p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Bugfix

This commit is contained in:
VakarisZ 2019-06-14 15:52:49 +03:00
parent f2d25c4481
commit 0422cd32db
1 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
monkey/monkey_island/cc/services/attack/technique_reports/T1110.py
View File

@ -40,6 +40,10 @@ class T1110(AttackTechnique):
data = T1110.get_message_and_status(T1110, ScanStatus.SCANNED) data = T1110.get_message_and_status(T1110, ScanStatus.SCANNED)
else: else:
data = T1110.get_message_and_status(T1110, ScanStatus.UNSCANNED) data = T1110.get_message_and_status(T1110, ScanStatus.UNSCANNED)
# Remove data with no successful brute force attempts
attempts = [attempt for attempt in attempts if attempt['attempts']]
data.update({'services': attempts, 'title': T1110.technique_title(T1110.tech_id)}) data.update({'services': attempts, 'title': T1110.technique_title(T1110.tech_id)})
return data return data
@ -51,33 +55,39 @@ class T1110(AttackTechnique):
:return: string with username and used password/hash :return: string with username and used password/hash
""" """
username = attempt['user'] username = attempt['user']
creds = {'lm_hash': {'type': 'LM hash', 'shown_chars': 5, 'funct': T1110.censor_hash}, creds = {'lm_hash': {'type': 'LM hash', 'output': T1110.censor_hash(attempt['lm_hash'])},
'ntlm_hash': {'type': 'NTLM hash', 'shown_chars': 20, 'funct': T1110.censor_hash}, 'ntlm_hash': {'type': 'NTLM hash', 'output': T1110.censor_hash(attempt['ntlm_hash'], 20)},
'ssh_key': {'type': 'SSH key', 'shown_chars': 15, 'funct': T1110.censor_hash}, 'ssh_key': {'type': 'SSH key', 'output': attempt['ssh_key']},
'password': {'type': 'Plaintext password', 'shown_chars': 3, 'funct': T1110.censor_password}} 'password': {'type': 'Plaintext password', 'output': T1110.censor_password(attempt['password'])}}
for key, cred in creds.items(): for key, cred in creds.items():
if attempt[key]: if attempt[key]:
return '%s ; %s : %s' % (username, return '%s ; %s : %s' % (username,
cred['type'], cred['type'],
cred['funct'](encryptor.dec(attempt[key]), cred['shown_chars'])) cred['output'])
@staticmethod @staticmethod
def censor_password(password, plain_chars=3, secret_chars=5): def censor_password(password, plain_chars=3, secret_chars=5):
""" """
Obfuscates password by changing characters to * Decrypts and obfuscates password by changing characters to *
:param password: Password or string to obfuscate :param password: Password or string to obfuscate
:param plain_chars: How many plain-text characters should be kept at the start of the string :param plain_chars: How many plain-text characters should be kept at the start of the string
:param secret_chars: How many * symbols should be used to hide the remainder of the password :param secret_chars: How many * symbols should be used to hide the remainder of the password
:return: Obfuscated string e.g. Pass**** :return: Obfuscated string e.g. Pass****
""" """
if not password:
return ""
password = encryptor.dec(password)
return password[0:plain_chars] + '*' * secret_chars return password[0:plain_chars] + '*' * secret_chars
@staticmethod @staticmethod
def censor_hash(hash_, plain_chars=5): def censor_hash(hash_, plain_chars=5):
""" """
Obfuscates hash by only showing a part of it Decrypts and obfuscates hash by only showing a part of it
:param hash_: Hash to obfuscate :param hash_: Hash to obfuscate
:param plain_chars: How many chars of hash should be shown :param plain_chars: How many chars of hash should be shown
:return: Obfuscated string :return: Obfuscated string
""" """
if not hash_:
return ""
hash_ = encryptor.dec(hash_)
return hash_[0: plain_chars] + ' ...' return hash_[0: plain_chars] + ' ...'