From 4c1c8044cd8d2bd5c352073d5ee744653d6cdf49 Mon Sep 17 00:00:00 2001 From: vakarisz Date: Wed, 22 Jun 2022 17:55:13 +0300 Subject: [PATCH] Agent: Use operating systems consts --- monkey/infection_monkey/exploit/hadoop.py | 6 +++--- monkey/infection_monkey/exploit/log4shell.py | 9 +++++---- monkey/infection_monkey/exploit/tools/helpers.py | 2 +- monkey/infection_monkey/exploit/web_rce.py | 16 +++++++++------- monkey/infection_monkey/model/host.py | 5 +++++ .../network_scanning/ping_scanner.py | 5 +++-- .../network_scanning/smb_fingerprinter.py | 5 +++-- .../network_scanning/ssh_fingerprinter.py | 3 ++- 8 files changed, 31 insertions(+), 20 deletions(-) diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py index 8bafa6969..5cf30f23c 100644 --- a/monkey/infection_monkey/exploit/hadoop.py +++ b/monkey/infection_monkey/exploit/hadoop.py @@ -105,10 +105,10 @@ class HadoopExploiter(WebRCE): def _build_command(self, path, http_path): # Build command to execute monkey_cmd = build_monkey_commandline(self.host, self.current_depth + 1) - if "linux" in self.host.os["type"]: - base_command = HADOOP_LINUX_COMMAND - else: + if self.host.is_windows(): base_command = HADOOP_WINDOWS_COMMAND + else: + base_command = HADOOP_LINUX_COMMAND return base_command % { "monkey_path": path, diff --git a/monkey/infection_monkey/exploit/log4shell.py b/monkey/infection_monkey/exploit/log4shell.py index 077c7c865..ffbcdd0d6 100644 --- a/monkey/infection_monkey/exploit/log4shell.py +++ b/monkey/infection_monkey/exploit/log4shell.py @@ -2,6 +2,7 @@ import logging import time from pathlib import PurePath +from common import OperatingSystems from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT from common.utils import Timer from infection_monkey.exploit.log4shell_utils import ( @@ -115,10 +116,10 @@ class Log4ShellExploiter(WebRCE): def _build_command(self, path: PurePath, http_path) -> str: # Build command to execute monkey_cmd = build_monkey_commandline(self.host, self.current_depth + 1, location=path) - if "linux" in self.host.os["type"]: - base_command = LOG4SHELL_LINUX_COMMAND - else: + if self.host.is_windows(): base_command = LOG4SHELL_WINDOWS_COMMAND + else: + base_command = LOG4SHELL_LINUX_COMMAND return base_command % { "monkey_path": path, @@ -128,7 +129,7 @@ class Log4ShellExploiter(WebRCE): } def _build_java_class(self, exploit_command: str) -> bytes: - if "linux" in self.host.os["type"]: + if OperatingSystems.LINUX in self.host.os["type"]: return build_exploit_bytecode(exploit_command, LINUX_EXPLOIT_TEMPLATE_PATH) else: return build_exploit_bytecode(exploit_command, WINDOWS_EXPLOIT_TEMPLATE_PATH) diff --git a/monkey/infection_monkey/exploit/tools/helpers.py b/monkey/infection_monkey/exploit/tools/helpers.py index 0ce1c474e..e268fe4c3 100644 --- a/monkey/infection_monkey/exploit/tools/helpers.py +++ b/monkey/infection_monkey/exploit/tools/helpers.py @@ -15,7 +15,7 @@ AGENT_BINARY_PATH_WIN64 = PureWindowsPath(r"C:\Windows\temp\monkey64.exe") def get_agent_dst_path(host: VictimHost) -> PurePath: - if host.os["type"] == "windows": + if host.is_windows(): path = PureWindowsPath(AGENT_BINARY_PATH_WIN64) else: path = PurePosixPath(AGENT_BINARY_PATH_LINUX) diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py index 99438a0a7..34f245fca 100644 --- a/monkey/infection_monkey/exploit/web_rce.py +++ b/monkey/infection_monkey/exploit/web_rce.py @@ -3,6 +3,7 @@ from abc import abstractmethod from posixpath import join from typing import List, Tuple +from common import OperatingSystems from common.utils.attack_utils import BITS_UPLOAD_STRING, ScanStatus from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.tools.http_tools import HTTPTools @@ -162,10 +163,10 @@ class WebRCE(HostExploiter): def get_command(self, path, http_path, commands): try: - if "linux" in self.host.os["type"]: - command = commands["linux"] - else: + if self.host.is_windows(): command = commands["windows"] + else: + command = commands["linux"] # Format command command = command % {"monkey_path": path, "http_path": http_path} except KeyError: @@ -326,7 +327,7 @@ class WebRCE(HostExploiter): :return: response, False if failed and True if permission change is not needed """ logger.info("Changing monkey's permissions") - if "windows" in self.host.os["type"]: + if self.host.is_windows(): logger.info("Permission change not required for windows") return True if not command: @@ -411,13 +412,14 @@ class WebRCE(HostExploiter): :return: Default monkey's destination path for corresponding host or False if failed. """ if not self.host.os.get("type") or ( - self.host.os["type"] != "linux" and self.host.os["type"] != "windows" + self.host.os["type"] != OperatingSystems.LINUX + and self.host.os["type"] != OperatingSystems.LINUX ): logger.error("Target's OS was either unidentified or not supported. Aborting") return False - if self.host.os["type"] == "linux": + if self.host.os["type"] == OperatingSystems.LINUX: return DROPPER_TARGET_PATH_LINUX - if self.host.os["type"] == "windows": + if self.host.os["type"] == OperatingSystems.WINDOWS: return DROPPER_TARGET_PATH_WIN64 def get_target_url(self): diff --git a/monkey/infection_monkey/model/host.py b/monkey/infection_monkey/model/host.py index 95cc85810..6a1295e58 100644 --- a/monkey/infection_monkey/model/host.py +++ b/monkey/infection_monkey/model/host.py @@ -1,5 +1,7 @@ from typing import Optional +from common import OperatingSystems + class VictimHost(object): def __init__(self, ip_addr: str, domain_name: str = ""): @@ -14,6 +16,9 @@ class VictimHost(object): def as_dict(self): return self.__dict__ + def is_windows(self) -> bool: + return OperatingSystems.WINDOWS in self.os["type"] + def __hash__(self): return hash(self.ip_addr) diff --git a/monkey/infection_monkey/network_scanning/ping_scanner.py b/monkey/infection_monkey/network_scanning/ping_scanner.py index 16fb2df96..cddf4bdd4 100644 --- a/monkey/infection_monkey/network_scanning/ping_scanner.py +++ b/monkey/infection_monkey/network_scanning/ping_scanner.py @@ -5,6 +5,7 @@ import re import subprocess import sys +from common import OperatingSystems from infection_monkey.i_puppet import PingScanData from infection_monkey.utils.environment import is_windows_os @@ -79,9 +80,9 @@ def _process_ping_command_output(ping_command_output: str) -> PingScanData: operating_system = None if ttl <= LINUX_TTL: - operating_system = "linux" + operating_system = OperatingSystems.LINUX else: # as far we we know, could also be OSX/BSD, but lets handle that when it comes up. - operating_system = "windows" + operating_system = OperatingSystems.WINDOWS return PingScanData(True, operating_system) diff --git a/monkey/infection_monkey/network_scanning/smb_fingerprinter.py b/monkey/infection_monkey/network_scanning/smb_fingerprinter.py index d47ce224e..438e13db0 100644 --- a/monkey/infection_monkey/network_scanning/smb_fingerprinter.py +++ b/monkey/infection_monkey/network_scanning/smb_fingerprinter.py @@ -5,6 +5,7 @@ from typing import Dict from odict import odict +from common import OperatingSystems from infection_monkey.i_puppet import ( FingerprintData, IFingerprinter, @@ -193,9 +194,9 @@ class SMBFingerprinter(IFingerprinter): logger.debug(f'os_version: "{os_version}", service_client: "{service_client}"') if os_version.lower() != "unix": - os_type = "windows" + os_type = OperatingSystems.WINDOWS else: - os_type = "linux" + os_type = OperatingSystems.LINUX smb_service["name"] = service_client diff --git a/monkey/infection_monkey/network_scanning/ssh_fingerprinter.py b/monkey/infection_monkey/network_scanning/ssh_fingerprinter.py index 32aa20ad9..86eb8f420 100644 --- a/monkey/infection_monkey/network_scanning/ssh_fingerprinter.py +++ b/monkey/infection_monkey/network_scanning/ssh_fingerprinter.py @@ -1,6 +1,7 @@ import re from typing import Dict, Optional, Tuple +from common import OperatingSystems from infection_monkey.i_puppet import FingerprintData, IFingerprinter, PingScanData, PortScanData SSH_REGEX = r"SSH-\d\.\d-OpenSSH" @@ -40,6 +41,6 @@ class SSHFingerprinter(IFingerprinter): for dist in LINUX_DIST_SSH: if banner.lower().find(dist) != -1: os_version = banner.split(" ").pop().strip() - os = "linux" + os = OperatingSystems.LINUX return os, os_version