From 9d7c7073c3678d26ff84da4c524b0354d34f5aba Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Fri, 3 Dec 2021 15:09:17 +0200
Subject: [PATCH] Monkey, Island: use process start timestamp to track monkey
 start time instead of datetime string of wakeup call

This change allows us to avoid the issues where agents are on a different timezone than island and process start time is more precise than
---
 monkey/infection_monkey/control.py                        | 5 ++---
 monkey/infection_monkey/utils/agent_process.py            | 8 ++++++++
 monkey/monkey_island/cc/models/monkey.py                  | 3 ++-
 .../reporting/exploitations/manual_exploitation.py        | 3 ++-
 monkey/monkey_island/cc/services/utils/formatting.py      | 7 +++++++
 5 files changed, 21 insertions(+), 5 deletions(-)
 create mode 100644 monkey/infection_monkey/utils/agent_process.py
 create mode 100644 monkey/monkey_island/cc/services/utils/formatting.py

diff --git a/monkey/infection_monkey/control.py b/monkey/infection_monkey/control.py
index 878945433..71e1fb8f0 100644
--- a/monkey/infection_monkey/control.py
+++ b/monkey/infection_monkey/control.py
@@ -1,7 +1,6 @@
 import json
 import logging
 import platform
-from datetime import datetime
 from pprint import pformat
 from socket import gethostname
 from urllib.parse import urljoin
@@ -12,12 +11,12 @@ from requests.exceptions import ConnectionError
 import infection_monkey.monkeyfs as monkeyfs
 import infection_monkey.tunnel as tunnel
 from common.common_consts.api_url_consts import T1216_PBA_FILE_DOWNLOAD_PATH
-from common.common_consts.time_formats import DEFAULT_TIME_FORMAT
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT
 from infection_monkey.config import GUID, WormConfiguration
 from infection_monkey.network.info import local_ips
 from infection_monkey.transport.http import HTTPConnectProxy
 from infection_monkey.transport.tcp import TcpProxy
+from infection_monkey.utils import agent_process
 from infection_monkey.utils.environment import is_windows_os
 
 requests.packages.urllib3.disable_warnings()
@@ -52,7 +51,7 @@ class ControlClient(object):
             "description": " ".join(platform.uname()),
             "config": WormConfiguration.as_dict(),
             "parent": parent,
-            "launch_time": str(datetime.now().strftime(DEFAULT_TIME_FORMAT)),
+            "launch_time": agent_process.get_start_time(),
         }
 
         if ControlClient.proxies:
diff --git a/monkey/infection_monkey/utils/agent_process.py b/monkey/infection_monkey/utils/agent_process.py
new file mode 100644
index 000000000..52d75451b
--- /dev/null
+++ b/monkey/infection_monkey/utils/agent_process.py
@@ -0,0 +1,8 @@
+import os
+
+import psutil
+
+
+def get_start_time() -> float:
+    agent_process = psutil.Process(os.getpid())
+    return agent_process.create_time()
diff --git a/monkey/monkey_island/cc/models/monkey.py b/monkey/monkey_island/cc/models/monkey.py
index 24c8363d3..9fbf15eb2 100644
--- a/monkey/monkey_island/cc/models/monkey.py
+++ b/monkey/monkey_island/cc/models/monkey.py
@@ -9,6 +9,7 @@ from mongoengine import (
     DoesNotExist,
     DynamicField,
     EmbeddedDocumentField,
+    FloatField,
     ListField,
     ReferenceField,
     StringField,
@@ -38,7 +39,7 @@ class Monkey(Document):
     description = StringField()
     hostname = StringField()
     ip_addresses = ListField(StringField())
-    launch_time = StringField()
+    launch_time = FloatField()
     keepalive = DateTimeField()
     modifytime = DateTimeField()
     # TODO make "parent" an embedded document, so this can be removed and the schema explained (
diff --git a/monkey/monkey_island/cc/services/reporting/exploitations/manual_exploitation.py b/monkey/monkey_island/cc/services/reporting/exploitations/manual_exploitation.py
index 303fe8db5..9e10d0abc 100644
--- a/monkey/monkey_island/cc/services/reporting/exploitations/manual_exploitation.py
+++ b/monkey/monkey_island/cc/services/reporting/exploitations/manual_exploitation.py
@@ -3,6 +3,7 @@ from typing import List
 
 from monkey_island.cc.database import mongo
 from monkey_island.cc.services.node import NodeService
+from monkey_island.cc.services.utils.formatting import timestamp_to_date
 
 
 @dataclass
@@ -27,5 +28,5 @@ def monkey_to_manual_exploitation(monkey: dict) -> ManualExploitation:
     return ManualExploitation(
         hostname=monkey["hostname"],
         ip_addresses=monkey["ip_addresses"],
-        start_time=monkey["launch_time"],
+        start_time=timestamp_to_date(monkey["launch_time"]),
     )
diff --git a/monkey/monkey_island/cc/services/utils/formatting.py b/monkey/monkey_island/cc/services/utils/formatting.py
new file mode 100644
index 000000000..5f356cf49
--- /dev/null
+++ b/monkey/monkey_island/cc/services/utils/formatting.py
@@ -0,0 +1,7 @@
+from datetime import datetime
+
+from common.common_consts.time_formats import DEFAULT_TIME_FORMAT
+
+
+def timestamp_to_date(timestamp: int) -> str:
+    return datetime.fromtimestamp(timestamp).strftime(DEFAULT_TIME_FORMAT)