From 9b44fc8b9811443f1389ac7f8b8f58086c22152e Mon Sep 17 00:00:00 2001
From: Daniel Goldberg <danielg@guardicore.com>
Date: Tue, 27 Mar 2018 10:40:03 +0300
Subject: [PATCH] Adds configuration option to turn Azure collection on and off

Merge mimikatz and Azure into system info collection settings.
---
 infection_monkey/config.py               |  2 ++
 infection_monkey/example.conf            |  1 +
 infection_monkey/system_info/__init__.py |  4 +++-
 monkey_island/cc/services/config.py      | 11 +++++++++--
 4 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/infection_monkey/config.py b/infection_monkey/config.py
index 9ec784594..e7b1999d5 100644
--- a/infection_monkey/config.py
+++ b/infection_monkey/config.py
@@ -272,5 +272,7 @@ class Configuration(object):
 
     mimikatz_dll_name = "mk.dll"
 
+    extract_azure_creds = True
+
 
 WormConfiguration = Configuration()
diff --git a/infection_monkey/example.conf b/infection_monkey/example.conf
index 13fa33492..84f08e865 100644
--- a/infection_monkey/example.conf
+++ b/infection_monkey/example.conf
@@ -15,6 +15,7 @@
     "current_server": "41.50.73.31:5000",
     "alive": true,
     "collect_system_info": true,
+    "extract_azure_creds": true,
     "depth": 2,
 
     "dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
diff --git a/infection_monkey/system_info/__init__.py b/infection_monkey/system_info/__init__.py
index fc228701a..667ff9890 100644
--- a/infection_monkey/system_info/__init__.py
+++ b/infection_monkey/system_info/__init__.py
@@ -6,7 +6,6 @@ import psutil
 from enum import IntEnum
 
 from network.info import get_host_subnets
-
 from azure_cred_collector import AzureCollector
 
 LOG = logging.getLogger(__name__)
@@ -113,6 +112,9 @@ class InfoCollector(object):
         Updates the credentials structure, creating it if neccesary (compat with mimikatz)
         :return: None. Updates class information
         """
+        from config import WormConfiguration
+        if not WormConfiguration.extract_azure_creds:
+            return
         LOG.debug("Harvesting creds if on an Azure machine")
         azure_collector = AzureCollector()
         if 'credentials' not in self.info:
diff --git a/monkey_island/cc/services/config.py b/monkey_island/cc/services/config.py
index bd6b79ca6..75c3f058f 100644
--- a/monkey_island/cc/services/config.py
+++ b/monkey_island/cc/services/config.py
@@ -521,8 +521,8 @@ SCHEMA = {
                         }
                     }
                 },
-                "mimikatz": {
-                    "title": "Mimikatz",
+                "systemInfo": {
+                    "title": "System collection",
                     "type": "object",
                     "properties": {
                         "mimikatz_dll_name": {
@@ -531,6 +531,13 @@ SCHEMA = {
                             "default": "mk.dll",
                             "description":
                                 "Name of Mimikatz DLL (should be the same as in the monkey's pyinstaller spec file)"
+                        },
+                        "extract_azure_creds": {
+                            "title": "Harvest Azure Credentials",
+                            "type": "boolean",
+                            "default": True,
+                            "description":
+                                "Determine if the Monkey should try to harvest password credentials from Azure VMs"
                         }
                     }
                 }