Merge pull request #438 from guardicore/434/bugfix/plaintext-passwords-logged

Hashing passwords to make sure we don't log passwords plaintext
2019-09-19 23:30:58 +03:00 · 2019-09-19 23:30:58 +03:00 · 8c69cc0af9
parent f0ee88182f 4762cbc545
commit 8c69cc0af9
3 changed files with 14 additions and 12 deletions
--- a/monkey/infection_monkey/exploit/tools/smb_tools.py
+++ b/monkey/infection_monkey/exploit/tools/smb_tools.py
@ -11,7 +11,7 @@ import infection_monkey.monkeyfs as monkeyfs
 from common.utils.attack_utils import ScanStatus
 from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
 from infection_monkey.exploit.tools.helpers import get_interface_to_target
-
+from infection_monkey.config import Configuration
 __author__ = 'itamar'

 LOG = logging.getLogger(__name__)
@ -31,9 +31,9 @@ class SmbTools(object):

        # skip guest users
        if smb.isGuestSession() > 0:
-            LOG.debug("Connection to %r granted guest privileges with user: %s, password: '%s',"
+            LOG.debug("Connection to %r granted guest privileges with user: %s, password (SHA-512): '%s',"
                      " LM hash: %s, NTLM hash: %s",
-                      host, username, password, lm_hash, ntlm_hash)
+                      host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)

            try:
                smb.logoff()
@ -165,8 +165,8 @@ class SmbTools(object):

        if not file_uploaded:
            LOG.debug("Couldn't find a writable share for exploiting"
-                      " victim %r with username: %s, password: '%s', LM hash: %s, NTLM hash: %s",
-                      host, username, password, lm_hash, ntlm_hash)
+                      " victim %r with username: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s",
+                      host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)
            return None

        return remote_full_path
@ -194,8 +194,9 @@ class SmbTools(object):
        try:
            smb.login(username, password, '', lm_hash, ntlm_hash)
        except Exception as exc:
-            LOG.debug("Error while logging into %r using user: %s, password: '%s', LM hash: %s, NTLM hash: %s: %s",
-                      host, username, password, lm_hash, ntlm_hash, exc)
+            LOG.debug(
+                "Error while logging into %r using user: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s: %s",
+                host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash, exc)
            return None, dialect

        smb.setTimeout(timeout)
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@ -48,23 +48,23 @@ class WmiExploiter(HostExploiter):
            except AccessDeniedException:
                self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
                LOG.debug("Failed connecting to %r using WMI with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
                          self.host, user, password_hashed, lm_hash, ntlm_hash)
                continue
            except DCERPCException:
                self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
                LOG.debug("Failed connecting to %r using WMI with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
                          self.host, user, password_hashed, lm_hash, ntlm_hash)
                continue
            except socket.error:
                LOG.debug("Network error in WMI connection to %r with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
                          self.host, user, password_hashed, lm_hash, ntlm_hash)
                return False
            except Exception as exc:
                LOG.debug("Unknown WMI connection error to %r with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
                          self.host, user, password_hashed, lm_hash, ntlm_hash, exc, traceback.format_exc())
                return False

--- a/monkey/infection_monkey/monkey.py
+++ b/monkey/infection_monkey/monkey.py
@ -7,6 +7,7 @@ import time
 from six.moves import xrange

 import infection_monkey.tunnel as tunnel
+from infection_monkey.utils.environment import is_windows_os
 from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir
 from infection_monkey.utils.monkey_log_path import get_monkey_log_path
 from infection_monkey.config import WormConfiguration
@ -105,7 +106,7 @@ class InfectionMonkey(object):
        ControlClient.wakeup(parent=self._parent)
        ControlClient.load_control_config()

-        if utils.is_windows_os():
+        if is_windows_os():
            T1106Telem(ScanStatus.USED, UsageEnum.SINGLETON_WINAPI).send()

        if not WormConfiguration.alive: