forked from p15670423/monkey
Island: Use ICredentialsRepository in credentials telemetry processing
This commit is contained in:
parent
a733886365
commit
e5702032d9
|
@ -2,10 +2,9 @@ import logging
|
||||||
from itertools import chain
|
from itertools import chain
|
||||||
from typing import Mapping
|
from typing import Mapping
|
||||||
|
|
||||||
from common.credentials import CredentialComponentType
|
from common.credentials import CredentialComponentType, Credentials
|
||||||
from monkey_island.cc.models import StolenCredentials
|
from monkey_island.cc.repository import ICredentialsRepository
|
||||||
|
|
||||||
from .credentials import Credentials
|
|
||||||
from .identities.username_processor import process_username
|
from .identities.username_processor import process_username
|
||||||
from .secrets.lm_hash_processor import process_lm_hash
|
from .secrets.lm_hash_processor import process_lm_hash
|
||||||
from .secrets.nt_hash_processor import process_nt_hash
|
from .secrets.nt_hash_processor import process_nt_hash
|
||||||
|
@ -23,19 +22,24 @@ CREDENTIAL_COMPONENT_PROCESSORS = {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
def parse_credentials(telemetry_dict: Mapping):
|
class CredentialsParser:
|
||||||
|
"""
|
||||||
|
This class parses and stores telemetry credentials.
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self, credentials_repository: ICredentialsRepository):
|
||||||
|
self._credentials_repository = credentials_repository
|
||||||
|
|
||||||
|
def __call__(self, telemetry_dict):
|
||||||
|
self._parse_credentials(telemetry_dict)
|
||||||
|
|
||||||
|
def _parse_credentials(self, telemetry_dict: Mapping):
|
||||||
credentials = [
|
credentials = [
|
||||||
Credentials.from_mapping(credential, telemetry_dict["monkey_guid"])
|
Credentials.from_mapping(credential) for credential in telemetry_dict["data"]
|
||||||
for credential in telemetry_dict["data"]
|
|
||||||
]
|
]
|
||||||
|
self._credentials_repository.save_stolen_credentials(credentials)
|
||||||
|
|
||||||
for credential in credentials:
|
for credential in credentials:
|
||||||
_store_in_db(credential)
|
|
||||||
for cred_comp in chain(credential.identities, credential.secrets):
|
for cred_comp in chain(credential.identities, credential.secrets):
|
||||||
credential_type = CredentialComponentType[cred_comp["credential_type"]]
|
credential_type = CredentialComponentType[cred_comp["credential_type"]]
|
||||||
CREDENTIAL_COMPONENT_PROCESSORS[credential_type](cred_comp, credential)
|
CREDENTIAL_COMPONENT_PROCESSORS[credential_type](cred_comp, credential)
|
||||||
|
|
||||||
|
|
||||||
def _store_in_db(credentials: Credentials):
|
|
||||||
stolen_cred_doc = StolenCredentials.from_credentials(credentials)
|
|
||||||
stolen_cred_doc.save()
|
|
||||||
|
|
Loading…
Reference in New Issue