def generate_new_report(): """ Generates new report based on telemetries, replaces old report in db with new one. :return: Report object """ report = \ { 'techniques': {}, 'meta': {'latest_monkey_modifytime': Monkey.get_latest_modifytime()}, 'name': REPORT_NAME } for tech_id, tech_info in list( AttackConfig.get_techniques_for_report().items()): try: technique_report_data = TECHNIQUES[tech_id].get_report_data() technique_report_data.update(tech_info) report['techniques'].update({tech_id: technique_report_data}) except KeyError as e: LOG.error( "Attack technique does not have it's report component added " "to attack report service. %s" % e) mongo.db.attack_report.replace_one({'name': REPORT_NAME}, report, upsert=True) return report
def generate_report(): domain_issues = ReportService.get_domain_issues() issues = ReportService.get_issues() config_users = ReportService.get_config_users() config_passwords = ReportService.get_config_passwords() cross_segment_issues = ReportService.get_cross_segment_issues() monkey_latest_modify_time = Monkey.get_latest_modifytime() scanned_nodes = ReportService.get_scanned() exploited_nodes = ReportService.get_exploited() report = \ { 'overview': { 'manual_monkeys': ReportService.get_manual_monkeys(), 'config_users': config_users, 'config_passwords': config_passwords, 'config_exploits': ReportService.get_config_exploits(), 'config_ips': ReportService.get_config_ips(), 'config_scan': ReportService.get_config_scan(), 'monkey_start_time': ReportService.get_first_monkey_time().strftime("%d/%m/%Y %H:%M:%S"), 'monkey_duration': ReportService.get_monkey_duration(), 'issues': ReportService.get_issues_overview(issues, config_users, config_passwords), 'warnings': ReportService.get_warnings_overview(issues, cross_segment_issues), 'cross_segment_issues': cross_segment_issues }, 'glance': { 'scanned': scanned_nodes, 'exploited': exploited_nodes, 'stolen_creds': ReportService.get_stolen_creds(), 'azure_passwords': ReportService.get_azure_creds(), 'ssh_keys': ReportService.get_ssh_keys(), 'strong_users': PTHReportService.get_strong_users_on_crit_details(), 'pth_map': PTHReportService.get_pth_map() }, 'recommendations': { 'issues': issues, 'domain_issues': domain_issues }, 'meta': { 'latest_monkey_modifytime': monkey_latest_modify_time } } ReportExporterManager().export(report) mongo.db.report.drop() mongo.db.report.insert_one( ReportService.encode_dot_char_before_mongo_insert(report)) return report
def get_latest_report(): """ Gets latest report (by retrieving it from db or generating a new one). :return: report dict. """ if AttackReportService.is_report_generated(): monkey_modifytime = Monkey.get_latest_modifytime() latest_report = mongo.db.attack_report.find_one({"name": REPORT_NAME}) report_modifytime = latest_report["meta"]["latest_monkey_modifytime"] if monkey_modifytime and report_modifytime and monkey_modifytime == report_modifytime: return latest_report return safe_generate_attack_report()
def is_latest_report_exists(): """ This function checks if a monkey report was already generated and if it's the latest one. :return: True if report is the latest one, False if there isn't a report or its not the latest. """ latest_report_doc = mongo.db.report.find_one({}, {"meta.latest_monkey_modifytime": 1}) if latest_report_doc: report_latest_modifytime = latest_report_doc["meta"]["latest_monkey_modifytime"] latest_monkey_modifytime = Monkey.get_latest_modifytime() return report_latest_modifytime == latest_monkey_modifytime return False
def generate_report(): domain_issues = ReportService.get_domain_issues() issues = ReportService.get_issues() config_users = ReportService.get_config_users() config_passwords = ReportService.get_config_passwords() issue_set = ReportService.get_issue_set(issues, config_users, config_passwords) cross_segment_issues = ReportService.get_cross_segment_issues() monkey_latest_modify_time = Monkey.get_latest_modifytime() scanned_nodes = ReportService.get_scanned() exploited_cnt = len(get_monkey_exploited()) report = { "overview": { "manual_monkeys": ReportService.get_manual_monkey_hostnames(), "config_users": config_users, "config_passwords": config_passwords, "config_exploits": ReportService.get_config_exploits(), "config_ips": ReportService.get_config_ips(), "config_scan": ReportService.get_config_scan(), "monkey_start_time": ReportService.get_first_monkey_time().strftime( "%d/%m/%Y %H:%M:%S" ), "monkey_duration": ReportService.get_monkey_duration(), "issues": issue_set, "cross_segment_issues": cross_segment_issues, }, "glance": { "scanned": scanned_nodes, "exploited_cnt": exploited_cnt, "stolen_creds": ReportService.get_stolen_creds(), "azure_passwords": ReportService.get_azure_creds(), "ssh_keys": ReportService.get_ssh_keys(), "strong_users": PTHReportService.get_strong_users_on_crit_details(), }, "recommendations": {"issues": issues, "domain_issues": domain_issues}, "meta": {"latest_monkey_modifytime": monkey_latest_modify_time}, } ReportExporterManager().export(report) mongo.db.report.drop() mongo.db.report.insert_one(ReportService.encode_dot_char_before_mongo_insert(report)) return report