diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py index cfb1b077a..d15603e48 100644 --- a/monkey/infection_monkey/monkey.py +++ b/monkey/infection_monkey/monkey.py @@ -22,6 +22,7 @@ from infection_monkey.network.firewall import app as firewall from infection_monkey.network.http_fingerprinter import HTTPFingerprinter from infection_monkey.network.info import get_local_network_interfaces from infection_monkey.network.mssql_fingerprinter import MSSQLFingerprinter +from infection_monkey.network.smb_fingerprinter import SMBFingerprinter from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload from infection_monkey.puppet.puppet import Puppet from infection_monkey.system_singleton import SystemSingleton @@ -186,9 +187,11 @@ class InfectionMonkey: @staticmethod def _build_puppet() -> IPuppet: puppet = Puppet() + puppet.load_plugin("elastic", ElasticSearchFingerprinter(), PluginType.FINGERPRINTER) puppet.load_plugin("http", HTTPFingerprinter(), PluginType.FINGERPRINTER) puppet.load_plugin("mssql", MSSQLFingerprinter(), PluginType.FINGERPRINTER) + puppet.load_plugin("smb", SMBFingerprinter(), PluginType.FINGERPRINTER) puppet.load_plugin("ransomware", RansomwarePayload(), PluginType.PAYLOAD) diff --git a/monkey/infection_monkey/network/smbfinger.py b/monkey/infection_monkey/network/smb_fingerprinter.py similarity index 79% rename from monkey/infection_monkey/network/smbfinger.py rename to monkey/infection_monkey/network/smb_fingerprinter.py index 2c76f652a..0d13a2d36 100644 --- a/monkey/infection_monkey/network/smbfinger.py +++ b/monkey/infection_monkey/network/smb_fingerprinter.py @@ -1,11 +1,19 @@ import logging import socket import struct +from typing import Dict from odict import odict -from infection_monkey.network.HostFinger import HostFinger +from infection_monkey.i_puppet import ( + FingerprintData, + IFingerprinter, + PingScanData, + PortScanData, + PortStatus, +) +SMB_DISPLAY_NAME = "SMB" SMB_PORT = 445 SMB_SERVICE = "tcp-445" @@ -62,7 +70,7 @@ class SMBNego(Packet): self.fields["bcc"] = struct.pack(" FingerprintData: + services = {} + smb_service = { + "display_name": SMB_DISPLAY_NAME, + "port": SMB_PORT, + } + os_type = None + os_version = None - def __init__(self): - from infection_monkey.config import WormConfiguration + if (SMB_PORT not in port_scan_data) or (port_scan_data[SMB_PORT].status != PortStatus.OPEN): + return FingerprintData(None, None, services) - self._config = WormConfiguration - - def get_host_fingerprint(self, host): + logger.debug(f"Fingerprinting potential SMB port {SMB_PORT} on {host}") try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.settimeout(0.7) - s.connect((host.ip_addr, SMB_PORT)) - - self.init_service(host.services, SMB_SERVICE, SMB_PORT) + s.connect((host, SMB_PORT)) h = SMBHeader(cmd=b"\x72", flag1=b"\x18", flag2=b"\x53\xc8") - n = SMBNego(data=SMBNegoFingerData()) + n = SMBNego(data=SMBNegoFingerprintData()) n.calculate() packet_ = h.to_byte_string() + n.to_byte_string() @@ -155,7 +172,7 @@ class SMBFinger(HostFinger): if data[8:10] == b"\x72\x00": header = SMBHeader(cmd=b"\x73", flag1=b"\x18", flag2=b"\x17\xc8", uid=b"\x00\x00") - body = SMBSessionFingerData() + body = SMBSessionFingerprintData() body.calculate() packet_ = header.to_byte_string() + body.to_byte_string() @@ -173,17 +190,17 @@ class SMBFinger(HostFinger): ] ) + logger.debug(f'os_version: "{os_version}", service_client: "{service_client}"') + if os_version.lower() != "unix": - host.os["type"] = "windows" + os_type = "windows" else: - host.os["type"] = "linux" + os_type = "linux" - host.services[SMB_SERVICE]["name"] = service_client - if "version" not in host.os: - host.os["version"] = os_version + smb_service["name"] = service_client - return True + services[SMB_SERVICE] = smb_service except Exception as exc: logger.debug("Error getting smb fingerprint: %s", exc) - return False + return FingerprintData(os_type, os_version, services)