From c09c2c2127aecfd1c69d1206d0d3a7c71200e9c3 Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Fri, 7 Oct 2022 14:12:52 +0200
Subject: [PATCH] Agent: Add attack technique tags from WMIExploiter

---
 monkey/infection_monkey/exploit/wmiexec.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/monkey/infection_monkey/exploit/wmiexec.py b/monkey/infection_monkey/exploit/wmiexec.py
index 0ccf5bfe6..d04a01032 100644
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@@ -7,6 +7,11 @@ from time import time
 from impacket.dcerpc.v5.rpcrt import DCERPCException
 
 from common.credentials import get_plaintext
+from common.tags import (
+    T1021_ATTACK_TECHNIQUE_TAG,
+    T1105_ATTACK_TECHNIQUE_TAG,
+    T1110_ATTACK_TECHNIQUE_TAG,
+)
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.tools.helpers import get_agent_dst_path
 from infection_monkey.exploit.tools.smb_tools import SmbTools
@@ -22,10 +27,15 @@ from infection_monkey.utils.threading import interruptible_iter
 
 logger = logging.getLogger(__name__)
 
+WMI_EXPLOITER_TAG = "wmi-expliter"
+
 
 class WmiExploiter(HostExploiter):
     _EXPLOITED_SERVICE = "WMI (Windows Management Instrumentation)"
 
+    _EXPLOITER_TAGS = (WMI_EXPLOITER_TAG, T1021_ATTACK_TECHNIQUE_TAG, T1110_ATTACK_TECHNIQUE_TAG)
+    _PROPAGATION_TAGS = (WMI_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)
+
     @WmiTools.impacket_user
     @WmiTools.dcom_wrap
     def _exploit_host(self) -> ExploiterResultData: