Merge pull request #353 from VakarisZ/monkey_hook_method

Exploiter hook method
2019-06-23 13:40:09 +03:00 · 2019-06-23 13:40:09 +03:00 · 4f4fedb5d8
parent e2321baf9e e978d65998
commit 4f4fedb5d8
13 changed files with 25 additions and 16 deletions
--- a/monkey/infection_monkey/exploit/init.py
+++ b/monkey/infection_monkey/exploit/init.py
@ -48,8 +48,19 @@ class HostExploiter(object):
        self._exploit_attempts.append({'result': result, 'user': user, 'password': password,
                                       'lm_hash': lm_hash, 'ntlm_hash': ntlm_hash, 'ssh_key': ssh_key})

-    @abstractmethod
    def exploit_host(self):
+        self.pre_exploit()
+        self._exploit_host()
+        self.post_exploit()
+
+    def pre_exploit(self):
+        self.set_start_time()
+
+    def post_exploit(self):
+        self.set_finish_time()
+
+    @abstractmethod
+    def _exploit_host(self):
        raise NotImplementedError()

    def add_vuln_url(self, url):
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@ -31,7 +31,7 @@ class HadoopExploiter(WebRCE):
    def __init__(self, host):
        super(HadoopExploiter, self).__init__(host)

-    def exploit_host(self):
+    def _exploit_host(self):
        # Try to get exploitable url
        urls = self.build_potential_urls(self.HADOOP_PORTS)
        self.add_vulnerable_urls(urls, True)
--- a/monkey/infection_monkey/exploit/mssqlexec.py
+++ b/monkey/infection_monkey/exploit/mssqlexec.py
@ -30,7 +30,7 @@ class MSSQLExploiter(HostExploiter):
    def __init__(self, host):
        super(MSSQLExploiter, self).__init__(host)

-    def exploit_host(self):
+    def _exploit_host(self):
        # Brute force to get connection
        username_passwords_pairs_list = self._config.get_exploit_user_password_pairs()
        cursor = self.brute_force(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, username_passwords_pairs_list)
--- a/monkey/infection_monkey/exploit/rdpgrinder.py
+++ b/monkey/infection_monkey/exploit/rdpgrinder.py
@ -255,7 +255,7 @@ class RdpExploiter(HostExploiter):
                return True
        return False

-    def exploit_host(self):
+    def _exploit_host(self):
        global g_reactor

        is_open, _ = check_tcp_port(self.host.ip_addr, RDP_PORT)
--- a/monkey/infection_monkey/exploit/sambacry.py
+++ b/monkey/infection_monkey/exploit/sambacry.py
@ -57,7 +57,7 @@ class SambaCryExploiter(HostExploiter):
    def __init__(self, host):
        super(SambaCryExploiter, self).__init__(host)

-    def exploit_host(self):
+    def _exploit_host(self):
        if not self.is_vulnerable():
            return False

--- a/monkey/infection_monkey/exploit/shellshock.py
+++ b/monkey/infection_monkey/exploit/shellshock.py
@ -36,7 +36,7 @@ class ShellShockExploiter(HostExploiter):
                   ) for _ in range(20))
        self.skip_exist = self._config.skip_exploit_if_file_exist

-    def exploit_host(self):
+    def _exploit_host(self):
        # start by picking ports
        candidate_services = {
            service: self.host.services[service] for service in self.host.services if
--- a/monkey/infection_monkey/exploit/smbexec.py
+++ b/monkey/infection_monkey/exploit/smbexec.py
@ -43,7 +43,7 @@ class SmbExploiter(HostExploiter):
            return self.host.os.get('type') in self._TARGET_OS_TYPE
        return False

-    def exploit_host(self):
+    def _exploit_host(self):
        src_path = get_target_monkey(self.host)

        if not src_path:
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@ -94,7 +94,7 @@ class SSHExploiter(HostExploiter):
                continue
        return exploited

-    def exploit_host(self):
+    def _exploit_host(self):
        ssh = paramiko.SSHClient()
        ssh.set_missing_host_key_policy(paramiko.WarningPolicy())

--- a/monkey/infection_monkey/exploit/vsftpd.py
+++ b/monkey/infection_monkey/exploit/vsftpd.py
@ -60,7 +60,7 @@ class VSFTPDExploiter(HostExploiter):
            LOG.error('Failed to send payload to %s', self.host.ip_addr)
        return False

-    def exploit_host(self):
+    def _exploit_host(self):
        LOG.info("Attempting to trigger the Backdoor..")
        ftp_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

--- a/monkey/infection_monkey/exploit/web_rce.py
+++ b/monkey/infection_monkey/exploit/web_rce.py
@ -66,7 +66,7 @@ class WebRCE(HostExploiter):

        return exploit_config

-    def exploit_host(self):
+    def _exploit_host(self):
        """
        Method that contains default exploitation workflow
        :return: True if exploited, False otherwise
--- a/monkey/infection_monkey/exploit/win_ms08_067.py
+++ b/monkey/infection_monkey/exploit/win_ms08_067.py
@ -175,7 +175,7 @@ class Ms08_067_Exploiter(HostExploiter):
                           self.host.os.get('version') in self._windows_versions.keys()
        return False

-    def exploit_host(self):
+    def _exploit_host(self):
        src_path = get_target_monkey(self.host)

        if not src_path:
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@ -23,7 +23,7 @@ class WmiExploiter(HostExploiter):
        super(WmiExploiter, self).__init__(host)

    @WmiTools.dcom_wrap
-    def exploit_host(self):
+    def _exploit_host(self):
        src_path = get_target_monkey(self.host)

        if not src_path:
--- a/monkey/infection_monkey/monkey.py
+++ b/monkey/infection_monkey/monkey.py
@ -285,9 +285,7 @@ class InfectionMonkey(object):

        result = False
        try:
-            exploiter.set_start_time()
            result = exploiter.exploit_host()
-            exploiter.set_finish_time()
            if result:
                self.successfully_exploited(machine, exploiter)
                return True