Bugfix

2019-06-14 15:52:49 +03:00 · 2019-06-14 15:52:49 +03:00 · 0422cd32db
parent f2d25c4481
commit 0422cd32db
1 changed files with 17 additions and 7 deletions
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1110.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1110.py
@ -40,6 +40,10 @@ class T1110(AttackTechnique):
            data = T1110.get_message_and_status(T1110, ScanStatus.SCANNED)
        else:
            data = T1110.get_message_and_status(T1110, ScanStatus.UNSCANNED)
+
+        # Remove data with no successful brute force attempts
+        attempts = [attempt for attempt in attempts if attempt['attempts']]
+
        data.update({'services': attempts, 'title': T1110.technique_title(T1110.tech_id)})
        return data

@ -51,33 +55,39 @@ class T1110(AttackTechnique):
        :return: string with username and used password/hash
        """
        username = attempt['user']
-        creds = {'lm_hash': {'type': 'LM hash', 'shown_chars': 5, 'funct': T1110.censor_hash},
-                 'ntlm_hash': {'type': 'NTLM hash', 'shown_chars': 20, 'funct': T1110.censor_hash},
-                 'ssh_key': {'type': 'SSH key', 'shown_chars': 15, 'funct': T1110.censor_hash},
-                 'password': {'type': 'Plaintext password', 'shown_chars': 3, 'funct': T1110.censor_password}}
+        creds = {'lm_hash': {'type': 'LM hash', 'output': T1110.censor_hash(attempt['lm_hash'])},
+                 'ntlm_hash': {'type': 'NTLM hash', 'output': T1110.censor_hash(attempt['ntlm_hash'], 20)},
+                 'ssh_key': {'type': 'SSH key', 'output': attempt['ssh_key']},
+                 'password': {'type': 'Plaintext password', 'output': T1110.censor_password(attempt['password'])}}
        for key, cred in creds.items():
            if attempt[key]:
                return '%s ; %s : %s' % (username,
                                         cred['type'],
-                                         cred['funct'](encryptor.dec(attempt[key]), cred['shown_chars']))
+                                         cred['output'])

    @staticmethod
    def censor_password(password, plain_chars=3, secret_chars=5):
        """
-        Obfuscates password by changing characters to *
+        Decrypts and obfuscates password by changing characters to *
        :param password: Password or string to obfuscate
        :param plain_chars: How many plain-text characters should be kept at the start of the string
        :param secret_chars: How many * symbols should be used to hide the remainder of the password
        :return: Obfuscated string e.g. Pass****
        """
+        if not password:
+            return ""
+        password = encryptor.dec(password)
        return password[0:plain_chars] + '*' * secret_chars

    @staticmethod
    def censor_hash(hash_, plain_chars=5):
        """
-        Obfuscates hash by only showing a part of it
+        Decrypts and obfuscates hash by only showing a part of it
        :param hash_: Hash to obfuscate
        :param plain_chars: How many chars of hash should be shown
        :return: Obfuscated string
        """
+        if not hash_:
+            return ""
+        hash_ = encryptor.dec(hash_)
        return hash_[0: plain_chars] + ' ...'