forked from p34709852/monkey
CR improvements
This commit is contained in:
parent
9935f156ff
commit
e38410a232
|
@ -59,7 +59,7 @@ class HostExploiter(object):
|
|||
def add_vuln_port(self, port):
|
||||
self._exploit_info['vulnerable_ports'].append(port)
|
||||
|
||||
def add_example_cmd(self, cmd):
|
||||
def set_example_cmd(self, cmd):
|
||||
self._exploit_info['executed_cmds']['example'] = cmd
|
||||
|
||||
|
||||
|
|
|
@ -49,7 +49,7 @@ class HadoopExploiter(WebRCE):
|
|||
return False
|
||||
http_thread.join(self.DOWNLOAD_TIMEOUT)
|
||||
http_thread.stop()
|
||||
self.add_example_cmd(command)
|
||||
self.set_example_cmd(command)
|
||||
return True
|
||||
|
||||
def exploit(self, url, command):
|
||||
|
|
|
@ -77,7 +77,7 @@ class MSSQLExploiter(HostExploiter):
|
|||
commands.extend(monkey_args)
|
||||
MSSQLExploiter.execute_command(cursor, commands)
|
||||
MSSQLExploiter.run_file(cursor, tmp_file_path)
|
||||
self.add_example_cmd(commands[-1])
|
||||
self.set_example_cmd(commands[-1])
|
||||
return True
|
||||
|
||||
@staticmethod
|
||||
|
|
|
@ -343,5 +343,5 @@ class RdpExploiter(HostExploiter):
|
|||
|
||||
LOG.info("Executed monkey '%s' on remote victim %r",
|
||||
os.path.basename(src_path), self.host)
|
||||
self.add_example_cmd(command)
|
||||
self.set_example_cmd(command)
|
||||
return True
|
||||
|
|
|
@ -144,7 +144,7 @@ class ShellShockExploiter(HostExploiter):
|
|||
if not (self.check_remote_file_exists(url, header, exploit, self._config.monkey_log_path_linux)):
|
||||
LOG.info("Log file does not exist, monkey might not have run")
|
||||
continue
|
||||
self.add_example_cmd(cmdline)
|
||||
self.set_example_cmd(cmdline)
|
||||
return True
|
||||
|
||||
return False
|
||||
|
|
|
@ -178,7 +178,7 @@ class SSHExploiter(HostExploiter):
|
|||
self._config.dropper_target_path_linux, self.host, cmdline)
|
||||
|
||||
ssh.close()
|
||||
self.add_example_cmd(cmdline)
|
||||
self.set_example_cmd(cmdline)
|
||||
return True
|
||||
|
||||
except Exception as exc:
|
||||
|
|
|
@ -138,7 +138,7 @@ class VSFTPDExploiter(HostExploiter):
|
|||
if backdoor_socket.send(run_monkey):
|
||||
LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", self._config.dropper_target_path_linux,
|
||||
self.host, run_monkey)
|
||||
self.add_example_cmd(run_monkey)
|
||||
self.set_example_cmd(run_monkey)
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
|
|
@ -408,7 +408,7 @@ class WebRCE(HostExploiter):
|
|||
# If exploiter returns True / False
|
||||
if type(resp) is bool:
|
||||
LOG.info("Execution attempt successfully finished")
|
||||
self.add_example_cmd(command)
|
||||
self.set_example_cmd(command)
|
||||
return resp
|
||||
# If exploiter returns command output, we can check for execution errors
|
||||
if 'is not recognized' in resp or 'command not found' in resp:
|
||||
|
@ -422,7 +422,7 @@ class WebRCE(HostExploiter):
|
|||
return False
|
||||
LOG.info("Execution attempt finished")
|
||||
|
||||
self.add_example_cmd(command)
|
||||
self.set_example_cmd(command)
|
||||
return resp
|
||||
|
||||
def get_monkey_upload_path(self, url_to_monkey):
|
||||
|
|
|
@ -114,7 +114,7 @@ class WmiExploiter(HostExploiter):
|
|||
|
||||
result.RemRelease()
|
||||
wmi_connection.close()
|
||||
self.add_example_cmd(cmdline)
|
||||
self.set_example_cmd(cmdline)
|
||||
return success
|
||||
|
||||
return False
|
||||
|
|
|
@ -9,7 +9,7 @@ class T1003(AttackTechnique):
|
|||
|
||||
tech_id = "T1003"
|
||||
unscanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed."
|
||||
scanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed."
|
||||
scanned_msg = ""
|
||||
used_msg = "Monkey successfully obtained some credentials from systems on the network."
|
||||
|
||||
query = {'telem_type': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
|
||||
|
@ -17,9 +17,10 @@ class T1003(AttackTechnique):
|
|||
|
||||
@staticmethod
|
||||
def get_report_data():
|
||||
data = {'title': T1003.technique_title(T1003.tech_id)}
|
||||
data = {'title': T1003.technique_title()}
|
||||
if mongo.db.telemetry.count_documents(T1003.query):
|
||||
data.update({'message': T1003.used_msg, 'status': ScanStatus.USED.name})
|
||||
status = ScanStatus.USED
|
||||
else:
|
||||
data.update({'message': T1003.unscanned_msg, 'status': ScanStatus.UNSCANNED.name})
|
||||
status = ScanStatus.UNSCANNED
|
||||
data.update(T1003.get_message_and_status(status))
|
||||
return data
|
||||
|
|
|
@ -22,9 +22,10 @@ class T1059(AttackTechnique):
|
|||
@staticmethod
|
||||
def get_report_data():
|
||||
cmd_data = list(mongo.db.telemetry.aggregate(T1059.query))
|
||||
data = {'title': T1059.technique_title(T1059.tech_id), 'cmds': cmd_data}
|
||||
data = {'title': T1059.technique_title(), 'cmds': cmd_data}
|
||||
if cmd_data:
|
||||
data.update({'message': T1059.used_msg, 'status': ScanStatus.USED.name})
|
||||
status = ScanStatus.USED
|
||||
else:
|
||||
data.update({'message': T1059.unscanned_msg, 'status': ScanStatus.UNSCANNED.name})
|
||||
status = ScanStatus.UNSCANNED
|
||||
data.update(T1059.get_message_and_status(status))
|
||||
return data
|
||||
|
|
|
@ -10,7 +10,7 @@ class T1059 extends React.Component {
|
|||
super(props);
|
||||
}
|
||||
|
||||
static getHashColumns() {
|
||||
static getCommandColumns() {
|
||||
return ([{
|
||||
Header: 'Example commands used',
|
||||
columns: [
|
||||
|
@ -27,7 +27,7 @@ class T1059 extends React.Component {
|
|||
<br/>
|
||||
{this.props.data.status === 'USED' ?
|
||||
<ReactTable
|
||||
columns={T1059.getHashColumns()}
|
||||
columns={T1059.getCommandColumns()}
|
||||
data={this.props.data.cmds}
|
||||
showPagination={false}
|
||||
defaultPageSize={this.props.data.cmds.length}
|
||||
|
|
Loading…
Reference in New Issue