From 8879dae276ebb96a629abdf96f9956a64c9f9ed6 Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Fri, 16 Jul 2021 10:12:06 -0400
Subject: [PATCH] Agent: Don't encrypt ransomware README.txt

Fixes #1304
---
 .../ransomware/file_selectors.py              | 10 ++++++++++
 .../ransomware/test_file_selectors.py         | 20 +++++++++++++++++++
 2 files changed, 30 insertions(+)

diff --git a/monkey/infection_monkey/ransomware/file_selectors.py b/monkey/infection_monkey/ransomware/file_selectors.py
index 167c547e8..33b73dd06 100644
--- a/monkey/infection_monkey/ransomware/file_selectors.py
+++ b/monkey/infection_monkey/ransomware/file_selectors.py
@@ -1,6 +1,8 @@
 from pathlib import Path
 from typing import List, Set
 
+from common.utils.file_utils import get_file_sha256_hash
+from infection_monkey.ransomware.consts import README_FILE_NAME, README_SHA256_HASH
 from infection_monkey.utils.dir_utils import (
     file_extension_filter,
     filter_files,
@@ -19,7 +21,15 @@ class ProductionSafeTargetFileSelector:
             file_extension_filter(self._targeted_file_extensions),
             is_not_shortcut_filter,
             is_not_symlink_filter,
+            _is_not_ransomware_readme_filter,
         ]
 
         all_files = get_all_regular_files_in_directory(target_dir)
         return filter_files(all_files, file_filters)
+
+
+def _is_not_ransomware_readme_filter(filepath: Path) -> bool:
+    if filepath.name != README_FILE_NAME:
+        return True
+
+    return get_file_sha256_hash(filepath) != README_SHA256_HASH
diff --git a/monkey/tests/unit_tests/infection_monkey/ransomware/test_file_selectors.py b/monkey/tests/unit_tests/infection_monkey/ransomware/test_file_selectors.py
index fd9489837..42e852b95 100644
--- a/monkey/tests/unit_tests/infection_monkey/ransomware/test_file_selectors.py
+++ b/monkey/tests/unit_tests/infection_monkey/ransomware/test_file_selectors.py
@@ -1,4 +1,5 @@
 import os
+import shutil
 
 import pytest
 from tests.unit_tests.infection_monkey.ransomware.ransomware_target_files import (
@@ -12,6 +13,7 @@ from tests.unit_tests.infection_monkey.ransomware.ransomware_target_files import
 from tests.utils import is_user_admin
 
 from infection_monkey.ransomware.file_selectors import ProductionSafeTargetFileSelector
+from infection_monkey.ransomware.ransomware_payload import README_SRC
 
 TARGETED_FILE_EXTENSIONS = [".pdf", ".txt"]
 
@@ -53,3 +55,21 @@ def test_directories_not_selected(ransomware_test_data, file_selector):
     selected_files = file_selector(ransomware_test_data)
 
     assert (ransomware_test_data / SUBDIR / HELLO_TXT) not in selected_files
+
+
+def test_ransomware_readme_not_selected(ransomware_target, file_selector):
+    readme_file = ransomware_target / "README.txt"
+    shutil.copyfile(README_SRC, readme_file)
+
+    selected_files = file_selector(ransomware_target)
+
+    assert readme_file not in selected_files
+
+
+def test_pre_existing_readme_is_selected(ransomware_target, stable_file, file_selector):
+    readme_file = ransomware_target / "README.txt"
+    shutil.copyfile(stable_file, readme_file)
+
+    selected_files = file_selector(ransomware_target)
+
+    assert readme_file in selected_files