From 0ffe023a9f19d4df17767a714e8609012864cbca Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Thu, 17 Mar 2022 14:26:07 -0400 Subject: [PATCH 1/3] Agent: Add a query timeout to pymssql.connect() --- monkey/infection_monkey/exploit/mssqlexec.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index bdef41784..01cc8b59b 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -23,6 +23,7 @@ class MSSQLExploiter(HostExploiter): _EXPLOITED_SERVICE = "MSSQL" _TARGET_OS_TYPE = ["windows"] LOGIN_TIMEOUT = 15 + QUERY_TIMEOUT = LOGIN_TIMEOUT # Time in seconds to wait between MSSQL queries. QUERY_BUFFER = 0.5 SQL_DEFAULT_TCP_PORT = "1433" @@ -213,7 +214,12 @@ class MSSQLExploiter(HostExploiter): # Core steps # Trying to connect conn = pymssql.connect( - host, user, password, port=port, login_timeout=self.LOGIN_TIMEOUT + host, + user, + password, + port=port, + login_timeout=self.LOGIN_TIMEOUT, + timeout=self.QUERY_TIMEOUT, ) logger.info( f"Successfully connected to host: {host} using user: {user} and password" From df5a0fe119861ff3f07e2c1c306040736ab25434 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Thu, 17 Mar 2022 14:28:46 -0400 Subject: [PATCH 2/3] Agent: Make MSSQLExploiter interruptible --- monkey/infection_monkey/exploit/mssqlexec.py | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index 01cc8b59b..05512aff4 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -15,6 +15,7 @@ from infection_monkey.model import DROPPER_ARG from infection_monkey.transport import LockedHTTPServer from infection_monkey.utils.brute_force import generate_identity_secret_pairs from infection_monkey.utils.commands import build_monkey_commandline +from infection_monkey.utils.threading import interruptable_iter logger = logging.getLogger(__name__) @@ -72,6 +73,9 @@ class MSSQLExploiter(HostExploiter): ) return self.exploit_result + if self.is_interrupted(): + return self.exploit_result + try: # Create dir for payload self.create_temp_dir() @@ -209,7 +213,14 @@ class MSSQLExploiter(HostExploiter): """ # Main loop # Iterates on users list - for user, password in users_passwords_pairs_list: + credentials_iterator = interruptable_iter( + users_passwords_pairs_list, + self.interrupt, + "MSSQL exploiter has been interrupted", + logging.INFO, + ) + + for user, password in credentials_iterator: try: # Core steps # Trying to connect From a247fa954c472e8e38cba67c6c3981b66b0665c8 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Fri, 18 Mar 2022 10:12:34 -0400 Subject: [PATCH 3/3] Agent: Use LONG_REQUEST_TIMEOUT for LOGIN_TIMEOUT in MSSQLExploiter --- monkey/infection_monkey/exploit/mssqlexec.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index 05512aff4..9a9bfef7a 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -23,8 +23,8 @@ logger = logging.getLogger(__name__) class MSSQLExploiter(HostExploiter): _EXPLOITED_SERVICE = "MSSQL" _TARGET_OS_TYPE = ["windows"] - LOGIN_TIMEOUT = 15 - QUERY_TIMEOUT = LOGIN_TIMEOUT + LOGIN_TIMEOUT = LONG_REQUEST_TIMEOUT + QUERY_TIMEOUT = LONG_REQUEST_TIMEOUT # Time in seconds to wait between MSSQL queries. QUERY_BUFFER = 0.5 SQL_DEFAULT_TCP_PORT = "1433"