From 9c185a3a785419b33d7b0ee27a07be51bda3c797 Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Tue, 4 Oct 2022 16:39:10 +0200
Subject: [PATCH] Agent: Add tags and error messages in Hadoop

---
 monkey/infection_monkey/exploit/hadoop.py | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py
index 4fdd308a2..5a878621e 100644
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@@ -5,6 +5,7 @@
 """
 
 import json
+import logging
 import posixpath
 import random
 import string
@@ -12,6 +13,7 @@ import string
 import requests
 
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
+from common.tags import T1203_ATTACK_TECHNIQUE_TAG
 from infection_monkey.exploit.tools.helpers import get_agent_dst_path
 from infection_monkey.exploit.tools.http_tools import HTTPTools
 from infection_monkey.exploit.web_rce import WebRCE
@@ -23,6 +25,10 @@ from infection_monkey.model import (
 )
 from infection_monkey.utils.commands import build_monkey_commandline
 
+logger = logging.getLogger(__name__)
+
+HADOOP_EXPLOITER_TAG = "hadoop-exploiter"
+
 
 class HadoopExploiter(WebRCE):
     _EXPLOITED_SERVICE = "Hadoop"
@@ -40,18 +46,24 @@ class HadoopExploiter(WebRCE):
         urls = self.build_potential_urls(self.host.ip_addr, self.HADOOP_PORTS)
         self.add_vulnerable_urls(urls, True)
         if not self.vulnerable_urls:
+            self.exploit.error_message = f"No vulnerable urls has been found for {self.host}"
             self.publish_exploitation_event(
                 target=self.host.ip_addr,
                 exploitation_success=False,
+                error_message=self.exploit_result.error_message,
+                tags=(HADOOP_EXPLOITER_TAG,),
             )
             return self.exploit_result
 
         try:
             monkey_path_on_victim = get_agent_dst_path(self.host)
         except KeyError:
+            self.exploit_result.error_message = f"No coressponding agent found for {self.host}"
             self.publish_exploitation_event(
                 target=self.host.ip_addr,
                 exploitation_success=False,
+                error_message=self.exploit_result.error_message,
+                tags=(HADOOP_EXPLOITER_TAG,),
             )
             return self.exploit_result
 
@@ -70,8 +82,13 @@ class HadoopExploiter(WebRCE):
                 self.publish_exploitation_event(
                     target=self.host.ip_addr,
                     exploitation_success=True,
+                    tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG),
+                )
+                self.publish_propagation_event(
+                    target=self.host.ip_addr,
+                    propagation_success=True,
+                    tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG),
                 )
-                self.publish_propagation_event(target=self.host.ip_addr, propagation_success=True)
         finally:
             http_thread.join(self.DOWNLOAD_TIMEOUT)
             http_thread.stop()