p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

check SidType everywhere to make sure we don't have type errors

This commit is contained in:
Oran Nadler 2018-04-30 18:40:11 +03:00
parent 9594fab1a2
commit 1d25ba9085
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
monkey_island/cc/resources/pthmap.py
View File

@ -39,6 +39,16 @@ DsRole_RoleMemberServer = 3
DsRole_RoleBackupDomainController = 4 DsRole_RoleBackupDomainController = 4
DsRole_RolePrimaryDomainController = 5 DsRole_RolePrimaryDomainController = 5
SidTypeUser = 1
SidTypeGroup = 2
SidTypeDomain = 3
SidTypeAlias = 4
SidTypeWellKnownGroup = 5
SidTypeDeletedAccount = 6
SidTypeInvalid = 7
SidTypeUnknown = 8
SidTypeComputer = 9
def myntlm(x): def myntlm(x):
hash = hashlib.new('md4', x.encode('utf-16le')).digest() hash = hashlib.new('md4', x.encode('utf-16le')).digest()
return str(binascii.hexlify(hash)) return str(binascii.hexlify(hash))
@ -163,6 +173,9 @@ class Machine(object):
if eval(user["Name"]) != username: if eval(user["Name"]) != username:
continue continue
if eval(user["SIDType"]) != SidTypeUser:
continue
return eval(user["SID"]) return eval(user["SID"])
if not self.IsDomainController(): if not self.IsDomainController():
@ -191,6 +204,9 @@ class Machine(object):
if eval(user["SID"]) != sid: if eval(user["SID"]) != sid:
continue continue
if eval(user["SIDType"]) != SidTypeUser:
continue
return { "Domain": eval(user["Domain"]), return { "Domain": eval(user["Domain"]),
"Username": eval(user["Name"]), "Username": eval(user["Name"]),
"Disabled": user["Disabled"] == "true", "Disabled": user["Disabled"] == "true",
@ -280,6 +296,9 @@ class Machine(object):
if eval(group["Name"]) != group_name: if eval(group["Name"]) != group_name:
continue continue
if eval(group["SIDType"]) != SidTypeGroup:
continue
return eval(group["SID"]) return eval(group["SID"])
return None return None
@ -294,9 +313,15 @@ class Machine(object):
if eval(group_user["GroupComponent"]["SID"]) != sid: if eval(group_user["GroupComponent"]["SID"]) != sid:
continue continue
if eval(group_user["GroupComponent"]["SIDType"]) != SidTypeGroup:
continue
if "PartComponent" not in group_user.keys(): if "PartComponent" not in group_user.keys():
continue continue
if eval(group_user["PartComponent"]["SIDType"]) != SidTypeUser:
continue
users[eval(group_user["PartComponent"]["SID"])] = eval(group_user["PartComponent"]["Name"]) users[eval(group_user["PartComponent"]["SID"])] = eval(group_user["PartComponent"]["Name"])
return users return users
@ -335,6 +360,9 @@ class Machine(object):
SIDs = set() SIDs = set()
for user in doc["data"]["Win32_UserAccount"]: for user in doc["data"]["Win32_UserAccount"]:
if eval(user["SIDType"]) != SidTypeUser:
continue
SIDs.add(eval(user["SID"])) SIDs.add(eval(user["SID"]))
return SIDs return SIDs