Add reused passwords

This commit is contained in:
Itay Mizeretz 2017-11-12 16:13:40 +02:00
parent be8feeb3ee
commit 80b709b2ac
1 changed files with 14 additions and 1 deletions

View File

@ -1,4 +1,5 @@
from cc.database import mongo from cc.database import mongo
from cc.services.config import ConfigService
from cc.services.node import NodeService from cc.services.node import NodeService
__author__ = "itay.mizeretz" __author__ = "itay.mizeretz"
@ -47,6 +48,17 @@ class ReportService:
return nodes return nodes
@staticmethod
def get_reused_passwords():
password_dict = {}
password_list = ConfigService.get_config_value(['basic', 'credentials', 'exploit_password_list'])
for password in password_list:
machines_with_password = [NodeService.get_monkey_label_by_id(node['_id']) for node in mongo.db.monkey.find({'creds.password': password}, {'_id': 1})]
if len(machines_with_password) >= 2:
password_dict[password] = machines_with_password
return password_dict
@staticmethod @staticmethod
def get_exploited(): def get_exploited():
exploited =\ exploited =\
@ -75,7 +87,8 @@ class ReportService:
'successful_exploit_types': ReportService.get_successful_exploit_types(), 'successful_exploit_types': ReportService.get_successful_exploit_types(),
'tunnels': ReportService.get_tunnels(), 'tunnels': ReportService.get_tunnels(),
'scanned': ReportService.get_scanned(), 'scanned': ReportService.get_scanned(),
'exploited': ReportService.get_exploited() 'exploited': ReportService.get_exploited(),
'reused_passwords': ReportService.get_reused_passwords()
} }
@staticmethod @staticmethod