forked from p15670423/monkey
Updated branch according to changes in dev.
This commit is contained in:
parent
f8d5247f81
commit
36f917bc8d
|
@ -12,7 +12,7 @@ class T1003(AttackTechnique):
|
||||||
scanned_msg = ""
|
scanned_msg = ""
|
||||||
used_msg = "Monkey successfully obtained some credentials from systems on the network."
|
used_msg = "Monkey successfully obtained some credentials from systems on the network."
|
||||||
|
|
||||||
query = {'telem_type': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
|
query = {'telem_category': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
|
||||||
# $gt: {} checks if field is not an empty object
|
# $gt: {} checks if field is not an empty object
|
||||||
{'data.credentials': {'$gt': {}}}]}
|
{'data.credentials': {'$gt': {}}}]}
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ class T1059(AttackTechnique):
|
||||||
scanned_msg = ""
|
scanned_msg = ""
|
||||||
used_msg = "Monkey successfully ran commands on exploited machines in the network."
|
used_msg = "Monkey successfully ran commands on exploited machines in the network."
|
||||||
|
|
||||||
query = [{'$match': {'telem_type': 'exploit',
|
query = [{'$match': {'telem_category': 'exploit',
|
||||||
'data.info.executed_cmds': {'$exists': True, '$ne': []}}},
|
'data.info.executed_cmds': {'$exists': True, '$ne': []}}},
|
||||||
{'$project': {'_id': 0,
|
{'$project': {'_id': 0,
|
||||||
'machine': '$data.machine',
|
'machine': '$data.machine',
|
||||||
|
|
|
@ -13,7 +13,7 @@ class T1110(AttackTechnique):
|
||||||
used_msg = "Monkey successfully used brute force in the network."
|
used_msg = "Monkey successfully used brute force in the network."
|
||||||
|
|
||||||
# Gets data about brute force attempts
|
# Gets data about brute force attempts
|
||||||
query = [{'$match': {'telem_type': 'exploit',
|
query = [{'$match': {'telem_category': 'exploit',
|
||||||
'data.attempts': {'$not': {'$size': 0}}}},
|
'data.attempts': {'$not': {'$size': 0}}}},
|
||||||
{'$project': {'_id': 0,
|
{'$project': {'_id': 0,
|
||||||
'machine': '$data.machine',
|
'machine': '$data.machine',
|
||||||
|
|
|
@ -13,13 +13,15 @@ class T1197(AttackTechnique):
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_report_data():
|
def get_report_data():
|
||||||
data = T1197.get_tech_base_data()
|
data = T1197.get_tech_base_data()
|
||||||
bits_results = mongo.db.telemetry.aggregate([{'$match': {'telem_category': 'attack', 'data.technique': T1197.tech_id}},
|
bits_results = mongo.db.telemetry.aggregate([{'$match': {'telem_category': 'attack',
|
||||||
{'$group': {'_id': {'ip_addr': '$data.machine.ip_addr', 'usage': '$data.usage'},
|
'data.technique': T1197.tech_id}},
|
||||||
'ip_addr': {'$first': '$data.machine.ip_addr'},
|
{'$group': {'_id': {'ip_addr': '$data.machine.ip_addr',
|
||||||
'domain_name': {'$first': '$data.machine.domain_name'},
|
'usage': '$data.usage'},
|
||||||
'usage': {'$first': '$data.usage'},
|
'ip_addr': {'$first': '$data.machine.ip_addr'},
|
||||||
'time': {'$first': '$timestamp'}}
|
'domain_name': {'$first': '$data.machine.domain_name'},
|
||||||
}])
|
'usage': {'$first': '$data.usage'},
|
||||||
|
'time': {'$first': '$timestamp'}}
|
||||||
|
}])
|
||||||
bits_results = list(bits_results)
|
bits_results = list(bits_results)
|
||||||
data.update({'bits_jobs': bits_results})
|
data.update({'bits_jobs': bits_results})
|
||||||
return data
|
return data
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import React from 'react';
|
import React from 'react';
|
||||||
import '../../../styles/Collapse.scss'
|
import '../../../styles/Collapse.scss'
|
||||||
import ReactTable from "react-table";
|
import ReactTable from "react-table";
|
||||||
import { RenderMachine } from "./Helpers"
|
import { renderMachine } from "./Helpers"
|
||||||
|
|
||||||
|
|
||||||
class T1059 extends React.Component {
|
class T1059 extends React.Component {
|
||||||
|
@ -14,13 +14,14 @@ class T1059 extends React.Component {
|
||||||
return ([{
|
return ([{
|
||||||
Header: 'Example commands used',
|
Header: 'Example commands used',
|
||||||
columns: [
|
columns: [
|
||||||
{Header: 'Machine', id: 'machine', accessor: x => RenderMachine(x.data[0].machine), style: { 'whiteSpace': 'unset'}, width: 160 },
|
{Header: 'Machine', id: 'machine', accessor: x => renderMachine(x.data[0].machine), style: { 'whiteSpace': 'unset'}, width: 160 },
|
||||||
{Header: 'Approx. Time', id: 'time', accessor: x => x.data[0].info.finished, style: { 'whiteSpace': 'unset' }},
|
{Header: 'Approx. Time', id: 'time', accessor: x => x.data[0].info.finished, style: { 'whiteSpace': 'unset' }},
|
||||||
{Header: 'Command', id: 'command', accessor: x => x.data[0].info.executed_cmds[0].cmd, style: { 'whiteSpace': 'unset' }},
|
{Header: 'Command', id: 'command', accessor: x => x.data[0].info.executed_cmds[0].cmd, style: { 'whiteSpace': 'unset' }},
|
||||||
]
|
]
|
||||||
}])};
|
}])};
|
||||||
|
|
||||||
render() {
|
render() {
|
||||||
|
console.log(this.props.data);
|
||||||
return (
|
return (
|
||||||
<div>
|
<div>
|
||||||
<div>{this.props.data.message}</div>
|
<div>{this.props.data.message}</div>
|
||||||
|
|
Loading…
Reference in New Issue