Merge pull request #1790 from guardicore/1611-interruptible-mssql

1611 interruptible mssql
This commit is contained in:
VakarisZ 2022-03-18 14:33:13 +00:00 committed by GitHub
commit 6c1a4faf3a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 3 deletions

View File

@ -15,6 +15,7 @@ from infection_monkey.model import DROPPER_ARG
from infection_monkey.transport import LockedHTTPServer from infection_monkey.transport import LockedHTTPServer
from infection_monkey.utils.brute_force import generate_identity_secret_pairs from infection_monkey.utils.brute_force import generate_identity_secret_pairs
from infection_monkey.utils.commands import build_monkey_commandline from infection_monkey.utils.commands import build_monkey_commandline
from infection_monkey.utils.threading import interruptable_iter
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -22,7 +23,8 @@ logger = logging.getLogger(__name__)
class MSSQLExploiter(HostExploiter): class MSSQLExploiter(HostExploiter):
_EXPLOITED_SERVICE = "MSSQL" _EXPLOITED_SERVICE = "MSSQL"
_TARGET_OS_TYPE = ["windows"] _TARGET_OS_TYPE = ["windows"]
LOGIN_TIMEOUT = 15 LOGIN_TIMEOUT = LONG_REQUEST_TIMEOUT
QUERY_TIMEOUT = LONG_REQUEST_TIMEOUT
# Time in seconds to wait between MSSQL queries. # Time in seconds to wait between MSSQL queries.
QUERY_BUFFER = 0.5 QUERY_BUFFER = 0.5
SQL_DEFAULT_TCP_PORT = "1433" SQL_DEFAULT_TCP_PORT = "1433"
@ -71,6 +73,9 @@ class MSSQLExploiter(HostExploiter):
) )
return self.exploit_result return self.exploit_result
if self.is_interrupted():
return self.exploit_result
try: try:
# Create dir for payload # Create dir for payload
self.create_temp_dir() self.create_temp_dir()
@ -208,12 +213,24 @@ class MSSQLExploiter(HostExploiter):
""" """
# Main loop # Main loop
# Iterates on users list # Iterates on users list
for user, password in users_passwords_pairs_list: credentials_iterator = interruptable_iter(
users_passwords_pairs_list,
self.interrupt,
"MSSQL exploiter has been interrupted",
logging.INFO,
)
for user, password in credentials_iterator:
try: try:
# Core steps # Core steps
# Trying to connect # Trying to connect
conn = pymssql.connect( conn = pymssql.connect(
host, user, password, port=port, login_timeout=self.LOGIN_TIMEOUT host,
user,
password,
port=port,
login_timeout=self.LOGIN_TIMEOUT,
timeout=self.QUERY_TIMEOUT,
) )
logger.info( logger.info(
f"Successfully connected to host: {host} using user: {user} and password" f"Successfully connected to host: {host} using user: {user} and password"