forked from p15670423/monkey
Shay Nehmad
GitHub
commit
f561d4c604
|
|
@ -1,4 +1,5 @@
|
|||
from monkey_island.cc.services.attack.technique_reports import AttackTechnique
|
||||
from monkey_island.cc.services.reporting.report import ReportService
|
||||
from common.utils.attack_utils import ScanStatus
|
||||
from monkey_island.cc.database import mongo
|
||||
|
||||
|
|
@ -23,4 +24,6 @@ class T1003(AttackTechnique):
|
|||
else:
|
||||
status = ScanStatus.UNSCANNED.value
|
||||
data.update(T1003.get_message_and_status(status))
|
||||
data['stolen_creds'] = ReportService.get_stolen_creds()
|
||||
data['stolen_creds'].extend(ReportService.get_ssh_keys())
|
||||
return data
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ class T1016(AttackTechnique):
|
|||
scanned_msg = ""
|
||||
used_msg = "Monkey gathered network configurations on systems in the network."
|
||||
|
||||
query = [{'$match': {'telem_category': 'system_info'}},
|
||||
query = [{'$match': {'telem_category': 'system_info', 'data.network_info': {'$exists': True}}},
|
||||
{'$project': {'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'},
|
||||
'networks': '$data.network_info.networks',
|
||||
'netstat': '$data.network_info.netstat'}},
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ class T1082(AttackTechnique):
|
|||
scanned_msg = ""
|
||||
used_msg = "Monkey gathered system info from machines in the network."
|
||||
|
||||
query = [{'$match': {'telem_category': 'system_info'}},
|
||||
query = [{'$match': {'telem_category': 'system_info', 'data.network_info': {'$exists': True}}},
|
||||
{'$project': {'machine': {'hostname': '$data.hostname', 'ips': '$data.network_info.networks'},
|
||||
'aws': '$data.aws',
|
||||
'netstat': '$data.network_info.netstat',
|
||||
|
|
|
|||
|
|
@ -9,7 +9,10 @@ export function renderMachine(val) {
|
|||
/* Function takes data gathered from system info collector and creates a
|
||||
string representation of machine from that data. */
|
||||
export function renderMachineFromSystemData(data) {
|
||||
let machineStr = data['hostname'] + ' ( ';
|
||||
let machineStr = '';
|
||||
if (typeof data['hostname'] !== 'undefined') {
|
||||
machineStr = data['hostname'] + ' ( ';
|
||||
}
|
||||
data['ips'].forEach(function (ipInfo) {
|
||||
if (typeof ipInfo === 'object') {
|
||||
machineStr += ipInfo['addr'] + ', ';
|
||||
|
|
@ -17,8 +20,12 @@ export function renderMachineFromSystemData(data) {
|
|||
machineStr += ipInfo + ', ';
|
||||
}
|
||||
});
|
||||
if (typeof data['hostname'] !== 'undefined') {
|
||||
return machineStr.slice(0, -2) + ' )';
|
||||
} else {
|
||||
// Replaces " ," with " )" to finish a list of IP's
|
||||
return machineStr.slice(0, -2) + ' )'
|
||||
return machineStr.slice(0, -2);
|
||||
}
|
||||
}
|
||||
|
||||
/* Formats telemetry data that contains _id.machine and _id.usage fields into columns
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ class T1003 extends React.Component {
|
|||
<br/>
|
||||
{this.props.data.status === ScanStatus.USED ?
|
||||
<StolenPasswordsComponent
|
||||
data={this.props.reportData.glance.stolen_creds.concat(this.props.reportData.glance.ssh_keys)}/>
|
||||
data={this.props.data.stolen_creds}/>
|
||||
: ''}
|
||||
</div>
|
||||
);
|
||||
|
|
|
|||
|
|
@ -12,13 +12,14 @@ class T1082 extends React.Component {
|
|||
static getSystemInfoColumns() {
|
||||
return ([{
|
||||
columns: [
|
||||
{
|
||||
Header: 'Machine',
|
||||
{ Header: 'Machine',
|
||||
id: 'machine',
|
||||
accessor: x => renderMachineFromSystemData(x.machine),
|
||||
style: {'whiteSpace': 'unset'}
|
||||
},
|
||||
{Header: 'Gathered info', id: 'info', accessor: x => renderUsageFields(x.collections), style: {'whiteSpace': 'unset'}}
|
||||
style: {'whiteSpace': 'unset'}},
|
||||
{ Header: 'Gathered info',
|
||||
id: 'info',
|
||||
accessor: x => renderUsageFields(x.collections),
|
||||
style: {'whiteSpace': 'unset'}}
|
||||
]
|
||||
}])
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue