From 2517ab02843dd5f5b944b85b63388406053bdd99 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Wed, 30 Oct 2019 15:28:57 +0200 Subject: [PATCH] Move get_interface_to_target to network, helping prevent a circular import between pba.py and exploiter modules. --- monkey/infection_monkey/exploit/sambacry.py | 2 +- monkey/infection_monkey/exploit/sshexec.py | 3 +- .../infection_monkey/exploit/tools/helpers.py | 44 ------------------- .../exploit/tools/http_tools.py | 3 +- .../exploit/tools/smb_tools.py | 3 +- monkey/infection_monkey/exploit/weblogic.py | 2 +- monkey/infection_monkey/monkey.py | 2 +- monkey/infection_monkey/network/tools.py | 40 +++++++++++++++++ .../post_breach/actions/users_custom_pba.py | 2 +- monkey/infection_monkey/transport/http.py | 2 +- monkey/infection_monkey/tunnel.py | 3 +- 11 files changed, 51 insertions(+), 55 deletions(-) diff --git a/monkey/infection_monkey/exploit/sambacry.py b/monkey/infection_monkey/exploit/sambacry.py index e3825eac9..5a39f485b 100644 --- a/monkey/infection_monkey/exploit/sambacry.py +++ b/monkey/infection_monkey/exploit/sambacry.py @@ -20,7 +20,7 @@ from infection_monkey.exploit import HostExploiter from infection_monkey.model import DROPPER_ARG from infection_monkey.network.smbfinger import SMB_SERVICE from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_target_monkey_by_os, get_monkey_depth -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.pyinstaller_utils import get_binary_file_path from common.utils.attack_utils import ScanStatus from infection_monkey.telemetry.attack.t1105_telem import T1105Telem diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py index 4a88c4593..a7e9571b5 100644 --- a/monkey/infection_monkey/exploit/sshexec.py +++ b/monkey/infection_monkey/exploit/sshexec.py @@ -7,10 +7,9 @@ import paramiko import infection_monkey.monkeyfs as monkeyfs from infection_monkey.exploit import HostExploiter from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline -from infection_monkey.exploit.tools.helpers import get_interface_to_target from infection_monkey.model import MONKEY_ARG +from infection_monkey.network.tools import check_tcp_port, get_interface_to_target from infection_monkey.exploit.tools.exceptions import FailedExploitationError -from infection_monkey.network.tools import check_tcp_port from common.utils.exploit_enum import ExploitType from common.utils.attack_utils import ScanStatus from infection_monkey.telemetry.attack.t1105_telem import T1105Telem diff --git a/monkey/infection_monkey/exploit/tools/helpers.py b/monkey/infection_monkey/exploit/tools/helpers.py index 91a25c270..8e2b1342d 100644 --- a/monkey/infection_monkey/exploit/tools/helpers.py +++ b/monkey/infection_monkey/exploit/tools/helpers.py @@ -1,52 +1,8 @@ import logging -import socket -import struct -import sys - -from infection_monkey.network.info import get_routes LOG = logging.getLogger(__name__) -def get_interface_to_target(dst): - """ - :param dst: destination IP address string without port. E.G. '192.168.1.1.' - :return: IP address string of an interface that can connect to the target. E.G. '192.168.1.4.' - """ - if sys.platform == "win32": - s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - try: - s.connect((dst, 1)) - ip_to_dst = s.getsockname()[0] - except KeyError: - LOG.debug("Couldn't get an interface to the target, presuming that target is localhost.") - ip_to_dst = '127.0.0.1' - finally: - s.close() - return ip_to_dst - else: - # based on scapy implementation - - def atol(x): - ip = socket.inet_aton(x) - return struct.unpack("!I", ip)[0] - - routes = get_routes() - dst = atol(dst) - paths = [] - for d, m, gw, i, a in routes: - aa = atol(a) - if aa == dst: - paths.append((0xffffffff, ("lo", a, "0.0.0.0"))) - if (dst & m) == (d & m): - paths.append((m, (i, a, gw))) - if not paths: - return None - paths.sort() - ret = paths[-1][1] - return ret[1] - - def try_get_target_monkey(host): src_path = get_target_monkey(host) if not src_path: diff --git a/monkey/infection_monkey/exploit/tools/http_tools.py b/monkey/infection_monkey/exploit/tools/http_tools.py index 297e064fc..56bb5ef1f 100644 --- a/monkey/infection_monkey/exploit/tools/http_tools.py +++ b/monkey/infection_monkey/exploit/tools/http_tools.py @@ -7,7 +7,8 @@ from threading import Lock from infection_monkey.network.firewall import app as firewall from infection_monkey.network.info import get_free_tcp_port from infection_monkey.transport import HTTPServer, LockedHTTPServer -from infection_monkey.exploit.tools.helpers import try_get_target_monkey, get_interface_to_target +from infection_monkey.exploit.tools.helpers import try_get_target_monkey +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.model import DOWNLOAD_TIMEOUT __author__ = 'itamar' diff --git a/monkey/infection_monkey/exploit/tools/smb_tools.py b/monkey/infection_monkey/exploit/tools/smb_tools.py index 51564518e..80d9c73f7 100644 --- a/monkey/infection_monkey/exploit/tools/smb_tools.py +++ b/monkey/infection_monkey/exploit/tools/smb_tools.py @@ -10,8 +10,9 @@ import infection_monkey.config import infection_monkey.monkeyfs as monkeyfs from common.utils.attack_utils import ScanStatus from infection_monkey.telemetry.attack.t1105_telem import T1105Telem -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.config import Configuration + __author__ = 'itamar' LOG = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/exploit/weblogic.py b/monkey/infection_monkey/exploit/weblogic.py index ac648012b..e15625918 100644 --- a/monkey/infection_monkey/exploit/weblogic.py +++ b/monkey/infection_monkey/exploit/weblogic.py @@ -9,7 +9,7 @@ from http.server import BaseHTTPRequestHandler, HTTPServer from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.exploit import HostExploiter -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.network.info import get_free_tcp_port from http.server import BaseHTTPRequestHandler, HTTPServer diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py index 3985c8a2e..98e2bf286 100644 --- a/monkey/infection_monkey/monkey.py +++ b/monkey/infection_monkey/monkey.py @@ -25,7 +25,7 @@ from infection_monkey.telemetry.trace_telem import TraceTelem from infection_monkey.telemetry.tunnel_telem import TunnelTelem from infection_monkey.windows_upgrader import WindowsUpgrader from infection_monkey.post_breach.post_breach_handler import PostBreach -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.exploit.tools.exceptions import ExploitingVulnerableMachineError from infection_monkey.telemetry.attack.t1106_telem import T1106Telem from common.utils.attack_utils import ScanStatus, UsageEnum diff --git a/monkey/infection_monkey/network/tools.py b/monkey/infection_monkey/network/tools.py index 0cac7b627..0c8d0417b 100644 --- a/monkey/infection_monkey/network/tools.py +++ b/monkey/infection_monkey/network/tools.py @@ -7,6 +7,7 @@ import struct import time import re +from infection_monkey.network.info import get_routes from infection_monkey.pyinstaller_utils import get_binary_file_path from infection_monkey.utils.environment import is_64bit_python @@ -269,3 +270,42 @@ def _traceroute_linux(target_ip, ttl): lines = [x[1:-1] if x else None # Removes parenthesis for x in lines] return lines + + +def get_interface_to_target(dst): + """ + :param dst: destination IP address string without port. E.G. '192.168.1.1.' + :return: IP address string of an interface that can connect to the target. E.G. '192.168.1.4.' + """ + if sys.platform == "win32": + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + try: + s.connect((dst, 1)) + ip_to_dst = s.getsockname()[0] + except KeyError: + LOG.debug("Couldn't get an interface to the target, presuming that target is localhost.") + ip_to_dst = '127.0.0.1' + finally: + s.close() + return ip_to_dst + else: + # based on scapy implementation + + def atol(x): + ip = socket.inet_aton(x) + return struct.unpack("!I", ip)[0] + + routes = get_routes() + dst = atol(dst) + paths = [] + for d, m, gw, i, a in routes: + aa = atol(a) + if aa == dst: + paths.append((0xffffffff, ("lo", a, "0.0.0.0"))) + if (dst & m) == (d & m): + paths.append((m, (i, a, gw))) + if not paths: + return None + paths.sort() + ret = paths[-1][1] + return ret[1] \ No newline at end of file diff --git a/monkey/infection_monkey/post_breach/actions/users_custom_pba.py b/monkey/infection_monkey/post_breach/actions/users_custom_pba.py index 89417757d..fec47a3cd 100644 --- a/monkey/infection_monkey/post_breach/actions/users_custom_pba.py +++ b/monkey/infection_monkey/post_breach/actions/users_custom_pba.py @@ -9,7 +9,7 @@ from infection_monkey.config import WormConfiguration from infection_monkey.utils.monkey_dir import get_monkey_dir_path from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from common.utils.attack_utils import ScanStatus -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target LOG = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/transport/http.py b/monkey/infection_monkey/transport/http.py index eb1e5d355..ce0433569 100644 --- a/monkey/infection_monkey/transport/http.py +++ b/monkey/infection_monkey/transport/http.py @@ -9,7 +9,7 @@ from urllib.parse import urlsplit import infection_monkey.monkeyfs as monkeyfs from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target __author__ = 'hoffer' diff --git a/monkey/infection_monkey/tunnel.py b/monkey/infection_monkey/tunnel.py index f2124f9fc..3544f46f3 100644 --- a/monkey/infection_monkey/tunnel.py +++ b/monkey/infection_monkey/tunnel.py @@ -7,9 +7,8 @@ from threading import Thread from infection_monkey.model import VictimHost from infection_monkey.network.firewall import app as firewall from infection_monkey.network.info import local_ips, get_free_tcp_port -from infection_monkey.network.tools import check_tcp_port +from infection_monkey.network.tools import check_tcp_port, get_interface_to_target from infection_monkey.transport.base import get_last_serve_time -from infection_monkey.exploit.tools.helpers import get_interface_to_target __author__ = 'hoffer'