Agent: Extract powershell client parameters into powershell_utils

2021-08-24 13:13:37 -04:00 · 2021-08-24 13:13:37 -04:00 · 58f23f4fc0
parent 4e7a95316e
commit 58f23f4fc0
3 changed files with 38 additions and 3 deletions
--- a/monkey/infection_monkey/exploit/powershell.py
+++ b/monkey/infection_monkey/exploit/powershell.py
@ -74,9 +74,7 @@ class PowerShellExploiter(HostExploiter):
        return None

    def _authenticate(self, username: Optional[str], password: Optional[str]) -> Client:
-        ssl = password != ""
-        auth = "negotiate" if password != "" else "basic"
-        encryption = "auto" if password != "" else "never"
+        (ssl, auth, encryption) = utils.get_powershell_client_params(password)

        with Client(
            self.host.ip_addr,
--- a/monkey/infection_monkey/exploit/powershell_utils/utils.py
+++ b/monkey/infection_monkey/exploit/powershell_utils/utils.py
@ -1,6 +1,11 @@
 from itertools import product
 from typing import List, Optional, Tuple

+AUTH_BASIC = "basic"
+AUTH_NEGOTIATE = "negotiate"
+ENCRYPTION_AUTO = "auto"
+ENCRYPTION_NEVER = "never"
+

 def get_credentials(
    usernames: List[str], passwords: List[str], is_windows: bool
@ -41,3 +46,11 @@ def _get_username_password_credentials(
    username_password_pairs = product(usernames, passwords)

    return [credentials for credentials in username_password_pairs]
+
+
+def get_powershell_client_params(password: str) -> Tuple[bool, str, str]:
+    ssl = password != ""
+    auth = AUTH_NEGOTIATE if password != "" else AUTH_BASIC
+    encryption = ENCRYPTION_AUTO if password != "" else ENCRYPTION_NEVER
+
+    return (ssl, auth, encryption)
--- a/monkey/tests/unit_tests/infection_monkey/exploit/powershell_utils/test_utils.py
+++ b/monkey/tests/unit_tests/infection_monkey/exploit/powershell_utils/test_utils.py
@ -42,3 +42,27 @@ def test_get_credentials__username_password():
    for user in TEST_USERS:
        for password in TEST_PASSWORDS:
            assert (user, password) in credentials
+
+
+def test_get_powershell_client_params__password_none():
+    (ssl, auth, encryption) = utils.get_powershell_client_params(None)
+
+    assert ssl is True
+    assert auth == utils.AUTH_NEGOTIATE
+    assert encryption == utils.ENCRYPTION_AUTO
+
+
+def test_get_powershell_client_params__password_str():
+    (ssl, auth, encryption) = utils.get_powershell_client_params("1234")
+
+    assert ssl is True
+    assert auth == utils.AUTH_NEGOTIATE
+    assert encryption == utils.ENCRYPTION_AUTO
+
+
+def test_get_powershell_client_params__password_empty():
+    (ssl, auth, encryption) = utils.get_powershell_client_params("")
+
+    assert ssl is False
+    assert auth == utils.AUTH_BASIC
+    assert encryption == utils.ENCRYPTION_NEVER