diff --git a/monkey/common/common_consts/zero_trust_consts.py b/monkey/common/common_consts/zero_trust_consts.py index b4a4c49d6..6ff2ab20f 100644 --- a/monkey/common/common_consts/zero_trust_consts.py +++ b/monkey/common/common_consts/zero_trust_consts.py @@ -81,10 +81,7 @@ PRINCIPLE_DISASTER_RECOVERY = "data_backup" PRINCIPLE_SECURE_AUTHENTICATION = "secure_authentication" PRINCIPLE_MONITORING_AND_LOGGING = "monitoring_and_logging" PRINCIPLES = { - PRINCIPLE_SEGMENTATION: "Apply segmentation and micro-segmentation inside your " - "" - "" - "network.", + PRINCIPLE_SEGMENTATION: "Apply segmentation and micro-segmentation inside your network.", PRINCIPLE_ANALYZE_NETWORK_TRAFFIC: "Analyze network traffic for malicious activity.", PRINCIPLE_USER_BEHAVIOUR: "Adopt security user behavior analytics.", PRINCIPLE_ENDPOINT_SECURITY: "Use anti-virus and other traditional endpoint " diff --git a/monkey/infection_monkey/control.py b/monkey/infection_monkey/control.py index 1fe19baac..0df989d99 100644 --- a/monkey/infection_monkey/control.py +++ b/monkey/infection_monkey/control.py @@ -156,8 +156,7 @@ class ControlClient(object): try: telemetry = {"monkey_guid": GUID, "telem_category": telem_category, "data": json_data} requests.post( - "https://%s/api/telemetry" % (WormConfiguration.current_server,), - # noqa: DUO123 + "https://%s/api/telemetry" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(telemetry), headers={"content-type": "application/json"}, verify=False, @@ -372,8 +371,7 @@ class ControlClient(object): def get_pba_file(filename): try: return requests.get( - PBA_FILE_DOWNLOAD % (WormConfiguration.current_server, filename), - # noqa: DUO123 + PBA_FILE_DOWNLOAD % (WormConfiguration.current_server, filename), # noqa: DUO123 verify=False, proxies=ControlClient.proxies, timeout=LONG_REQUEST_TIMEOUT, diff --git a/monkey/infection_monkey/exploit/zerologon.py b/monkey/infection_monkey/exploit/zerologon.py index 12478d8a9..232436cdf 100644 --- a/monkey/infection_monkey/exploit/zerologon.py +++ b/monkey/infection_monkey/exploit/zerologon.py @@ -197,8 +197,8 @@ class ZerologonExploiter(HostExploiter): def get_all_user_creds(self) -> List[Tuple[str, Dict]]: try: options = OptionsForSecretsdump( - target=f"{self.dc_name}$@{self.dc_ip}", # format for DC account - "NetBIOSName$@0.0.0.0" + target=f"{self.dc_name}$@{self.dc_ip}", target_ip=self.dc_ip, dc_ip=self.dc_ip, ) diff --git a/monkey/infection_monkey/post_breach/trap_command/linux_trap_command.py b/monkey/infection_monkey/post_breach/trap_command/linux_trap_command.py index bd4771e49..75d545140 100644 --- a/monkey/infection_monkey/post_breach/trap_command/linux_trap_command.py +++ b/monkey/infection_monkey/post_breach/trap_command/linux_trap_command.py @@ -1,6 +1,6 @@ def get_linux_trap_commands(): return [ - "trap 'echo \"Successfully used trap command\"' INT && kill -2 $$ ;", # trap and send SIGINT signal + "trap 'echo \"Successfully used trap command\"' INT && kill -2 $$ ;", "trap - INT", # untrap SIGINT ] diff --git a/monkey/infection_monkey/utils/linux/users.py b/monkey/infection_monkey/utils/linux/users.py index b82f5db07..fa91fced8 100644 --- a/monkey/infection_monkey/utils/linux/users.py +++ b/monkey/infection_monkey/utils/linux/users.py @@ -14,8 +14,8 @@ def get_linux_commands_to_add_user(username): "-M", # Do not create homedir "--expiredate", # The date on which the user account will be disabled. datetime.datetime.today().strftime("%Y-%m-%d"), - "--inactive", # The number of days after a password expires until the account is permanently disabled. + "--inactive", "0", # A value of 0 disables the account as soon as the password has expired "-c", # Comment "MONKEY_USER", # Comment diff --git a/monkey/infection_monkey/utils/windows/users.py b/monkey/infection_monkey/utils/windows/users.py index 65c9c71d1..d27b74547 100644 --- a/monkey/infection_monkey/utils/windows/users.py +++ b/monkey/infection_monkey/utils/windows/users.py @@ -53,8 +53,8 @@ class AutoNewWindowsUser(AutoNewUser): self.username, ".", # Use current domain. self.password, - win32con.LOGON32_LOGON_INTERACTIVE, # Logon type - interactive (normal user), since we're using a shell. + win32con.LOGON32_LOGON_INTERACTIVE, win32con.LOGON32_PROVIDER_DEFAULT, ) # Which logon provider to use - whatever Windows offers. except Exception as err: diff --git a/monkey/monkey_island/cc/models/monkey.py b/monkey/monkey_island/cc/models/monkey.py index e580d65ba..3bb3c57c9 100644 --- a/monkey/monkey_island/cc/models/monkey.py +++ b/monkey/monkey_island/cc/models/monkey.py @@ -149,8 +149,8 @@ class Monkey(Document): return {"ips": self.ip_addresses, "hostname": self.hostname} @ring.lru( - expire=1 # data has TTL of 1 second. This is useful for rapid calls for report generation. + expire=1 ) @staticmethod def is_monkey(object_id): diff --git a/monkey/monkey_island/cc/services/edge/displayed_edge.py b/monkey/monkey_island/cc/services/edge/displayed_edge.py index 67fe03d60..3e038a088 100644 --- a/monkey/monkey_island/cc/services/edge/displayed_edge.py +++ b/monkey/monkey_island/cc/services/edge/displayed_edge.py @@ -37,8 +37,7 @@ class DisplayedEdgeService: displayed_edge["services"] = services displayed_edge["os"] = os # we need to deepcopy all mutable edge properties, because weak-reference link is made - # otherwise, - # which is destroyed after method is exited and causes an error later. + # otherwise, which is destroyed after method is exited and causes an error later. displayed_edge["exploits"] = deepcopy(edge.exploits) displayed_edge["_label"] = edge.get_label() return displayed_edge