p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

small fixeS

This commit is contained in:
Oran Nadler 2018-03-07 06:47:29 -08:00
parent 458cc20ceb
commit 1ee53972a8
1 changed files with 41 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
monkey_island/cc/resources/pthmap.py
View File

@ -408,13 +408,7 @@ class PassTheHashMap(object):
return None return None
def GetVictimCountBySid(self, sid): def GetVictimCountBySid(self, sid):
count = 0 return len(self.GetVictimsBySid(sid))
for m in self.machines:
if sid in m.GetLocalAdmins():
count += 1
return count
def GetVictimCountByMachine(self, attacker): def GetVictimCountByMachine(self, attacker):
return len(self.GetVictimsByAttacker(attacker)) return len(self.GetVictimsByAttacker(attacker))
@ -539,6 +533,32 @@ class PassTheHashMap(object):
return victims return victims
def GetInPathCountByVictim(self, victim, already_processed=None):
if type(victim) != unicode:
victim = victim.monkey_guid
if not already_processed:
already_processed = set([victim])
count = 0
for atck, vic, _ in self.edges:
if atck == vic:
continue
if vic != victim:
continue
if atck in already_processed:
continue
count += 1
already_processed.add(atck)
count += self.GetInPathCountByVictim(atck, already_processed)
return count
def main(): def main():
pth = PassTheHashMap() pth = PassTheHashMap()
@ -586,12 +606,22 @@ def main():
print "<h2>Domain Controllers</h2>" print "<h2>Domain Controllers</h2>"
print "<h3>List of domain controllers (we count them as critical points, so they are listed here)</h3>" print "<h3>List of domain controllers (we count them as critical points, so they are listed here)</h3>"
DCs = pth.GetAllDomainControllers() DCs = dict(map(lambda m: (m, pth.GetInPathCountByVictim(m)), pth.GetAllDomainControllers()))
print """<table>""" print """<table>"""
print """<tr><th>DC Ip</th><th>DC Hostname</th><th>Domain Name</th></tr>""" print """<tr><th>DC Ip</th><th>DC Hostname</th><th>Domain Name</th><th>In-Path Count</th></tr>"""
for m in DCs: for m, path_count in sorted(DCs.iteritems(), key=lambda (k,v): (v,k), reverse=True):
print """<tr><td><a href="#{ip}">{ip}</a></td><td><a href="#{ip}">{hostname}</a></td><td>{domain}</td>""".format(ip=m.GetIp(), hostname=m.GetHostName(), domain=m.GetDomainName()) print """<tr><td><a href="#{ip}">{ip}</a></td><td><a href="#{ip}">{hostname}</a></td><td>{domain}</td><td>{path_count}</td></tr>""".format(ip=m.GetIp(), hostname=m.GetHostName(), domain=m.GetDomainName(), path_count=path_count)
print """</table>"""
print "<h2>Most Vulnerable Machines</h2>"
print "<h3>List all machines in the network sorted by the potincial to attack them</h3>"
all_machines = dict(map(lambda m: (m, pth.GetInPathCountByVictim(m)), pth.machines))
print """<table>"""
print """<tr><th>Ip</th><th>Hostname</th><th>Domain Name</th><th>In-Path Count</th></tr>"""
for m, path_count in sorted(all_machines.iteritems(), key=lambda (k,v): (v,k), reverse=True):
print """<tr><td><a href="#{ip}">{ip}</a></td><td><a href="#{ip}">{hostname}</a></td><td>{domain}</td><td>{path_count}</td></tr>""".format(ip=m.GetIp(), hostname=m.GetHostName(), domain=m.GetDomainName(), path_count=path_count)
print """</table>""" print """</table>"""
print "<hr />" print "<hr />"