From 15974ff21cd7fc6297ca0c7da3bac0851f9223e1 Mon Sep 17 00:00:00 2001 From: Kekoa Kaaikala Date: Wed, 5 Oct 2022 20:49:08 +0000 Subject: [PATCH] Agent: Stamp time before running exploit --- monkey/infection_monkey/exploit/mssqlexec.py | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index a3e0e7fd9..380d88425 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -1,6 +1,6 @@ import logging from pathlib import PureWindowsPath -from time import sleep +from time import sleep, time from typing import Iterable, Tuple import pymssql @@ -77,6 +77,7 @@ class MSSQLExploiter(HostExploiter): self._set_interrupted() return self.exploit_result + timestamp = time() try: self._upload_agent(agent_path_on_victim) self._run_agent(agent_path_on_victim) @@ -87,12 +88,12 @@ class MSSQLExploiter(HostExploiter): ) logger.error(error_message) - self._publish_propagation_event(success=False, error_message=error_message) + self._publish_propagation_event(timestamp, False, error_message=error_message) self.exploit_result.error_message = error_message return self.exploit_result - self._publish_propagation_event(success=True) + self._publish_propagation_event(timestamp, True) self.exploit_result.propagation_success = True return self.exploit_result @@ -123,6 +124,7 @@ class MSSQLExploiter(HostExploiter): ) for user, password in credentials_iterator: + timestamp = time() try: # Core steps # Trying to connect @@ -139,13 +141,13 @@ class MSSQLExploiter(HostExploiter): ) self.exploit_result.exploitation_success = True self.add_vuln_port(MSSQLExploiter.SQL_DEFAULT_TCP_PORT) - self._report_login_attempt(True, user, password) + self._report_login_attempt(timestamp, True, user, password) cursor = conn.cursor() return cursor except pymssql.OperationalError as err: error_message = f"Connection to MSSQL failed: {err}" logger.info(error_message) - self._report_login_attempt(False, user, password, error_message) + self._report_login_attempt(timestamp, False, user, password, error_message) # Combo didn't work, hopping to the next one pass @@ -157,8 +159,10 @@ class MSSQLExploiter(HostExploiter): "Bruteforce process failed on host: {0}".format(self.host.ip_addr) ) - def _report_login_attempt(self, success: bool, user, password: str, message: str = ""): - self._publish_exploitation_event(success=success, error_message=message) + def _report_login_attempt( + self, timestamp: float, success: bool, user, password: str, message: str = "" + ): + self._publish_exploitation_event(timestamp, success, error_message=message) self.report_login_attempt(success, user, password) def _upload_agent(self, agent_path_on_victim: PureWindowsPath):