forked from p15670423/monkey
Changed base class not to send redundant info about current machine
This commit is contained in:
parent
11576c0942
commit
4496b0efa4
|
@ -1,10 +1,9 @@
|
||||||
from enum import Enum
|
from enum import Enum
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration, GUID
|
||||||
import requests
|
import requests
|
||||||
import json
|
import json
|
||||||
from infection_monkey.control import ControlClient
|
from infection_monkey.control import ControlClient
|
||||||
import logging
|
import logging
|
||||||
from infection_monkey.utils import get_host_info
|
|
||||||
|
|
||||||
__author__ = "VakarisZ"
|
__author__ = "VakarisZ"
|
||||||
|
|
||||||
|
@ -22,26 +21,22 @@ class ScanStatus(Enum):
|
||||||
|
|
||||||
class AttackTelem(object):
|
class AttackTelem(object):
|
||||||
|
|
||||||
def __init__(self, technique, status, data=None, machine=False):
|
def __init__(self, technique, status, data=None):
|
||||||
"""
|
"""
|
||||||
Default ATT&CK telemetry constructor
|
Default ATT&CK telemetry constructor
|
||||||
:param technique: Technique ID. E.g. T111
|
:param technique: Technique ID. E.g. T111
|
||||||
:param status: int from ScanStatus Enum
|
:param status: int from ScanStatus Enum
|
||||||
:param data: Other data relevant to the attack technique
|
:param data: Other data relevant to the attack technique
|
||||||
:param machine: Boolean. Should we pass current machine's info or not
|
|
||||||
"""
|
"""
|
||||||
self.technique = technique
|
self.technique = technique
|
||||||
self.result = status
|
self.result = status
|
||||||
self.data = {'status': status}
|
self.data = {'status': status, 'id': GUID}
|
||||||
if data:
|
if data:
|
||||||
self.data.update(data)
|
self.data.update(data)
|
||||||
if machine:
|
|
||||||
self.data.update({'machine': get_host_info()})
|
|
||||||
|
|
||||||
def send(self):
|
def send(self):
|
||||||
"""
|
"""
|
||||||
Sends telemetry to island
|
Sends telemetry to island
|
||||||
:return:
|
|
||||||
"""
|
"""
|
||||||
if not WormConfiguration.current_server:
|
if not WormConfiguration.current_server:
|
||||||
return
|
return
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
from infection_monkey.transport.attack_telems.base_telem import AttackTelem
|
from infection_monkey.transport.attack_telems.base_telem import AttackTelem
|
||||||
|
from infection_monkey.config import GUID
|
||||||
|
|
||||||
__author__ = "VakarisZ"
|
__author__ = "VakarisZ"
|
||||||
|
|
||||||
|
@ -13,7 +14,7 @@ class VictimHostTelem(AttackTelem):
|
||||||
:param machine: VictimHost obj from model/host.py
|
:param machine: VictimHost obj from model/host.py
|
||||||
:param data: Other data relevant to the attack technique
|
:param data: Other data relevant to the attack technique
|
||||||
"""
|
"""
|
||||||
super(VictimHostTelem, self).__init__(technique, status, data, machine=False)
|
super(VictimHostTelem, self).__init__(technique, status, data)
|
||||||
victim_host = {'hostname': machine.domain_name, 'ip': machine.ip_addr}
|
victim_host = {'hostname': machine.domain_name, 'ip': machine.ip_addr}
|
||||||
if data:
|
if data:
|
||||||
self.data.update(data)
|
self.data.update(data)
|
||||||
|
|
|
@ -2,13 +2,9 @@ import os
|
||||||
import sys
|
import sys
|
||||||
import shutil
|
import shutil
|
||||||
import struct
|
import struct
|
||||||
import socket
|
|
||||||
|
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration
|
||||||
|
|
||||||
LOCAL_IP = '127.0.0.1'
|
|
||||||
MOCK_IP = '10.255.255.255'
|
|
||||||
|
|
||||||
|
|
||||||
def get_monkey_log_path():
|
def get_monkey_log_path():
|
||||||
return os.path.expandvars(WormConfiguration.monkey_log_path_windows) if sys.platform == "win32" \
|
return os.path.expandvars(WormConfiguration.monkey_log_path_windows) if sys.platform == "win32" \
|
||||||
|
@ -36,26 +32,6 @@ def is_windows_os():
|
||||||
return sys.platform.startswith("win")
|
return sys.platform.startswith("win")
|
||||||
|
|
||||||
|
|
||||||
def get_host_info():
|
|
||||||
return {'hostname': socket.gethostname(), 'ip': get_primary_ip()}
|
|
||||||
|
|
||||||
|
|
||||||
def get_primary_ip():
|
|
||||||
"""
|
|
||||||
:return: Primary (default route) IP address
|
|
||||||
"""
|
|
||||||
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
|
||||||
try:
|
|
||||||
# doesn't even have to be reachable
|
|
||||||
s.connect((MOCK_IP, 1))
|
|
||||||
ip = s.getsockname()[0]
|
|
||||||
except:
|
|
||||||
ip = LOCAL_IP
|
|
||||||
finally:
|
|
||||||
s.close()
|
|
||||||
return ip
|
|
||||||
|
|
||||||
|
|
||||||
def utf_to_ascii(string):
|
def utf_to_ascii(string):
|
||||||
# Converts utf string to ascii. Safe to use even if string is already ascii.
|
# Converts utf string to ascii. Safe to use even if string is already ascii.
|
||||||
udata = string.decode("utf-8")
|
udata = string.decode("utf-8")
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import flask_restful
|
import flask_restful
|
||||||
from flask import request
|
from flask import request
|
||||||
import json
|
import json
|
||||||
from cc.services.attack.attack_results import set_results
|
from cc.services.attack.attack_telem import set_results
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
__author__ = 'VakarisZ'
|
__author__ = 'VakarisZ'
|
||||||
|
|
|
@ -1,3 +1,6 @@
|
||||||
|
"""
|
||||||
|
File that contains ATT&CK telemetry storing/retrieving logic
|
||||||
|
"""
|
||||||
import logging
|
import logging
|
||||||
from cc.database import mongo
|
from cc.database import mongo
|
||||||
|
|
Loading…
Reference in New Issue