p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Rename credential_store to credential_repository

This commit is contained in:
vakarisz 2022-08-08 15:34:53 +03:00
parent 34ed72da6b
commit eb6b06e6a2
9 changed files with 38 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
monkey/infection_monkey/credential_repository/__init__.py Normal file
View File

@ -0,0 +1,4 @@
from .i_propagation_credentials_repository import IPropagationCredentialsRepository
from .aggregating_propagation_credentials_repository import (
AggregatingPropagationCredentialsRepository,
)

4
monkey/infection_monkey/credential_store/aggregating_credentials_store.py → monkey/infection_monkey/credential_repository/aggregating_propagation_credentials_repository.py
View File

@ -6,14 +6,14 @@ from infection_monkey.custom_types import PropagationCredentials
from infection_monkey.i_control_channel import IControlChannel
from infection_monkey.utils.decorators import request_cache
from .i_credentials_store import ICredentialsStore
from .i_propagation_credentials_repository import IPropagationCredentialsRepository
logger = logging.getLogger(__name__)
CREDENTIALS_POLL_PERIOD_SEC = 10
class AggregatingCredentialsStore(ICredentialsStore):
class AggregatingPropagationCredentialsRepository(IPropagationCredentialsRepository):
def __init__(self, control_channel: IControlChannel):
self._stored_credentials = {
"exploit_user_list": set(),

2
monkey/infection_monkey/credential_store/i_credentials_store.py → monkey/infection_monkey/credential_repository/i_propagation_credentials_repository.py
View File

@ -5,7 +5,7 @@ from common.credentials import Credentials
from infection_monkey.custom_types import PropagationCredentials
class ICredentialsStore(metaclass=abc.ABCMeta):
class IPropagationCredentialsRepository(metaclass=abc.ABCMeta):
@abc.abstractmethod
def add_credentials(self, credentials_to_add: Iterable[Credentials]):
"""

2
monkey/infection_monkey/credential_store/__init__.py
View File

@ -1,2 +0,0 @@
from .i_credentials_store import ICredentialsStore
from .aggregating_credentials_store import AggregatingCredentialsStore

4
monkey/infection_monkey/master/automated_master.py
View File

@ -5,7 +5,7 @@ from typing import Any, Callable, Iterable, List, Optional
from common.agent_configuration import CustomPBAConfiguration, PluginConfiguration
from common.utils import Timer
from infection_monkey.credential_store import ICredentialsStore
from infection_monkey.credential_repository import IPropagationCredentialsRepository
from infection_monkey.i_control_channel import IControlChannel, IslandCommunicationError
from infection_monkey.i_master import IMaster
from infection_monkey.i_puppet import IPuppet
@ -40,7 +40,7 @@ class AutomatedMaster(IMaster):
victim_host_factory: VictimHostFactory,
control_channel: IControlChannel,
local_network_interfaces: List[NetworkInterface],
credentials_store: ICredentialsStore,
credentials_store: IPropagationCredentialsRepository,
):
self._current_depth = current_depth
self._puppet = puppet

9
monkey/infection_monkey/monkey.py
View File

@ -17,7 +17,10 @@ from infection_monkey.credential_collectors import (
MimikatzCredentialCollector,
SSHCredentialCollector,
)
from infection_monkey.credential_store import AggregatingCredentialsStore, ICredentialsStore
from infection_monkey.credential_store import (
AggregatingPropagationCredentialsRepository,
IPropagationCredentialsRepository,
)
from infection_monkey.exploit import CachingAgentRepository, ExploiterWrapper
from infection_monkey.exploit.hadoop import HadoopExploiter
from infection_monkey.exploit.log4shell import Log4ShellExploiter
@ -195,7 +198,7 @@ class InfectionMonkey:
control_channel = ControlChannel(
self._control_client.server_address, GUID, self._control_client.proxies
)
credentials_store = AggregatingCredentialsStore(control_channel)
credentials_store = AggregatingPropagationCredentialsRepository(control_channel)
puppet = self._build_puppet(credentials_store)
@ -226,7 +229,7 @@ class InfectionMonkey:
return local_network_interfaces
def _build_puppet(self, credentials_store: ICredentialsStore) -> IPuppet:
def _build_puppet(self, credentials_store: IPropagationCredentialsRepository) -> IPuppet:
puppet = Puppet()
puppet.load_plugin(

10
monkey/infection_monkey/telemetry/messengers/credentials_intercepting_telemetry_messenger.py
View File

@ -1,6 +1,6 @@
from functools import singledispatch
from infection_monkey.credential_store import ICredentialsStore
from infection_monkey.credential_repository import IPropagationCredentialsRepository
from infection_monkey.telemetry.credentials_telem import CredentialsTelem
from infection_monkey.telemetry.i_telem import ITelem
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
@ -8,7 +8,9 @@ from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemet
class CredentialsInterceptingTelemetryMessenger(ITelemetryMessenger):
def __init__(
self, telemetry_messenger: ITelemetryMessenger, credentials_store: ICredentialsStore
self,
telemetry_messenger: ITelemetryMessenger,
credentials_store: IPropagationCredentialsRepository,
):
self._telemetry_messenger = telemetry_messenger
self._credentials_store = credentials_store
@ -23,7 +25,7 @@ class CredentialsInterceptingTelemetryMessenger(ITelemetryMessenger):
def _send_telemetry(
telemetry: ITelem,
telemetry_messenger: ITelemetryMessenger,
credentials_store: ICredentialsStore,
credentials_store: IPropagationCredentialsRepository,
):
telemetry_messenger.send_telemetry(telemetry)
@ -32,7 +34,7 @@ def _send_telemetry(
def _(
telemetry: CredentialsTelem,
telemetry_messenger: ITelemetryMessenger,
credentials_store: ICredentialsStore,
credentials_store: IPropagationCredentialsRepository,
):
credentials_store.add_credentials(telemetry.credentials)
telemetry_messenger.send_telemetry(telemetry)

22
monkey/tests/unit_tests/infection_monkey/credential_store/test_aggregating_credentials_store.py → monkey/tests/unit_tests/infection_monkey/credential_store/test_aggregating_propagation_credentials_repository.py
View File

@ -15,7 +15,7 @@ from tests.data_for_tests.propagation_credentials import (
)
from common.credentials import Credentials, LMHash, NTHash, Password, SSHKeypair, Username
from infection_monkey.credential_store import AggregatingCredentialsStore
from infection_monkey.credential_repository import AggregatingPropagationCredentialsRepository
CONTROL_CHANNEL_CREDENTIALS = PROPAGATION_CREDENTIALS
TRANSFORMED_CONTROL_CHANNEL_CREDENTIALS = {
@ -67,24 +67,24 @@ STOLEN_SSH_KEYS_CREDENTIALS = [
@pytest.fixture
def aggregating_credentials_store() -> AggregatingCredentialsStore:
def aggregating_credentials_repository() -> AggregatingPropagationCredentialsRepository:
control_channel = MagicMock()
control_channel.get_credentials_for_propagation.return_value = CONTROL_CHANNEL_CREDENTIALS
return AggregatingCredentialsStore(control_channel)
return AggregatingPropagationCredentialsRepository(control_channel)
@pytest.mark.parametrize("key", TRANSFORMED_CONTROL_CHANNEL_CREDENTIALS.keys())
def test_get_credentials_from_store(aggregating_credentials_store, key):
actual_stored_credentials = aggregating_credentials_store.get_credentials()
def test_get_credentials_from_repository(aggregating_credentials_repository, key):
actual_stored_credentials = aggregating_credentials_repository.get_credentials()
assert actual_stored_credentials[key] == TRANSFORMED_CONTROL_CHANNEL_CREDENTIALS[key]
def test_add_credentials_to_store(aggregating_credentials_store):
aggregating_credentials_store.add_credentials(STOLEN_CREDENTIALS)
aggregating_credentials_store.add_credentials(STOLEN_SSH_KEYS_CREDENTIALS)
def test_add_credentials_to_repository(aggregating_credentials_repository):
aggregating_credentials_repository.add_credentials(STOLEN_CREDENTIALS)
aggregating_credentials_repository.add_credentials(STOLEN_SSH_KEYS_CREDENTIALS)
actual_stored_credentials = aggregating_credentials_store.get_credentials()
actual_stored_credentials = aggregating_credentials_repository.get_credentials()
assert actual_stored_credentials["exploit_user_list"] == set(
[
@ -113,9 +113,9 @@ def test_add_credentials_to_store(aggregating_credentials_store):
def test_all_keys_if_credentials_empty():
control_channel = MagicMock()
control_channel.get_credentials_for_propagation.return_value = EMPTY_CHANNEL_CREDENTIALS
credentials_store = AggregatingCredentialsStore(control_channel)
credentials_repository = AggregatingPropagationCredentialsRepository(control_channel)
actual_stored_credentials = credentials_store.get_credentials()
actual_stored_credentials = credentials_repository.get_credentials()
print(type(actual_stored_credentials))
assert "exploit_user_list" in actual_stored_credentials

12
monkey/tests/unit_tests/infection_monkey/telemetry/messengers/test_credentials_intercepting_telemetry_messenger.py
View File

@ -25,28 +25,28 @@ class MockCredentialsTelem(CredentialsTelem):
def test_credentials_generic_telemetry(TestTelem):
mock_telemetry_messenger = MagicMock()
mock_credentials_store = MagicMock()
mock_credentials_repository = MagicMock()
telemetry_messenger = CredentialsInterceptingTelemetryMessenger(
mock_telemetry_messenger, mock_credentials_store
mock_telemetry_messenger, mock_credentials_repository
)
telemetry_messenger.send_telemetry(TestTelem())
assert mock_telemetry_messenger.send_telemetry.called
assert not mock_credentials_store.add_credentials.called
assert not mock_credentials_repository.add_credentials.called
def test_successful_intercepting_credentials_telemetry():
mock_telemetry_messenger = MagicMock()
mock_credentials_store = MagicMock()
mock_credentials_repository = MagicMock()
mock_empty_credentials_telem = MockCredentialsTelem(TELEM_CREDENTIALS)
telemetry_messenger = CredentialsInterceptingTelemetryMessenger(
mock_telemetry_messenger, mock_credentials_store
mock_telemetry_messenger, mock_credentials_repository
)
telemetry_messenger.send_telemetry(mock_empty_credentials_telem)
assert mock_telemetry_messenger.send_telemetry.called
assert mock_credentials_store.add_credentials.called
assert mock_credentials_repository.add_credentials.called