p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Island: Use ICredentialsRepository in credentials telemetry processing

This commit is contained in:
Ilija Lazoroski 2022-07-11 17:21:39 +02:00
parent a733886365
commit e5702032d9
1 changed files with 20 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py
View File

@ -2,10 +2,9 @@ import logging
from itertools import chain from itertools import chain
from typing import Mapping from typing import Mapping
from common.credentials import CredentialComponentType from common.credentials import CredentialComponentType, Credentials
from monkey_island.cc.models import StolenCredentials from monkey_island.cc.repository import ICredentialsRepository
from .credentials import Credentials
from .identities.username_processor import process_username from .identities.username_processor import process_username
from .secrets.lm_hash_processor import process_lm_hash from .secrets.lm_hash_processor import process_lm_hash
from .secrets.nt_hash_processor import process_nt_hash from .secrets.nt_hash_processor import process_nt_hash
@ -23,19 +22,24 @@ CREDENTIAL_COMPONENT_PROCESSORS = {
} }
def parse_credentials(telemetry_dict: Mapping): class CredentialsParser:
credentials = [ """
Credentials.from_mapping(credential, telemetry_dict["monkey_guid"]) This class parses and stores telemetry credentials.
for credential in telemetry_dict["data"] """
]
for credential in credentials: def __init__(self, credentials_repository: ICredentialsRepository):
_store_in_db(credential) self._credentials_repository = credentials_repository
for cred_comp in chain(credential.identities, credential.secrets):
credential_type = CredentialComponentType[cred_comp["credential_type"]]
CREDENTIAL_COMPONENT_PROCESSORS[credential_type](cred_comp, credential)
def __call__(self, telemetry_dict):
self._parse_credentials(telemetry_dict)
def _store_in_db(credentials: Credentials): def _parse_credentials(self, telemetry_dict: Mapping):
stolen_cred_doc = StolenCredentials.from_credentials(credentials) credentials = [
stolen_cred_doc.save() Credentials.from_mapping(credential) for credential in telemetry_dict["data"]
]
self._credentials_repository.save_stolen_credentials(credentials)
for credential in credentials:
for cred_comp in chain(credential.identities, credential.secrets):
credential_type = CredentialComponentType[cred_comp["credential_type"]]
CREDENTIAL_COMPONENT_PROCESSORS[credential_type](cred_comp, credential)