Agent: Pass telemetry messenger to PBAs for sending ATT&CK telem

This commit is contained in:
Shreya Malviya 2022-03-29 13:24:14 +05:30 committed by vakarisz
parent 8d4c29fc06
commit 1c24411b26
2 changed files with 17 additions and 11 deletions

View File

@ -65,8 +65,7 @@ class UsersPBA(PBA):
return True
return False
@staticmethod
def download_pba_file(dst_dir, filename):
def download_pba_file(self, dst_dir, filename):
"""
Handles post breach action file download
:param dst_dir: Destination directory
@ -84,12 +83,14 @@ class UsersPBA(PBA):
if not status:
status = ScanStatus.USED
self._telemetry_messenger.send_telemetry(
T1105Telem(
status,
WormConfiguration.current_server.split(":")[0],
get_interface_to_target(WormConfiguration.current_server.split(":")[0]),
filename,
).send()
)
)
if status == ScanStatus.SCANNED:
return False

View File

@ -5,6 +5,8 @@ from typing import Iterable
from common.utils.attack_utils import ScanStatus
from infection_monkey.i_puppet.i_puppet import PostBreachData
from infection_monkey.telemetry.attack.t1064_telem import T1064Telem
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
from infection_monkey.utils.environment import is_windows_os
logger = logging.getLogger(__name__)
@ -34,9 +36,12 @@ class PBA:
exec_funct = self._execute_default
result = exec_funct()
if self.scripts_were_used_successfully(result):
self.telemetry_messenger.send_telemetry(
T1064Telem(
ScanStatus.USED, f"Scripts were used to execute {self.name} post breach action."
).send()
ScanStatus.USED,
f"Scripts were used to execute {self.name} post breach action.",
)
)
self.pba_data.append(PostBreachData(self.name, self.command, result))
return self.pba_data
else: