Fixed system info collection attack technique

2020-03-19 15:41:49 +02:00 · 2020-03-19 15:41:49 +02:00 · b4112f024f
parent 48abfcab68
commit b4112f024f
3 changed files with 17 additions and 9 deletions
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1082.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1082.py
@ -11,7 +11,7 @@ class T1082(AttackTechnique):
    scanned_msg = ""
    used_msg = "Monkey gathered system info from machines in the network."

-    query = [{'$match': {'telem_category': 'system_info'}},
+    query = [{'$match': {'telem_category': 'system_info', 'data.network_info': {'$exists': True}}},
             {'$project': {'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'},
                           'aws': '$data.aws',
                           'netstat': '$data.network_info.netstat',
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/Helpers.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/Helpers.js
@ -9,7 +9,10 @@ export function renderMachine(val) {
 /* Function takes data gathered from system info collector and creates a
   string representation of machine from that data. */
 export function renderMachineFromSystemData(data) {
-  let machineStr = data['hostname'] + ' ( ';
+  let machineStr = '';
+  if (typeof data['hostname'] !== 'undefined') {
+    machineStr = data['hostname'] + ' ( ';
+  }
  data['ips'].forEach(function (ipInfo) {
    if (typeof ipInfo === 'object') {
      machineStr += ipInfo['addr'] + ', ';
@ -17,8 +20,12 @@ export function renderMachineFromSystemData(data) {
      machineStr += ipInfo + ', ';
    }
  });
+  if (typeof data['hostname'] !== 'undefined') {
+    return machineStr.slice(0, -2) + ' )';
+  } else {
    // Replaces " ," with " )" to finish a list of IP's
-  return machineStr.slice(0, -2) + ' )'
+    return machineStr.slice(0, -2);
+  }
 }

 /* Formats telemetry data that contains _id.machine and _id.usage fields into columns
--- a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1082.js
+++ b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1082.js
@ -12,13 +12,14 @@ class T1082 extends React.Component {
  static getSystemInfoColumns() {
    return ([{
      columns: [
-        {
-          Header: 'Machine',
+        { Header: 'Machine',
          id: 'machine',
          accessor: x => renderMachineFromSystemData(x.machine),
-          style: {'whiteSpace': 'unset'}
-        },
-        {Header: 'Gathered info', id: 'info', accessor: x => renderUsageFields(x.collections), style: {'whiteSpace': 'unset'}}
+          style: {'whiteSpace': 'unset'}},
+        { Header: 'Gathered info',
+          id: 'info',
+          accessor: x => renderUsageFields(x.collections),
+          style: {'whiteSpace': 'unset'}}
      ]
    }])
  }