p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Remove logging of sensitive data from SmbTools

This commit is contained in:
Mike Salvatore 2022-03-18 08:51:11 -04:00
parent 396dd0fca6
commit 32491d5998
1 changed files with 4 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
monkey/infection_monkey/exploit/tools/smb_tools.py
View File

@ -8,7 +8,6 @@ from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
from impacket.smbconnection import SMB_DIALECT, SMBConnection from impacket.smbconnection import SMB_DIALECT, SMBConnection
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.config import Configuration
from infection_monkey.network.tools import get_interface_to_target from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
from infection_monkey.utils.brute_force import get_credential_string from infection_monkey.utils.brute_force import get_credential_string
@ -40,16 +39,7 @@ class SmbTools(object):
# skip guest users # skip guest users
if smb.isGuestSession() > 0: if smb.isGuestSession() > 0:
logger.debug( logger.debug(f'Connection to {host} granted guest privileges with user "{username}"')
"Connection to %r granted guest privileges with user: %s, password (SHA-512): "
"'%s',"
" LM hash (SHA-512): %s, NTLM hash (SHA-512): %s",
host,
username,
Configuration.hash_sensitive_data(password),
Configuration.hash_sensitive_data(lm_hash),
Configuration.hash_sensitive_data(ntlm_hash),
)
try: try:
smb.logoff() smb.logoff()
@ -184,14 +174,8 @@ class SmbTools(object):
if not file_uploaded: if not file_uploaded:
logger.debug( logger.debug(
"Couldn't find a writable share for exploiting victim %r with " f"Couldn't find a writable share for exploiting victim {host} with "
"username: %s, password (SHA-512): '%s', LM hash (SHA-512): %s, NTLM hash (" f'user "{username}"'
"SHA-512): %s",
host,
username,
Configuration.hash_sensitive_data(password),
Configuration.hash_sensitive_data(lm_hash),
Configuration.hash_sensitive_data(ntlm_hash),
) )
return None return None
@ -222,16 +206,7 @@ class SmbTools(object):
try: try:
smb.login(username, password, "", lm_hash, ntlm_hash) smb.login(username, password, "", lm_hash, ntlm_hash)
except Exception as exc: except Exception as exc:
logger.debug( logger.debug(f'Error while logging into {host} using user "{username}": {exc}')
"Error while logging into %r using user: %s, password (SHA-512): '%s', "
"LM hash (SHA-512): %s, NTLM hash (SHA-512): %s: %s",
host,
username,
Configuration.hash_sensitive_data(password),
Configuration.hash_sensitive_data(lm_hash),
Configuration.hash_sensitive_data(ntlm_hash),
exc,
)
return None, dialect return None, dialect
smb.setTimeout(timeout) smb.setTimeout(timeout)