CR improvements

guardicore · Jun 19, 2019 · e38410a · e38410a
1 parent 9935f15
commit e38410a
Show file tree

Hide file tree

Showing 12 changed files with 21 additions and 19 deletions.
diff --git a/monkey/infection_monkey/exploit/__init__.py b/monkey/infection_monkey/exploit/__init__.py
@@ -59,7 +59,7 @@ def add_vuln_url(self, url):
     def add_vuln_port(self, port):
         self._exploit_info['vulnerable_ports'].append(port)
 
-    def add_example_cmd(self, cmd):
+    def set_example_cmd(self, cmd):
         self._exploit_info['executed_cmds']['example'] = cmd
 
 

diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py
@@ -49,7 +49,7 @@ def exploit_host(self):
             return False
         http_thread.join(self.DOWNLOAD_TIMEOUT)
         http_thread.stop()
-        self.add_example_cmd(command)
+        self.set_example_cmd(command)
         return True
 
     def exploit(self, url, command):

diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py
@@ -77,7 +77,7 @@ def exploit_host(self):
         commands.extend(monkey_args)
         MSSQLExploiter.execute_command(cursor, commands)
         MSSQLExploiter.run_file(cursor, tmp_file_path)
-        self.add_example_cmd(commands[-1])
+        self.set_example_cmd(commands[-1])
         return True
 
     @staticmethod

diff --git a/monkey/infection_monkey/exploit/rdpgrinder.py b/monkey/infection_monkey/exploit/rdpgrinder.py
@@ -343,5 +343,5 @@ def exploit_host(self):
 
         LOG.info("Executed monkey '%s' on remote victim %r",
                  os.path.basename(src_path), self.host)
-        self.add_example_cmd(command)
+        self.set_example_cmd(command)
         return True
diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py
@@ -144,7 +144,7 @@ def exploit_host(self):
             if not (self.check_remote_file_exists(url, header, exploit, self._config.monkey_log_path_linux)):
                 LOG.info("Log file does not exist, monkey might not have run")
                 continue
-            self.add_example_cmd(cmdline)
+            self.set_example_cmd(cmdline)
             return True
 
         return False

diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py
@@ -178,7 +178,7 @@ def exploit_host(self):
                      self._config.dropper_target_path_linux, self.host, cmdline)
 
             ssh.close()
-            self.add_example_cmd(cmdline)
+            self.set_example_cmd(cmdline)
             return True
 
         except Exception as exc:

diff --git a/monkey/infection_monkey/exploit/vsftpd.py b/monkey/infection_monkey/exploit/vsftpd.py
@@ -138,7 +138,7 @@ def exploit_host(self):
         if backdoor_socket.send(run_monkey):
             LOG.info("Executed monkey '%s' on remote victim %r (cmdline=%r)", self._config.dropper_target_path_linux,
                      self.host, run_monkey)
-            self.add_example_cmd(run_monkey)
+            self.set_example_cmd(run_monkey)
             return True
         else:
             return False
diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py
@@ -408,7 +408,7 @@ def execute_remote_monkey(self, url, path, dropper=False):
             # If exploiter returns True / False
             if type(resp) is bool:
                 LOG.info("Execution attempt successfully finished")
-                self.add_example_cmd(command)
+                self.set_example_cmd(command)
                 return resp
             # If exploiter returns command output, we can check for execution errors
             if 'is not recognized' in resp or 'command not found' in resp:
@@ -422,7 +422,7 @@ def execute_remote_monkey(self, url, path, dropper=False):
             return False
         LOG.info("Execution attempt finished")
 
-        self.add_example_cmd(command)
+        self.set_example_cmd(command)
         return resp
 
     def get_monkey_upload_path(self, url_to_monkey):

diff --git a/monkey/infection_monkey/exploit/wmiexec.py b/monkey/infection_monkey/exploit/wmiexec.py
@@ -114,7 +114,7 @@ def exploit_host(self):
 
             result.RemRelease()
             wmi_connection.close()
-            self.add_example_cmd(cmdline)
+            self.set_example_cmd(cmdline)
             return success
 
         return False
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1003.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1003.py
@@ -9,17 +9,18 @@ class T1003(AttackTechnique):
 
     tech_id = "T1003"
     unscanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed."
-    scanned_msg = "Monkey tried to obtain credentials from systems in the network but didn't find any or failed."
+    scanned_msg = ""
     used_msg = "Monkey successfully obtained some credentials from systems on the network."
 
     query = {'telem_type': 'system_info_collection', '$and': [{'data.credentials': {'$exists': True}},
                                                               {'data.credentials': {'$gt': {}}}]}
 
     @staticmethod
     def get_report_data():
-        data = {'title': T1003.technique_title(T1003.tech_id)}
+        data = {'title': T1003.technique_title()}
         if mongo.db.telemetry.count_documents(T1003.query):
-            data.update({'message': T1003.used_msg, 'status': ScanStatus.USED.name})
+            status = ScanStatus.USED
         else:
-            data.update({'message': T1003.unscanned_msg, 'status': ScanStatus.UNSCANNED.name})
+            status = ScanStatus.UNSCANNED
+        data.update(T1003.get_message_and_status(status))
         return data
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py b/monkey/monkey_island/cc/services/attack/technique_reports/T1059.py
@@ -22,9 +22,10 @@ class T1059(AttackTechnique):
     @staticmethod
     def get_report_data():
         cmd_data = list(mongo.db.telemetry.aggregate(T1059.query))
-        data = {'title': T1059.technique_title(T1059.tech_id), 'cmds': cmd_data}
+        data = {'title': T1059.technique_title(), 'cmds': cmd_data}
         if cmd_data:
-            data.update({'message': T1059.used_msg, 'status': ScanStatus.USED.name})
+            status = ScanStatus.USED
         else:
-            data.update({'message': T1059.unscanned_msg, 'status': ScanStatus.UNSCANNED.name})
+            status = ScanStatus.UNSCANNED
+        data.update(T1059.get_message_and_status(status))
         return data
diff --git a/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js b/monkey/monkey_island/cc/ui/src/components/attack/techniques/T1059.js
@@ -10,7 +10,7 @@ class T1059 extends React.Component {
     super(props);
   }
 
-  static getHashColumns() {
+  static getCommandColumns() {
     return ([{
       Header: 'Example commands used',
       columns: [
@@ -27,7 +27,7 @@ class T1059 extends React.Component {
         <br/>
         {this.props.data.status === 'USED' ?
           <ReactTable
-              columns={T1059.getHashColumns()}
+              columns={T1059.getCommandColumns()}
               data={this.props.data.cmds}
               showPagination={false}
               defaultPageSize={this.props.data.cmds.length}