Agent: Stamp time before running exploit

2022-10-05 20:49:08 +00:00 · 2022-10-05 20:49:08 +00:00 · 15974ff21c
parent 66f8471f24
commit 15974ff21c
1 changed files with 11 additions and 7 deletions
--- a/monkey/infection_monkey/exploit/mssqlexec.py
+++ b/monkey/infection_monkey/exploit/mssqlexec.py
@ -1,6 +1,6 @@
 import logging
 from pathlib import PureWindowsPath
-from time import sleep
+from time import sleep, time
 from typing import Iterable, Tuple

 import pymssql
@ -77,6 +77,7 @@ class MSSQLExploiter(HostExploiter):
            self._set_interrupted()
            return self.exploit_result

+        timestamp = time()
        try:
            self._upload_agent(agent_path_on_victim)
            self._run_agent(agent_path_on_victim)
@ -87,12 +88,12 @@ class MSSQLExploiter(HostExploiter):
            )

            logger.error(error_message)
-            self._publish_propagation_event(success=False, error_message=error_message)
+            self._publish_propagation_event(timestamp, False, error_message=error_message)
            self.exploit_result.error_message = error_message

            return self.exploit_result

-        self._publish_propagation_event(success=True)
+        self._publish_propagation_event(timestamp, True)
        self.exploit_result.propagation_success = True
        return self.exploit_result

@ -123,6 +124,7 @@ class MSSQLExploiter(HostExploiter):
        )

        for user, password in credentials_iterator:
+            timestamp = time()
            try:
                # Core steps
                # Trying to connect
@ -139,13 +141,13 @@ class MSSQLExploiter(HostExploiter):
                )
                self.exploit_result.exploitation_success = True
                self.add_vuln_port(MSSQLExploiter.SQL_DEFAULT_TCP_PORT)
-                self._report_login_attempt(True, user, password)
+                self._report_login_attempt(timestamp, True, user, password)
                cursor = conn.cursor()
                return cursor
            except pymssql.OperationalError as err:
                error_message = f"Connection to MSSQL failed: {err}"
                logger.info(error_message)
-                self._report_login_attempt(False, user, password, error_message)
+                self._report_login_attempt(timestamp, False, user, password, error_message)
                # Combo didn't work, hopping to the next one
                pass

@ -157,8 +159,10 @@ class MSSQLExploiter(HostExploiter):
            "Bruteforce process failed on host: {0}".format(self.host.ip_addr)
        )

-    def _report_login_attempt(self, success: bool, user, password: str, message: str = ""):
-        self._publish_exploitation_event(success=success, error_message=message)
+    def _report_login_attempt(
+        self, timestamp: float, success: bool, user, password: str, message: str = ""
+    ):
+        self._publish_exploitation_event(timestamp, success, error_message=message)
        self.report_login_attempt(success, user, password)

    def _upload_agent(self, agent_path_on_victim: PureWindowsPath):