forked from p15670423/monkey
Island, Agent: Fix credential parsing to match pydantic syntax
This commit is contained in:
parent
d73cbee591
commit
7149c704a2
monkey
infection_monkey/credential_repository
monkey_island/cc
services/reporting
ui/src/components
tests/unit_tests/monkey_island/cc/services/reporting
|
@ -1,7 +1,8 @@
|
|||
import logging
|
||||
from typing import Any, Iterable
|
||||
|
||||
from common.credentials import CredentialComponentType, Credentials, ICredentialComponent
|
||||
from common.credentials import Credentials, LMHash, NTHash, Password, SSHKeypair, Username
|
||||
from common.credentials.credentials import Identity, Secret
|
||||
from infection_monkey.custom_types import PropagationCredentials
|
||||
from infection_monkey.i_control_channel import IControlChannel
|
||||
from infection_monkey.utils.decorators import request_cache
|
||||
|
@ -43,18 +44,18 @@ class AggregatingPropagationCredentialsRepository(IPropagationCredentialsReposit
|
|||
if credentials.secret:
|
||||
self._add_secret(credentials.secret)
|
||||
|
||||
def _add_identity(self, identity: ICredentialComponent):
|
||||
if identity.credential_type is CredentialComponentType.USERNAME:
|
||||
def _add_identity(self, identity: Identity):
|
||||
if type(identity) == Username:
|
||||
self._stored_credentials.setdefault("exploit_user_list", set()).add(identity.username)
|
||||
|
||||
def _add_secret(self, secret: ICredentialComponent):
|
||||
if secret.credential_type is CredentialComponentType.PASSWORD:
|
||||
def _add_secret(self, secret: Secret):
|
||||
if type(secret) is Password:
|
||||
self._stored_credentials.setdefault("exploit_password_list", set()).add(secret.password)
|
||||
elif secret.credential_type is CredentialComponentType.LM_HASH:
|
||||
elif type(secret) is LMHash:
|
||||
self._stored_credentials.setdefault("exploit_lm_hash_list", set()).add(secret.lm_hash)
|
||||
elif secret.credential_type is CredentialComponentType.NT_HASH:
|
||||
elif type(secret) is NTHash:
|
||||
self._stored_credentials.setdefault("exploit_ntlm_hash_list", set()).add(secret.nt_hash)
|
||||
elif secret.credential_type is CredentialComponentType.SSH_KEYPAIR:
|
||||
elif type(secret) is SSHKeypair:
|
||||
self._set_attribute(
|
||||
"exploit_ssh_keys",
|
||||
[{"public_key": secret.public_key, "private_key": secret.private_key}],
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
import logging
|
||||
from typing import Mapping, Sequence
|
||||
|
||||
from common.credentials import CredentialComponentType, Credentials
|
||||
from common.credentials import Credentials, LMHash, NTHash, Password, SSHKeypair
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
@ -11,23 +11,22 @@ def format_creds_for_reporting(credentials: Sequence[Credentials]) -> Sequence[M
|
|||
|
||||
formatted_creds = []
|
||||
cred_type_dict = {
|
||||
CredentialComponentType.PASSWORD: "Clear Password",
|
||||
CredentialComponentType.LM_HASH: "LM hash",
|
||||
CredentialComponentType.NT_HASH: "NTLM hash",
|
||||
CredentialComponentType.SSH_KEYPAIR: "Clear SSH private key",
|
||||
Password: "Clear Password",
|
||||
LMHash: "LM hash",
|
||||
NTHash: "NTLM hash",
|
||||
SSHKeypair: "Clear SSH private key",
|
||||
}
|
||||
for cred in credentials:
|
||||
secret = cred.secret
|
||||
if secret is None:
|
||||
continue
|
||||
|
||||
if secret.credential_type not in cred_type_dict:
|
||||
if type(secret) not in cred_type_dict:
|
||||
continue
|
||||
username = _get_username(cred)
|
||||
cred_row = {
|
||||
"username": username,
|
||||
"_type": secret.credential_type.name,
|
||||
"type": cred_type_dict[secret.credential_type],
|
||||
"type": cred_type_dict[type(secret)],
|
||||
}
|
||||
if cred_row not in formatted_creds:
|
||||
formatted_creds.append(cred_row)
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
import {defaultCredentials} from '../../services/configuration/propagation/credentials';
|
||||
import {CredentialTypes, SecretTypes} from '../utils/CredentialTypes.js';
|
||||
import _ from 'lodash';
|
||||
|
||||
export function reformatConfig(config, reverse = false) {
|
||||
|
@ -35,16 +36,16 @@ export function formatCredentialsForForm(credentials) {
|
|||
|
||||
let secret = credentials[i]['secret'];
|
||||
if(secret !== null){
|
||||
if (secret['credential_type'] === 'PASSWORD') {
|
||||
if (secret.hasOwnProperty(SecretTypes.Password)) {
|
||||
formattedCredentials['exploit_password_list'].push(secret['password'])
|
||||
}
|
||||
if (secret['credential_type'] === 'NT_HASH') {
|
||||
if (secret.hasOwnProperty(SecretTypes.NTHash)) {
|
||||
formattedCredentials['exploit_ntlm_hash_list'].push(secret['nt_hash'])
|
||||
}
|
||||
if (secret['credential_type'] === 'LM_HASH') {
|
||||
if (secret.hasOwnProperty(SecretTypes.LMHash)) {
|
||||
formattedCredentials['exploit_lm_hash_list'].push(secret['lm_hash'])
|
||||
}
|
||||
if (secret['credential_type'] === 'SSH_KEY') {
|
||||
if (secret.hasOwnProperty(SecretTypes.PrivateKey)) {
|
||||
let keypair = {'public_key': secret['public_key'], 'private_key': secret['private_key']}
|
||||
formattedCredentials['exploit_ssh_keys'].push(keypair)
|
||||
}
|
||||
|
@ -64,43 +65,34 @@ export function formatCredentialsForIsland(credentials) {
|
|||
let usernames = credentials['exploit_user_list'];
|
||||
for (let i = 0; i < usernames.length; i++) {
|
||||
formattedCredentials.push({
|
||||
'identity': {'username': usernames[i], 'credential_type': 'USERNAME'},
|
||||
'identity': {'username': usernames[i]},
|
||||
'secret': null
|
||||
})
|
||||
}
|
||||
|
||||
let passwords = credentials['exploit_password_list'];
|
||||
for (let i = 0; i < passwords.length; i++) {
|
||||
formattedCredentials.push({
|
||||
'identity': null,
|
||||
'secret': {'credential_type': 'PASSWORD', 'password': passwords[i]}
|
||||
})
|
||||
}
|
||||
|
||||
let nt_hashes = credentials['exploit_ntlm_hash_list'];
|
||||
for (let i = 0; i < nt_hashes.length; i++) {
|
||||
formattedCredentials.push({
|
||||
'identity': null,
|
||||
'secret': {'credential_type': 'NT_HASH', 'nt_hash': nt_hashes[i]}
|
||||
})
|
||||
}
|
||||
|
||||
let lm_hashes = credentials['exploit_lm_hash_list'];
|
||||
for (let i = 0; i < lm_hashes.length; i++) {
|
||||
formattedCredentials.push({
|
||||
'identity': null,
|
||||
'secret': {'credential_type': 'LM_HASH', 'lm_hash': lm_hashes[i]}
|
||||
})
|
||||
}
|
||||
formattedCredentials.push(...getFormattedCredentials(credentials['exploit_password_list'], 'password'))
|
||||
formattedCredentials.push(...getFormattedCredentials(credentials['exploit_ntlm_hash_list'], 'nt_hash'))
|
||||
formattedCredentials.push(...getFormattedCredentials(credentials['exploit_lm_hash_list'], 'lm_hash'))
|
||||
|
||||
let ssh_keys = credentials['exploit_ssh_keys'];
|
||||
for (let i = 0; i < ssh_keys.length; i++) {
|
||||
formattedCredentials.push({
|
||||
'identity': null,
|
||||
'secret': {'credential_type': 'SSH_KEYPAIR', 'private_key': ssh_keys[i]['private_key'],
|
||||
'secret': {'private_key': ssh_keys[i]['private_key'],
|
||||
'public_key': ssh_keys[i]['public_key']}
|
||||
})
|
||||
}
|
||||
|
||||
return formattedCredentials;
|
||||
}
|
||||
|
||||
function getFormattedCredentials(credentials, keyOfSecret) {
|
||||
let formattedCredentials = [];
|
||||
for (let i = 0; i < credentials.length; i++) {
|
||||
formattedCredentials.push({
|
||||
'identity': null,
|
||||
'secret': {[keyOfSecret]: credentials[i]}
|
||||
})
|
||||
}
|
||||
return formattedCredentials;
|
||||
}
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
export function getAllUsernames(stolen, configured){
|
||||
import {CredentialTypes, SecretTypes} from '../utils/CredentialTypes.js';
|
||||
|
||||
export function getAllUsernames(stolen, configured) {
|
||||
let usernames = [];
|
||||
usernames.push(...getCredentialsUsernames(stolen));
|
||||
usernames.push(...getCredentialsUsernames(configured));
|
||||
|
@ -7,60 +9,62 @@ export function getAllUsernames(stolen, configured){
|
|||
|
||||
export function getCredentialsUsernames(credentials) {
|
||||
let usernames = [];
|
||||
for(let i = 0; i < credentials.length; i++){
|
||||
for (let i = 0; i < credentials.length; i++) {
|
||||
let username = credentials[i]['identity'];
|
||||
if(username !== null) {
|
||||
if (username !== null) {
|
||||
usernames.push(username['username']);
|
||||
}
|
||||
}
|
||||
return usernames;
|
||||
}
|
||||
|
||||
export function getAllSecrets(stolen, configured){
|
||||
export function getAllSecrets(stolen, configured) {
|
||||
let secrets = [];
|
||||
for(let i = 0; i < stolen.length; i++){
|
||||
for (let i = 0; i < stolen.length; i++) {
|
||||
let secret = stolen[i]['secret'];
|
||||
if(secret !== null){
|
||||
secrets.push(getSecretsFromCredential(secret));
|
||||
if (secret !== null) {
|
||||
secrets.push(reformatSecret(secret));
|
||||
}
|
||||
}
|
||||
for(let i = 0; i < configured.length; i++){
|
||||
for (let i = 0; i < configured.length; i++) {
|
||||
let secret = configured[i]['secret'];
|
||||
if(secret !== null){
|
||||
secrets.push(getSecretsFromCredential(secret));
|
||||
if (secret !== null) {
|
||||
secrets.push(reformatSecret(secret));
|
||||
}
|
||||
}
|
||||
return secrets;
|
||||
}
|
||||
|
||||
function getSecretsFromCredential(credential) {
|
||||
if(credential['credential_type'] === 'SSH_KEYPAIR'){
|
||||
return {'type': 'SSH keypair', 'content': credential['private_key']}
|
||||
function reformatSecret(secret) {
|
||||
if (secret.hasOwnProperty(SecretTypes.Password)) {
|
||||
return {'type': CredentialTypes.Password, 'content': secret[SecretTypes.Password]}
|
||||
}
|
||||
if(credential['credential_type'] === 'NT_HASH'){
|
||||
return {'type': 'NT hash', 'content': credential['nt_hash']}
|
||||
if (secret.hasOwnProperty(SecretTypes.NTHash)) {
|
||||
return {'type': CredentialTypes.NTHash, 'content': secret[SecretTypes.NTHash]}
|
||||
}
|
||||
if(credential['credential_type'] === 'LM_HASH'){
|
||||
return {'type': 'LM hash', 'content': credential['lm_hash']}
|
||||
if (secret.hasOwnProperty(SecretTypes.LMHash)) {
|
||||
return {'type': CredentialTypes.LMHash, 'content': secret[SecretTypes.LMHash]}
|
||||
}
|
||||
if(credential['credential_type'] === 'PASSWORD'){
|
||||
return {'type': 'Password', 'content': credential['password']}
|
||||
if (secret.hasOwnProperty(SecretTypes.PrivateKey)) {
|
||||
return {
|
||||
'type': CredentialTypes.SSHKeys,
|
||||
'content': secret[SecretTypes.PrivateKey]
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
export function getCredentialsTableData(credentials) {
|
||||
let table_data = [];
|
||||
|
||||
let table_data = [];
|
||||
let identites = getCredentialsUsernames(credentials);
|
||||
let secrets = getAllSecrets(credentials, [])
|
||||
|
||||
let identites = getCredentialsUsernames(credentials);
|
||||
let secrets = getAllSecrets(credentials, [])
|
||||
for (let i = 0; i < credentials.length; i++) {
|
||||
let row_data = {};
|
||||
row_data['username'] = identites[i];
|
||||
row_data['type'] = secrets[i]['type'];
|
||||
table_data.push(row_data);
|
||||
}
|
||||
|
||||
for(let i=0; i<credentials.length; i++) {
|
||||
let row_data = {};
|
||||
row_data['username'] = identites[i];
|
||||
row_data['type'] = secrets[i]['type'];
|
||||
table_data.push(row_data);
|
||||
}
|
||||
|
||||
return table_data;
|
||||
return table_data;
|
||||
}
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
export const CredentialTypes = {
|
||||
Password: 'Clear Password',
|
||||
SSHKeys: 'Clear SSH private key',
|
||||
LMHash: 'LM hash',
|
||||
NTHash: 'NT hash',
|
||||
Username: 'Username'
|
||||
}
|
||||
|
||||
export const SecretTypes = {
|
||||
Password: 'password',
|
||||
PrivateKey: 'private_key',
|
||||
LMHash: 'lm_hash',
|
||||
NTHash: 'nt_hash'
|
||||
}
|
|
@ -1,64 +1,29 @@
|
|||
from common.credentials import (
|
||||
CredentialComponentType,
|
||||
Credentials,
|
||||
LMHash,
|
||||
NTHash,
|
||||
Password,
|
||||
SSHKeypair,
|
||||
Username,
|
||||
)
|
||||
from tests.data_for_tests.propagation_credentials import FULL_CREDENTIALS, USERNAME
|
||||
|
||||
from monkey_island.cc.services.reporting import format_creds_for_reporting
|
||||
|
||||
monkey_hostname = "fake_hostname"
|
||||
fake_monkey_guid = "abc"
|
||||
|
||||
fake_username = Username("m0nk3y_user")
|
||||
fake_nt_hash = NTHash("AEBD4DE384C7EC43AAD3B435B51404EE")
|
||||
fake_lm_hash = LMHash("7A21990FCD3D759941E45C490F143D5F")
|
||||
fake_password = Password("trytostealthis")
|
||||
fake_ssh_public_key = "RSA_public_key"
|
||||
fake_ssh_private_key = "RSA_private_key"
|
||||
fake_ssh_key = SSHKeypair(fake_ssh_private_key, fake_ssh_public_key)
|
||||
|
||||
identities = (fake_username,)
|
||||
secrets = (fake_nt_hash, fake_lm_hash, fake_password, fake_ssh_key)
|
||||
|
||||
fake_credentials = [
|
||||
Credentials(identity=fake_username, secret=fake_nt_hash),
|
||||
Credentials(identity=fake_username, secret=fake_lm_hash),
|
||||
Credentials(identity=fake_username, secret=fake_password),
|
||||
Credentials(identity=fake_username, secret=fake_ssh_key),
|
||||
Credentials(identity=None, secret=fake_ssh_key),
|
||||
Credentials(identity=fake_username, secret=None),
|
||||
]
|
||||
|
||||
|
||||
def test_formatting_credentials_for_report():
|
||||
|
||||
credentials = format_creds_for_reporting(fake_credentials)
|
||||
credentials = format_creds_for_reporting(FULL_CREDENTIALS)
|
||||
|
||||
result1 = {
|
||||
"_type": CredentialComponentType.NT_HASH.name,
|
||||
"type": "NTLM hash",
|
||||
"username": fake_username.username,
|
||||
"username": USERNAME,
|
||||
}
|
||||
result2 = {
|
||||
"_type": CredentialComponentType.LM_HASH.name,
|
||||
"type": "LM hash",
|
||||
"username": fake_username.username,
|
||||
"username": USERNAME,
|
||||
}
|
||||
result3 = {
|
||||
"_type": CredentialComponentType.PASSWORD.name,
|
||||
"type": "Clear Password",
|
||||
"username": fake_username.username,
|
||||
"username": USERNAME,
|
||||
}
|
||||
result4 = {
|
||||
"_type": CredentialComponentType.SSH_KEYPAIR.name,
|
||||
"type": "Clear SSH private key",
|
||||
"username": fake_username.username,
|
||||
"username": USERNAME,
|
||||
}
|
||||
result5 = {
|
||||
"_type": CredentialComponentType.SSH_KEYPAIR.name,
|
||||
"type": "Clear SSH private key",
|
||||
"username": "",
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue