From 72378f4e53ad4dded55f6fa35126739f32aa069f Mon Sep 17 00:00:00 2001
From: Kekoa Kaaikala <kekoa.kaaikala@gmail.com>
Date: Wed, 5 Oct 2022 15:02:46 +0000
Subject: [PATCH] Agent: Publish scan event when checking ssh port

---
 monkey/infection_monkey/exploit/sshexec.py | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py
index c59871257..b8f96eee8 100644
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@@ -1,10 +1,12 @@
 import io
 import logging
+from ipaddress import IPv4Address
 from pathlib import PurePath
 
 import paramiko
 
 from common import OperatingSystem
+from common.agent_events import TCPScanEvent
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT
 from common.credentials import get_plaintext
 from common.tags import (
@@ -13,6 +15,7 @@ from common.tags import (
     T1110_ATTACK_TECHNIQUE_TAG,
     T1222_ATTACK_TECHNIQUE_TAG,
 )
+from common.types import PortStatus
 from common.utils import Timer
 from common.utils.attack_utils import ScanStatus
 from common.utils.exceptions import FailedExploitationError
@@ -25,6 +28,7 @@ from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
 from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
 from infection_monkey.utils.brute_force import generate_identity_secret_pairs
 from infection_monkey.utils.commands import build_monkey_commandline
+from infection_monkey.utils.ids import get_agent_id
 from infection_monkey.utils.threading import interruptible_iter
 
 logger = logging.getLogger(__name__)
@@ -178,8 +182,8 @@ class SSHExploiter(HostExploiter):
 
     def _exploit_host(self) -> ExploiterResultData:
         port = self._get_ssh_port()
-        is_open, _ = check_tcp_port(self.host.ip_addr, port)
-        if not is_open:
+
+        if not self._is_port_open(IPv4Address(self.host.ip_addr), port):
             self.exploit_result.error_message = f"SSH port is closed on {self.host}, skipping"
             logger.info(self.exploit_result.error_message)
             return self.exploit_result
@@ -282,6 +286,15 @@ class SSHExploiter(HostExploiter):
         except Exception as exc:
             raise FailedExploitationError(f"Error running monkey on victim {self.host}: ({exc})")
 
+    def _is_port_open(self, ip: IPv4Address, port: int) -> bool:
+        is_open, _ = check_tcp_port(ip, port)
+        status = PortStatus.OPEN if is_open else PortStatus.CLOSED
+        self.agent_event_queue.publish(
+            TCPScanEvent(source=get_agent_id(), target=ip, ports={port: status})
+        )
+
+        return is_open
+
     def _get_ssh_port(self) -> int:
         port = SSH_PORT