forked from p15670423/monkey
Agent: Refactor InfectionMonkey._self_delete()
This commit is contained in:
Mike Salvatore
parent
2568a46790
commit
c2e01eaea7
|
|
@ -3,6 +3,7 @@ import logging
|
||||||
import os
|
import os
|
||||||
import subprocess
|
import subprocess
|
||||||
import sys
|
import sys
|
||||||
|
from pathlib import Path
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
||||||
import infection_monkey.tunnel as tunnel
|
import infection_monkey.tunnel as tunnel
|
||||||
|
|
@ -401,35 +402,46 @@ class InfectionMonkey:
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _self_delete() -> bool:
|
def _self_delete() -> bool:
|
||||||
|
InfectionMonkey._remove_monkey_dir()
|
||||||
|
|
||||||
|
if "python" in Path(sys.executable).name:
|
||||||
|
return False
|
||||||
|
|
||||||
|
try:
|
||||||
|
if "win32" == sys.platform:
|
||||||
|
InfectionMonkey._self_delete_windows()
|
||||||
|
else:
|
||||||
|
InfectionMonkey._self_delete_linux()
|
||||||
|
|
||||||
|
T1107Telem(ScanStatus.USED, sys.executable).send()
|
||||||
|
return True
|
||||||
|
except Exception as exc:
|
||||||
|
logger.error("Exception in self delete: %s", exc)
|
||||||
|
T1107Telem(ScanStatus.SCANNED, sys.executable).send()
|
||||||
|
|
||||||
|
return False
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def _remove_monkey_dir():
|
||||||
status = ScanStatus.USED if remove_monkey_dir() else ScanStatus.SCANNED
|
status = ScanStatus.USED if remove_monkey_dir() else ScanStatus.SCANNED
|
||||||
T1107Telem(status, get_monkey_dir_path()).send()
|
T1107Telem(status, get_monkey_dir_path()).send()
|
||||||
deleted = False
|
|
||||||
|
|
||||||
if -1 == sys.executable.find("python"):
|
@staticmethod
|
||||||
try:
|
def _self_delete_windows():
|
||||||
status = None
|
from subprocess import CREATE_NEW_CONSOLE, STARTF_USESHOWWINDOW, SW_HIDE
|
||||||
if "win32" == sys.platform:
|
|
||||||
from subprocess import CREATE_NEW_CONSOLE, STARTF_USESHOWWINDOW, SW_HIDE
|
|
||||||
|
|
||||||
startupinfo = subprocess.STARTUPINFO()
|
startupinfo = subprocess.STARTUPINFO()
|
||||||
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
|
startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW
|
||||||
startupinfo.wShowWindow = SW_HIDE
|
startupinfo.wShowWindow = SW_HIDE
|
||||||
subprocess.Popen(
|
subprocess.Popen(
|
||||||
DELAY_DELETE_CMD % {"file_path": sys.executable, "exe_pid": os.getpid()},
|
DELAY_DELETE_CMD % {"file_path": sys.executable, "exe_pid": os.getpid()},
|
||||||
stdin=None,
|
stdin=None,
|
||||||
stdout=None,
|
stdout=None,
|
||||||
stderr=None,
|
stderr=None,
|
||||||
close_fds=True,
|
close_fds=True,
|
||||||
startupinfo=startupinfo,
|
startupinfo=startupinfo,
|
||||||
)
|
)
|
||||||
deleted = True
|
|
||||||
else:
|
@staticmethod
|
||||||
os.remove(sys.executable)
|
def _self_delete_linux():
|
||||||
status = ScanStatus.USED
|
os.remove(sys.executable)
|
||||||
deleted = True
|
|
||||||
except Exception as exc:
|
|
||||||
logger.error("Exception in self delete: %s", exc)
|
|
||||||
status = ScanStatus.SCANNED
|
|
||||||
if status:
|
|
||||||
T1107Telem(status, sys.executable).send()
|
|
||||||
return deleted
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue