Island: Use ICredentialsRepository in credentials telemetry processing

This commit is contained in:
Ilija Lazoroski 2022-07-11 17:21:39 +02:00
parent a733886365
commit e5702032d9
1 changed files with 20 additions and 16 deletions

View File

@ -2,10 +2,9 @@ import logging
from itertools import chain from itertools import chain
from typing import Mapping from typing import Mapping
from common.credentials import CredentialComponentType from common.credentials import CredentialComponentType, Credentials
from monkey_island.cc.models import StolenCredentials from monkey_island.cc.repository import ICredentialsRepository
from .credentials import Credentials
from .identities.username_processor import process_username from .identities.username_processor import process_username
from .secrets.lm_hash_processor import process_lm_hash from .secrets.lm_hash_processor import process_lm_hash
from .secrets.nt_hash_processor import process_nt_hash from .secrets.nt_hash_processor import process_nt_hash
@ -23,19 +22,24 @@ CREDENTIAL_COMPONENT_PROCESSORS = {
} }
def parse_credentials(telemetry_dict: Mapping): class CredentialsParser:
"""
This class parses and stores telemetry credentials.
"""
def __init__(self, credentials_repository: ICredentialsRepository):
self._credentials_repository = credentials_repository
def __call__(self, telemetry_dict):
self._parse_credentials(telemetry_dict)
def _parse_credentials(self, telemetry_dict: Mapping):
credentials = [ credentials = [
Credentials.from_mapping(credential, telemetry_dict["monkey_guid"]) Credentials.from_mapping(credential) for credential in telemetry_dict["data"]
for credential in telemetry_dict["data"]
] ]
self._credentials_repository.save_stolen_credentials(credentials)
for credential in credentials: for credential in credentials:
_store_in_db(credential)
for cred_comp in chain(credential.identities, credential.secrets): for cred_comp in chain(credential.identities, credential.secrets):
credential_type = CredentialComponentType[cred_comp["credential_type"]] credential_type = CredentialComponentType[cred_comp["credential_type"]]
CREDENTIAL_COMPONENT_PROCESSORS[credential_type](cred_comp, credential) CREDENTIAL_COMPONENT_PROCESSORS[credential_type](cred_comp, credential)
def _store_in_db(credentials: Credentials):
stolen_cred_doc = StolenCredentials.from_credentials(credentials)
stolen_cred_doc.save()