diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py index b89b55daa..ee855e5d8 100644 --- a/monkey/infection_monkey/exploit/powershell.py +++ b/monkey/infection_monkey/exploit/powershell.py @@ -15,6 +15,7 @@ from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey_by_os from infection_monkey.model import DROPPER_ARG, GET_ARCH_WINDOWS, RUN_MONKEY, VictimHost from infection_monkey.utils.commands import build_monkey_commandline +from infection_monkey.utils.environment import is_windows_os LOG = logging.getLogger(__name__) @@ -59,6 +60,10 @@ class PowerShellExploiter(HostExploiter): return None def _get_credentials(self) -> List[Tuple[Optional[str], Optional[str]]]: + # When username or password is None, this instructs the powershell client to attempt to use + # The current user's credentials. This is only valid if the client is running from a Windows + # machine. + credentials = [] credentials.extend(self._get_empty_credentials()) credentials.extend(self._get_username_only_credentials()) @@ -67,10 +72,18 @@ class PowerShellExploiter(HostExploiter): return credentials def _get_empty_credentials(self) -> List[Tuple[None, None]]: - return [(None, None)] + if is_windows_os(): + return [(None, None)] - def _get_username_only_credentials(self) -> List[Tuple[str, None]]: - return [(username, None) for username in self._config.exploit_user_list] + return [] + + def _get_username_only_credentials(self) -> List[Tuple[str, Optional[str]]]: + credentials = [(username, "") for username in self._config.exploit_user_list] + + if is_windows_os(): + credentials.extend([(username, None) for username in self._config.exploit_user_list]) + + return credentials def _get_username_password_credentials(self) -> List[Tuple[str, str]]: return [credentials for credentials in self._config.get_exploit_user_password_pairs()]