From 80b709b2ac8805a8fbc640725f118b6a9d7747d6 Mon Sep 17 00:00:00 2001 From: Itay Mizeretz Date: Sun, 12 Nov 2017 16:13:40 +0200 Subject: [PATCH] Add reused passwords --- monkey_island/cc/services/report.py | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/monkey_island/cc/services/report.py b/monkey_island/cc/services/report.py index ca7a55234..0e0a2779f 100644 --- a/monkey_island/cc/services/report.py +++ b/monkey_island/cc/services/report.py @@ -1,4 +1,5 @@ from cc.database import mongo +from cc.services.config import ConfigService from cc.services.node import NodeService __author__ = "itay.mizeretz" @@ -47,6 +48,17 @@ class ReportService: return nodes + @staticmethod + def get_reused_passwords(): + password_dict = {} + password_list = ConfigService.get_config_value(['basic', 'credentials', 'exploit_password_list']) + for password in password_list: + machines_with_password = [NodeService.get_monkey_label_by_id(node['_id']) for node in mongo.db.monkey.find({'creds.password': password}, {'_id': 1})] + if len(machines_with_password) >= 2: + password_dict[password] = machines_with_password + + return password_dict + @staticmethod def get_exploited(): exploited =\ @@ -75,7 +87,8 @@ class ReportService: 'successful_exploit_types': ReportService.get_successful_exploit_types(), 'tunnels': ReportService.get_tunnels(), 'scanned': ReportService.get_scanned(), - 'exploited': ReportService.get_exploited() + 'exploited': ReportService.get_exploited(), + 'reused_passwords': ReportService.get_reused_passwords() } @staticmethod