p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'attack_service_execution' into attack_module_load

This commit is contained in:
VakarisZ 2019-07-08 17:51:39 +03:00
parent 250bdaae77 25efdef7d3
commit f5336dfff8
10 changed files with 24 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
monkey/monkey_island/cc/services/attack/technique_reports/T1003.py
View File

@ -20,8 +20,8 @@ class T1003(AttackTechnique):
def get_report_data():
data = {'title': T1003.technique_title()}
if mongo.db.telemetry.count_documents(T1003.query):
status = ScanStatus.USED
status = ScanStatus.USED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data.update(T1003.get_message_and_status(status))
return data

4
monkey/monkey_island/cc/services/attack/technique_reports/T1059.py
View File

@ -27,8 +27,8 @@ class T1059(AttackTechnique):
cmd_data = list(mongo.db.telemetry.aggregate(T1059.query))
data = {'title': T1059.technique_title(), 'cmds': cmd_data}
if cmd_data:
status = ScanStatus.USED
status = ScanStatus.USED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data.update(T1059.get_message_and_status(status))
return data

2
monkey/monkey_island/cc/services/attack/technique_reports/T1065.py
View File

@ -17,4 +17,4 @@ class T1065(AttackTechnique):
def get_report_data():
port = ConfigService.get_config_value(['cnc', 'servers', 'current_server']).split(':')[1]
T1065.used_msg = T1065.message % port
return T1065.get_base_data_by_status(ScanStatus.USED)
return T1065.get_base_data_by_status(ScanStatus.USED.value)

6
monkey/monkey_island/cc/services/attack/technique_reports/T1075.py
View File

@ -35,10 +35,10 @@ class T1075(AttackTechnique):
successful_logins = list(mongo.db.telemetry.aggregate(T1075.query))
data.update({'successful_logins': successful_logins})
if successful_logins:
status = ScanStatus.USED
status = ScanStatus.USED.value
elif mongo.db.telemetry.count_documents(T1075.login_attempt_query):
status = ScanStatus.SCANNED
status = ScanStatus.SCANNED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data.update(T1075.get_message_and_status(status))
return data

4
monkey/monkey_island/cc/services/attack/technique_reports/T1082.py
View File

@ -40,8 +40,8 @@ class T1082(AttackTechnique):
system_info = list(mongo.db.telemetry.aggregate(T1082.query))
data.update({'system_info': system_info})
if system_info:
status = ScanStatus.USED
status = ScanStatus.USED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data.update(T1082.get_message_and_status(status))
return data

4
monkey/monkey_island/cc/services/attack/technique_reports/T1086.py
View File

@ -29,8 +29,8 @@ class T1086(AttackTechnique):
cmd_data = list(mongo.db.telemetry.aggregate(T1086.query))
data = {'title': T1086.technique_title(), 'cmds': cmd_data}
if cmd_data:
status = ScanStatus.USED
status = ScanStatus.USED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data.update(T1086.get_message_and_status(status))
return data

6
monkey/monkey_island/cc/services/attack/technique_reports/T1110.py
View File

@ -35,11 +35,11 @@ class T1110(AttackTechnique):
result['successful_creds'].append(T1110.parse_creds(attempt))
if succeeded:
status = ScanStatus.USED
status = ScanStatus.USED.value
elif attempts:
status = ScanStatus.SCANNED
status = ScanStatus.SCANNED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data = T1110.get_base_data_by_status(status)
# Remove data with no successful brute force attempts
attempts = [attempt for attempt in attempts if attempt['attempts']]

4
monkey/monkey_island/cc/services/attack/technique_reports/T1145.py
View File

@ -23,9 +23,9 @@ class T1145(AttackTechnique):
ssh_info = list(mongo.db.telemetry.aggregate(T1145.query))
if ssh_info:
status = ScanStatus.USED
status = ScanStatus.USED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data = T1145.get_base_data_by_status(status)
data.update({'ssh_info': ssh_info})
return data

6
monkey/monkey_island/cc/services/attack/technique_reports/T1210.py
View File

@ -18,11 +18,11 @@ class T1210(AttackTechnique):
scanned_services = T1210.get_scanned_services()
exploited_services = T1210.get_exploited_services()
if exploited_services:
status = ScanStatus.USED
status = ScanStatus.USED.value
elif scanned_services:
status = ScanStatus.SCANNED
status = ScanStatus.SCANNED.value
else:
status = ScanStatus.UNSCANNED
status = ScanStatus.UNSCANNED.value
data.update(T1210.get_message_and_status(status))
data.update({'scanned_services': scanned_services, 'exploited_services': exploited_services})
return data

8
monkey/monkey_island/cc/services/attack/technique_reports/__init__.py
View File

@ -67,7 +67,7 @@ class AttackTechnique(object):
def get_message_and_status(cls, status):
"""
Returns a dict with attack technique's message and status.
:param status: Enum type value from common/attack_utils.py
:param status: Enum from common/attack_utils.py integer value
:return: Dict with message and status
"""
return {'message': cls.get_message_by_status(status), 'status': status.value}
@ -76,12 +76,12 @@ class AttackTechnique(object):
def get_message_by_status(cls, status):
"""
Picks a message to return based on status.
:param status: Enum type value from common/attack_utils.py
:param status: Enum from common/attack_utils.py integer value
:return: message string
"""
if status == ScanStatus.UNSCANNED:
if status == ScanStatus.UNSCANNED.value:
return cls.unscanned_msg
elif status == ScanStatus.SCANNED:
elif status == ScanStatus.SCANNED.value:
return cls.scanned_msg
else:
return cls.used_msg