def generate_new_report():
"""
Generates new report based on telemetries, replaces old report in db with new one.
:return: Report object
"""
report = \
{
'techniques': {},
'meta': {'latest_monkey_modifytime': Monkey.get_latest_modifytime()},
'name': REPORT_NAME
}
for tech_id, tech_info in list(
AttackConfig.get_techniques_for_report().items()):
try:
technique_report_data = TECHNIQUES[tech_id].get_report_data()
technique_report_data.update(tech_info)
report['techniques'].update({tech_id: technique_report_data})
except KeyError as e:
LOG.error(
"Attack technique does not have it's report component added "
"to attack report service. %s" % e)
mongo.db.attack_report.replace_one({'name': REPORT_NAME},
report,
upsert=True)
return report
def generate_report():
domain_issues = ReportService.get_domain_issues()
issues = ReportService.get_issues()
config_users = ReportService.get_config_users()
config_passwords = ReportService.get_config_passwords()
cross_segment_issues = ReportService.get_cross_segment_issues()
monkey_latest_modify_time = Monkey.get_latest_modifytime()
scanned_nodes = ReportService.get_scanned()
exploited_nodes = ReportService.get_exploited()
report = \
{
'overview':
{
'manual_monkeys': ReportService.get_manual_monkeys(),
'config_users': config_users,
'config_passwords': config_passwords,
'config_exploits': ReportService.get_config_exploits(),
'config_ips': ReportService.get_config_ips(),
'config_scan': ReportService.get_config_scan(),
'monkey_start_time': ReportService.get_first_monkey_time().strftime("%d/%m/%Y %H:%M:%S"),
'monkey_duration': ReportService.get_monkey_duration(),
'issues': ReportService.get_issues_overview(issues, config_users, config_passwords),
'warnings': ReportService.get_warnings_overview(issues, cross_segment_issues),
'cross_segment_issues': cross_segment_issues
},
'glance':
{
'scanned': scanned_nodes,
'exploited': exploited_nodes,
'stolen_creds': ReportService.get_stolen_creds(),
'azure_passwords': ReportService.get_azure_creds(),
'ssh_keys': ReportService.get_ssh_keys(),
'strong_users': PTHReportService.get_strong_users_on_crit_details(),
'pth_map': PTHReportService.get_pth_map()
},
'recommendations':
{
'issues': issues,
'domain_issues': domain_issues
},
'meta':
{
'latest_monkey_modifytime': monkey_latest_modify_time
}
}
ReportExporterManager().export(report)
mongo.db.report.drop()
mongo.db.report.insert_one(
ReportService.encode_dot_char_before_mongo_insert(report))
return report
def get_latest_report():
"""
Gets latest report (by retrieving it from db or generating a new one).
:return: report dict.
"""
if AttackReportService.is_report_generated():
monkey_modifytime = Monkey.get_latest_modifytime()
latest_report = mongo.db.attack_report.find_one({"name": REPORT_NAME})
report_modifytime = latest_report["meta"]["latest_monkey_modifytime"]
if monkey_modifytime and report_modifytime and monkey_modifytime == report_modifytime:
return latest_report
return safe_generate_attack_report()
def is_latest_report_exists():
"""
This function checks if a monkey report was already generated and if it's the latest one.
:return: True if report is the latest one, False if there isn't a report or its not the
latest.
"""
latest_report_doc = mongo.db.report.find_one({}, {"meta.latest_monkey_modifytime": 1})
if latest_report_doc:
report_latest_modifytime = latest_report_doc["meta"]["latest_monkey_modifytime"]
latest_monkey_modifytime = Monkey.get_latest_modifytime()
return report_latest_modifytime == latest_monkey_modifytime
return False
def generate_report():
domain_issues = ReportService.get_domain_issues()
issues = ReportService.get_issues()
config_users = ReportService.get_config_users()
config_passwords = ReportService.get_config_passwords()
issue_set = ReportService.get_issue_set(issues, config_users, config_passwords)
cross_segment_issues = ReportService.get_cross_segment_issues()
monkey_latest_modify_time = Monkey.get_latest_modifytime()
scanned_nodes = ReportService.get_scanned()
exploited_cnt = len(get_monkey_exploited())
report = {
"overview": {
"manual_monkeys": ReportService.get_manual_monkey_hostnames(),
"config_users": config_users,
"config_passwords": config_passwords,
"config_exploits": ReportService.get_config_exploits(),
"config_ips": ReportService.get_config_ips(),
"config_scan": ReportService.get_config_scan(),
"monkey_start_time": ReportService.get_first_monkey_time().strftime(
"%d/%m/%Y %H:%M:%S"
),
"monkey_duration": ReportService.get_monkey_duration(),
"issues": issue_set,
"cross_segment_issues": cross_segment_issues,
},
"glance": {
"scanned": scanned_nodes,
"exploited_cnt": exploited_cnt,
"stolen_creds": ReportService.get_stolen_creds(),
"azure_passwords": ReportService.get_azure_creds(),
"ssh_keys": ReportService.get_ssh_keys(),
"strong_users": PTHReportService.get_strong_users_on_crit_details(),
},
"recommendations": {"issues": issues, "domain_issues": domain_issues},
"meta": {"latest_monkey_modifytime": monkey_latest_modify_time},
}
ReportExporterManager().export(report)
mongo.db.report.drop()
mongo.db.report.insert_one(ReportService.encode_dot_char_before_mongo_insert(report))
return report
