forked from p15670423/monkey
FATAL bugfix in cache, better find sid by username
This commit is contained in:
Oran Nadler
parent
b54eb89330
commit
bad90d35c1
|
|
@ -59,7 +59,7 @@ def myntlm(x):
|
||||||
def cache(foo):
|
def cache(foo):
|
||||||
def hash(o):
|
def hash(o):
|
||||||
if type(o) in (int, float, str, unicode):
|
if type(o) in (int, float, str, unicode):
|
||||||
return o
|
return repr(o)
|
||||||
|
|
||||||
elif type(o) in (type(None),):
|
elif type(o) in (type(None),):
|
||||||
return "___None___"
|
return "___None___"
|
||||||
|
|
@ -605,7 +605,7 @@ class PassTheHashMap(object):
|
||||||
@cache
|
@cache
|
||||||
def GenerateEdgesBySid(self):
|
def GenerateEdgesBySid(self):
|
||||||
for attacker in self.vertices:
|
for attacker in self.vertices:
|
||||||
cached = Machine(attacker).GetCachedSids()
|
cached = self.GetCachedSids(Machine(attacker))
|
||||||
|
|
||||||
for victim in self.vertices:
|
for victim in self.vertices:
|
||||||
if attacker == victim:
|
if attacker == victim:
|
||||||
|
|
@ -885,12 +885,31 @@ class PassTheHashMap(object):
|
||||||
def GetNonCritialServers(self):
|
def GetNonCritialServers(self):
|
||||||
return set(self.machines) - self.GetCritialServers()
|
return set(self.machines) - self.GetCritialServers()
|
||||||
|
|
||||||
|
@cache
|
||||||
|
def GetCachedSids(self, m):
|
||||||
|
sids = set()
|
||||||
|
tmp = m.GetCachedSids()
|
||||||
|
|
||||||
|
for sid in tmp:
|
||||||
|
if sid.startswith("__USERNAME__"):
|
||||||
|
|
||||||
|
s = self.GetSidsByUsername(sid[len("__USERNAME__"):])
|
||||||
|
if len(s) == 1:
|
||||||
|
sids.add(s.pop())
|
||||||
|
else:
|
||||||
|
sids.add(sid)
|
||||||
|
|
||||||
|
else:
|
||||||
|
sids.add(sid)
|
||||||
|
|
||||||
|
return sids
|
||||||
|
|
||||||
@cache
|
@cache
|
||||||
def GetThreateningUsersByVictim(self, victim):
|
def GetThreateningUsersByVictim(self, victim):
|
||||||
threatening_users = set()
|
threatening_users = set()
|
||||||
|
|
||||||
for attacker in self.GetAttackersByVictim(victim):
|
for attacker in self.GetAttackersByVictim(victim):
|
||||||
threatening_users |= (attacker.GetCachedSids() & victim.GetAdmins())
|
threatening_users |= (self.GetCachedSids(attacker) & victim.GetAdmins())
|
||||||
|
|
||||||
return threatening_users
|
return threatening_users
|
||||||
|
|
||||||
|
|
@ -1099,12 +1118,7 @@ def main():
|
||||||
print """<h3>Cached SIDs</h3>"""
|
print """<h3>Cached SIDs</h3>"""
|
||||||
print """<h4>SIDs cached on this machine</h4>"""
|
print """<h4>SIDs cached on this machine</h4>"""
|
||||||
print """<ul>"""
|
print """<ul>"""
|
||||||
for sid in m.GetCachedSids():
|
for sid in pth.GetCachedSids(m):
|
||||||
if sid.startswith("__USERNAME__"):
|
|
||||||
sids = pth.GetSidsByUsername(sid[len("__USERNAME__"):])
|
|
||||||
if len(sids) == 1:
|
|
||||||
sid = sids.pop()
|
|
||||||
|
|
||||||
print """<li><a href="#{sid}">{username} ({sid})</a></li>""".format(username=pth.GetUsernameBySid(sid), sid=sid)
|
print """<li><a href="#{sid}">{username} ({sid})</a></li>""".format(username=pth.GetUsernameBySid(sid), sid=sid)
|
||||||
print """</ul>"""
|
print """</ul>"""
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue