Island: Add different aproach to check for readme

This commit is contained in:
Ilija Lazoroski 2021-07-09 14:33:43 +02:00
parent cd2d08d266
commit 947ecb330c
2 changed files with 15 additions and 8 deletions

View File

@ -56,12 +56,16 @@ class RansomwarePayload:
return None return None
def run_payload(self): def run_payload(self):
if not self._target_dir:
return
LOG.info("Running ransomware payload")
if self._encryption_enabled and self._target_dir: if self._encryption_enabled and self._target_dir:
LOG.info("Running ransomware payload")
file_list = self._find_files() file_list = self._find_files()
self._encrypt_files(file_list) self._encrypt_files(file_list)
if self._target_dir: if self._readme_enabled:
self._leave_readme() self._leave_readme()
def _find_files(self) -> List[Path]: def _find_files(self) -> List[Path]:
@ -93,8 +97,6 @@ class RansomwarePayload:
self._telemetry_messenger.send_telemetry(encryption_attempt) self._telemetry_messenger.send_telemetry(encryption_attempt)
def _leave_readme(self): def _leave_readme(self):
if not self._readme_enabled:
return
readme_dest_path = self._target_dir / README_DEST readme_dest_path = self._target_dir / README_DEST

View File

@ -247,13 +247,18 @@ def test_readme_already_exists(
def test_no_readme_if_no_directory( def test_no_readme_if_no_directory(
build_ransomware_payload, ransomware_payload_config, ransomware_target monkeypatch, ransomware_payload_config, telemetry_messenger_spy, ransomware_target
): ):
monkeypatch.setattr(ransomware_payload_module, "TARGETED_FILE_EXTENSIONS", set()),
mock_copy_file = MagicMock()
ransomware_payload_config["encryption"]["enabled"] = True ransomware_payload_config["encryption"]["enabled"] = True
ransomware_payload_config["encryption"]["directories"]["linux_target_dir"] = "" ransomware_payload_config["encryption"]["directories"]["linux_target_dir"] = ""
ransomware_payload_config["encryption"]["directories"]["windows_target_dir"] = "" ransomware_payload_config["encryption"]["directories"]["windows_target_dir"] = ""
ransomware_payload_config["other_behaviors"]["readme"] = True ransomware_payload_config["other_behaviors"]["readme"] = True
ransomware_payload = build_ransomware_payload(ransomware_payload_config)
ransomware_payload.run_payload() RansomwarePayload(
assert not Path(ransomware_target / README_DEST).exists() ransomware_payload_config, telemetry_messenger_spy, mock_copy_file
).run_payload()
mock_copy_file.assert_not_called()