Agent: Add logic to MonkeyTunnel to wait for exploited victims

This commit is contained in:
Mike Salvatore 2022-03-02 09:41:01 -05:00
parent f270a50c00
commit 47062071ac
2 changed files with 29 additions and 3 deletions

View File

@ -292,7 +292,12 @@ class ControlClient(object):
proxy_class = HTTPConnectProxy proxy_class = HTTPConnectProxy
target_addr, target_port = None, None target_addr, target_port = None, None
return tunnel.MonkeyTunnel(proxy_class, target_addr=target_addr, target_port=target_port) return tunnel.MonkeyTunnel(
proxy_class,
keep_tunnel_open_time=WormConfiguration.keep_tunnel_open_time,
target_addr=target_addr,
target_port=target_port,
)
@staticmethod @staticmethod
def get_pba_file(filename): def get_pba_file(filename):

View File

@ -2,7 +2,7 @@ import logging
import socket import socket
import struct import struct
import time import time
from threading import Thread from threading import Event, Thread
from infection_monkey.network.firewall import app as firewall from infection_monkey.network.firewall import app as firewall
from infection_monkey.network.info import get_free_tcp_port, local_ips from infection_monkey.network.info import get_free_tcp_port, local_ips
@ -109,10 +109,18 @@ def quit_tunnel(address, timeout=DEFAULT_TIMEOUT):
class MonkeyTunnel(Thread): class MonkeyTunnel(Thread):
def __init__(self, proxy_class, target_addr=None, target_port=None, timeout=DEFAULT_TIMEOUT): def __init__(
self,
proxy_class,
keep_tunnel_open_time,
target_addr=None,
target_port=None,
timeout=DEFAULT_TIMEOUT,
):
self._target_addr = target_addr self._target_addr = target_addr
self._target_port = target_port self._target_port = target_port
self._proxy_class = proxy_class self._proxy_class = proxy_class
self._keep_tunnel_open_time = keep_tunnel_open_time
self._broad_sock = None self._broad_sock = None
self._timeout = timeout self._timeout = timeout
self._stopped = False self._stopped = False
@ -121,6 +129,7 @@ class MonkeyTunnel(Thread):
super(MonkeyTunnel, self).__init__() super(MonkeyTunnel, self).__init__()
self.daemon = True self.daemon = True
self.l_ips = None self.l_ips = None
self._wait_for_exploited_machines = Event()
def run(self): def run(self):
self._broad_sock = _set_multicast_socket(self._timeout) self._broad_sock = _set_multicast_socket(self._timeout)
@ -195,5 +204,17 @@ class MonkeyTunnel(Thread):
ip_match = get_interface_to_target(ip) ip_match = get_interface_to_target(ip)
return "%s:%d" % (ip_match, self.local_port) return "%s:%d" % (ip_match, self.local_port)
def set_wait_for_exploited_machines(self):
self._wait_for_exploited_machines.set()
def stop(self): def stop(self):
self._wait_for_exploited_machine_connection()
self._stopped = True self._stopped = True
def _wait_for_exploited_machine_connection(self):
if self._wait_for_exploited_machines.is_set():
logger.info(
f"Waiting {self._keep_tunnel_open_time} seconds for exploited machines to connect "
"to the tunnel."
)
time.sleep(self._keep_tunnel_open_time)