From 16f8c7841ea9e09a12f247114b6c4faf963c8a9f Mon Sep 17 00:00:00 2001 From: Shay Nehmad Date: Thu, 3 Oct 2019 12:25:26 +0300 Subject: [PATCH] Changed to similar levels of abstracion in user creation and deletion + not async --- .../post_breach/actions/communicate_as_new_user.py | 5 +++-- monkey/infection_monkey/utils/linux/users.py | 8 ++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py index 3118fcca9..dde24d811 100644 --- a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py +++ b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py @@ -54,10 +54,11 @@ class CommunicateAsNewUser(PBA): final_command = ' '.join(linux_cmds) exit_status = os.system(final_command) self.send_ping_result_telemetry(exit_status, commandline, username) - # delete the user, async in case it gets stuck. + # delete the user. commands_to_delete_user = get_linux_commands_to_delete_user(username) logger.debug("Trying to delete the user {} with commands {}".format(username, str(commands_to_delete_user))) - _ = subprocess.Popen(commands_to_delete_user, stderr=subprocess.STDOUT, shell=True) + delete_user_output = subprocess.check_output(" ".join(commands_to_delete_user), stderr=subprocess.STDOUT, shell=True) + logger.debug("Deletion output: {}".format(delete_user_output)) # Leaking the process on purpose - nothing we can do if it's stuck. except subprocess.CalledProcessError as e: PostBreachTelem(self, (e.output, False)).send() diff --git a/monkey/infection_monkey/utils/linux/users.py b/monkey/infection_monkey/utils/linux/users.py index 1acc87d72..d58e04b7d 100644 --- a/monkey/infection_monkey/utils/linux/users.py +++ b/monkey/infection_monkey/utils/linux/users.py @@ -3,12 +3,12 @@ import datetime def get_linux_commands_to_add_user(username): return [ - 'useradd', + 'adduser', # https://linux.die.net/man/8/adduser '-M', # Do not create homedir - '--expiredate', + '--expiredate', # The date on which the user account will be disabled. datetime.datetime.today().strftime('%Y-%m-%d'), - '--inactive', - '0', + '--inactive', # The number of days after a password expires until the account is permanently disabled. + '0', # A value of 0 disables the account as soon as the password has expired '-c', # Comment 'MONKEY_USER', # Comment username]