forked from p15670423/monkey
Merge pull request #214 from guardicore/feature/collect-aws-instanceid
Add AWS instance id collector
This commit is contained in:
commit
fdeeed40f4
|
@ -0,0 +1 @@
|
|||
__author__ = 'itay.mizeretz'
|
|
@ -0,0 +1,17 @@
|
|||
import urllib2
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
|
||||
|
||||
class AWS(object):
|
||||
def __init__(self):
|
||||
try:
|
||||
self.instance_id = urllib2.urlopen('http://169.254.169.254/latest/meta-data/instance-id').read()
|
||||
except urllib2.URLError:
|
||||
self.instance_id = None
|
||||
|
||||
def get_instance_id(self):
|
||||
return self.instance_id
|
||||
|
||||
def is_aws_instance(self):
|
||||
return self.instance_id is not None
|
|
@ -6,6 +6,7 @@ import psutil
|
|||
from enum import IntEnum
|
||||
|
||||
from infection_monkey.network.info import get_host_subnets
|
||||
from infection_monkey.system_info.aws_collector import AwsCollector
|
||||
from infection_monkey.system_info.azure_cred_collector import AzureCollector
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
@ -57,6 +58,13 @@ class InfoCollector(object):
|
|||
def __init__(self):
|
||||
self.info = {}
|
||||
|
||||
def get_info(self):
|
||||
self.get_hostname()
|
||||
self.get_process_list()
|
||||
self.get_network_info()
|
||||
self.get_azure_info()
|
||||
self.get_aws_info()
|
||||
|
||||
def get_hostname(self):
|
||||
"""
|
||||
Adds the fully qualified computer hostname to the system information.
|
||||
|
@ -131,3 +139,6 @@ class InfoCollector(object):
|
|||
if len(azure_creds) != 0:
|
||||
self.info["Azure"] = {}
|
||||
self.info["Azure"]['usernames'] = [cred[0] for cred in azure_creds]
|
||||
|
||||
def get_aws_info(self):
|
||||
self.info['aws'] = AwsCollector().get_aws_info()
|
||||
|
|
|
@ -0,0 +1,29 @@
|
|||
import logging
|
||||
|
||||
from common.cloud.aws import AWS
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
||||
class AwsCollector(object):
|
||||
"""
|
||||
Extract info from AWS machines
|
||||
"""
|
||||
|
||||
@staticmethod
|
||||
def get_aws_info():
|
||||
LOG.info("Collecting AWS info")
|
||||
aws = AWS()
|
||||
info = {}
|
||||
if aws.is_aws_instance():
|
||||
LOG.info("Machine is an AWS instance")
|
||||
info = \
|
||||
{
|
||||
'instance_id': aws.get_instance_id()
|
||||
}
|
||||
else:
|
||||
LOG.info("Machine is NOT an AWS instance")
|
||||
|
||||
return info
|
|
@ -23,10 +23,7 @@ class LinuxInfoCollector(InfoCollector):
|
|||
:return: Dict of system information
|
||||
"""
|
||||
LOG.debug("Running Linux collector")
|
||||
self.get_hostname()
|
||||
self.get_process_list()
|
||||
self.get_network_info()
|
||||
self.get_azure_info()
|
||||
super(LinuxInfoCollector, self).get_info()
|
||||
self.info['ssh_info'] = SSHCollector.get_info()
|
||||
return self.info
|
||||
|
||||
|
|
|
@ -35,16 +35,26 @@ class WindowsInfoCollector(InfoCollector):
|
|||
:return: Dict of system information
|
||||
"""
|
||||
LOG.debug("Running Windows collector")
|
||||
self.get_hostname()
|
||||
self.get_process_list()
|
||||
self.get_network_info()
|
||||
self.get_azure_info()
|
||||
|
||||
super(WindowsInfoCollector, self).get_info()
|
||||
self.get_wmi_info()
|
||||
LOG.debug('finished get_wmi_info')
|
||||
self.get_installed_packages()
|
||||
self.get_mimikatz_info()
|
||||
|
||||
return self.info
|
||||
|
||||
def get_installed_packages(self):
|
||||
LOG.info('getting installed packages')
|
||||
self.info["installed_packages"] = os.popen("dism /online /get-packages").read()
|
||||
self.info["installed_features"] = os.popen("dism /online /get-features").read()
|
||||
LOG.debug('Got installed packages')
|
||||
|
||||
def get_wmi_info(self):
|
||||
LOG.info('getting wmi info')
|
||||
for wmi_class_name in WMI_CLASSES:
|
||||
self.info['wmi'][wmi_class_name] = WMIUtils.get_wmi_class(wmi_class_name)
|
||||
LOG.debug('finished get_wmi_info')
|
||||
|
||||
def get_mimikatz_info(self):
|
||||
mimikatz_collector = MimikatzCollector()
|
||||
mimikatz_info = mimikatz_collector.get_logon_info()
|
||||
if mimikatz_info:
|
||||
|
@ -53,15 +63,3 @@ class WindowsInfoCollector(InfoCollector):
|
|||
self.info["mimikatz"] = mimikatz_collector.get_mimikatz_text()
|
||||
else:
|
||||
LOG.info('No mimikatz info was gathered')
|
||||
|
||||
return self.info
|
||||
|
||||
def get_installed_packages(self):
|
||||
LOG.info('getting installed packages')
|
||||
self.info["installed_packages"] = os.popen("dism /online /get-packages").read()
|
||||
self.info["installed_features"] = os.popen("dism /online /get-features").read()
|
||||
|
||||
def get_wmi_info(self):
|
||||
LOG.info('getting wmi info')
|
||||
for wmi_class_name in WMI_CLASSES:
|
||||
self.info['wmi'][wmi_class_name] = WMIUtils.get_wmi_class(wmi_class_name)
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
import urllib2
|
||||
|
||||
import cc.auth
|
||||
from cc.environment import Environment
|
||||
from common.cloud.aws import AWS
|
||||
|
||||
__author__ = 'itay.mizeretz'
|
||||
|
||||
|
@ -13,7 +12,7 @@ class AwsEnvironment(Environment):
|
|||
|
||||
@staticmethod
|
||||
def _get_instance_id():
|
||||
return urllib2.urlopen('http://169.254.169.254/latest/meta-data/instance-id').read()
|
||||
return AWS.get_instance_id()
|
||||
|
||||
def is_auth_enabled(self):
|
||||
return True
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -86,7 +86,7 @@
|
|||
"react-graph-vis": "^1.0.2",
|
||||
"react-json-tree": "^0.11.0",
|
||||
"react-jsonschema-form": "^1.0.5",
|
||||
"react-redux": "^5.0.7",
|
||||
"react-redux": "^5.1.1",
|
||||
"react-router-dom": "^4.3.1",
|
||||
"react-table": "^6.8.6",
|
||||
"react-toggle": "^4.0.1",
|
||||
|
|
Loading…
Reference in New Issue