Change creds format in monkey document

monkey_island/cc/resources/monkey.py

@@ -53,7 +53,7 @@ class Monkey(flask_restful.Resource):
 
     def post(self, **kw):
         monkey_json = json.loads(request.data)
-        monkey_json['creds'] = {}
+        monkey_json['creds'] = []
         if 'keepalive' in monkey_json:
             monkey_json['keepalive'] = dateutil.parser.parse(monkey_json['keepalive'])
         else:
@@ -120,8 +120,8 @@ class Monkey(flask_restful.Resource):
             node_id = existing_node["_id"]
             for edge in mongo.db.edge.find({"to": node_id}):
                 mongo.db.edge.update({"_id": edge["_id"]}, {"$set": {"to": new_monkey_id}})
-            for user in existing_node['creds']:
+            for creds in existing_node['creds']:
-                NodeService.add_credentials_to_monkey(new_monkey_id, user, existing_node['creds'][user])
+                NodeService.add_credentials_to_monkey(new_monkey_id, creds)
             mongo.db.node.remove({"_id": node_id})
 
         return {"id": new_monkey_id}

monkey_island/cc/resources/telemetry.py

@@ -118,11 +118,10 @@ class Telemetry(flask_restful.Resource):
         for attempt in telemetry_json['data']['attempts']:
             if attempt['result']:
                 attempt.pop('result')
-                user = attempt.pop('user')
                 for field in ['password', 'lm_hash', 'ntlm_hash']:
                     if len(attempt[field]) == 0:
                         attempt.pop(field)
-                NodeService.add_credentials_to_node(edge['to'], user, attempt)
+                NodeService.add_credentials_to_node(edge['to'], attempt)
 
     @staticmethod
     def process_scan_telemetry(telemetry_json):
@@ -160,8 +159,9 @@ class Telemetry(flask_restful.Resource):
             creds = telemetry_json['data']['credentials']
             for user in creds:
                 ConfigService.creds_add_username(user)
+                creds[user]['user'] = user
                 NodeService.add_credentials_to_monkey(
-                    NodeService.get_monkey_by_guid(telemetry_json['monkey_guid'])['_id'], user, creds[user])
+                    NodeService.get_monkey_by_guid(telemetry_json['monkey_guid'])['_id'], creds[user])
                 if 'password' in creds[user]:
                     ConfigService.creds_add_password(creds[user]['password'])
                 if 'lm_hash' in creds[user]:

monkey_island/cc/services/node.py

@@ -170,7 +170,7 @@ class NodeService:
             {
                 "ip_addresses": [ip_address],
                 "exploited": False,
-                "creds": {},
+                "creds": [],
                 "os":
                     {
                         "type": "unknown",
@@ -280,15 +280,15 @@ class NodeService:
         return mongo.db.monkey.find_one({}) is not None
 
     @staticmethod
-    def add_credentials_to_monkey(monkey_id, user, creds):
+    def add_credentials_to_monkey(monkey_id, creds):
         mongo.db.monkey.update(
             {'_id': monkey_id},
-            {'$set': {'creds.' + user: creds}}
+            {'$push': {'creds': creds}}
         )
 
     @staticmethod
-    def add_credentials_to_node(node_id, user, creds):
+    def add_credentials_to_node(node_id, creds):
         mongo.db.node.update(
             {'_id': node_id},
-            {'$set': {'creds.' + user: creds}}
+            {'$push': {'creds': creds}}
         )