p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Extract credentials in a more generic fashion

This commit is contained in:
Itay Mizeretz 2017-09-13 18:11:59 +03:00
parent 5b3e526d49
commit 8973032ca5
1 changed files with 6 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
monkey_island/cc/services/edge.py
View File

@ -70,17 +70,14 @@ class EdgeService:
user = "" user = ""
password = "" password = ""
# TODO: implement for other exploiters
# TODO: The format that's used today to get the credentials is bad. Change it from monkey side and adapt. # TODO: The format that's used today to get the credentials is bad. Change it from monkey side and adapt.
result = exploit["data"]["result"] result = exploit["data"]["result"]
if exploit["exploiter"] == "RdpExploiter": if result:
if "creds" in exploit["data"]["machine"]:
user = exploit["data"]["machine"]["creds"].keys()[0] user = exploit["data"]["machine"]["creds"].keys()[0]
password = exploit["data"]["machine"]["creds"][user] password = exploit["data"]["machine"]["creds"][user]
elif exploit["exploiter"] == "SmbExploiter":
if result:
user = exploit["data"]["machine"]["cred"].keys()[0]
password = exploit["data"]["machine"]["cred"][user]
else: else:
if ("user" in exploit["data"]) and ("password" in exploit["data"]):
user = exploit["data"]["user"] user = exploit["data"]["user"]
password = exploit["data"]["password"] password = exploit["data"]["password"]