From c77d796798c956db6c2dcb3fb920a4f14c87a1b5 Mon Sep 17 00:00:00 2001
From: VakarisZ <vakarisz@yahoo.com>
Date: Mon, 3 Jun 2019 09:41:05 +0300
Subject: [PATCH] PR comments fixed
---
monkey/infection_monkey/exploit/rdpgrinder.py | 2 +-
monkey/infection_monkey/exploit/sambacry.py | 7 ++++++-
monkey/infection_monkey/exploit/web_rce.py | 2 +-
.../cc/services/attack/technique_reports/__init__.py | 2 +-
4 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/monkey/infection_monkey/exploit/rdpgrinder.py b/monkey/infection_monkey/exploit/rdpgrinder.py
index 2c94dcafa..8e219b5c8 100644
--- a/monkey/infection_monkey/exploit/rdpgrinder.py
+++ b/monkey/infection_monkey/exploit/rdpgrinder.py
@@ -316,7 +316,7 @@ class RdpExploiter(HostExploiter):
if client_factory.success:
if not self._config.rdp_use_vbs_download:
- VictimHostTelem("T1197", ScanStatus.USED.value, self.host, BITS_UPLOAD_STRING)
+ VictimHostTelem("T1197", ScanStatus.USED.value, self.host, BITS_UPLOAD_STRING).send()
self.add_vuln_port(RDP_PORT)
exploited = True
self.report_login_attempt(True, user, password)
diff --git a/monkey/infection_monkey/exploit/sambacry.py b/monkey/infection_monkey/exploit/sambacry.py
index ed5e040bb..7c49f51ae 100644
--- a/monkey/infection_monkey/exploit/sambacry.py
+++ b/monkey/infection_monkey/exploit/sambacry.py
@@ -82,7 +82,11 @@ class SambaCryExploiter(HostExploiter):
trigger_result is not None, creds['username'], creds['password'], creds['lm_hash'], creds['ntlm_hash'])
if trigger_result is not None:
successfully_triggered_shares.append((share, trigger_result))
- self.add_vuln_port(self.SAMBA_PORT)
+ url = "smb://%(username)s@%(host)s:%(port)s/%(share_name)s" % {'username': creds['username'],
+ 'host': self.host.ip_addr,
+ 'port': self.SAMBA_PORT,
+ 'share_name': share}
+ self.add_vuln_url(url)
self.clean_share(self.host.ip_addr, share, writable_shares_creds_dict[share])
for share, fullpath in successfully_triggered_shares:
@@ -92,6 +96,7 @@ class SambaCryExploiter(HostExploiter):
LOG.info(
"Shares triggered successfully on host %s: %s" % (
self.host.ip_addr, str(successfully_triggered_shares)))
+ self.add_vuln_port(self.SAMBA_PORT)
return True
else:
LOG.info("No shares triggered successfully on host %s" % self.host.ip_addr)
diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py
index 72cc5fe0b..2b08575c3 100644
--- a/monkey/infection_monkey/exploit/web_rce.py
+++ b/monkey/infection_monkey/exploit/web_rce.py
@@ -307,7 +307,7 @@ class WebRCE(HostExploiter):
if not isinstance(resp, bool) and POWERSHELL_NOT_FOUND in resp:
LOG.info("Powershell not found in host. Using bitsadmin to download.")
backup_command = RDP_CMDLINE_HTTP % {'monkey_path': dest_path, 'http_path': http_path}
- VictimHostTelem("T1197", ScanStatus.USED.value, self.host, BITS_UPLOAD_STRING)
+ VictimHostTelem("T1197", ScanStatus.USED.value, self.host, BITS_UPLOAD_STRING).send()
resp = self.exploit(url, backup_command)
return resp
diff --git a/monkey/monkey_island/cc/services/attack/technique_reports/__init__.py b/monkey/monkey_island/cc/services/attack/technique_reports/__init__.py
index 0346a1857..dfaedc9f7 100644
--- a/monkey/monkey_island/cc/services/attack/technique_reports/__init__.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/__init__.py
@@ -38,7 +38,7 @@ class AttackTechnique(object):
"""
pass
- @staticmethod
+ # noinspection PyMethodParameters
@abstractstatic
def get_report_data():
"""