forked from p15670423/monkey
refactor system_info telem
This commit is contained in:
parent
2ed228f283
commit
e20328c17a
|
@ -18,6 +18,7 @@ from infection_monkey.system_singleton import SystemSingleton
|
||||||
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
|
from infection_monkey.telemetry.attack.victim_host_telem import VictimHostTelem
|
||||||
from infection_monkey.telemetry.scan_telem import ScanTelem
|
from infection_monkey.telemetry.scan_telem import ScanTelem
|
||||||
from infection_monkey.telemetry.state_telem import StateTelem
|
from infection_monkey.telemetry.state_telem import StateTelem
|
||||||
|
from infection_monkey.telemetry.system_info_telem import SystemInfoTelem
|
||||||
from infection_monkey.telemetry.trace_telem import TraceTelem
|
from infection_monkey.telemetry.trace_telem import TraceTelem
|
||||||
from infection_monkey.telemetry.tunnel_telem import TunnelTelem
|
from infection_monkey.telemetry.tunnel_telem import TunnelTelem
|
||||||
from infection_monkey.windows_upgrader import WindowsUpgrader
|
from infection_monkey.windows_upgrader import WindowsUpgrader
|
||||||
|
@ -123,7 +124,7 @@ class InfectionMonkey(object):
|
||||||
LOG.debug("Calling system info collection")
|
LOG.debug("Calling system info collection")
|
||||||
system_info_collector = SystemInfoCollector()
|
system_info_collector = SystemInfoCollector()
|
||||||
system_info = system_info_collector.get_info()
|
system_info = system_info_collector.get_info()
|
||||||
ControlClient.send_telemetry("system_info_collection", system_info)
|
SystemInfoTelem(system_info).send()
|
||||||
|
|
||||||
# Executes post breach actions
|
# Executes post breach actions
|
||||||
PostBreach().execute()
|
PostBreach().execute()
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
from infection_monkey.telemetry.base_telem import BaseTelem
|
||||||
|
|
||||||
|
__author__ = "itay.mizeretz"
|
||||||
|
|
||||||
|
|
||||||
|
class SystemInfoTelem(BaseTelem):
|
||||||
|
|
||||||
|
def __init__(self, system_info):
|
||||||
|
"""
|
||||||
|
Default system info telemetry constructor
|
||||||
|
:param system_info: System info returned from SystemInfoCollector.get_info()
|
||||||
|
"""
|
||||||
|
super(SystemInfoTelem, self).__init__()
|
||||||
|
self.system_info = system_info
|
||||||
|
|
||||||
|
telem_category = 'system_info'
|
||||||
|
|
||||||
|
def get_data(self):
|
||||||
|
return self.system_info
|
|
@ -79,7 +79,7 @@ class Telemetry(flask_restful.Resource):
|
||||||
monkey_label = telem_monkey_guid
|
monkey_label = telem_monkey_guid
|
||||||
x["monkey"] = monkey_label
|
x["monkey"] = monkey_label
|
||||||
objects.append(x)
|
objects.append(x)
|
||||||
if x['telem_category'] == 'system_info_collection' and 'credentials' in x['data']:
|
if x['telem_category'] == 'system_info' and 'credentials' in x['data']:
|
||||||
for user in x['data']['credentials']:
|
for user in x['data']['credentials']:
|
||||||
if -1 != user.find(','):
|
if -1 != user.find(','):
|
||||||
new_user = user.replace(',', '.')
|
new_user = user.replace(',', '.')
|
||||||
|
@ -277,7 +277,7 @@ TELEM_PROCESS_DICT = \
|
||||||
'state': Telemetry.process_state_telemetry,
|
'state': Telemetry.process_state_telemetry,
|
||||||
'exploit': Telemetry.process_exploit_telemetry,
|
'exploit': Telemetry.process_exploit_telemetry,
|
||||||
'scan': Telemetry.process_scan_telemetry,
|
'scan': Telemetry.process_scan_telemetry,
|
||||||
'system_info_collection': Telemetry.process_system_info_telemetry,
|
'system_info': Telemetry.process_system_info_telemetry,
|
||||||
'trace': Telemetry.process_trace_telemetry,
|
'trace': Telemetry.process_trace_telemetry,
|
||||||
'post_breach': Telemetry.process_post_breach_telemetry,
|
'post_breach': Telemetry.process_post_breach_telemetry,
|
||||||
'attack': Telemetry.process_attack_telemetry
|
'attack': Telemetry.process_attack_telemetry
|
||||||
|
|
|
@ -97,7 +97,7 @@ TELEM_PROCESS_DICT = \
|
||||||
'state': TelemetryFeed.get_state_telem_brief,
|
'state': TelemetryFeed.get_state_telem_brief,
|
||||||
'exploit': TelemetryFeed.get_exploit_telem_brief,
|
'exploit': TelemetryFeed.get_exploit_telem_brief,
|
||||||
'scan': TelemetryFeed.get_scan_telem_brief,
|
'scan': TelemetryFeed.get_scan_telem_brief,
|
||||||
'system_info_collection': TelemetryFeed.get_systeminfo_telem_brief,
|
'system_info': TelemetryFeed.get_systeminfo_telem_brief,
|
||||||
'trace': TelemetryFeed.get_trace_telem_brief,
|
'trace': TelemetryFeed.get_trace_telem_brief,
|
||||||
'post_breach': TelemetryFeed.get_post_breach_telem_brief,
|
'post_breach': TelemetryFeed.get_post_breach_telem_brief,
|
||||||
'attack': TelemetryFeed.get_attack_telem_brief
|
'attack': TelemetryFeed.get_attack_telem_brief
|
||||||
|
|
|
@ -171,7 +171,7 @@ class ReportService:
|
||||||
PASS_TYPE_DICT = {'password': 'Clear Password', 'lm_hash': 'LM hash', 'ntlm_hash': 'NTLM hash'}
|
PASS_TYPE_DICT = {'password': 'Clear Password', 'lm_hash': 'LM hash', 'ntlm_hash': 'NTLM hash'}
|
||||||
creds = []
|
creds = []
|
||||||
for telem in mongo.db.telemetry.find(
|
for telem in mongo.db.telemetry.find(
|
||||||
{'telem_category': 'system_info_collection', 'data.credentials': {'$exists': True}},
|
{'telem_category': 'system_info', 'data.credentials': {'$exists': True}},
|
||||||
{'data.credentials': 1, 'monkey_guid': 1}
|
{'data.credentials': 1, 'monkey_guid': 1}
|
||||||
):
|
):
|
||||||
monkey_creds = telem['data']['credentials']
|
monkey_creds = telem['data']['credentials']
|
||||||
|
@ -199,7 +199,7 @@ class ReportService:
|
||||||
"""
|
"""
|
||||||
creds = []
|
creds = []
|
||||||
for telem in mongo.db.telemetry.find(
|
for telem in mongo.db.telemetry.find(
|
||||||
{'telem_category': 'system_info_collection', 'data.ssh_info': {'$exists': True}},
|
{'telem_category': 'system_info', 'data.ssh_info': {'$exists': True}},
|
||||||
{'data.ssh_info': 1, 'monkey_guid': 1}
|
{'data.ssh_info': 1, 'monkey_guid': 1}
|
||||||
):
|
):
|
||||||
origin = NodeService.get_monkey_by_guid(telem['monkey_guid'])['hostname']
|
origin = NodeService.get_monkey_by_guid(telem['monkey_guid'])['hostname']
|
||||||
|
@ -220,7 +220,7 @@ class ReportService:
|
||||||
"""
|
"""
|
||||||
creds = []
|
creds = []
|
||||||
for telem in mongo.db.telemetry.find(
|
for telem in mongo.db.telemetry.find(
|
||||||
{'telem_category': 'system_info_collection', 'data.Azure': {'$exists': True}},
|
{'telem_category': 'system_info', 'data.Azure': {'$exists': True}},
|
||||||
{'data.Azure': 1, 'monkey_guid': 1}
|
{'data.Azure': 1, 'monkey_guid': 1}
|
||||||
):
|
):
|
||||||
azure_users = telem['data']['Azure']['usernames']
|
azure_users = telem['data']['Azure']['usernames']
|
||||||
|
@ -382,7 +382,7 @@ class ReportService:
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_monkey_subnets(monkey_guid):
|
def get_monkey_subnets(monkey_guid):
|
||||||
network_info = mongo.db.telemetry.find_one(
|
network_info = mongo.db.telemetry.find_one(
|
||||||
{'telem_category': 'system_info_collection', 'monkey_guid': monkey_guid},
|
{'telem_category': 'system_info', 'monkey_guid': monkey_guid},
|
||||||
{'data.network_info.networks': 1}
|
{'data.network_info.networks': 1}
|
||||||
)
|
)
|
||||||
if network_info is None:
|
if network_info is None:
|
||||||
|
|
Loading…
Reference in New Issue