Agent: add a wrapper for wmi_tools users

Add a dedicated wrapper to make sure that wmi_tools users don't run into race conditions
This commit is contained in:
vakaris_zilius 2022-03-09 14:17:36 +00:00 committed by vakarisz
parent e5acdf4cb7
commit 130c62a5c2
2 changed files with 12 additions and 2 deletions

View File

@ -10,6 +10,7 @@ logger = logging.getLogger(__name__)
# Due to the limitations of impacket library we should only run one WmiConnection at a time # Due to the limitations of impacket library we should only run one WmiConnection at a time
# Use impacket_user decorator to ensure that no race conditions are happening
# See comments in https://github.com/guardicore/monkey/pull/1766 # See comments in https://github.com/guardicore/monkey/pull/1766
lock = threading.Lock() lock = threading.Lock()
@ -23,6 +24,15 @@ class AccessDeniedException(Exception):
class WmiTools(object): class WmiTools(object):
@staticmethod
def impacket_user(func):
def _wrapper(*args, **kwarg):
with lock:
return func(*args, **kwarg)
return _wrapper
class WmiConnection(object): class WmiConnection(object):
def __init__(self): def __init__(self):
self._dcom = None self._dcom = None
@ -83,8 +93,7 @@ class WmiTools(object):
def dcom_wrap(func): def dcom_wrap(func):
def _wrapper(*args, **kwarg): def _wrapper(*args, **kwarg):
try: try:
with lock: return func(*args, **kwarg)
return func(*args, **kwarg)
finally: finally:
WmiTools.dcom_cleanup() WmiTools.dcom_cleanup()

View File

@ -24,6 +24,7 @@ class WmiExploiter(HostExploiter):
EXPLOIT_TYPE = ExploitType.BRUTE_FORCE EXPLOIT_TYPE = ExploitType.BRUTE_FORCE
_EXPLOITED_SERVICE = "WMI (Windows Management Instrumentation)" _EXPLOITED_SERVICE = "WMI (Windows Management Instrumentation)"
@WmiTools.impacket_user
@WmiTools.dcom_wrap @WmiTools.dcom_wrap
def _exploit_host(self) -> ExploiterResultData: def _exploit_host(self) -> ExploiterResultData: