From bad90d35c1d0e71366de50a509f4641d2c510acd Mon Sep 17 00:00:00 2001
From: Oran Nadler <orann>
Date: Tue, 15 May 2018 12:55:50 +0300
Subject: [PATCH] FATAL bugfix in cache, better find sid by username

---
 monkey_island/cc/resources/pthmap.py | 32 ++++++++++++++++++++--------
 1 file changed, 23 insertions(+), 9 deletions(-)

diff --git a/monkey_island/cc/resources/pthmap.py b/monkey_island/cc/resources/pthmap.py
index af2688f56..a53277e5d 100644
--- a/monkey_island/cc/resources/pthmap.py
+++ b/monkey_island/cc/resources/pthmap.py
@@ -59,7 +59,7 @@ def myntlm(x):
 def cache(foo):
     def hash(o):
         if type(o) in (int, float, str, unicode):
-            return o
+            return repr(o)
 
         elif type(o) in (type(None),):
             return "___None___"
@@ -605,7 +605,7 @@ class PassTheHashMap(object):
     @cache
     def GenerateEdgesBySid(self):
         for attacker in self.vertices:
-            cached = Machine(attacker).GetCachedSids()
+            cached = self.GetCachedSids(Machine(attacker))
 
             for victim in self.vertices:
                 if attacker == victim:
@@ -885,12 +885,31 @@ class PassTheHashMap(object):
     def GetNonCritialServers(self):
         return set(self.machines) - self.GetCritialServers()
         
+    @cache
+    def GetCachedSids(self, m):
+        sids = set()
+        tmp = m.GetCachedSids()
+
+        for sid in tmp:
+            if sid.startswith("__USERNAME__"):
+                
+                s = self.GetSidsByUsername(sid[len("__USERNAME__"):])
+                if len(s) == 1:
+                    sids.add(s.pop())
+                else:
+                    sids.add(sid)
+
+            else:
+                sids.add(sid)
+        
+        return sids
+        
     @cache
     def GetThreateningUsersByVictim(self, victim):
         threatening_users = set()
         
         for attacker in self.GetAttackersByVictim(victim):
-            threatening_users |= (attacker.GetCachedSids() & victim.GetAdmins())
+            threatening_users |= (self.GetCachedSids(attacker) & victim.GetAdmins())
 
         return threatening_users
         
@@ -1099,12 +1118,7 @@ def main():
         print """<h3>Cached SIDs</h3>"""
         print """<h4>SIDs cached on this machine</h4>"""
         print """<ul>"""
-        for sid in m.GetCachedSids():
-            if sid.startswith("__USERNAME__"):
-                sids = pth.GetSidsByUsername(sid[len("__USERNAME__"):])
-                if len(sids) == 1:
-                    sid = sids.pop()
-
+        for sid in pth.GetCachedSids(m):
             print """<li><a href="#{sid}">{username} ({sid})</a></li>""".format(username=pth.GetUsernameBySid(sid), sid=sid)
         print """</ul>"""