forked from p15670423/monkey
Agent: Add tags to MSSQL exploitation events
This commit is contained in:
parent
33230e85f7
commit
183bd1145f
|
@ -7,6 +7,10 @@ import pymssql
|
||||||
|
|
||||||
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
|
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
|
||||||
from common.credentials import get_plaintext
|
from common.credentials import get_plaintext
|
||||||
|
from common.tags import (
|
||||||
|
T1110_ATTACK_TECHNIQUE_TAG,
|
||||||
|
T1210_ATTACK_TECHNIQUE_TAG,
|
||||||
|
)
|
||||||
from common.utils.exceptions import FailedExploitationError
|
from common.utils.exceptions import FailedExploitationError
|
||||||
from infection_monkey.exploit.HostExploiter import HostExploiter
|
from infection_monkey.exploit.HostExploiter import HostExploiter
|
||||||
from infection_monkey.exploit.tools.helpers import get_agent_dst_path
|
from infection_monkey.exploit.tools.helpers import get_agent_dst_path
|
||||||
|
@ -20,6 +24,9 @@ from infection_monkey.utils.threading import interruptible_iter
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
MSSQL_EXPLOITER_TAG = "mssql-exploiter"
|
||||||
|
EXPLOITER_TAGS = (MSSQL_EXPLOITER_TAG, T1110_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
|
||||||
|
|
||||||
|
|
||||||
class MSSQLExploiter(HostExploiter):
|
class MSSQLExploiter(HostExploiter):
|
||||||
_EXPLOITED_SERVICE = "MSSQL"
|
_EXPLOITED_SERVICE = "MSSQL"
|
||||||
|
@ -57,7 +64,9 @@ class MSSQLExploiter(HostExploiter):
|
||||||
f" no credentials were successful"
|
f" no credentials were successful"
|
||||||
)
|
)
|
||||||
logger.error(error_message)
|
logger.error(error_message)
|
||||||
self._publish_exploitation_event(self.host.ip_addr, False, error_message=error_message)
|
self._publish_exploitation_event(
|
||||||
|
self.host.ip_addr, False, EXPLOITER_TAGS, error_message
|
||||||
|
)
|
||||||
return self.exploit_result
|
return self.exploit_result
|
||||||
|
|
||||||
if self._is_interrupted():
|
if self._is_interrupted():
|
||||||
|
@ -147,7 +156,7 @@ class MSSQLExploiter(HostExploiter):
|
||||||
def _report_login_attempt(
|
def _report_login_attempt(
|
||||||
self, success: bool, host: str, user, password: str, message: str = ""
|
self, success: bool, host: str, user, password: str, message: str = ""
|
||||||
):
|
):
|
||||||
self._publish_exploitation_event(host, success, error_message=message)
|
self._publish_exploitation_event(host, success, EXPLOITER_TAGS, error_message=message)
|
||||||
self.report_login_attempt(success, user, password)
|
self.report_login_attempt(success, user, password)
|
||||||
|
|
||||||
def _upload_agent(self, agent_path_on_victim: PureWindowsPath):
|
def _upload_agent(self, agent_path_on_victim: PureWindowsPath):
|
||||||
|
|
Loading…
Reference in New Issue