p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Agent: Fix "new user" logic in MimikatzCredentialCollector 

Neither Passwords nor hashes should be included for and users that
Infection Monkey creates.
This commit is contained in:
Mike Salvatore 2022-07-18 08:42:31 -04:00
parent cb9f43d242
commit c144ad9e64
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
View File

@ -22,12 +22,15 @@ class MimikatzCredentialCollector(ICredentialCollector):
def _to_credentials(windows_credentials: Sequence[WindowsCredentials]) -> Sequence[Credentials]: def _to_credentials(windows_credentials: Sequence[WindowsCredentials]) -> Sequence[Credentials]:
credentials = [] credentials = []
for wc in windows_credentials: for wc in windows_credentials:
identity = None
# Mimikatz picks up users created by the Monkey even if they're successfully deleted # Mimikatz picks up users created by the Monkey even if they're successfully deleted
# since it picks up creds from the registry. The newly created users are not removed # since it picks up creds from the registry. The newly created users are not removed
# from the registry until a reboot of the system, hence this check. # from the registry until a reboot of the system, hence this check.
if wc.username and not wc.username.startswith(USERNAME_PREFIX): if wc.username and wc.username.startswith(USERNAME_PREFIX):
continue
identity = None
if wc.username:
identity = Username(wc.username) identity = Username(wc.username)
if wc.password: if wc.password: