forked from p15670423/monkey
Agent: Add long timeout to clear command history PBA
This commit is contained in:
parent
649404d50f
commit
2e389cc87e
|
@ -1,7 +1,8 @@
|
||||||
import subprocess
|
import subprocess
|
||||||
from typing import Dict
|
from typing import Dict, Iterable, Tuple
|
||||||
|
|
||||||
from common.common_consts.post_breach_consts import POST_BREACH_CLEAR_CMD_HISTORY
|
from common.common_consts.post_breach_consts import POST_BREACH_CLEAR_CMD_HISTORY
|
||||||
|
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
|
||||||
from infection_monkey.i_puppet.i_puppet import PostBreachData
|
from infection_monkey.i_puppet.i_puppet import PostBreachData
|
||||||
from infection_monkey.post_breach.clear_command_history.clear_command_history import (
|
from infection_monkey.post_breach.clear_command_history.clear_command_history import (
|
||||||
get_commands_to_clear_command_history,
|
get_commands_to_clear_command_history,
|
||||||
|
@ -14,7 +15,7 @@ class ClearCommandHistory(PBA):
|
||||||
def __init__(self, telemetry_messenger: ITelemetryMessenger):
|
def __init__(self, telemetry_messenger: ITelemetryMessenger):
|
||||||
super().__init__(telemetry_messenger, name=POST_BREACH_CLEAR_CMD_HISTORY)
|
super().__init__(telemetry_messenger, name=POST_BREACH_CLEAR_CMD_HISTORY)
|
||||||
|
|
||||||
def run(self, options: Dict):
|
def run(self, options: Dict) -> Iterable[PostBreachData]:
|
||||||
results = [pba.run() for pba in self.clear_command_history_pba_list()]
|
results = [pba.run() for pba in self.clear_command_history_pba_list()]
|
||||||
if results:
|
if results:
|
||||||
# `self.command` is empty here
|
# `self.command` is empty here
|
||||||
|
@ -22,11 +23,11 @@ class ClearCommandHistory(PBA):
|
||||||
|
|
||||||
return self.pba_data
|
return self.pba_data
|
||||||
|
|
||||||
def clear_command_history_pba_list(self):
|
def clear_command_history_pba_list(self) -> Iterable[PBA]:
|
||||||
return self.CommandHistoryPBAGenerator().get_clear_command_history_pbas()
|
return self.CommandHistoryPBAGenerator().get_clear_command_history_pbas()
|
||||||
|
|
||||||
class CommandHistoryPBAGenerator:
|
class CommandHistoryPBAGenerator:
|
||||||
def get_clear_command_history_pbas(self):
|
def get_clear_command_history_pbas(self) -> Iterable[PBA]:
|
||||||
(
|
(
|
||||||
cmds_for_linux,
|
cmds_for_linux,
|
||||||
command_history_files_for_linux,
|
command_history_files_for_linux,
|
||||||
|
@ -52,13 +53,18 @@ class ClearCommandHistory(PBA):
|
||||||
linux_cmd=linux_cmds,
|
linux_cmd=linux_cmds,
|
||||||
)
|
)
|
||||||
|
|
||||||
def run(self):
|
def run(self) -> Tuple[str, bool]:
|
||||||
if self.command:
|
if self.command:
|
||||||
try:
|
try:
|
||||||
output = subprocess.check_output( # noqa: DUO116
|
output = subprocess.check_output( # noqa: DUO116
|
||||||
self.command, stderr=subprocess.STDOUT, shell=True
|
self.command,
|
||||||
|
stderr=subprocess.STDOUT,
|
||||||
|
shell=True,
|
||||||
|
timeout=LONG_REQUEST_TIMEOUT,
|
||||||
).decode()
|
).decode()
|
||||||
return output, True
|
return output, True
|
||||||
except subprocess.CalledProcessError as e:
|
except subprocess.CalledProcessError as err:
|
||||||
# Return error output of the command
|
# Return error output of the command
|
||||||
return e.output.decode(), False
|
return err.output.decode(), False
|
||||||
|
except subprocess.TimeoutExpired as err:
|
||||||
|
return str(err), False
|
||||||
|
|
|
@ -1,11 +1,17 @@
|
||||||
|
import logging
|
||||||
import subprocess
|
import subprocess
|
||||||
|
from typing import Iterable
|
||||||
|
|
||||||
|
from common.common_consts.post_breach_consts import POST_BREACH_CLEAR_CMD_HISTORY
|
||||||
|
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
|
||||||
from infection_monkey.utils.environment import is_windows_os
|
from infection_monkey.utils.environment import is_windows_os
|
||||||
|
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
def get_linux_commands_to_clear_command_history():
|
|
||||||
|
def get_linux_commands_to_clear_command_history() -> Iterable[str]:
|
||||||
if is_windows_os():
|
if is_windows_os():
|
||||||
return ""
|
return []
|
||||||
|
|
||||||
TEMP_HIST_FILE = "$HOME/monkey-temp-hist-file"
|
TEMP_HIST_FILE = "$HOME/monkey-temp-hist-file"
|
||||||
|
|
||||||
|
@ -20,7 +26,7 @@ def get_linux_commands_to_clear_command_history():
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
def get_linux_command_history_files():
|
def get_linux_command_history_files() -> Iterable[str]:
|
||||||
if is_windows_os():
|
if is_windows_os():
|
||||||
return []
|
return []
|
||||||
|
|
||||||
|
@ -41,17 +47,26 @@ def get_linux_command_history_files():
|
||||||
return STARTUP_FILES
|
return STARTUP_FILES
|
||||||
|
|
||||||
|
|
||||||
def get_linux_usernames():
|
def get_linux_usernames() -> Iterable[str]:
|
||||||
if is_windows_os():
|
if is_windows_os():
|
||||||
return []
|
return []
|
||||||
|
|
||||||
# get list of usernames
|
# get list of usernames
|
||||||
USERS = (
|
try:
|
||||||
subprocess.check_output( # noqa: DUO116
|
USERS = (
|
||||||
"cut -d: -f1,3 /etc/passwd | egrep ':[0-9]{4}$' | cut -d: -f1", shell=True
|
subprocess.check_output( # noqa: DUO116
|
||||||
|
"cut -d: -f1,3 /etc/passwd | egrep ':[0-9]{4}$' | cut -d: -f1",
|
||||||
|
shell=True,
|
||||||
|
timeout=LONG_REQUEST_TIMEOUT,
|
||||||
|
)
|
||||||
|
.decode()
|
||||||
|
.split("\n")[:-1]
|
||||||
)
|
)
|
||||||
.decode()
|
|
||||||
.split("\n")[:-1]
|
|
||||||
)
|
|
||||||
|
|
||||||
return USERS
|
return USERS
|
||||||
|
except (subprocess.CalledProcessError, subprocess.TimeoutExpired) as err:
|
||||||
|
logger.error(
|
||||||
|
f"An exception occured on fetching linux usernames,"
|
||||||
|
f"PBA: {POST_BREACH_CLEAR_CMD_HISTORY}: {str(err)}"
|
||||||
|
)
|
||||||
|
return []
|
||||||
|
|
Loading…
Reference in New Issue