Merge pull request #438 from guardicore/434/bugfix/plaintext-passwords-logged

Hashing passwords to make sure we don't log passwords plaintext

monkey/infection_monkey/exploit/tools/smb_tools.py

@@ -11,7 +11,7 @@ import infection_monkey.monkeyfs as monkeyfs
 from common.utils.attack_utils import ScanStatus
 from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
 from infection_monkey.exploit.tools.helpers import get_interface_to_target
-
+from infection_monkey.config import Configuration
 __author__ = 'itamar'
 
 LOG = logging.getLogger(__name__)
@@ -31,9 +31,9 @@ class SmbTools(object):
 
         # skip guest users
         if smb.isGuestSession() > 0:
-            LOG.debug("Connection to %r granted guest privileges with user: %s, password: '%s',"
+            LOG.debug("Connection to %r granted guest privileges with user: %s, password (SHA-512): '%s',"
                       " LM hash: %s, NTLM hash: %s",
-                      host, username, password, lm_hash, ntlm_hash)
+                      host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)
 
             try:
                 smb.logoff()
@@ -165,8 +165,8 @@ class SmbTools(object):
 
         if not file_uploaded:
             LOG.debug("Couldn't find a writable share for exploiting"
-                      " victim %r with username: %s, password: '%s', LM hash: %s, NTLM hash: %s",
+                      " victim %r with username: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s",
-                      host, username, password, lm_hash, ntlm_hash)
+                      host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)
             return None
 
         return remote_full_path
@@ -194,8 +194,9 @@ class SmbTools(object):
         try:
             smb.login(username, password, '', lm_hash, ntlm_hash)
         except Exception as exc:
-            LOG.debug("Error while logging into %r using user: %s, password: '%s', LM hash: %s, NTLM hash: %s: %s",
+            LOG.debug(
-                      host, username, password, lm_hash, ntlm_hash, exc)
+                "Error while logging into %r using user: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s: %s",
+                host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash, exc)
             return None, dialect
 
         smb.setTimeout(timeout)

monkey/infection_monkey/exploit/wmiexec.py

@@ -48,23 +48,23 @@ class WmiExploiter(HostExploiter):
             except AccessDeniedException:
                 self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
                 LOG.debug("Failed connecting to %r using WMI with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
                           self.host, user, password_hashed, lm_hash, ntlm_hash)
                 continue
             except DCERPCException:
                 self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
                 LOG.debug("Failed connecting to %r using WMI with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
                           self.host, user, password_hashed, lm_hash, ntlm_hash)
                 continue
             except socket.error:
                 LOG.debug("Network error in WMI connection to %r with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
                           self.host, user, password_hashed, lm_hash, ntlm_hash)
                 return False
             except Exception as exc:
                 LOG.debug("Unknown WMI connection error to %r with "
-                          "user,password,lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
+                          "user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
                           self.host, user, password_hashed, lm_hash, ntlm_hash, exc, traceback.format_exc())
                 return False
 

monkey/infection_monkey/monkey.py

@@ -7,6 +7,7 @@ import time
 from six.moves import xrange
 
 import infection_monkey.tunnel as tunnel
+from infection_monkey.utils.environment import is_windows_os
 from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir
 from infection_monkey.utils.monkey_log_path import get_monkey_log_path
 from infection_monkey.config import WormConfiguration
@@ -105,7 +106,7 @@ class InfectionMonkey(object):
         ControlClient.wakeup(parent=self._parent)
         ControlClient.load_control_config()
 
-        if utils.is_windows_os():
+        if is_windows_os():
             T1106Telem(ScanStatus.USED, UsageEnum.SINGLETON_WINAPI).send()
 
         if not WormConfiguration.alive: