p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Agent: Add agent source to CredentialsStolenEvent in ZerologonExploiter

This commit is contained in:
Mike Salvatore 2022-09-15 08:01:39 -04:00
parent 4884313cba
commit ef821f75e2
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey/infection_monkey/exploit/zerologon.py
View File

@ -26,6 +26,7 @@ from infection_monkey.exploit.zerologon_utils.vuln_assessment import get_dc_deta
from infection_monkey.exploit.zerologon_utils.wmiexec import Wmiexec from infection_monkey.exploit.zerologon_utils.wmiexec import Wmiexec
from infection_monkey.i_puppet import ExploiterResultData from infection_monkey.i_puppet import ExploiterResultData
from infection_monkey.utils.capture_output import StdoutCapture from infection_monkey.utils.capture_output import StdoutCapture
from infection_monkey.utils.ids import get_agent_id
from infection_monkey.utils.threading import interruptible_iter from infection_monkey.utils.threading import interruptible_iter
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -310,6 +311,7 @@ class ZerologonExploiter(HostExploiter):
self, extracted_credentials: Sequence[Credentials] self, extracted_credentials: Sequence[Credentials]
) -> None: ) -> None:
credentials_stolen_event = CredentialsStolenEvent( credentials_stolen_event = CredentialsStolenEvent(
source=get_agent_id(),
tags=ZEROLOGON_EVENT_TAGS, tags=ZEROLOGON_EVENT_TAGS,
stolen_credentials=extracted_credentials, stolen_credentials=extracted_credentials,
) )