From 1528b00a1b31af5c25befde7724ec268d7899e87 Mon Sep 17 00:00:00 2001
From: Shreya <shreya.malviya@gmail.com>
Date: Fri, 26 Feb 2021 23:38:45 +0530
Subject: [PATCH] Change origin of creds stolen using exploits from host
 machine to exploited machine

---
 monkey/monkey_island/cc/services/reporting/report.py | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/monkey/monkey_island/cc/services/reporting/report.py b/monkey/monkey_island/cc/services/reporting/report.py
index 8b57eaec2..eabbfb051 100644
--- a/monkey/monkey_island/cc/services/reporting/report.py
+++ b/monkey/monkey_island/cc/services/reporting/report.py
@@ -198,7 +198,8 @@ class ReportService:
         for telem in mongo.db.telemetry.find({'telem_category': 'system_info', 'data.credentials': {'$exists': True}},
                                              {'data.credentials': 1, 'monkey_guid': 1}):
             creds = telem['data']['credentials']
-            formatted_creds.extend(ReportService._format_creds_for_reporting(telem, creds))
+            origin = NodeService.get_monkey_by_guid(telem['monkey_guid'])['hostname']
+            formatted_creds.extend(ReportService._format_creds_for_reporting(telem, creds, origin))
         return formatted_creds
 
     @staticmethod
@@ -207,16 +208,17 @@ class ReportService:
         for telem in mongo.db.telemetry.find({'telem_category': 'exploit', 'data.info.credentials': {'$exists': True}},
                                              {'data.info.credentials': 1, 'monkey_guid': 1}):
             creds = telem['data']['info']['credentials']
-            formatted_creds.extend(ReportService._format_creds_for_reporting(telem, creds))
+            origin = telem['data']['machine']['domain_name']
+            formatted_creds.extend(ReportService._format_creds_for_reporting(telem, creds, origin))
         return formatted_creds
 
     @staticmethod
-    def _format_creds_for_reporting(telem, monkey_creds):
+    def _format_creds_for_reporting(telem, monkey_creds, origin):
         creds = []
         CRED_TYPE_DICT = {'password': 'Clear Password', 'lm_hash': 'LM hash', 'ntlm_hash': 'NTLM hash'}
         if len(monkey_creds) == 0:
             return []
-        origin = NodeService.get_monkey_by_guid(telem['monkey_guid'])['hostname']
+
         for user in monkey_creds:
             for cred_type in CRED_TYPE_DICT:
                 if cred_type not in monkey_creds[user] or not monkey_creds[user][cred_type]: