p41275903
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Island, Agent: remove environment collector

This commit is contained in:
VakarisZ 2021-11-16 11:35:08 +02:00
parent 13f70297c3
commit 0175199540
7 changed files with 4 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.swm/OwcKMnALpn7tuBaJY1US.swm
View File

@ -5,7 +5,7 @@
"dod": "Add a system info collector that collects the machine hostname.",
"tests": [],
"hints": [
"First thing you should do is take a look at a different collector (like EnvironmentCollector) and 100% understand how it runs, how results are relayed back to the server, and how the server processes the data.",
"First thing you should do is take a look at a different collector (like HostnameCollector) and 100% understand how it runs, how results are relayed back to the server, and how the server processes the data.",
"Try to run \"socket.getfqdn()\".",
"Take a look at SystemInfoCollector - that's the base class you'll need to implement.",
"Make sure you add the new collector to the configuration in all relevant places, including making it ON by default!"
@ -25,7 +25,6 @@
" AWS_COLLECTOR = \"AwsCollector\"",
"*HOSTNAME_COLLECTOR = \"HostnameCollector\"",
"+# SWIMMER: Collector name goes here.",
" ENVIRONMENT_COLLECTOR = \"EnvironmentCollector\"",
" PROCESS_LIST_COLLECTOR = \"ProcessListCollector\"",
" MIMIKATZ_COLLECTOR = \"MimikatzCollector\""
]
@ -60,7 +59,6 @@
"comments": [],
"firstLineNumber": 4,
"lines": [
" ENVIRONMENT_COLLECTOR,",
"* HOSTNAME_COLLECTOR,",
" MIMIKATZ_COLLECTOR,",
" PROCESS_LIST_COLLECTOR,",
@ -97,7 +95,6 @@
"lines": [
" from common.common_consts.system_info_collectors_names import (",
" AWS_COLLECTOR,",
" ENVIRONMENT_COLLECTOR,",
"* HOSTNAME_COLLECTOR,",
" MIMIKATZ_COLLECTOR,",
" PROCESS_LIST_COLLECTOR,",
@ -111,7 +108,6 @@
"firstLineNumber": 91,
"lines": [
" \"default\": [",
" ENVIRONMENT_COLLECTOR,",
" AWS_COLLECTOR,",
"* HOSTNAME_COLLECTOR,",
" PROCESS_LIST_COLLECTOR,",
@ -149,7 +145,6 @@
" ",
" from common.common_consts.system_info_collectors_names import (",
" AWS_COLLECTOR,",
" ENVIRONMENT_COLLECTOR,",
"* HOSTNAME_COLLECTOR,"
]
},
@ -161,7 +156,6 @@
"lines": [
" SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {",
" AWS_COLLECTOR: [process_aws_telemetry],",
" ENVIRONMENT_COLLECTOR: [process_environment_telemetry],",
"* HOSTNAME_COLLECTOR: [process_hostname_telemetry],",
" PROCESS_LIST_COLLECTOR: [check_antivirus_existence],",
" }",
@ -171,10 +165,6 @@
{
"type": "snippet",
"lines": [
" )",
" from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import (",
" process_environment_telemetry,",
" )",
"*from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (",
"* process_hostname_telemetry,",
"*)",

6
docs/content/development/adding-system-info-collectors.md
View File

@ -39,7 +39,7 @@ class MyNewCollector(SystemInfoCollector):
#### Implementation
Override the `collect` method with your own implementation. See the `EnvironmentCollector.py` System Info Collector for reference. You can log during collection as well.
Override the `collect` method with your own implementation. See the `hostname_collector.py` System Info Collector for reference. You can log during collection as well.
### Modify the Monkey Island
@ -57,7 +57,7 @@ You'll need to add your Sytem Info Collector to the `monkey_island/cc/services/c
{
"type": "string",
"enum": [
"EnvironmentCollector"
"HostnameCollector"
],
"title": "Which Environment this machine is on (on prem/cloud)",
"attack_techniques": []
@ -87,7 +87,7 @@ Also, you can add the System Info Collector to be used by default by adding it t
"$ref": "#/definitions/system_info_collectors_classes"
},
"default": [
"EnvironmentCollector",
"HostnameCollector",
"MyNewCollector" <=================================
],
"description": "Determines which system information collectors will collect information."

24
monkey/infection_monkey/system_info/collectors/environment_collector.py
View File

@ -1,24 +0,0 @@
from common.cloud.all_instances import get_all_cloud_instances
from common.cloud.environment_names import Environment
from common.common_consts.system_info_collectors_names import ENVIRONMENT_COLLECTOR
from infection_monkey.system_info.system_info_collector import SystemInfoCollector
def get_monkey_environment() -> str:
"""
Get the Monkey's running environment.
:return: One of the cloud providers if on cloud; otherwise, assumes "on premise".
"""
for instance in get_all_cloud_instances():
if instance.is_instance():
return instance.get_cloud_provider_name().value
return Environment.ON_PREMISE.value
class EnvironmentCollector(SystemInfoCollector):
def __init__(self):
super().__init__(name=ENVIRONMENT_COLLECTOR)
def collect(self) -> dict:
return {"environment": get_monkey_environment()}

12
monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/environment.py
View File

@ -1,12 +0,0 @@
import logging
from monkey_island.cc.models.monkey import Monkey
logger = logging.getLogger(__name__)
def process_environment_telemetry(collector_results, monkey_guid):
relevant_monkey = Monkey.get_single_monkey_by_guid(monkey_guid)
relevant_monkey.environment = collector_results["environment"]
relevant_monkey.save()
logger.debug("Updated Monkey {} with env {}".format(str(relevant_monkey), collector_results))

5
monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/system_info_telemetry_dispatcher.py
View File

@ -3,16 +3,12 @@ import typing
from common.common_consts.system_info_collectors_names import (
AWS_COLLECTOR,
ENVIRONMENT_COLLECTOR,
HOSTNAME_COLLECTOR,
PROCESS_LIST_COLLECTOR,
)
from monkey_island.cc.services.telemetry.processing.system_info_collectors.aws import (
process_aws_telemetry,
)
from monkey_island.cc.services.telemetry.processing.system_info_collectors.environment import (
process_environment_telemetry,
)
from monkey_island.cc.services.telemetry.processing.system_info_collectors.hostname import (
process_hostname_telemetry,
)
@ -24,7 +20,6 @@ logger = logging.getLogger(__name__)
SYSTEM_INFO_COLLECTOR_TO_TELEMETRY_PROCESSORS = {
AWS_COLLECTOR: [process_aws_telemetry],
ENVIRONMENT_COLLECTOR: [process_environment_telemetry],
HOSTNAME_COLLECTOR: [process_hostname_telemetry],
PROCESS_LIST_COLLECTOR: [check_antivirus_existence],
}

28
monkey/tests/unit_tests/monkey_island/cc/services/telemetry/processing/system_info_collectors/test_environment_telemetry_processing.py
View File

@ -1,28 +0,0 @@
import uuid
from monkey_island.cc.models import Monkey
from monkey_island.cc.services.telemetry.processing.system_info_collectors.system_info_telemetry_dispatcher import ( # noqa: E501
SystemInfoTelemetryDispatcher,
)
class TestEnvironmentTelemetryProcessing:
def test_process_environment_telemetry(self):
# Arrange
monkey_guid = str(uuid.uuid4())
a_monkey = Monkey(guid=monkey_guid)
a_monkey.save()
dispatcher = SystemInfoTelemetryDispatcher()
on_premise = "On Premise"
telem_json = {
"data": {
"collectors": {
"EnvironmentCollector": {"environment": on_premise},
}
},
"monkey_guid": monkey_guid,
}
dispatcher.dispatch_collector_results_to_relevant_processors(telem_json)
assert Monkey.get_single_monkey_by_guid(monkey_guid).environment == on_premise

1
vulture_allowlist.py
View File

@ -199,7 +199,6 @@ LOG_DIR_NAME # unused variable (envs/monkey_zoo/blackbox/log_handlers/test_logs
delete_logs # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:85)
MongoQueryJSONEncoder # unused class (envs/monkey_zoo/blackbox/utils/json_encoder.py:6)
environment # unused variable (monkey/monkey_island/cc/models/monkey.py:59)
_.environment # unused attribute (monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/environment.py:10)
_.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:35)
_.instance_name # unused attribute (monkey/common/cloud/azure/azure_instance.py:64)
GCPHandler # unused function (envs/monkey_zoo/blackbox/test_blackbox.py:57)