p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Improve variable names in MimikatzCredentialCollector

This commit is contained in:
Mike Salvatore 2022-07-18 08:26:49 -04:00
parent acf12c2de1
commit 302803b779
1 changed files with 18 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
monkey/infection_monkey/credential_collectors/mimikatz_collector/mimikatz_credential_collector.py
View File

@ -14,32 +14,32 @@ logger = logging.getLogger(__name__)
class MimikatzCredentialCollector(ICredentialCollector): class MimikatzCredentialCollector(ICredentialCollector):
def collect_credentials(self, options=None) -> Sequence[Credentials]: def collect_credentials(self, options=None) -> Sequence[Credentials]:
logger.info("Attempting to collect windows credentials with pypykatz.") logger.info("Attempting to collect windows credentials with pypykatz.")
creds = pypykatz_handler.get_windows_creds() windows_credentials = pypykatz_handler.get_windows_creds()
logger.info(f"Pypykatz gathered {len(creds)} credentials.") logger.info(f"Pypykatz gathered {len(windows_credentials)} credentials.")
return MimikatzCredentialCollector._to_credentials(creds) return MimikatzCredentialCollector._to_credentials(windows_credentials)
@staticmethod @staticmethod
def _to_credentials(win_creds: Sequence[WindowsCredentials]) -> [Credentials]: def _to_credentials(windows_credentials: Sequence[WindowsCredentials]) -> [Credentials]:
all_creds = [] credentials = []
for win_cred in win_creds: for wc in windows_credentials:
identity = None identity = None
# Mimikatz picks up users created by the Monkey even if they're successfully deleted # Mimikatz picks up users created by the Monkey even if they're successfully deleted
# since it picks up creds from the registry. The newly created users are not removed # since it picks up creds from the registry. The newly created users are not removed
# from the registry until a reboot of the system, hence this check. # from the registry until a reboot of the system, hence this check.
if win_cred.username and not win_cred.username.startswith(USERNAME_PREFIX): if wc.username and not wc.username.startswith(USERNAME_PREFIX):
identity = Username(win_cred.username) identity = Username(wc.username)
if win_cred.password: if wc.password:
password = Password(win_cred.password) password = Password(wc.password)
all_creds.append(Credentials(identity, password)) credentials.append(Credentials(identity, password))
if win_cred.lm_hash: if wc.lm_hash:
lm_hash = LMHash(lm_hash=win_cred.lm_hash) lm_hash = LMHash(lm_hash=wc.lm_hash)
all_creds.append(Credentials(identity, lm_hash)) credentials.append(Credentials(identity, lm_hash))
if win_cred.ntlm_hash: if wc.ntlm_hash:
ntlm_hash = NTHash(nt_hash=win_cred.ntlm_hash) ntlm_hash = NTHash(nt_hash=wc.ntlm_hash)
all_creds.append(Credentials(identity, ntlm_hash)) credentials.append(Credentials(identity, ntlm_hash))
return all_creds return credentials