Fixed T1078 attack technique not implemented, empty PBA message and other bugs

2019-09-05 16:40:02 +03:00 · 2019-09-05 16:40:02 +03:00 · 3a290b46ac
parent f8fe0b9f09
commit 3a290b46ac
4 changed files with 9 additions and 5 deletions
--- a/monkey/infection_monkey/post_breach/actions/users_custom_pba.py
+++ b/monkey/infection_monkey/post_breach/actions/users_custom_pba.py
@ -27,7 +27,7 @@ class UsersPBA(PBA):
    Defines user's configured post breach action.
    """
    def __init__(self):
-        super(UsersPBA, self).__init__("File execution")
+        super(UsersPBA, self).__init__("Custom post breach action")
        self.filename = ''
        if not is_windows_os():
            # Add linux commands to PBA's
--- a/monkey/infection_monkey/post_breach/pba.py
+++ b/monkey/infection_monkey/post_breach/pba.py
@ -12,6 +12,7 @@ LOG = logging.getLogger(__name__)

 __author__ = 'VakarisZ'

+EXECUTION_WITHOUT_OUTPUT = "(PBA execution produced no output)"

 class PBA(object):
    """
@ -73,7 +74,10 @@ class PBA(object):
        :return: Tuple of command's output string and boolean, indicating if it succeeded
        """
        try:
-            return subprocess.check_output(self.command, stderr=subprocess.STDOUT, shell=True), True
+            output = subprocess.check_output(self.command, stderr=subprocess.STDOUT, shell=True)
+            if not output:
+                output = EXECUTION_WITHOUT_OUTPUT
+            return output, True
        except subprocess.CalledProcessError as e:
            # Return error output of the command
            return e.output, False
--- a/monkey/monkey_island/cc/services/config_schema.py
+++ b/monkey/monkey_island/cc/services/config_schema.py
@ -406,7 +406,7 @@ SCHEMA = {
                            "title": "Harvest Azure Credentials",
                            "type": "boolean",
                            "default": True,
-                            "attack_techniques": ["T1003", "T1078"],
+                            "attack_techniques": ["T1003"],
                            "description":
                                "Determine if the Monkey should try to harvest password credentials from Azure VMs"
                        },
@ -421,7 +421,7 @@ SCHEMA = {
                            "title": "Should use Mimikatz",
                            "type": "boolean",
                            "default": True,
-                            "attack_techniques": ["T1003", "T1078"],
+                            "attack_techniques": ["T1003"],
                            "description": "Determines whether to use Mimikatz"
                        },
                    }
--- a/monkey/monkey_island/cc/ui/src/components/report-components/PostBreach.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/PostBreach.js
@ -24,7 +24,7 @@ let renderPbaResults = function (results) {
 };

 const subColumns = [
-  {id: 'pba_name', Header: "Name", accessor: x => x.name, style: { 'whiteSpace': 'unset' }},
+  {id: 'pba_name', Header: "Name", accessor: x => x.name, style: { 'whiteSpace': 'unset' }, width: 160},
  {id: 'pba_output', Header: "Output", accessor: x => renderPbaResults(x.result), style: { 'whiteSpace': 'unset' }}
 ];