edges
|
||||
|
||||
@staticmethod
|
||||
def services_to_displayed_services(services, for_report=False):
|
||||
if for_report:
|
||||
|
|
|
|||
|
|
@ -58,6 +58,11 @@ class EdgeService:
|
|||
if exploit['result']:
|
||||
EdgeService.set_edge_exploited(edge)
|
||||
|
||||
@staticmethod
|
||||
def set_edge_exploited(edge: Edge):
|
||||
edge.exploited = True
|
||||
edge.save()
|
||||
|
||||
@staticmethod
|
||||
def get_edge_group(edge: Edge):
|
||||
if edge.exploited:
|
||||
|
|
@ -68,11 +73,6 @@ class EdgeService:
|
|||
return "scan"
|
||||
return "empty"
|
||||
|
||||
@staticmethod
|
||||
def set_edge_exploited(edge: Edge):
|
||||
edge.exploited = True
|
||||
edge.save()
|
||||
|
||||
@staticmethod
|
||||
def get_edge_label(edge):
|
||||
return "%s %s %s" % (edge['src_label'], RIGHT_ARROW, edge['dst_label'])
|
||||
|
|
|
|||
|
|
@ -106,7 +106,8 @@ class PTHReportService(object):
|
|||
{
|
||||
'username': user['name'],
|
||||
'domain_name': user['domain_name'],
|
||||
'hostname': NodeService.get_hostname_by_id(ObjectId(user['machine_id'])) if user['machine_id'] else None
|
||||
'hostname': NodeService.get_hostname_by_id(ObjectId(user['machine_id'])) if
|
||||
user['machine_id'] else None
|
||||
} for user in doc['Docs']
|
||||
]
|
||||
users_cred_groups.append({'cred_groups': users_list})
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
import copy
|
||||
|
||||
from monkey_island.cc.database import mongo
|
||||
from monkey_island.cc.models import Monkey
|
||||
from monkey_island.cc.services.edge.edge import EdgeService
|
||||
|
|
|
|||
|
|
@ -21,8 +21,9 @@ SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
|
|||
class SystemInfoTelemetryDispatcher(object):
|
||||
def __init__(self, collector_to_parsing_functions: typing.Mapping[str, typing.List[typing.Callable]] = None):
|
||||
"""
|
||||
:param collector_to_parsing_functions: Map between collector names and a list of functions that process the output of
|
||||
that collector. If `None` is supplied, uses the default one; This should be the normal flow, overriding the
|
||||
:param collector_to_parsing_functions: Map between collector names and a list of functions
|
||||
that process the output of that collector.
|
||||
If `None` is supplied, uses the default one; This should be the normal flow, overriding the
|
||||
collector->functions mapping is useful mostly for testing.
|
||||
"""
|
||||
if collector_to_parsing_functions is None:
|
||||
|
|
|
|||
|
|
@ -22,9 +22,13 @@ class SystemInfoTelemetryDispatcherTest(IslandTestCase):
|
|||
bad_empty_telem_json = {}
|
||||
self.assertRaises(KeyError, dispatcher.dispatch_collector_results_to_relevant_processors, bad_empty_telem_json)
|
||||
bad_no_data_telem_json = {"monkey_guid": "bla"}
|
||||
self.assertRaises(KeyError, dispatcher.dispatch_collector_results_to_relevant_processors, bad_no_data_telem_json)
|
||||
self.assertRaises(KeyError,
|
||||
dispatcher.dispatch_collector_results_to_relevant_processors,
|
||||
bad_no_data_telem_json)
|
||||
bad_no_monkey_telem_json = {"data": {"collectors": {"AwsCollector": "Bla"}}}
|
||||
self.assertRaises(KeyError, dispatcher.dispatch_collector_results_to_relevant_processors, bad_no_monkey_telem_json)
|
||||
self.assertRaises(KeyError,
|
||||
dispatcher.dispatch_collector_results_to_relevant_processors,
|
||||
bad_no_monkey_telem_json)
|
||||
|
||||
# Telem JSON with no collectors - nothing gets dispatched
|
||||
good_telem_no_collectors = {"monkey_guid": "bla", "data": {"bla": "bla"}}
|
||||
|
|
|
|||
Loading…
Reference in New Issue