forked from p15670423/monkey
Added hostname collector + moved collector names to common file
This commit is contained in:
Shay Nehmad
parent
9978523672
commit
d584890dca
|
|
@ -0,0 +1,3 @@
|
||||||
|
AWS_COLLECTOR = "AwsCollector"
|
||||||
|
HOSTNAME_COLLECTOR = "HostnameCollector"
|
||||||
|
ENVIRONMENT_COLLECTOR = "EnvironmentCollector"
|
||||||
|
|
@ -0,0 +1,16 @@
|
||||||
|
import logging
|
||||||
|
import socket
|
||||||
|
|
||||||
|
from common.data.system_info_collectors_names import HOSTNAME_COLLECTOR
|
||||||
|
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
|
||||||
|
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
class HostnameCollector(SystemInfoCollector):
|
||||||
|
def __init__(self):
|
||||||
|
super(HostnameCollector, self).__init__(name=HOSTNAME_COLLECTOR)
|
||||||
|
|
||||||
|
def collect(self) -> dict:
|
||||||
|
return {"hostname": socket.getfqdn()}
|
||||||
|
|
@ -108,7 +108,7 @@ SCHEMA = {
|
||||||
"enum": [
|
"enum": [
|
||||||
"EnvironmentCollector"
|
"EnvironmentCollector"
|
||||||
],
|
],
|
||||||
"title": "Which Environment this machine is on (on prem/cloud)",
|
"title": "Collect which environment this machine is on (on prem/cloud)",
|
||||||
"attack_techniques": []
|
"attack_techniques": []
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
@ -119,6 +119,14 @@ SCHEMA = {
|
||||||
"title": "If on AWS, collect more information about the instance",
|
"title": "If on AWS, collect more information about the instance",
|
||||||
"attack_techniques": []
|
"attack_techniques": []
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"type": "string",
|
||||||
|
"enum": [
|
||||||
|
"HostnameCollector"
|
||||||
|
],
|
||||||
|
"title": "Collect the machine's hostname",
|
||||||
|
"attack_techniques": []
|
||||||
|
},
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
"post_breach_acts": {
|
"post_breach_acts": {
|
||||||
|
|
@ -464,7 +472,8 @@ SCHEMA = {
|
||||||
},
|
},
|
||||||
"default": [
|
"default": [
|
||||||
"EnvironmentCollector",
|
"EnvironmentCollector",
|
||||||
"AwsCollector"
|
"AwsCollector",
|
||||||
|
"HostnameCollector"
|
||||||
],
|
],
|
||||||
"description": "Determines which system information collectors will collect information."
|
"description": "Determines which system information collectors will collect information."
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,6 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
from monkey_island.cc.encryptor import encryptor
|
from monkey_island.cc.encryptor import encryptor
|
||||||
from monkey_island.cc.models import Monkey
|
|
||||||
from monkey_island.cc.services import mimikatz_utils
|
from monkey_island.cc.services import mimikatz_utils
|
||||||
from monkey_island.cc.services.config import ConfigService
|
from monkey_island.cc.services.config import ConfigService
|
||||||
from monkey_island.cc.services.node import NodeService
|
from monkey_island.cc.services.node import NodeService
|
||||||
|
|
@ -19,7 +18,6 @@ def process_system_info_telemetry(telemetry_json):
|
||||||
process_ssh_info,
|
process_ssh_info,
|
||||||
process_credential_info,
|
process_credential_info,
|
||||||
process_mimikatz_and_wmi_info,
|
process_mimikatz_and_wmi_info,
|
||||||
update_db_with_new_hostname,
|
|
||||||
test_antivirus_existence,
|
test_antivirus_existence,
|
||||||
dispatcher.dispatch_to_relevant_collectors
|
dispatcher.dispatch_to_relevant_collectors
|
||||||
]
|
]
|
||||||
|
|
@ -115,7 +113,3 @@ def process_mimikatz_and_wmi_info(telemetry_json):
|
||||||
wmi_handler = WMIHandler(monkey_id, telemetry_json['data']['wmi'], users_secrets)
|
wmi_handler = WMIHandler(monkey_id, telemetry_json['data']['wmi'], users_secrets)
|
||||||
wmi_handler.process_and_handle_wmi_info()
|
wmi_handler.process_and_handle_wmi_info()
|
||||||
|
|
||||||
|
|
||||||
def update_db_with_new_hostname(telemetry_json):
|
|
||||||
if 'hostname' in telemetry_json['data']:
|
|
||||||
Monkey.get_single_monkey_by_guid(telemetry_json['monkey_guid']).set_hostname(telemetry_json['data']['hostname'])
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,9 @@
|
||||||
|
import logging
|
||||||
|
|
||||||
|
from monkey_island.cc.models.monkey import Monkey
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
def process_hostname_telemetry(collector_results, monkey_guid):
|
||||||
|
Monkey.get_single_monkey_by_guid(monkey_guid).set_hostname(collector_results["hostname"])
|
||||||
|
|
@ -1,13 +1,16 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
from common.data.system_info_collectors_names import AWS_COLLECTOR, ENVIRONMENT_COLLECTOR, HOSTNAME_COLLECTOR
|
||||||
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry
|
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import process_aws_telemetry
|
||||||
from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import process_environment_telemetry
|
from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import process_environment_telemetry
|
||||||
|
from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import process_hostname_telemetry
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSOR = {
|
SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSOR = {
|
||||||
"AwsCollector": process_aws_telemetry,
|
AWS_COLLECTOR: process_aws_telemetry,
|
||||||
"EnvironmentCollector": process_environment_telemetry,
|
ENVIRONMENT_COLLECTOR: process_environment_telemetry,
|
||||||
|
HOSTNAME_COLLECTOR: process_hostname_telemetry,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue