From 63f869d296961ef8c05ed9612cc987ecc47bf23c Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Wed, 5 Oct 2022 14:21:23 +0200 Subject: [PATCH] Project: Add common.tags and HostExploiter publish functions to Vulture --- vulture_allowlist.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/vulture_allowlist.py b/vulture_allowlist.py index a844caddb..b3c0011fc 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -9,7 +9,17 @@ from common.agent_configuration.agent_sub_configurations import ( ) from common.agent_events import ExploitationEvent, PingScanEvent, PropagationEvent, TCPScanEvent from common.credentials import Credentials, LMHash, NTHash +from common.tags import ( + T1021_ATTACK_TECHNIQUE_TAG, + T1105_ATTACK_TECHNIQUE_TAG, + T1110_ATTACK_TECHNIQUE_TAG, + T1203_ATTACK_TECHNIQUE_TAG, + T1210_ATTACK_TECHNIQUE_TAG, + T1222_ATTACK_TECHNIQUE_TAG, + T1570_ATTACK_TECHNIQUE_TAG, +) from common.types import NetworkPort +from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory from monkey_island.cc.event_queue import IslandEventTopic, PyPubSubIslandEventQueue from monkey_island.cc.models import Report @@ -318,6 +328,16 @@ TCPScanEvent.port_status # TODO: Remove once #2269 is close PropagationEvent ExploitationEvent +T1021_ATTACK_TECHNIQUE_TAG +T1105_ATTACK_TECHNIQUE_TAG +T1110_ATTACK_TECHNIQUE_TAG +T1203_ATTACK_TECHNIQUE_TAG +T1210_ATTACK_TECHNIQUE_TAG +T1222_ATTACK_TECHNIQUE_TAG +T1570_ATTACK_TECHNIQUE_TAG +HostExploiter._publish_propagation_event +HostExploiter._publish_exploitation_event + # pydantic base models underscore_attrs_are_private