def test_services_to_displayed_services(self):
services1 = DisplayedEdgeService.services_to_displayed_services(SCAN_DATA_MOCK[-1]["data"]["services"],
True)
assert services1 == ["tcp-8088", "tcp-22"]
services2 = DisplayedEdgeService.services_to_displayed_services(SCAN_DATA_MOCK[-1]["data"]["services"],
False)
assert services2 == ["tcp-8088: unknown", "tcp-22: ssh"]
def get(self):
edge_id = request.args.get("id")
displayed_edge = DisplayedEdgeService.get_displayed_edge_by_id(edge_id)
if edge_id:
return {"edge": displayed_edge}
return {}
def get_displayed_node_by_id(node_id, for_report=False):
if ObjectId(node_id) == NodeService.get_monkey_island_pseudo_id():
return NodeService.get_monkey_island_node()
new_node = {"id": node_id}
node = NodeService.get_node_by_id(node_id)
if node is None:
monkey = NodeService.get_monkey_by_id(node_id)
if monkey is None:
return new_node
# node is infected
new_node = NodeService.monkey_to_net_node(monkey, for_report)
for key in monkey:
if key not in [
'_id', 'modifytime', 'parent', 'dead', 'description'
]:
new_node[key] = monkey[key]
else:
# node is uninfected
new_node = NodeService.node_to_net_node(node, for_report)
new_node["ip_addresses"] = node["ip_addresses"]
new_node["domain_name"] = node["domain_name"]
accessible_from_nodes = []
accessible_from_nodes_hostnames = []
exploits = []
edges = DisplayedEdgeService.get_displayed_edges_by_dst(
node_id, for_report)
for edge in edges:
from_node_id = edge['from']
from_node_label = Monkey.get_label_by_id(from_node_id)
from_node_hostname = Monkey.get_hostname_by_id(from_node_id)
accessible_from_nodes.append(from_node_label)
accessible_from_nodes_hostnames.append(from_node_hostname)
for edge_exploit in edge['exploits']:
edge_exploit['origin'] = from_node_label
exploits.append(edge_exploit)
exploits = sorted(exploits, key=lambda exploit: exploit['timestamp'])
new_node["exploits"] = exploits
new_node["accessible_from_nodes"] = accessible_from_nodes
new_node[
"accessible_from_nodes_hostnames"] = accessible_from_nodes_hostnames
if len(edges) > 0:
new_node["services"] = edges[-1]["services"]
else:
new_node["services"] = []
new_node[
'has_log'] = monkey_island.cc.services.log.LogService.log_exists(
ObjectId(node_id))
return new_node
def test_edge_to_displayed_edge(self):
src_node_id = ObjectId()
dst_node_id = ObjectId()
edge = EdgeService(src_node_id=src_node_id,
dst_node_id=dst_node_id,
scans=SCAN_DATA_MOCK,
exploits=EXPLOIT_DATA_MOCK,
exploited=True,
domain_name=None,
ip_address="10.2.2.2",
dst_label="Ubuntu-4ubuntu2.8",
src_label="Ubuntu-4ubuntu3.2")
displayed_edge = DisplayedEdgeService.edge_to_displayed_edge(edge)
self.assertEqual(displayed_edge['to'], dst_node_id)
self.assertEqual(displayed_edge['from'], src_node_id)
self.assertEqual(displayed_edge['ip_address'], "10.2.2.2")
self.assertListEqual(displayed_edge['services'],
["tcp-8088: unknown", "tcp-22: ssh"])
self.assertEqual(displayed_edge['os'], {
"type": "linux",
"version": "Ubuntu-4ubuntu2.8"
})
self.assertEqual(displayed_edge['exploits'], EXPLOIT_DATA_MOCK)
self.assertEqual(
displayed_edge['_label'],
"Ubuntu-4ubuntu3.2 " + RIGHT_ARROW + " Ubuntu-4ubuntu2.8")
self.assertEqual(displayed_edge['group'], "exploited")
return displayed_edge
def test_edge_to_displayed_edge(self):
src_node_id = ObjectId()
dst_node_id = ObjectId()
edge = EdgeService(
src_node_id=src_node_id,
dst_node_id=dst_node_id,
scans=SCAN_DATA_MOCK,
exploits=EXPLOIT_DATA_MOCK,
exploited=True,
domain_name=None,
ip_address="10.2.2.2",
dst_label="Ubuntu-4ubuntu2.8",
src_label="Ubuntu-4ubuntu3.2",
)
displayed_edge = DisplayedEdgeService.edge_to_displayed_edge(edge)
assert displayed_edge["to"] == dst_node_id
assert displayed_edge["from"] == src_node_id
assert displayed_edge["ip_address"] == "10.2.2.2"
assert displayed_edge["services"] == [
"tcp-8088: unknown", "tcp-22: ssh"
]
assert displayed_edge["os"] == {
"type": "linux",
"version": "Ubuntu-4ubuntu2.8"
}
assert displayed_edge["exploits"] == EXPLOIT_DATA_MOCK
assert displayed_edge[
"_label"] == "Ubuntu-4ubuntu3.2 " + RIGHT_ARROW + " Ubuntu-4ubuntu2.8"
assert displayed_edge["group"] == "exploited"
return displayed_edge
def _get_infected_island_net_edges(monkey_island_monkey):
existing_ids = [
x.src_node_id for x in EdgeService.get_by_dst_node(
dst_node_id=monkey_island_monkey["_id"])
]
monkey_ids = [
x.id for x in Monkey.objects()
if ("tunnel" not in x) and (x.id not in existing_ids) and (
x.id != monkey_island_monkey["_id"])
]
edges = []
count = 0
for monkey_id in monkey_ids:
count += 1
# generating fake ID, because front end requires unique ID's for each edge. Collision
# improbable
fake_id = ObjectId(hex(count)[2:].zfill(24))
src_label = NodeService.get_label_for_endpoint(monkey_id)
dst_label = NodeService.get_label_for_endpoint(
monkey_island_monkey["_id"])
edge = DisplayedEdgeService.generate_pseudo_edge(
edge_id=fake_id,
src_node_id=monkey_id,
dst_node_id=monkey_island_monkey["_id"],
src_label=src_label,
dst_label=dst_label,
)
edges.append(edge)
return edges
def test_get_displayed_edges_by_to(self):
dst_id = ObjectId()
src_id = ObjectId()
EdgeService.get_or_create_edge(src_id, dst_id, "Ubuntu-4ubuntu2.8", "Ubuntu-4ubuntu2.8")
src_id2 = ObjectId()
EdgeService.get_or_create_edge(src_id2, dst_id, "Ubuntu-4ubuntu3.2", "Ubuntu-4ubuntu2.8")
displayed_edges = DisplayedEdgeService.get_displayed_edges_by_dst(str(dst_id))
assert len(displayed_edges) == 2
def test_get_displayed_edges_by_to(self):
self.clean_edge_db()
dst_id = ObjectId()
src_id = ObjectId()
EdgeService.get_or_create_edge(src_id, dst_id, "Ubuntu-4ubuntu2.8",
"Ubuntu-4ubuntu2.8")
src_id2 = ObjectId()
EdgeService.get_or_create_edge(src_id2, dst_id, "Ubuntu-4ubuntu3.2",
"Ubuntu-4ubuntu2.8")
displayed_edges = DisplayedEdgeService.get_displayed_edges_by_dst(
str(dst_id))
self.assertEqual(len(displayed_edges), 2)
def _get_uninfected_island_net_edges():
edges = []
monkey_ids = [x.id for x in Monkey.objects() if "tunnel" not in x]
count = 0
for monkey_id in monkey_ids:
count += 1
# generating fake ID, because front end requires unique ID's for each edge. Collision improbable
fake_id = ObjectId(hex(count)[2:].zfill(24))
island_id = ObjectId("000000000000000000000000")
monkey_label = NodeService.get_label_for_endpoint(monkey_id)
island_label = NodeService.get_label_for_endpoint(island_id)
island_pseudo_edge = DisplayedEdgeService.generate_pseudo_edge(edge_id=fake_id,
src_node_id=monkey_id,
dst_node_id=island_id,
src_label=monkey_label,
dst_label=island_label)
edges.append(island_pseudo_edge)
return edges
def _get_standard_net_edges():
return [DisplayedEdgeService.edge_to_net_edge(x) for x in EdgeService.get_all_edges()]