forked from p15670423/monkey
Remove unused and broken package gathering feature on windows. (#1431)
Agent: Remove unused and broken package gathering feature on windows.
This commit is contained in:
parent
00ccc3755d
commit
0635169362
|
@ -16,6 +16,8 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
internet access checks. #1402
|
||||
- Disused traceroute binaries. #1397
|
||||
- "Back door user" post-breach action. #1410
|
||||
- Stale code in the Windows system info collector that collected installed
|
||||
packages and WMI info. #1389
|
||||
|
||||
### Fixed
|
||||
- Misaligned buttons and input fields on exploiter and network configuration
|
||||
|
|
|
@ -1,30 +0,0 @@
|
|||
import sys
|
||||
|
||||
if sys.platform.startswith("win"):
|
||||
import pythoncom
|
||||
|
||||
pythoncom.CoInitialize()
|
||||
import wmi
|
||||
|
||||
from .mongo_utils import MongoUtils
|
||||
|
||||
|
||||
class WMIUtils:
|
||||
def __init__(self):
|
||||
# Static class
|
||||
pass
|
||||
|
||||
@staticmethod
|
||||
def get_wmi_class(class_name, moniker="//./root/cimv2", properties=None):
|
||||
_wmi = wmi.WMI(moniker=moniker)
|
||||
|
||||
try:
|
||||
if not properties:
|
||||
wmi_class = getattr(_wmi, class_name)()
|
||||
else:
|
||||
wmi_class = getattr(_wmi, class_name)(properties)
|
||||
|
||||
except wmi.x_wmi:
|
||||
return
|
||||
|
||||
return MongoUtils.fix_obj_for_mongo(wmi_class)
|
|
@ -1,6 +1,4 @@
|
|||
import logging
|
||||
import shlex
|
||||
import subprocess
|
||||
import sys
|
||||
|
||||
from common.common_consts.system_info_collectors_names import MIMIKATZ_COLLECTOR
|
||||
|
@ -10,9 +8,7 @@ from infection_monkey.system_info.windows_cred_collector.mimikatz_cred_collector
|
|||
|
||||
sys.coinit_flags = 0 # needed for proper destruction of the wmi python module
|
||||
import infection_monkey.config # noqa: E402
|
||||
from common.utils.wmi_utils import WMIUtils # noqa: E402
|
||||
from infection_monkey.system_info import InfoCollector # noqa: E402
|
||||
from infection_monkey.system_info.wmi_consts import WMI_CLASSES # noqa: E402
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
LOG.info("started windows info collector")
|
||||
|
@ -26,8 +22,6 @@ class WindowsInfoCollector(InfoCollector):
|
|||
def __init__(self):
|
||||
super(WindowsInfoCollector, self).__init__()
|
||||
self._config = infection_monkey.config.WormConfiguration
|
||||
self.info["reg"] = {}
|
||||
self.info["wmi"] = {}
|
||||
|
||||
def get_info(self):
|
||||
"""
|
||||
|
@ -39,7 +33,6 @@ class WindowsInfoCollector(InfoCollector):
|
|||
LOG.debug("Running Windows collector")
|
||||
super(WindowsInfoCollector, self).get_info()
|
||||
# TODO: Think about returning self.get_wmi_info()
|
||||
self.get_installed_packages()
|
||||
from infection_monkey.config import WormConfiguration
|
||||
|
||||
if MIMIKATZ_COLLECTOR in WormConfiguration.system_info_collector_classes:
|
||||
|
@ -47,23 +40,6 @@ class WindowsInfoCollector(InfoCollector):
|
|||
|
||||
return self.info
|
||||
|
||||
def get_installed_packages(self):
|
||||
LOG.info("Getting installed packages")
|
||||
|
||||
packages = subprocess.check_output(shlex.split("dism /online /get-packages"))
|
||||
self.info["installed_packages"] = packages.decode("utf-8", errors="ignore")
|
||||
|
||||
features = subprocess.check_output(shlex.split("dism /online /get-features"))
|
||||
self.info["installed_features"] = features.decode("utf-8", errors="ignore")
|
||||
|
||||
LOG.debug("Got installed packages")
|
||||
|
||||
def get_wmi_info(self):
|
||||
LOG.info("Getting wmi info")
|
||||
for wmi_class_name in WMI_CLASSES:
|
||||
self.info["wmi"][wmi_class_name] = WMIUtils.get_wmi_class(wmi_class_name)
|
||||
LOG.debug("Finished get_wmi_info")
|
||||
|
||||
def get_mimikatz_info(self):
|
||||
LOG.info("Gathering mimikatz info")
|
||||
try:
|
||||
|
|
|
@ -1,12 +0,0 @@
|
|||
WMI_CLASSES = {
|
||||
"Win32_OperatingSystem",
|
||||
"Win32_ComputerSystem",
|
||||
"Win32_LoggedOnUser",
|
||||
"Win32_UserAccount",
|
||||
"Win32_UserProfile",
|
||||
"Win32_Group",
|
||||
"Win32_GroupUser",
|
||||
"Win32_Product",
|
||||
"Win32_Service",
|
||||
"Win32_OptionalFeature",
|
||||
}
|
Loading…
Reference in New Issue