From aedc666e8ff657681d9c1408a619f82783a1541b Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Wed, 1 Sep 2021 16:12:25 +0300
Subject: [PATCH] Remove IP address from AuthOptions in powershell

---
 monkey/infection_monkey/exploit/powershell.py   | 17 +++++++----------
 .../exploit/powershell_utils/auth_options.py    |  1 -
 .../exploit/powershell_utils/utils.py           |  4 ++--
 3 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py
index 8a86f8c39..69e7afe95 100644
--- a/monkey/infection_monkey/exploit/powershell.py
+++ b/monkey/infection_monkey/exploit/powershell.py
@@ -14,7 +14,7 @@ from infection_monkey.exploit.consts import WIN_ARCH_32, WIN_ARCH_64
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.powershell_utils import utils
 from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions
-from infection_monkey.exploit.powershell_utils.credential_generator import CredentialGenerator
+from infection_monkey.exploit.powershell_utils.credential_generation import get_credentials
 from infection_monkey.exploit.powershell_utils.utils import (
     IClient,
     get_client_based_on_auth_options,
@@ -57,12 +57,12 @@ class PowerShellExploiter(HostExploiter):
             logging.info(e)
             return False
 
-        credentials = CredentialGenerator(
-            self.host.ip_addr,
+        credentials = get_credentials(
             self._config.exploit_user_list,
             self._config.exploit_password_list,
             is_windows_os(),
-        ).get_credentials(is_https=is_https)
+            is_https=is_https,
+        )
 
         self.client = self._authenticate_via_brute_force(credentials)
         if not self.client:
@@ -92,7 +92,6 @@ class PowerShellExploiter(HostExploiter):
 
     def _try_http(self):
         auth_options_http = AuthOptions(
-            ip_addr=self.host.ip_addr,
             username=self._config.exploit_user_list[0],
             password=self._config.exploit_password_list[0],
             is_https=False,
@@ -101,7 +100,6 @@ class PowerShellExploiter(HostExploiter):
 
     def _try_https(self):
         auth_options_http = AuthOptions(
-            ip_addr=self.host.ip_addr,
             username=self._config.exploit_user_list[0],
             password=self._config.exploit_password_list[0],
             is_https=True,
@@ -111,7 +109,7 @@ class PowerShellExploiter(HostExploiter):
     def _authenticate_via_brute_force(self, credentials: [AuthOptions]) -> Optional[IClient]:
         for credential in credentials:
             try:
-                client = PowerShellExploiter._authenticate(credential)
+                client = self._authenticate(credential)
 
                 LOG.info(
                     f"Successfully logged into {self.host.ip_addr} using Powershell. User: "
@@ -129,9 +127,8 @@ class PowerShellExploiter(HostExploiter):
 
         return None
 
-    @staticmethod
-    def _authenticate(auth_options: AuthOptions) -> IClient:
-        client = get_client_based_on_auth_options(auth_options)
+    def _authenticate(self, auth_options: AuthOptions) -> IClient:
+        client = get_client_based_on_auth_options(self.host.ip_addr, auth_options)
 
         # attempt to execute dir command to know if authentication was successful
         client.execute_cmd("dir")
diff --git a/monkey/infection_monkey/exploit/powershell_utils/auth_options.py b/monkey/infection_monkey/exploit/powershell_utils/auth_options.py
index 2ffd16848..09b5d3e8b 100644
--- a/monkey/infection_monkey/exploit/powershell_utils/auth_options.py
+++ b/monkey/infection_monkey/exploit/powershell_utils/auth_options.py
@@ -4,7 +4,6 @@ from typing import Union
 
 @dataclass
 class AuthOptions:
-    ip_addr: str
     username: Union[str, None]
     password: Union[str, None]
     is_https: bool
diff --git a/monkey/infection_monkey/exploit/powershell_utils/utils.py b/monkey/infection_monkey/exploit/powershell_utils/utils.py
index d426cc6f9..b6198141d 100644
--- a/monkey/infection_monkey/exploit/powershell_utils/utils.py
+++ b/monkey/infection_monkey/exploit/powershell_utils/utils.py
@@ -34,7 +34,7 @@ class IClient(Protocol):
         pass
 
 
-def get_client_based_on_auth_options(auth_options: AuthOptions) -> IClient:
+def get_client_based_on_auth_options(ip_addr: str, auth_options: AuthOptions) -> IClient:
 
     # Passwordless login only works with SSL false, AUTH_BASIC and ENCRYPTION_NEVER
     if auth_options.password == "":
@@ -45,7 +45,7 @@ def get_client_based_on_auth_options(auth_options: AuthOptions) -> IClient:
     encryption = ENCRYPTION_AUTO if auth_options.password != "" else ENCRYPTION_NEVER
 
     return Client(
-        auth_options.ip_addr,
+        ip_addr,
         username=auth_options.username,
         password=auth_options.password,
         cert_validation=False,