def _get_infected_island_net_edges(monkey_island_monkey):
existing_ids = [
x.src_node_id for x in EdgeService.get_by_dst_node(
dst_node_id=monkey_island_monkey["_id"])
]
monkey_ids = [
x.id for x in Monkey.objects()
if ("tunnel" not in x) and (x.id not in existing_ids) and (
x.id != monkey_island_monkey["_id"])
]
edges = []
count = 0
for monkey_id in monkey_ids:
count += 1
# generating fake ID, because front end requires unique ID's for each edge. Collision
# improbable
fake_id = ObjectId(hex(count)[2:].zfill(24))
src_label = NodeService.get_label_for_endpoint(monkey_id)
dst_label = NodeService.get_label_for_endpoint(
monkey_island_monkey["_id"])
edge = DisplayedEdgeService.generate_pseudo_edge(
edge_id=fake_id,
src_node_id=monkey_id,
dst_node_id=monkey_island_monkey["_id"],
src_label=src_label,
dst_label=dst_label,
)
edges.append(edge)
return edges
def get_edge_by_scan_or_exploit_telemetry(telemetry_json):
dst_ip = telemetry_json['data']['machine']['ip_addr']
dst_domain_name = telemetry_json['data']['machine']['domain_name']
src_monkey = NodeService.get_monkey_by_guid(telemetry_json['monkey_guid'])
dst_node = NodeService.get_monkey_by_ip(dst_ip)
if dst_node is None:
dst_node = NodeService.get_or_create_node(dst_ip, dst_domain_name)
src_label = NodeService.get_label_for_endpoint(src_monkey["_id"])
dst_label = NodeService.get_label_for_endpoint(dst_node["_id"])
return EdgeService.get_or_create_edge(src_monkey["_id"], dst_node["_id"],
src_label, dst_label)
def _get_uninfected_island_net_edges():
edges = []
monkey_ids = [x.id for x in Monkey.objects() if "tunnel" not in x]
count = 0
for monkey_id in monkey_ids:
count += 1
# generating fake ID, because front end requires unique ID's for each edge. Collision improbable
fake_id = ObjectId(hex(count)[2:].zfill(24))
island_id = ObjectId("000000000000000000000000")
monkey_label = NodeService.get_label_for_endpoint(monkey_id)
island_label = NodeService.get_label_for_endpoint(island_id)
island_pseudo_edge = DisplayedEdgeService.generate_pseudo_edge(edge_id=fake_id,
src_node_id=monkey_id,
dst_node_id=island_id,
src_label=monkey_label,
dst_label=island_label)
edges.append(island_pseudo_edge)
return edges
def update_edges_and_nodes_based_on_scan_telemetry(telemetry_json):
edge = get_edge_by_scan_or_exploit_telemetry(telemetry_json)
edge.update_based_on_scan_telemetry(telemetry_json)
node = mongo.db.node.find_one({"_id": edge.dst_node_id})
if node is not None:
scan_os = telemetry_json['data']['machine']["os"]
if "type" in scan_os:
mongo.db.node.update({"_id": node["_id"]},
{"$set": {
"os.type": scan_os["type"]
}},
upsert=False)
if "version" in scan_os:
mongo.db.node.update({"_id": node["_id"]},
{"$set": {
"os.version": scan_os["version"]
}},
upsert=False)
label = NodeService.get_label_for_endpoint(node["_id"])
edge.update_label(node["_id"], label)
