Skip to content

Modify master.propagator #2991

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Feb 22, 2023
Merged

Modify master.propagator #2991

merged 15 commits into from
Feb 22, 2023

Conversation

shreyamalviya
Copy link
Contributor

What does this PR do?

Fixes a part of #2136

PR Checklist

  • Have you added an explanation of what your changes do and why you'd like to include them?
  • Is the TravisCI build passing?
  • Was the CHANGELOG.md updated to reflect the changes?
  • Was the documentation framework updated to reflect the changes?
  • Have you checked that you haven't introduced any duplicate code?

Testing Checklist

  • Added relevant unit tests?
  • Have you successfully tested your changes locally? Elaborate:

    Tested by {Running the Monkey locally with relevant config/running Island/...}

  • If applicable, add screenshots or log transcripts of the feature working

@shreyamalviya shreyamalviya force-pushed the 2136-modify-master-propagator branch from 23a8f6e to 6289403 Compare February 20, 2023 14:56
@ilija-lazoroski ilija-lazoroski force-pushed the 2136-update-fingerprinters branch from 98babeb to 58a1b74 Compare February 20, 2023 14:58
VakarisZ
VakarisZ reviewed Feb 20, 2023
View reviewed changes
monkey/infection_monkey/master/propagator.py Outdated
@@ -168,6 +170,23 @@ def _process_fingerprinter_results(
for service, details in fd.services.items():
target_host.services.setdefault(service, {}).update(details)

for service in fd.services:
# TODO: do we want to overwrite?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd imagine we'd like to append services

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fingerprinter is maybe scanning only one service, but results should be stored in a collection being able to handle multiple services. So PortScanData should probably have services, as services on port 8080 could be both HTTP and Tomcat for example

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer to limit to one service if we can.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TOMCAT implies HTTP, but more importantly, tomcat is more specific. There's only ever one service listening on a port (with some exceptions like virtual hosts that Infection Monkey isn't prepared to handle anyway).

If a services were to be identified as TOMCAT, we wouldn't want the hadoop exploiter to attempt to exploit it just because there's an HTTP server in the mix.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hadoop could exploit ports that only have one service: HTTP. There's only one service, but that service might be running a stack of technologies. Tomcat is tomcat, but it's also running in JVM, so tomcat exploiters and log4shell exploiters are both valid on it. It's also easier to fetch ports that are running HTTP with HTTP in fingerprint.services filter instead of having to hard code which services are HTTP services and keeping that list up to date.

VakarisZ
VakarisZ reviewed Feb 20, 2023
View reviewed changes
@shreyamalviya shreyamalviya force-pushed the 2136-modify-master-propagator branch from 6289403 to 4d3696c Compare February 21, 2023 05:41
@ilija-lazoroski ilija-lazoroski force-pushed the 2136-update-fingerprinters branch from 30fbb1e to 9b47a96 Compare February 21, 2023 11:57
shreyamalviya
shreyamalviya commented Feb 21, 2023
View reviewed changes
Base automatically changed from 2136-update-fingerprinters to 2136-refactor-scanning February 21, 2023 15:48
@mssalvatore mssalvatore force-pushed the 2136-modify-master-propagator branch 2 times, most recently from 349ea02 to e6f7de3 Compare February 21, 2023 16:29
mssalvatore
mssalvatore requested changes Feb 21, 2023
View reviewed changes
@cakekoa cakekoa force-pushed the 2136-modify-master-propagator branch from e6f7de3 to 9ec38d8 Compare February 21, 2023 18:04
shreyamalviya and others added 7 commits February 21, 2023 18:05
@shreyamalviya @cakekoa
Agent: Modify Propagator._process_fingerprinter_results() to update s…
22d2fe7 
…ervices in TargetHost
@shreyamalviya @cakekoa
Agent: Add TODO comments related to fingerprinting/scanning
615b9b5
@shreyamalviya @cakekoa
Agent: Fix variable name in master/propagator.py
68fd145
@shreyamalviya @cakekoa
Agent: Update Propagator's _process_tcp_scan_results() to update Targ…
af784e9 
…etHost
@shreyamalviya @cakekoa
Agent: Update TODO comment in master/propagator.py
f288e84
@shreyamalviya @cakekoa
Agent: Modify logic in _process_fingerprinter_results() in master/pro…
9875326 
…pagator.py
@cakekoa
Agent: Handle scan results
57167ce 
The Propagator does not expect previous TCP scan results, so it will
"merge" the scan data by overwriting old scan data, in cases where there
might be conflicting scan data for a given port.

The fingerprint data is merged in a similar manner, but the service is
only overwritten if the new service information is more descriptive than
the existing info. Currently this means that the service is only updated
if the new service is not UNKNOWN.
@cakekoa cakekoa force-pushed the 2136-modify-master-propagator branch from 9ec38d8 to 57167ce Compare February 21, 2023 19:07
@cakekoa cakekoa requested a review from mssalvatore February 21, 2023 19:18
@cakekoa cakekoa marked this pull request as ready for review February 21, 2023 19:18
mssalvatore
mssalvatore requested changes Feb 21, 2023
View reviewed changes
@cakekoa cakekoa force-pushed the 2136-modify-master-propagator branch from 4f1da08 to 7fd862c Compare February 21, 2023 22:49
mssalvatore
mssalvatore requested changes Feb 22, 2023
View reviewed changes
@mssalvatore mssalvatore merged commit 58cdc1f into 2136-refactor-scanning Feb 22, 2023
@mssalvatore mssalvatore deleted the 2136-modify-master-propagator branch February 22, 2023 12:30
mssalvatore added a commit that referenced this pull request Feb 22, 2023
@mssalvatore
Merge branch '2136-modify-master-propagator' into 2136-refactor-scanning
8558e15 
Issue #2136
PR #2991
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VakarisZ VakarisZ VakarisZ left review comments

@ilija-lazoroski ilija-lazoroski ilija-lazoroski approved these changes

@mssalvatore mssalvatore mssalvatore approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@shreyamalviya @ilija-lazoroski @mssalvatore @VakarisZ @cakekoa