p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Island: Add processors for credentials

This commit is contained in:
vakarisz 2022-02-17 13:18:10 +02:00
parent 96bd7bca24
commit 5c5e170296
10 changed files with 103 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
monkey/monkey_island/cc/services/telemetry/processing/credentials.py Normal file
View File

@ -0,0 +1,7 @@
from monkey_island.cc.services.telemetry.processing.credentials.credentials_parser import (
parse_credentials,
)
def process_credentials_telemetry(telemetry: dict):
parse_credentials(telemetry)

0
monkey/monkey_island/cc/services/telemetry/processing/system_info_collectors/__init__.py → monkey/monkey_island/cc/services/telemetry/processing/credentials/__init__.py
View File

39
monkey/monkey_island/cc/services/telemetry/processing/credentials/credentials_parser.py Normal file
View File

@ -0,0 +1,39 @@
import logging
from infection_monkey.i_puppet import CredentialType
from .identities.username_processor import process_username
from .secrets.lm_hash_processor import process_lm_hash
from .secrets.nt_hash_processor import process_nt_hash
from .secrets.password_processor import process_password
from .secrets.ssh_key_processor import process_ssh_key
logger = logging.getLogger(__name__)
SECRET_PROCESSORS = {
CredentialType.PASSWORD: process_password,
CredentialType.NT_HASH: process_nt_hash,
CredentialType.LM_HASH: process_lm_hash,
CredentialType.SSH_KEYPAIR: process_ssh_key,
}
IDENTITY_PROCESSORS = {
CredentialType.USERNAME: process_username,
}
def parse_credentials(credentials: dict):
for credential in credentials["credentials"]:
if is_ssh_keypair(credentials):
IDENTITY_PROCESSORS[CredentialType.SSH_KEYPAIR](credential, credentials["monkey_guid"])
else:
for identity in credential["identities"]:
IDENTITY_PROCESSORS[identity["type"]](identity)
for secret in credential["secrets"]:
SECRET_PROCESSORS[secret["type"]](secret)
def is_ssh_keypair(credentials: dict) -> bool:
return bool(
filter(credentials["secrets"], lambda secret: secret["type"] == CredentialType.SSH_KEYPAIR)
)

0
monkey/monkey_island/cc/services/telemetry/processing/credentials/identities/__init__.py Normal file
View File

2
monkey/monkey_island/cc/services/telemetry/processing/credentials/identities/username_processor.py Normal file
View File

@ -0,0 +1,2 @@
def process_username():
pass

0
monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/__init__.py Normal file
View File

5
monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/lm_hash_processor.py Normal file
View File

@ -0,0 +1,5 @@
from monkey_island.cc.services.config import ConfigService
def process_lm_hash(lm_hash: dict):
ConfigService.creds_add_ntlm_hash(lm_hash["lm_hash"])

5
monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/nt_hash_processor.py Normal file
View File

@ -0,0 +1,5 @@
from monkey_island.cc.services.config import ConfigService
def process_nt_hash(nt_hash: dict):
ConfigService.creds_add_ntlm_hash(nt_hash["nt_hash"])

5
monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/password_processor.py Normal file
View File

@ -0,0 +1,5 @@
from monkey_island.cc.services.config import ConfigService
def process_password(password: dict):
ConfigService.creds_add_password(password["password"])

40
monkey/monkey_island/cc/services/telemetry/processing/credentials/secrets/ssh_key_processor.py Normal file
View File

@ -0,0 +1,40 @@
from common.common_consts.credentials_type import CredentialsType
from monkey_island.cc.models import Monkey
from monkey_island.cc.server_utils.encryption import get_datastore_encryptor
from monkey_island.cc.services.config import ConfigService
class SSHKeyProcessingError(ValueError):
def __init__(self, msg=""):
self.msg = f"Error while processing ssh keypair: {msg}"
super().__init__(self.msg)
def process_ssh_key(credentials: dict, monkey_guid: str):
if len(credentials["identities"]) != 1:
raise SSHKeyProcessingError(
f'SSH credentials have {len(credentials["identities"])}' f" users associated with it!"
)
for ssh_key in credentials["secrets"]:
if not ssh_key["type"] == CredentialsType.SSH_KEYPAIR:
raise SSHKeyProcessingError("SSH credentials contain secrets that are not keypairs")
if not ssh_key["public_key"] or not ssh_key["private_key"]:
raise SSHKeyProcessingError("Private or public key missing!")
# TODO SSH key should be associated with IP that monkey exploited
ip = Monkey.get_single_monkey_by_guid(monkey_guid).ip_addresses[0]
username = credentials["identities"][0]["username"]
ConfigService.ssh_add_keys(
user=username,
public_key=ssh_key["public_key"],
private_key=ssh_key["private_key"],
ip=ip,
)
def encrypt_system_info_ssh_keys(ssh_key: dict):
for field in ["public_key", "private_key"]:
ssh_key[field] = get_datastore_encryptor().encrypt(ssh_key[field])