p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

telem: Add ransomware telemetry

This commit is contained in:
Shreya 2021-06-22 15:23:45 +05:30 committed by Mike Salvatore
parent d600aa7208
commit 29bd48f703
2 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
monkey/infection_monkey/monkey.py
View File

@ -25,6 +25,7 @@ from infection_monkey.system_singleton import SystemSingleton
from infection_monkey.telemetry.attack.t1106_telem import T1106Telem from infection_monkey.telemetry.attack.t1106_telem import T1106Telem
from infection_monkey.telemetry.attack.t1107_telem import T1107Telem from infection_monkey.telemetry.attack.t1107_telem import T1107Telem
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
from infection_monkey.telemetry.ransomware_telem import RansomwareTelem
from infection_monkey.telemetry.scan_telem import ScanTelem from infection_monkey.telemetry.scan_telem import ScanTelem
from infection_monkey.telemetry.state_telem import StateTelem from infection_monkey.telemetry.state_telem import StateTelem
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
@ -233,7 +234,8 @@ class InfectionMonkey(object):
if not self._keep_running: if not self._keep_running:
break break
RansomewarePayload(WormConfiguration.ransomware).run_payload() ransomware_attempts = RansomewarePayload(WormConfiguration.ransomware).run_payload()
RansomwareTelem(ransomware_attempts).send()
if (not is_empty) and (WormConfiguration.max_iterations > iteration_index + 1): if (not is_empty) and (WormConfiguration.max_iterations > iteration_index + 1):
time_to_sleep = WormConfiguration.timeout_between_iterations time_to_sleep = WormConfiguration.timeout_between_iterations

22
monkey/infection_monkey/telemetry/ransomware_telem.py Normal file
View File

@ -0,0 +1,22 @@
from typing import List, Tuple
from common.common_consts.telem_categories import TelemCategoryEnum
from infection_monkey.telemetry.base_telem import BaseTelem
class RansomwareTelem(BaseTelem):
def __init__(self, attempts: List[Tuple[str, str]]):
"""
Ransomware telemetry constructor
:param attempts: List of tuples with each tuple containing the path
of a file it tried encrypting and its result.
If ransomware fails completely - list of one tuple
containing the directory path and error string.
"""
super().__init__()
self.attempts = attempts
telem_category = TelemCategoryEnum.RANSOMWARE
def get_data(self):
return {"ransomware_attempts": self.attempts}