예제 #1
0
    def get_exploited():
        exploited_with_monkeys = \
            [NodeService.get_displayed_node_by_id(monkey['_id'], True) for monkey in
             mongo.db.monkey.find({}, {'_id': 1}) if
             not NodeService.get_monkey_manual_run(NodeService.get_monkey_by_id(monkey['_id']))]

        exploited_without_monkeys = [
            NodeService.get_displayed_node_by_id(node['_id'], True)
            for node in mongo.db.node.find({'exploited': True}, {'_id': 1})
        ]

        exploited = exploited_with_monkeys + exploited_without_monkeys

        exploited = [{
            'label':
            exploited_node['label'],
            'ip_addresses':
            exploited_node['ip_addresses'],
            'domain_name':
            exploited_node['domain_name'],
            'exploits':
            list(
                set([
                    ReportService.EXPLOIT_DISPLAY_DICT[exploit['exploiter']]
                    for exploit in exploited_node['exploits']
                    if exploit['result']
                ]))
        } for exploited_node in exploited]

        logger.info('Exploited nodes generated for reporting')

        return exploited
예제 #2
0
    def patch(self, guid):
        monkey_json = json.loads(request.data)
        update = {"$set": {'modifytime': datetime.now()}}
        monkey = NodeService.get_monkey_by_guid(guid)
        if 'keepalive' in monkey_json:
            update['$set']['keepalive'] = dateutil.parser.parse(
                monkey_json['keepalive'])
        else:
            update['$set']['keepalive'] = datetime.now()
        if 'config' in monkey_json:
            update['$set']['config'] = monkey_json['config']
        if 'config_error' in monkey_json:
            update['$set']['config_error'] = monkey_json['config_error']

        if 'tunnel' in monkey_json:
            tunnel_host_ip = monkey_json['tunnel'].split(":")[-2].replace(
                "//", "")
            NodeService.set_monkey_tunnel(monkey["_id"], tunnel_host_ip)

        ttl = create_monkey_ttl_document(
            DEFAULT_MONKEY_TTL_EXPIRY_DURATION_IN_SECONDS)
        update['$set']['ttl_ref'] = ttl.id

        return mongo.db.monkey.update({"_id": monkey["_id"]},
                                      update,
                                      upsert=False)
예제 #3
0
    def get_scanned():

        formatted_nodes = []

        nodes = \
            [NodeService.get_displayed_node_by_id(node['_id'], True) for node in mongo.db.node.find({}, {'_id': 1})] \
            + [NodeService.get_displayed_node_by_id(monkey['_id'], True) for monkey in
               mongo.db.monkey.find({}, {'_id': 1})]
        for node in nodes:
            formatted_nodes.append({
                'label':
                node['label'],
                'ip_addresses':
                node['ip_addresses'],
                'accessible_from_nodes':
                list((x['hostname'] for x in (
                    NodeService.get_displayed_node_by_id(edge['from'], True)
                    for edge in EdgeService.get_displayed_edges_by_to(
                        node['id'], True)))),
                'services':
                node['services'],
                'domain_name':
                node['domain_name']
            })

        logger.info('Scanned nodes generated for reporting')

        return formatted_nodes
예제 #4
0
파일: net_edge.py 프로젝트: vanyell/monkey 
    def _get_infected_island_net_edges(monkey_island_monkey):
        existing_ids = [
            x.src_node_id for x in EdgeService.get_by_dst_node(
                dst_node_id=monkey_island_monkey["_id"])
        ]
        monkey_ids = [
            x.id for x in Monkey.objects()
            if ("tunnel" not in x) and (x.id not in existing_ids) and (
                x.id != monkey_island_monkey["_id"])
        ]
        edges = []

        count = 0
        for monkey_id in monkey_ids:
            count += 1
            # generating fake ID, because front end requires unique ID's for each edge. Collision
            # improbable
            fake_id = ObjectId(hex(count)[2:].zfill(24))
            src_label = NodeService.get_label_for_endpoint(monkey_id)
            dst_label = NodeService.get_label_for_endpoint(
                monkey_island_monkey["_id"])
            edge = DisplayedEdgeService.generate_pseudo_edge(
                edge_id=fake_id,
                src_node_id=monkey_id,
                dst_node_id=monkey_island_monkey["_id"],
                src_label=src_label,
                dst_label=dst_label,
            )
            edges.append(edge)

        return edges
예제 #5
0
def process_tunnel_telemetry(telemetry_json):
    check_tunneling_violation(telemetry_json)
    monkey_id = NodeService.get_monkey_by_guid(telemetry_json["monkey_guid"])["_id"]
    if telemetry_json["data"]["proxy"] is not None:
        tunnel_host_ip = get_tunnel_host_ip_from_proxy_field(telemetry_json)
        NodeService.set_monkey_tunnel(monkey_id, tunnel_host_ip)
    else:
        NodeService.unset_all_monkey_tunnels(monkey_id)
예제 #6
0
 def get_all_net_nodes():
     monkeys = NetNodeService._get_monkey_net_nodes()
     nodes = NetNodeService._get_standard_net_nodes()
     if NodeService.get_monkey_island_monkey() is None:
         monkey_island = [NodeService.get_monkey_island_pseudo_net_node()]
     else:
         monkey_island = []
     return monkeys + nodes + monkey_island
예제 #7
0
파일: report.py 프로젝트: xiaoqin00/monkey 
 def get_tunnels():
     return [
         {
             'type': 'tunnel',
             'machine': NodeService.get_node_hostname(NodeService.get_node_or_monkey_by_id(tunnel['_id'])),
             'dest': NodeService.get_node_hostname(NodeService.get_node_or_monkey_by_id(tunnel['tunnel']))
         }
         for tunnel in mongo.db.monkey.find({'tunnel': {'$exists': True}}, {'tunnel': 1})]
예제 #8
0
파일: local_run.py 프로젝트: vanyell/monkey 
    def get(self):
        NodeService.update_dead_monkeys()
        island_monkey = NodeService.get_monkey_island_monkey()
        if island_monkey is not None:
            is_monkey_running = not Monkey.get_single_monkey_by_id(island_monkey["_id"]).is_dead()
        else:
            is_monkey_running = False

        return jsonify(is_running=is_monkey_running)
예제 #9
0
파일: exploit.py 프로젝트: vanyell/monkey 
def update_node_credentials_from_successful_attempts(edge: EdgeService,
                                                     telemetry_json):
    for attempt in telemetry_json["data"]["attempts"]:
        if attempt["result"]:
            found_creds = {"user": attempt["user"]}
            for field in ["password", "lm_hash", "ntlm_hash", "ssh_key"]:
                if len(attempt[field]) != 0:
                    found_creds[field] = attempt[field]
            NodeService.add_credentials_to_node(edge.dst_node_id, found_creds)
예제 #10
0
 def get_all_displayed_nodes():
     nodes_without_monkeys = [
         NodeService.get_displayed_node_by_id(node['_id'], True)
         for node in mongo.db.node.find({}, {'_id': 1})
     ]
     nodes_with_monkeys = [
         NodeService.get_displayed_node_by_id(monkey['_id'], True)
         for monkey in mongo.db.monkey.find({}, {'_id': 1})
     ]
     nodes = nodes_without_monkeys + nodes_with_monkeys
     return nodes
예제 #11
0
파일: exploit.py 프로젝트: vanyell/monkey 
def update_network_with_exploit(edge: EdgeService, telemetry_json):
    telemetry_json["data"]["info"]["started"] = dateutil.parser.parse(
        telemetry_json["data"]["info"]["started"])
    telemetry_json["data"]["info"]["finished"] = dateutil.parser.parse(
        telemetry_json["data"]["info"]["finished"])
    new_exploit = copy.deepcopy(telemetry_json["data"])
    new_exploit.pop("machine")
    new_exploit["timestamp"] = telemetry_json["timestamp"]
    edge.update_based_on_exploit(new_exploit)
    if new_exploit["result"]:
        NodeService.set_node_exploited(edge.dst_node_id)
예제 #12
0
파일: report.py 프로젝트: vanyell/monkey 
 def get_tunnels():
     return [
         {
             "type": "tunnel",
             "machine": NodeService.get_node_hostname(
                 NodeService.get_node_or_monkey_by_id(tunnel["_id"])
             ),
             "dest": NodeService.get_node_hostname(
                 NodeService.get_node_or_monkey_by_id(tunnel["tunnel"])
             ),
         }
         for tunnel in mongo.db.monkey.find({"tunnel": {"$exists": True}}, {"tunnel": 1})
     ]
예제 #13
0
 def get_exploit_info_by_dict(class_name: str,
                              exploit_dict: dict) -> ExploiterReportInfo:
     ip_addr = exploit_dict["data"]["machine"]["ip_addr"]
     machine = NodeService.get_node_hostname(
         NodeService.get_node_or_monkey_by_ip(ip_addr))
     port = exploit_dict["data"]["info"]["vulnerable_service"]["port"]
     service = exploit_dict["data"]["info"]["vulnerable_service"][
         "service_name"]
     return ExploiterReportInfo(ip_address=ip_addr,
                                machine=machine,
                                type=class_name,
                                port=port,
                                service=service)
예제 #14
0
def get_edge_by_scan_or_exploit_telemetry(telemetry_json):
    dst_ip = telemetry_json["data"]["machine"]["ip_addr"]
    dst_domain_name = telemetry_json["data"]["machine"]["domain_name"]
    src_monkey = NodeService.get_monkey_by_guid(telemetry_json["monkey_guid"])
    dst_node = NodeService.get_monkey_by_ip(dst_ip)
    if dst_node is None:
        dst_node = NodeService.get_or_create_node(dst_ip, dst_domain_name)

    src_label = NodeService.get_label_for_endpoint(src_monkey["_id"])
    dst_label = NodeService.get_label_for_endpoint(dst_node["_id"])

    return EdgeService.get_or_create_edge(src_monkey["_id"], dst_node["_id"],
                                          src_label, dst_label)