Skip to content

Download useful log file if a machine is exploited twice #2595

New issue
New issue
Closed
#2711
Closed
Download useful log file if a machine is exploited twice#2595
#2711
Labels
BugAn error, flaw, misbehavior or failure in the Monkey or Monkey Island.Complexity: MediumImpact: Medium
@shreyamalviya

Description

@shreyamalviya
shreyamalviya
opened on Nov 16, 2022

Describe the bug

A machine being exploited multiple times means that multiple Agents will try to run on that machine. Our logic makes sure that an Agent doesn't run if there's another one running already, however, that doesn't extend to the logs. If I try to download the Agent log of such a machine, it downloads the latest (haven't verified that it's actually the latest) Agent's logs.

To Reproduce

Steps to reproduce the behavior:

  1. Configure the Monkey so that a machine gets exploited twice (depth_3_a test should work).
  2. Try to download the log from a machine that has been exploited multiple times (mimikatz-15 in depth_3_a).

Expected behavior

The log file of the Agent that ran first should be downloaded. Or all of them should be downloaded.

Logs

Log file that I got from mimikatz-15 when running depth_3_a:
2022-11-16T14.28.33.664Z-mimikatz-15.log

Tasks

  • Modify the log download component to download all agent logs on a machine if multiple agents ran on that machine (0d) @ilija-lazoroski
  • Fix ErrorModal in LogDownloadButtons to include missing agent logs. (0.25d)

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugAn error, flaw, misbehavior or failure in the Monkey or Monkey Island.Complexity: MediumImpact: Medium

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions