def _get_infected_island_net_edges(monkey_island_monkey): existing_ids = [ x.src_node_id for x in EdgeService.get_by_dst_node( dst_node_id=monkey_island_monkey["_id"]) ] monkey_ids = [ x.id for x in Monkey.objects() if ("tunnel" not in x) and (x.id not in existing_ids) and ( x.id != monkey_island_monkey["_id"]) ] edges = [] count = 0 for monkey_id in monkey_ids: count += 1 # generating fake ID, because front end requires unique ID's for each edge. Collision # improbable fake_id = ObjectId(hex(count)[2:].zfill(24)) src_label = NodeService.get_label_for_endpoint(monkey_id) dst_label = NodeService.get_label_for_endpoint( monkey_island_monkey["_id"]) edge = DisplayedEdgeService.generate_pseudo_edge( edge_id=fake_id, src_node_id=monkey_id, dst_node_id=monkey_island_monkey["_id"], src_label=src_label, dst_label=dst_label, ) edges.append(edge) return edges
def get_edge_by_scan_or_exploit_telemetry(telemetry_json): dst_ip = telemetry_json['data']['machine']['ip_addr'] dst_domain_name = telemetry_json['data']['machine']['domain_name'] src_monkey = NodeService.get_monkey_by_guid(telemetry_json['monkey_guid']) dst_node = NodeService.get_monkey_by_ip(dst_ip) if dst_node is None: dst_node = NodeService.get_or_create_node(dst_ip, dst_domain_name) src_label = NodeService.get_label_for_endpoint(src_monkey["_id"]) dst_label = NodeService.get_label_for_endpoint(dst_node["_id"]) return EdgeService.get_or_create_edge(src_monkey["_id"], dst_node["_id"], src_label, dst_label)
def _get_uninfected_island_net_edges(): edges = [] monkey_ids = [x.id for x in Monkey.objects() if "tunnel" not in x] count = 0 for monkey_id in monkey_ids: count += 1 # generating fake ID, because front end requires unique ID's for each edge. Collision improbable fake_id = ObjectId(hex(count)[2:].zfill(24)) island_id = ObjectId("000000000000000000000000") monkey_label = NodeService.get_label_for_endpoint(monkey_id) island_label = NodeService.get_label_for_endpoint(island_id) island_pseudo_edge = DisplayedEdgeService.generate_pseudo_edge(edge_id=fake_id, src_node_id=monkey_id, dst_node_id=island_id, src_label=monkey_label, dst_label=island_label) edges.append(island_pseudo_edge) return edges
def update_edges_and_nodes_based_on_scan_telemetry(telemetry_json): edge = get_edge_by_scan_or_exploit_telemetry(telemetry_json) edge.update_based_on_scan_telemetry(telemetry_json) node = mongo.db.node.find_one({"_id": edge.dst_node_id}) if node is not None: scan_os = telemetry_json['data']['machine']["os"] if "type" in scan_os: mongo.db.node.update({"_id": node["_id"]}, {"$set": { "os.type": scan_os["type"] }}, upsert=False) if "version" in scan_os: mongo.db.node.update({"_id": node["_id"]}, {"$set": { "os.version": scan_os["version"] }}, upsert=False) label = NodeService.get_label_for_endpoint(node["_id"]) edge.update_label(node["_id"], label)