p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Change in PostgreSQL communication encryption result: only selected hosts

This commit is contained in:
Shreya 2020-11-27 14:12:24 +05:30
parent 4ffac38382
commit f7820b840c
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
monkey/infection_monkey/network/postgresql_fingerprint.py
View File

@ -47,7 +47,8 @@ class PostgreSQLFinger(HostFinger):
'selected_ssl': "SSL connections can be made by selected hosts only OR " 'selected_ssl': "SSL connections can be made by selected hosts only OR "
"non-SSL usage is forced.\n", "non-SSL usage is forced.\n",
'selected_non_ssl': "Non-SSL connections can be made by selected hosts only OR " 'selected_non_ssl': "Non-SSL connections can be made by selected hosts only OR "
"SSL usage is forced.\n"} "SSL usage is forced.\n",
'only_selected': "Only selected hosts can make connections (SSL or non-SSL).\n"}
ssl_connection_details = [] ssl_connection_details = []
ssl_conf_on_server = self.is_ssl_configured(exceptions) ssl_conf_on_server = self.is_ssl_configured(exceptions)
@ -56,15 +57,20 @@ class PostgreSQLFinger(HostFinger):
if ssl_conf_on_server: if ssl_conf_on_server:
ssl_connection_details.append(connection_details['ssl_conf']) ssl_connection_details.append(connection_details['ssl_conf'])
# SSL # SSL
ssl_selected_comms_only = False
if self.found_entry_for_host_but_pwd_auth_failed(exceptions[0]): if self.found_entry_for_host_but_pwd_auth_failed(exceptions[0]):
ssl_connection_details.append(connection_details['all_ssl']) ssl_connection_details.append(connection_details['all_ssl'])
else: else:
ssl_connection_details.append(connection_details['selected_ssl']) ssl_connection_details.append(connection_details['selected_ssl'])
ssl_selected_comms_only = True
# non-SSL # non-SSL
if self.found_entry_for_host_but_pwd_auth_failed(exceptions[1]): if self.found_entry_for_host_but_pwd_auth_failed(exceptions[1]):
ssl_connection_details.append(connection_details['all_non_ssl']) ssl_connection_details.append(connection_details['all_non_ssl'])
else: else:
ssl_connection_details.append(connection_details['selected_non_ssl']) if ssl_selected_comms_only: # if only selected SSL allowed and only selected non-SSL allowed
ssl_connection_details[-1] = connection_details['only_selected']
else:
ssl_connection_details.append(connection_details['selected_non_ssl'])
# SSL not configured # SSL not configured
else: else: