From e38410a232409ec065442361d306c9c97a104ee6 Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Wed, 19 Jun 2019 12:43:44 +0300
Subject: [PATCH] CR improvements

---
 monkey/infection_monkey/exploit/__init__.py              | 2 +-
 monkey/infection_monkey/exploit/hadoop.py                | 2 +-
 monkey/infection_monkey/exploit/mssqlexec.py             | 2 +-
 monkey/infection_monkey/exploit/rdpgrinder.py            | 2 +-
 monkey/infection_monkey/exploit/shellshock.py            | 2 +-
 monkey/infection_monkey/exploit/sshexec.py               | 2 +-
 monkey/infection_monkey/exploit/vsftpd.py                | 2 +-
 monkey/infection_monkey/exploit/web_rce.py               | 4 ++--
 monkey/infection_monkey/exploit/wmiexec.py               | 2 +-
 .../cc/services/attack/technique_reports/T1003.py        | 9 +++++----
 .../cc/services/attack/technique_reports/T1059.py        | 7 ++++---
 .../cc/ui/src/components/attack/techniques/T1059.js      | 4 ++--
 12 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/monkey/infection_monkey/exploit/__init__.py b/monkey/infection_monkey/exploit/__init__.py
index 7cf1ac4cf..962240665 100644
--- a/monkey/infection_monkey/exploit/__init__.py
+++ b/monkey/infection_monkey/exploit/__init__.py
@@ -59,7 +59,7 @@ class HostExploiter(object):
     def add_vuln_port(self, port):
         self._exploit_info['vulnerable_ports'].append(port)
 
-    def add_example_cmd(self, cmd):
+    def set_example_cmd(self, cmd):
         self._exploit_info['executed_cmds']['example'] = cmd
 
 
diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py
index 570575423..39edf0262 100644
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@@ -49,7 +49,7 @@ class HadoopExploiter(WebRCE):
             return False
         http_thread.join(self.DOWNLOAD_TIMEOUT)
         http_thread.stop()
-        self.add_example_cmd(command)
+        self.set_example_cmd(command)
         return True
 
     def exploit(self, url, command):
diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py
index 1bf7f90d5..c1409ec6c 100644
--- a/monkey/infection_monkey/exploit/mssqlexec.py
+++ b/monkey/infection_monkey/exploit/mssqlexec.py
@@ -77,7 +77,7 @@ class MSSQLExploiter(HostExploiter):
         commands.extend(monkey_args)
         MSSQLExploiter.execute_command(cursor, commands)
         MSSQLExploiter.run_file(cursor, tmp_file_path)
-        self.add_example_cmd(commands[-1])
+        self.set_example_cmd(commands[-1])
         return True
 
     @staticmethod
diff --git a/monkey/infection_monkey/exploit/rdpgrinder.py b/monkey/infection_monkey/exploit/rdpgrinder.py
index 819ff00fb..828b03c20 100644
--- a/monkey/infection_monkey/exploit/rdpgrinder.py
+++ b/monkey/infection_monkey/exploit/rdpgrinder.py
@@ -343,5 +343,5 @@ class RdpExploiter(HostExploiter):
 
         LOG.info("Executed monkey '%s' on remote victim %r",
                  os.path.basename(src_path), self.host)
-        self.add_example_cmd(command)
+        self.set_example_cmd(command)
         return True
diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py
index 9db770905..26e9a743b 100644
--- a/monkey/infection_monkey/exploit/shellshock.py
+++ b/monkey/infection_monkey/exploit/shellshock.py
@@ -144,7 +144,7 @@ class ShellShockExploiter(HostExploiter):
             if not (self.check_remote_file_exists(url, header, exploit, self._config.monkey_log_path_linux)):
                 LOG.info("Log file does not exist, monkey might not have run")
                 continue
-            self.add_example_cmd(cmdline)
+            self.set_example_cmd(cmdline)
             return True
 
         return False
diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py
index 226ad8943..e65d3cb19 100644
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@@ -178,7 +178,7 @@ class SSHExploiter(HostExploiter):
                      self._config.dropper_target_path_linux, self.host, cmdline)
 
             ssh.close()
-            self.add_example_cmd(cmdline)
+            self.set_example_cmd(cmdline)
             return True
 
         except Exception as exc:
diff --git a/monkey/infection_monkey/exploit/vsftpd.py b/monkey/infection_monkey/exploit/vsftpd.py
index f3f13c073..eddac620c 100644
--- a/monkey/infection_monkey/exploit/vsftpd.py
+++ b/monkey/infection_monkey/exploit/vsftpd.py
@@ -138,7 +138,7 @@ class VSFTPDExploiter(HostExploiter):
         if backdoor_socket.send(run_monkey):
             LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", self._config.dropper_target_path_linux,
                      self.host, run_monkey)
-            self.add_example_cmd(run_monkey)
+            self.set_example_cmd(run_monkey)
             return True
         else:
             return False
diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py
index 43c1b5749..351eb7c17 100644
--- a/monkey/infection_monkey/exploit/web_rce.py
+++ b/monkey/infection_monkey/exploit/web_rce.py
@@ -408,7 +408,7 @@ class WebRCE(HostExploiter):
             # If exploiter returns True / False
             if type(resp) is bool:
                 LOG.info("Execution attempt successfully finished")
-                self.add_example_cmd(command)
+                self.set_example_cmd(command)
                 return resp
             # If exploiter returns command output, we can check for execution errors
             if 'is not recognized' in resp or 'command not found' in resp:
@@ -422,7 +422,7 @@ class WebRCE(HostExploiter):
             return False
         LOG.info("Execution attempt finished")
 
-        self.add_example_cmd(command)
+        self.set_example_cmd(command)
         return resp
 
     def get_monkey_upload_path(self, url_to_monkey):
diff --git a/monkey/infection_monkey/exploit/wmiexec.py b/monkey/infection_monkey/exploit/wmiexec.py
index b9decf433..648fb233d 100644
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@@ -114,7 +114,7 @@ class WmiExploiter(HostExploiter):
 
             result.RemRelease()
             wmi_connection.close()
-            self.add_example_cmd(cmdline)
+            self.set_example_cmd(cmdline)
             return success
 
         return False
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1003.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1003.py
index 002e2eeb7..d30197e9a 100644
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1003.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1003.py
@@ -9,7 +9,7 @@ class T1003(AttackTechnique):
 
     tech_id = "T1003"
     unscanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed."
-    scanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed."
+    scanned_msg = ""
     used_msg = "Monkey successfully obtained some credentials from systems on the network."
 
     query = {'telem_type': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
@@ -17,9 +17,10 @@ class T1003(AttackTechnique):
 
     @staticmethod
     def get_report_data():
-        data = {'title': T1003.technique_title(T1003.tech_id)}
+        data = {'title': T1003.technique_title()}
         if mongo.db.telemetry.count_documents(T1003.query):
-            data.update({'message': T1003.used_msg, 'status': ScanStatus.USED.name})
+            status = ScanStatus.USED
         else:
-            data.update({'message': T1003.unscanned_msg, 'status': ScanStatus.UNSCANNED.name})
+            status = ScanStatus.UNSCANNED
+        data.update(T1003.get_message_and_status(status))
         return data
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py
index e85e27415..6f126b175 100644
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py
@@ -22,9 +22,10 @@ class T1059(AttackTechnique):
     @staticmethod
     def get_report_data():
         cmd_data = list(mongo.db.telemetry.aggregate(T1059.query))
-        data = {'title': T1059.technique_title(T1059.tech_id), 'cmds': cmd_data}
+        data = {'title': T1059.technique_title(), 'cmds': cmd_data}
         if cmd_data:
-            data.update({'message': T1059.used_msg, 'status': ScanStatus.USED.name})
+            status = ScanStatus.USED
         else:
-            data.update({'message': T1059.unscanned_msg, 'status': ScanStatus.UNSCANNED.name})
+            status = ScanStatus.UNSCANNED
+        data.update(T1059.get_message_and_status(status))
         return data
diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js
index d1c809651..5678b8c14 100644
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js
@@ -10,7 +10,7 @@ class T1059 extends React.Component {
     super(props);
   }
 
-  static getHashColumns() {
+  static getCommandColumns() {
     return ([{
       Header: 'Example commands used',
       columns: [
@@ -27,7 +27,7 @@ class T1059 extends React.Component {
         <br/>
         {this.props.data.status === 'USED' ?
           <ReactTable
-              columns={T1059.getHashColumns()}
+              columns={T1059.getCommandColumns()}
               data={this.props.data.cmds}
               showPagination={false}
               defaultPageSize={this.props.data.cmds.length}