Skip to content

Show exploited machine name under "Stolen From" in stolen credentials section #1004

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Mar 3, 2021
Merged

Show exploited machine name under "Stolen From" in stolen credentials section #1004

merged 6 commits into from
Mar 3, 2021

Conversation

shreyamalviya
Copy link
Contributor

Fixes #1001

@codecov
Copy link

codecov bot commented Feb 26, 2021
edited
Loading

Codecov Report

Merging #1004 (243e077) into develop (eb41376) will increase coverage by 1.43%.
The diff coverage is n/a.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #1004      +/-   ##
===========================================
+ Coverage    26.21%   27.64%   +1.43%     
===========================================
  Files          402      402              
  Lines        12830    12833       +3     
===========================================
+ Hits          3363     3548     +185     
+ Misses        9467     9285     -182
Impacted Files Coverage Δ
monkey/monkey/monkey_island/cc/services/node.py 29.28% <0.00%> (+0.41%) ⬆️
.../monkey_island/cc/services/reporting/pth_report.py 29.11% <0.00%> (+29.11%) ⬆️
...nkey/monkey_island/cc/services/reporting/report.py 29.56% <0.00%> (+29.56%) ⬆️
...ces/reporting/report_generation_synchronisation.py 33.33% <0.00%> (+33.33%) ⬆️
...d/cc/services/reporting/report_exporter_manager.py 47.82% <0.00%> (+47.82%) ⬆️
...nkey_island/cc/services/groups_and_users_consts.py 100.00% <0.00%> (+100.00%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update eb41376...243e077. Read the comment docs.

@mssalvatore
Copy link
Collaborator

In general, our process for fixing bugs should be:

  1. Write a test (or tests) that reproduces the bug. This test should fail.
  2. Fix the bug
  3. Verify that tests now pass.

Since we don't want to test private methods, we can write tests against get_stolen_creds(). This will exercise the flawed code. We can use mongomock to provide whatever data is necessary to reproduce the issue in the test.

These tests also help communicate the root cause of the bug.

mssalvatore
mssalvatore reviewed Feb 27, 2021
View reviewed changes
@shreyamalviya shreyamalviya force-pushed the bugfix-incorrect-host-in-stolen-creds-report branch 5 times, most recently from aa5d9e3 to b953d6e Compare March 3, 2021 11:32
@shreyamalviya shreyamalviya force-pushed the bugfix-incorrect-host-in-stolen-creds-report branch from b953d6e to d772760 Compare March 3, 2021 11:38
@ghost
Copy link

ghost commented Mar 3, 2021
edited by ghost
Loading

Congratulations 🎉. DeepCode analyzed your code in 2.894 seconds and we found no issues. Enjoy a moment of no bugs ☀️.

👉 View analysis in DeepCode’s Dashboard | Configure the bot

mssalvatore
mssalvatore reviewed Mar 3, 2021
View reviewed changes
monkey/monkey_island/cc/services/reporting/report.py Outdated
@@ -181,6 +181,7 @@ def get_exploited():

@staticmethod
def get_stolen_creds():
print(f"\n\n{list(mongo.db.telemetry.find())}\n\n")
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this a debug statement that slipped in by accident?

@mssalvatore mssalvatore merged commit bcc462e into guardicore:develop Mar 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mssalvatore mssalvatore mssalvatore left review comments

@VakarisZ VakarisZ Awaiting requested review from VakarisZ

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Incorrect host in "stolen from" column
2 participants
@shreyamalviya @mssalvatore