Make fact traits for reachable hosts configurable

mitre · Dec 11, 2023 · ec77074 · ec77074
1 parent f6ecbcb
commit ec77074
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 6 deletions.
diff --git a/app/api/v2/managers/operation_api_manager.py b/app/api/v2/managers/operation_api_manager.py
@@ -241,19 +241,22 @@ async def get_hosts(self, operation: dict):
         return hosts
 
     async def get_reachable_hosts(self, operation: dict):
+        trait_names = BaseWorld.get_config('reachable_host_traits') or []
+
         paws = ()
         for agent in operation.get('host_group', []):
             paw = agent.get('paw')
             if paw:
                 paws = paws + (paw,)
 
         hosts = []
-        fqdns = await self.services['knowledge_svc'].get_facts({
-            'trait': 'remote.host.fqdn',
-            'collected_by': paws,
-        })
-        for name in fqdns:
-            hosts.append(name.value)
+        for trait in trait_names:
+            fqdns = await self.services['knowledge_svc'].get_facts({
+                'trait': trait,
+                'collected_by': paws,
+            })
+            for name in fqdns:
+                hosts.append(name.value)
 
         return hosts
 

diff --git a/conf/default.yml b/conf/default.yml
@@ -26,6 +26,9 @@ objects.planners.default: atomic
 crypt_salt: REPLACE_WITH_RANDOM_VALUE
 encryption_key: ADMIN123
 exfil_dir: /tmp/caldera
+reachable_host_traits:
+- remote.host.fqdn
+- remote.host.ip
 host: 0.0.0.0
 plugins:
 - access