forked from p34709852/monkey
Merge pull request #438 from guardicore/434/bugfix/plaintext-passwords-logged
Hashing passwords to make sure we don't log passwords plaintext
This commit is contained in:
commit
8c69cc0af9
|
@ -11,7 +11,7 @@ import infection_monkey.monkeyfs as monkeyfs
|
||||||
from common.utils.attack_utils import ScanStatus
|
from common.utils.attack_utils import ScanStatus
|
||||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||||
from infection_monkey.exploit.tools.helpers import get_interface_to_target
|
from infection_monkey.exploit.tools.helpers import get_interface_to_target
|
||||||
|
from infection_monkey.config import Configuration
|
||||||
__author__ = 'itamar'
|
__author__ = 'itamar'
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
@ -31,9 +31,9 @@ class SmbTools(object):
|
||||||
|
|
||||||
# skip guest users
|
# skip guest users
|
||||||
if smb.isGuestSession() > 0:
|
if smb.isGuestSession() > 0:
|
||||||
LOG.debug("Connection to %r granted guest privileges with user: %s, password: '%s',"
|
LOG.debug("Connection to %r granted guest privileges with user: %s, password (SHA-512): '%s',"
|
||||||
" LM hash: %s, NTLM hash: %s",
|
" LM hash: %s, NTLM hash: %s",
|
||||||
host, username, password, lm_hash, ntlm_hash)
|
host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
smb.logoff()
|
smb.logoff()
|
||||||
|
@ -165,8 +165,8 @@ class SmbTools(object):
|
||||||
|
|
||||||
if not file_uploaded:
|
if not file_uploaded:
|
||||||
LOG.debug("Couldn't find a writable share for exploiting"
|
LOG.debug("Couldn't find a writable share for exploiting"
|
||||||
" victim %r with username: %s, password: '%s', LM hash: %s, NTLM hash: %s",
|
" victim %r with username: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s",
|
||||||
host, username, password, lm_hash, ntlm_hash)
|
host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)
|
||||||
return None
|
return None
|
||||||
|
|
||||||
return remote_full_path
|
return remote_full_path
|
||||||
|
@ -194,8 +194,9 @@ class SmbTools(object):
|
||||||
try:
|
try:
|
||||||
smb.login(username, password, '', lm_hash, ntlm_hash)
|
smb.login(username, password, '', lm_hash, ntlm_hash)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
LOG.debug("Error while logging into %r using user: %s, password: '%s', LM hash: %s, NTLM hash: %s: %s",
|
LOG.debug(
|
||||||
host, username, password, lm_hash, ntlm_hash, exc)
|
"Error while logging into %r using user: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s: %s",
|
||||||
|
host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash, exc)
|
||||||
return None, dialect
|
return None, dialect
|
||||||
|
|
||||||
smb.setTimeout(timeout)
|
smb.setTimeout(timeout)
|
||||||
|
|
|
@ -48,23 +48,23 @@ class WmiExploiter(HostExploiter):
|
||||||
except AccessDeniedException:
|
except AccessDeniedException:
|
||||||
self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
|
self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
|
||||||
LOG.debug("Failed connecting to %r using WMI with "
|
LOG.debug("Failed connecting to %r using WMI with "
|
||||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||||
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
||||||
continue
|
continue
|
||||||
except DCERPCException:
|
except DCERPCException:
|
||||||
self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
|
self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
|
||||||
LOG.debug("Failed connecting to %r using WMI with "
|
LOG.debug("Failed connecting to %r using WMI with "
|
||||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||||
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
||||||
continue
|
continue
|
||||||
except socket.error:
|
except socket.error:
|
||||||
LOG.debug("Network error in WMI connection to %r with "
|
LOG.debug("Network error in WMI connection to %r with "
|
||||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||||
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
||||||
return False
|
return False
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
LOG.debug("Unknown WMI connection error to %r with "
|
LOG.debug("Unknown WMI connection error to %r with "
|
||||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
|
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
|
||||||
self.host, user, password_hashed, lm_hash, ntlm_hash, exc, traceback.format_exc())
|
self.host, user, password_hashed, lm_hash, ntlm_hash, exc, traceback.format_exc())
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
|
|
@ -7,6 +7,7 @@ import time
|
||||||
from six.moves import xrange
|
from six.moves import xrange
|
||||||
|
|
||||||
import infection_monkey.tunnel as tunnel
|
import infection_monkey.tunnel as tunnel
|
||||||
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir
|
from infection_monkey.utils.monkey_dir import create_monkey_dir, get_monkey_dir_path, remove_monkey_dir
|
||||||
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
|
from infection_monkey.utils.monkey_log_path import get_monkey_log_path
|
||||||
from infection_monkey.config import WormConfiguration
|
from infection_monkey.config import WormConfiguration
|
||||||
|
@ -105,7 +106,7 @@ class InfectionMonkey(object):
|
||||||
ControlClient.wakeup(parent=self._parent)
|
ControlClient.wakeup(parent=self._parent)
|
||||||
ControlClient.load_control_config()
|
ControlClient.load_control_config()
|
||||||
|
|
||||||
if utils.is_windows_os():
|
if is_windows_os():
|
||||||
T1106Telem(ScanStatus.USED, UsageEnum.SINGLETON_WINAPI).send()
|
T1106Telem(ScanStatus.USED, UsageEnum.SINGLETON_WINAPI).send()
|
||||||
|
|
||||||
if not WormConfiguration.alive:
|
if not WormConfiguration.alive:
|
||||||
|
|
Loading…
Reference in New Issue