Agent: Fix "new user" logic in MimikatzCredentialCollector

Neither Passwords nor hashes should be included for and users that Infection Monkey creates.
2022-07-18 08:42:31 -04:00 · 2022-07-18 08:42:31 -04:00 · c144ad9e64
parent cb9f43d242
commit c144ad9e64
1 changed files with 6 additions and 3 deletions
--- a/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
+++ b/monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
@ -22,12 +22,15 @@ class MimikatzCredentialCollector(ICredentialCollector):
    def _to_credentials(windows_credentials: Sequence[WindowsCredentials]) -> Sequence[Credentials]:
        credentials = []
        for wc in windows_credentials:
-            identity = None
-
            # Mimikatz picks up users created by the Monkey even if they're successfully deleted
            # since it picks up creds from the registry. The newly created users are not removed
            # from the registry until a reboot of the system, hence this check.
-            if wc.username and not wc.username.startswith(USERNAME_PREFIX):
+            if wc.username and wc.username.startswith(USERNAME_PREFIX):
+                continue
+
+            identity = None
+
+            if wc.username:
                identity = Username(wc.username)

            if wc.password: