monkey icon indicating copy to clipboard operation
monkey copied to clipboard
verified publisher icon guardicore

Integrate the EventQueue into the Agent

Open mssalvatore opened this issue 3 years ago • 0 comments

Refactor

Component(s) to be refactored

  • Agent
  • infection_monkey.credential_collectors
  • infection_monkey.telemetry.messengers.CredentialsInterceptingTelemetryMessenger

Explanation

Use the EventQueue in the agent to handle CredentialsStolenEvent events. Register for these events and add stolen credentials to the IPropagationCredentialsRepository.

Tasks

  • [ ] Define CredentialsStolenEvent in common.events
  • [ ] Initialize the EventQueue in the Agent
  • [ ] Create a subscriber that subscribes to CredentialsStolenEvents and adds them to the IPropagationCredentialsRepository
  • [ ] Modify the mimikatz collector to publish CredentialsStolenEvents
    • [ ] Accept the EventQueue in the collector's constructor
    • [ ] Generate `CredentialsStolenEvents
    • [ ] Publish CredentialsStolenEvents
  • [ ] Modify the SSH collector to publish CredentialsStolenEvents
    • [ ] Accept the EventQueue in the collector's constructor
    • [ ] Generate `CredentialsStolenEvents
    • [ ] Publish CredentialsStolenEvents
  • [ ] Remove CredentialsInterceptingTelemetryMessenger
  • [ ] Remove Vulture entries that are no longer relevant

mssalvatore avatar Aug 05 '22 16:08 mssalvatore