- Added dynamic file creation on runtime instead of a static payload file

monkey/infection_monkey/exploit/mssqlexec.py

@@ -22,6 +22,21 @@ class MSSQLExploiter(HostExploiter):
         self._config = __import__('config').WormConfiguration
         self.attacks_list = [mssqlexec_utils.CmdShellAttack]
 
+    @staticmethod
+    def create_payload_file(payload_path=DEFAULT_PAYLOAD_PATH):
+        """
+        This function creates dynamically the payload file to be transported and ran on the exploited machine.
+        :param payload_path: A path to the create the payload file in
+        :return: True if the payload file was created and false otherwise.
+        """
+        try:
+            with open(payload_path, 'w+') as payload_file:
+                payload_file.write('dir C:\\')
+            return True
+        except Exception as e:
+            LOG.error("Payload file couldn't be created", exec_info=True)
+            return False
+
     def exploit_host(self):
         """
             Main function of the mssql brute force
@@ -29,6 +44,9 @@ class MSSQLExploiter(HostExploiter):
                     True or False depends on process success
             """
         username_passwords_pairs_list = self._config.get_exploit_user_password_pairs()
+
+        if not MSSQLExploiter.create_payload_file():
+            return False
         if self.brute_force_begin(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, username_passwords_pairs_list,
                                   self.DEFAULT_PAYLOAD_PATH):
             LOG.debug("Bruteforce was a success on host: {0}".format(self.host.ip_addr))