p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #358 from guardicore/bugfix/fix-update-attack-report 

determine if new report needs to be generated pending on latest updat…
This commit is contained in:
Itay Mizeretz 2019-07-07 11:19:41 +03:00 committed by GitHub
parent d926a92920 7cd6a0b434
commit 79c4444c39
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 22 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
monkey/monkey_island/cc/models/monkey.py
View File

@ -2,8 +2,8 @@
Define a Document Schema for the Monkey document. Define a Document Schema for the Monkey document.
""" """
import mongoengine import mongoengine
from mongoengine import Document, StringField, ListField, BooleanField, EmbeddedDocumentField, DateField, \ from mongoengine import Document, StringField, ListField, BooleanField, EmbeddedDocumentField, ReferenceField, \
ReferenceField DateTimeField
from monkey_island.cc.models.monkey_ttl import MonkeyTtl from monkey_island.cc.models.monkey_ttl import MonkeyTtl
@ -24,8 +24,8 @@ class Monkey(Document):
hostname = StringField() hostname = StringField()
internet_access = BooleanField() internet_access = BooleanField()
ip_addresses = ListField(StringField()) ip_addresses = ListField(StringField())
keepalive = DateField() keepalive = DateTimeField()
modifytime = DateField() modifytime = DateTimeField()
# TODO change this to an embedded document as well - RN it's an unnamed tuple which is confusing. # TODO change this to an embedded document as well - RN it's an unnamed tuple which is confusing.
parent = ListField(ListField(StringField())) parent = ListField(ListField(StringField()))
config_error = BooleanField() config_error = BooleanField()
@ -41,6 +41,10 @@ class Monkey(Document):
except IndexError: except IndexError:
raise MonkeyNotFoundError("id: {0}".format(str(db_id))) raise MonkeyNotFoundError("id: {0}".format(str(db_id)))
@staticmethod
def get_latest_modifytime():
return Monkey.objects.order_by('-modifytime').first().modifytime
def is_dead(self): def is_dead(self):
monkey_is_dead = False monkey_is_dead = False
if self.dead: if self.dead:

14
monkey/monkey_island/cc/services/attack/attack_report.py
View File

@ -1,4 +1,5 @@
import logging import logging
from monkey_island.cc.models import Monkey
from monkey_island.cc.services.attack.technique_reports import T1210, T1197, T1110, T1075, T1003, T1059, T1086 from monkey_island.cc.services.attack.technique_reports import T1210, T1197, T1110, T1075, T1003, T1059, T1086
from monkey_island.cc.services.attack.attack_config import AttackConfig from monkey_island.cc.services.attack.attack_config import AttackConfig
from monkey_island.cc.database import mongo from monkey_island.cc.database import mongo
@ -29,7 +30,13 @@ class AttackReportService:
Generates new report based on telemetries, replaces old report in db with new one. Generates new report based on telemetries, replaces old report in db with new one.
:return: Report object :return: Report object
""" """
report = {'techniques': {}, 'latest_telem_time': AttackReportService.get_latest_attack_telem_time(), 'name': REPORT_NAME} report =\
{
'techniques': {},
'meta': {'latest_monkey_modifytime': Monkey.get_latest_modifytime()},
'name': REPORT_NAME
}
for tech_id, value in AttackConfig.get_technique_values().items(): for tech_id, value in AttackConfig.get_technique_values().items():
if value: if value:
try: try:
@ -55,9 +62,10 @@ class AttackReportService:
:return: report dict. :return: report dict.
""" """
if AttackReportService.is_report_generated(): if AttackReportService.is_report_generated():
telem_time = AttackReportService.get_latest_attack_telem_time() monkey_modifytime = Monkey.get_latest_modifytime()
latest_report = mongo.db.attack_report.find_one({'name': REPORT_NAME}) latest_report = mongo.db.attack_report.find_one({'name': REPORT_NAME})
if telem_time and latest_report['latest_telem_time'] and telem_time == latest_report['latest_telem_time']: report_modifytime = latest_report['meta']['latest_monkey_modifytime']
if monkey_modifytime and report_modifytime and monkey_modifytime == report_modifytime:
return latest_report return latest_report
return AttackReportService.generate_new_report() return AttackReportService.generate_new_report()

4
monkey/monkey_island/cc/services/node.py
View File

@ -308,10 +308,6 @@ class NodeService:
def is_monkey_finished_running(): def is_monkey_finished_running():
return NodeService.is_any_monkey_exists() and not NodeService.is_any_monkey_alive() return NodeService.is_any_monkey_exists() and not NodeService.is_any_monkey_alive()
@staticmethod
def get_latest_modified_monkey():
return mongo.db.monkey.find({}).sort('modifytime', -1).limit(1)
@staticmethod @staticmethod
def add_credentials_to_monkey(monkey_id, creds): def add_credentials_to_monkey(monkey_id, creds):
mongo.db.monkey.update( mongo.db.monkey.update(

5
monkey/monkey_island/cc/services/report.py
View File

@ -10,6 +10,7 @@ from enum import Enum
from six import text_type from six import text_type
from monkey_island.cc.database import mongo from monkey_island.cc.database import mongo
from monkey_island.cc.models import Monkey
from monkey_island.cc.report_exporter_manager import ReportExporterManager from monkey_island.cc.report_exporter_manager import ReportExporterManager
from monkey_island.cc.services.config import ConfigService from monkey_island.cc.services.config import ConfigService
from monkey_island.cc.services.edge import EdgeService from monkey_island.cc.services.edge import EdgeService
@ -714,7 +715,7 @@ class ReportService:
config_users = ReportService.get_config_users() config_users = ReportService.get_config_users()
config_passwords = ReportService.get_config_passwords() config_passwords = ReportService.get_config_passwords()
cross_segment_issues = ReportService.get_cross_segment_issues() cross_segment_issues = ReportService.get_cross_segment_issues()
monkey_latest_modify_time = list(NodeService.get_latest_modified_monkey())[0]['modifytime'] monkey_latest_modify_time = Monkey.get_latest_modifytime()
report = \ report = \
{ {
@ -779,7 +780,7 @@ class ReportService:
if latest_report_doc: if latest_report_doc:
report_latest_modifytime = latest_report_doc['meta']['latest_monkey_modifytime'] report_latest_modifytime = latest_report_doc['meta']['latest_monkey_modifytime']
latest_monkey_modifytime = NodeService.get_latest_modified_monkey()[0]['modifytime'] latest_monkey_modifytime = Monkey.get_latest_modifytime()
return report_latest_modifytime == latest_monkey_modifytime return report_latest_modifytime == latest_monkey_modifytime
return False return False