From 7149c704a22cac5107511379d8e1931bd63fb4e8 Mon Sep 17 00:00:00 2001 From: vakarisz Date: Thu, 1 Sep 2022 14:38:34 +0300 Subject: [PATCH] Island, Agent: Fix credential parsing to match pydantic syntax --- ...ting_propagation_credentials_repository.py | 17 ++--- .../services/reporting/format_credentials.py | 15 ++--- .../configuration-components/ReformatHook.js | 50 ++++++--------- .../report-components/credentialParsing.js | 64 ++++++++++--------- .../src/components/utils/CredentialTypes.js | 14 ++++ .../reporting/test_format_credentials.py | 49 ++------------ 6 files changed, 92 insertions(+), 117 deletions(-) create mode 100644 monkey/monkey_island/cc/ui/src/components/utils/CredentialTypes.js diff --git a/monkey/infection_monkey/credential_repository/aggregating_propagation_credentials_repository.py b/monkey/infection_monkey/credential_repository/aggregating_propagation_credentials_repository.py index 97076fbc4..c0bb669c6 100644 --- a/monkey/infection_monkey/credential_repository/aggregating_propagation_credentials_repository.py +++ b/monkey/infection_monkey/credential_repository/aggregating_propagation_credentials_repository.py @@ -1,7 +1,8 @@ import logging from typing import Any, Iterable -from common.credentials import CredentialComponentType, Credentials, ICredentialComponent +from common.credentials import Credentials, LMHash, NTHash, Password, SSHKeypair, Username +from common.credentials.credentials import Identity, Secret from infection_monkey.custom_types import PropagationCredentials from infection_monkey.i_control_channel import IControlChannel from infection_monkey.utils.decorators import request_cache @@ -43,18 +44,18 @@ class AggregatingPropagationCredentialsRepository(IPropagationCredentialsReposit if credentials.secret: self._add_secret(credentials.secret) - def _add_identity(self, identity: ICredentialComponent): - if identity.credential_type is CredentialComponentType.USERNAME: + def _add_identity(self, identity: Identity): + if type(identity) == Username: self._stored_credentials.setdefault("exploit_user_list", set()).add(identity.username) - def _add_secret(self, secret: ICredentialComponent): - if secret.credential_type is CredentialComponentType.PASSWORD: + def _add_secret(self, secret: Secret): + if type(secret) is Password: self._stored_credentials.setdefault("exploit_password_list", set()).add(secret.password) - elif secret.credential_type is CredentialComponentType.LM_HASH: + elif type(secret) is LMHash: self._stored_credentials.setdefault("exploit_lm_hash_list", set()).add(secret.lm_hash) - elif secret.credential_type is CredentialComponentType.NT_HASH: + elif type(secret) is NTHash: self._stored_credentials.setdefault("exploit_ntlm_hash_list", set()).add(secret.nt_hash) - elif secret.credential_type is CredentialComponentType.SSH_KEYPAIR: + elif type(secret) is SSHKeypair: self._set_attribute( "exploit_ssh_keys", [{"public_key": secret.public_key, "private_key": secret.private_key}], diff --git a/monkey/monkey_island/cc/services/reporting/format_credentials.py b/monkey/monkey_island/cc/services/reporting/format_credentials.py index 721868cdc..fec479370 100644 --- a/monkey/monkey_island/cc/services/reporting/format_credentials.py +++ b/monkey/monkey_island/cc/services/reporting/format_credentials.py @@ -1,7 +1,7 @@ import logging from typing import Mapping, Sequence -from common.credentials import CredentialComponentType, Credentials +from common.credentials import Credentials, LMHash, NTHash, Password, SSHKeypair logger = logging.getLogger(__name__) @@ -11,23 +11,22 @@ def format_creds_for_reporting(credentials: Sequence[Credentials]) -> Sequence[M formatted_creds = [] cred_type_dict = { - CredentialComponentType.PASSWORD: "Clear Password", - CredentialComponentType.LM_HASH: "LM hash", - CredentialComponentType.NT_HASH: "NTLM hash", - CredentialComponentType.SSH_KEYPAIR: "Clear SSH private key", + Password: "Clear Password", + LMHash: "LM hash", + NTHash: "NTLM hash", + SSHKeypair: "Clear SSH private key", } for cred in credentials: secret = cred.secret if secret is None: continue - if secret.credential_type not in cred_type_dict: + if type(secret) not in cred_type_dict: continue username = _get_username(cred) cred_row = { "username": username, - "_type": secret.credential_type.name, - "type": cred_type_dict[secret.credential_type], + "type": cred_type_dict[type(secret)], } if cred_row not in formatted_creds: formatted_creds.append(cred_row) diff --git a/monkey/monkey_island/cc/ui/src/components/configuration-components/ReformatHook.js b/monkey/monkey_island/cc/ui/src/components/configuration-components/ReformatHook.js index a26987b37..335427b70 100644 --- a/monkey/monkey_island/cc/ui/src/components/configuration-components/ReformatHook.js +++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/ReformatHook.js @@ -1,4 +1,5 @@ import {defaultCredentials} from '../../services/configuration/propagation/credentials'; +import {CredentialTypes, SecretTypes} from '../utils/CredentialTypes.js'; import _ from 'lodash'; export function reformatConfig(config, reverse = false) { @@ -35,16 +36,16 @@ export function formatCredentialsForForm(credentials) { let secret = credentials[i]['secret']; if(secret !== null){ - if (secret['credential_type'] === 'PASSWORD') { + if (secret.hasOwnProperty(SecretTypes.Password)) { formattedCredentials['exploit_password_list'].push(secret['password']) } - if (secret['credential_type'] === 'NT_HASH') { + if (secret.hasOwnProperty(SecretTypes.NTHash)) { formattedCredentials['exploit_ntlm_hash_list'].push(secret['nt_hash']) } - if (secret['credential_type'] === 'LM_HASH') { + if (secret.hasOwnProperty(SecretTypes.LMHash)) { formattedCredentials['exploit_lm_hash_list'].push(secret['lm_hash']) } - if (secret['credential_type'] === 'SSH_KEY') { + if (secret.hasOwnProperty(SecretTypes.PrivateKey)) { let keypair = {'public_key': secret['public_key'], 'private_key': secret['private_key']} formattedCredentials['exploit_ssh_keys'].push(keypair) } @@ -64,43 +65,34 @@ export function formatCredentialsForIsland(credentials) { let usernames = credentials['exploit_user_list']; for (let i = 0; i < usernames.length; i++) { formattedCredentials.push({ - 'identity': {'username': usernames[i], 'credential_type': 'USERNAME'}, + 'identity': {'username': usernames[i]}, 'secret': null }) } - let passwords = credentials['exploit_password_list']; - for (let i = 0; i < passwords.length; i++) { - formattedCredentials.push({ - 'identity': null, - 'secret': {'credential_type': 'PASSWORD', 'password': passwords[i]} - }) - } - - let nt_hashes = credentials['exploit_ntlm_hash_list']; - for (let i = 0; i < nt_hashes.length; i++) { - formattedCredentials.push({ - 'identity': null, - 'secret': {'credential_type': 'NT_HASH', 'nt_hash': nt_hashes[i]} - }) - } - - let lm_hashes = credentials['exploit_lm_hash_list']; - for (let i = 0; i < lm_hashes.length; i++) { - formattedCredentials.push({ - 'identity': null, - 'secret': {'credential_type': 'LM_HASH', 'lm_hash': lm_hashes[i]} - }) - } + formattedCredentials.push(...getFormattedCredentials(credentials['exploit_password_list'], 'password')) + formattedCredentials.push(...getFormattedCredentials(credentials['exploit_ntlm_hash_list'], 'nt_hash')) + formattedCredentials.push(...getFormattedCredentials(credentials['exploit_lm_hash_list'], 'lm_hash')) let ssh_keys = credentials['exploit_ssh_keys']; for (let i = 0; i < ssh_keys.length; i++) { formattedCredentials.push({ 'identity': null, - 'secret': {'credential_type': 'SSH_KEYPAIR', 'private_key': ssh_keys[i]['private_key'], + 'secret': {'private_key': ssh_keys[i]['private_key'], 'public_key': ssh_keys[i]['public_key']} }) } return formattedCredentials; } + +function getFormattedCredentials(credentials, keyOfSecret) { + let formattedCredentials = []; + for (let i = 0; i < credentials.length; i++) { + formattedCredentials.push({ + 'identity': null, + 'secret': {[keyOfSecret]: credentials[i]} + }) + } + return formattedCredentials; +} diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/credentialParsing.js b/monkey/monkey_island/cc/ui/src/components/report-components/credentialParsing.js index c1eb57198..7dfe5e9a7 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/credentialParsing.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/credentialParsing.js @@ -1,4 +1,6 @@ -export function getAllUsernames(stolen, configured){ +import {CredentialTypes, SecretTypes} from '../utils/CredentialTypes.js'; + +export function getAllUsernames(stolen, configured) { let usernames = []; usernames.push(...getCredentialsUsernames(stolen)); usernames.push(...getCredentialsUsernames(configured)); @@ -7,60 +9,62 @@ export function getAllUsernames(stolen, configured){ export function getCredentialsUsernames(credentials) { let usernames = []; - for(let i = 0; i < credentials.length; i++){ + for (let i = 0; i < credentials.length; i++) { let username = credentials[i]['identity']; - if(username !== null) { + if (username !== null) { usernames.push(username['username']); } } return usernames; } -export function getAllSecrets(stolen, configured){ +export function getAllSecrets(stolen, configured) { let secrets = []; - for(let i = 0; i < stolen.length; i++){ + for (let i = 0; i < stolen.length; i++) { let secret = stolen[i]['secret']; - if(secret !== null){ - secrets.push(getSecretsFromCredential(secret)); + if (secret !== null) { + secrets.push(reformatSecret(secret)); } } - for(let i = 0; i < configured.length; i++){ + for (let i = 0; i < configured.length; i++) { let secret = configured[i]['secret']; - if(secret !== null){ - secrets.push(getSecretsFromCredential(secret)); + if (secret !== null) { + secrets.push(reformatSecret(secret)); } } return secrets; } -function getSecretsFromCredential(credential) { - if(credential['credential_type'] === 'SSH_KEYPAIR'){ - return {'type': 'SSH keypair', 'content': credential['private_key']} +function reformatSecret(secret) { + if (secret.hasOwnProperty(SecretTypes.Password)) { + return {'type': CredentialTypes.Password, 'content': secret[SecretTypes.Password]} } - if(credential['credential_type'] === 'NT_HASH'){ - return {'type': 'NT hash', 'content': credential['nt_hash']} + if (secret.hasOwnProperty(SecretTypes.NTHash)) { + return {'type': CredentialTypes.NTHash, 'content': secret[SecretTypes.NTHash]} } - if(credential['credential_type'] === 'LM_HASH'){ - return {'type': 'LM hash', 'content': credential['lm_hash']} + if (secret.hasOwnProperty(SecretTypes.LMHash)) { + return {'type': CredentialTypes.LMHash, 'content': secret[SecretTypes.LMHash]} } - if(credential['credential_type'] === 'PASSWORD'){ - return {'type': 'Password', 'content': credential['password']} + if (secret.hasOwnProperty(SecretTypes.PrivateKey)) { + return { + 'type': CredentialTypes.SSHKeys, + 'content': secret[SecretTypes.PrivateKey] + } } } export function getCredentialsTableData(credentials) { + let table_data = []; - let table_data = []; + let identites = getCredentialsUsernames(credentials); + let secrets = getAllSecrets(credentials, []) - let identites = getCredentialsUsernames(credentials); - let secrets = getAllSecrets(credentials, []) + for (let i = 0; i < credentials.length; i++) { + let row_data = {}; + row_data['username'] = identites[i]; + row_data['type'] = secrets[i]['type']; + table_data.push(row_data); + } - for(let i=0; i