forked from p34709852/monkey
agent: Use `expand_path()` instead of `os.path` functions in ransomware payload
This commit is contained in:
parent
f8a062876c
commit
ded6ce0cd0
|
@ -1,5 +1,4 @@
|
||||||
import logging
|
import logging
|
||||||
import os
|
|
||||||
import shutil
|
import shutil
|
||||||
from pathlib import Path
|
from pathlib import Path
|
||||||
from pprint import pformat
|
from pprint import pformat
|
||||||
|
@ -11,6 +10,7 @@ from infection_monkey.ransomware.targeted_file_extensions import TARGETED_FILE_E
|
||||||
from infection_monkey.telemetry.file_encryption_telem import FileEncryptionTelem
|
from infection_monkey.telemetry.file_encryption_telem import FileEncryptionTelem
|
||||||
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
|
from infection_monkey.telemetry.messengers.i_telemetry_messenger import ITelemetryMessenger
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
from infection_monkey.utils.file_utils import expand_path
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
@ -29,11 +29,13 @@ class RansomwarePayload:
|
||||||
self._readme_enabled = config["other_behaviors"]["readme"]
|
self._readme_enabled = config["other_behaviors"]["readme"]
|
||||||
|
|
||||||
target_directories = config["encryption"]["directories"]
|
target_directories = config["encryption"]["directories"]
|
||||||
self._target_dir = (
|
self._target_dir = Path(
|
||||||
|
expand_path(
|
||||||
target_directories["windows_target_dir"]
|
target_directories["windows_target_dir"]
|
||||||
if is_windows_os()
|
if is_windows_os()
|
||||||
else target_directories["linux_target_dir"]
|
else target_directories["linux_target_dir"]
|
||||||
)
|
)
|
||||||
|
)
|
||||||
|
|
||||||
self._new_file_extension = EXTENSION
|
self._new_file_extension = EXTENSION
|
||||||
self._valid_file_extensions_for_encryption = TARGETED_FILE_EXTENSIONS.copy()
|
self._valid_file_extensions_for_encryption = TARGETED_FILE_EXTENSIONS.copy()
|
||||||
|
@ -56,7 +58,7 @@ class RansomwarePayload:
|
||||||
return []
|
return []
|
||||||
|
|
||||||
return select_production_safe_target_files(
|
return select_production_safe_target_files(
|
||||||
Path(os.path.expandvars(self._target_dir)), self._valid_file_extensions_for_encryption
|
self._target_dir, self._valid_file_extensions_for_encryption
|
||||||
)
|
)
|
||||||
|
|
||||||
def _encrypt_files(self, file_list: List[Path]) -> List[Tuple[Path, Optional[Exception]]]:
|
def _encrypt_files(self, file_list: List[Path]) -> List[Tuple[Path, Optional[Exception]]]:
|
||||||
|
@ -85,7 +87,7 @@ class RansomwarePayload:
|
||||||
|
|
||||||
def _leave_readme(self):
|
def _leave_readme(self):
|
||||||
if self._readme_enabled:
|
if self._readme_enabled:
|
||||||
readme_dest_path = Path(os.path.expandvars(self._target_dir)) / README_DEST
|
readme_dest_path = self._target_dir / README_DEST
|
||||||
LOG.info(f"Leaving a ransomware README file at {readme_dest_path}")
|
LOG.info(f"Leaving a ransomware README file at {readme_dest_path}")
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in New Issue