Ejemplo n.º 1
0
    def process_exploit_telemetry(telemetry_json):
        edge = Telemetry.get_edge_by_scan_or_exploit_telemetry(telemetry_json)
        new_exploit = telemetry_json['data']

        new_exploit.pop('machine')
        new_exploit['timestamp'] = telemetry_json['timestamp']

        mongo.db.edge.update(
            {'_id': edge['_id']},
            {'$push': {'exploits': new_exploit}}
        )
        if new_exploit['result']:
            EdgeService.set_edge_exploited(edge)
Ejemplo n.º 2
0
    def process_exploit_telemetry(telemetry_json):
        edge = Telemetry.get_edge_by_scan_or_exploit_telemetry(telemetry_json)
        new_exploit = copy.deepcopy(telemetry_json['data'])

        new_exploit.pop('machine')
        new_exploit['timestamp'] = telemetry_json['timestamp']

        mongo.db.edge.update(
            {'_id': edge['_id']},
            {'$push': {'exploits': new_exploit}}
        )
        if new_exploit['result']:
            EdgeService.set_edge_exploited(edge)

        for attempt in telemetry_json['data']['attempts']:
            if attempt['result']:
                found_creds = {'user': attempt['user']}
                for field in ['password', 'lm_hash', 'ntlm_hash']:
                    if len(attempt[field]) != 0:
                        found_creds[field] = attempt[field]
                NodeService.add_credentials_to_node(edge['to'], found_creds)