p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Remove credential hashes in logging in Zerologon exploiter

This commit is contained in:
Shreya Malviya 2022-03-07 12:21:24 +05:30 committed by Mike Salvatore
parent cbaa3256dd
commit 08cbf75b5f
1 changed files with 1 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
monkey/infection_monkey/exploit/zerologon.py
View File

@ -329,12 +329,7 @@ class ZerologonExploiter(HostExploiter):
self.remove_locally_saved_HKLM_keys() self.remove_locally_saved_HKLM_keys()
def save_HKLM_keys_locally(self, username: str, user_pwd_hashes: List[str]) -> bool: def save_HKLM_keys_locally(self, username: str, user_pwd_hashes: List[str]) -> bool:
logger.info( logger.info(f"Starting remote shell on victim with user: {username}")
f"Starting remote shell on victim with credentials:\n"
f"user: {username}\n"
f"hashes (SHA-512): {self._config.hash_sensitive_data(user_pwd_hashes[0])} : "
f"{self._config.hash_sensitive_data(user_pwd_hashes[1])}"
)
wmiexec = Wmiexec( wmiexec = Wmiexec(
ip=self.dc_ip, ip=self.dc_ip,