Agent: Implement fingerprinting in Puppet

monkey/infection_monkey/monkey.py

@@ -18,6 +18,7 @@ from infection_monkey.master.control_channel import ControlChannel
 from infection_monkey.model import DELAY_DELETE_CMD, VictimHostFactory
 from infection_monkey.network import NetworkInterface
 from infection_monkey.network.firewall import app as firewall
+from infection_monkey.network.http_fingerprinter import HTTPFingerprinter
 from infection_monkey.network.info import get_local_network_interfaces
 from infection_monkey.payload.ransomware.ransomware_payload import RansomwarePayload
 from infection_monkey.puppet.puppet import Puppet
@@ -183,6 +184,7 @@ class InfectionMonkey:
     @staticmethod
     def _build_puppet() -> IPuppet:
         puppet = Puppet()
+        puppet.load_plugin("HTTPFinger", HTTPFingerprinter(), PluginType.FINGERPRINTER)
         puppet.load_plugin("ransomware", RansomwarePayload(), PluginType.PAYLOAD)
 
         return puppet

monkey/infection_monkey/network/http_fingerprinter.py

@@ -63,8 +63,12 @@ def _query_potential_http_server(host: str, port: int) -> Tuple[Optional[str], O
 
 def _get_server_from_headers(url: str) -> Optional[str]:
     try:
+        logger.debug(f"Sending request for headers to {url}")
         with closing(head(url, verify=False, timeout=1)) as req:  # noqa: DUO123
-            return req.headers.get("Server")
+            server = req.headers.get("Server")
+
+            logger.debug(f'Got server string "{server}" from {url}')
+            return server
     except Timeout:
         logger.debug(f"Timeout while requesting headers from {url}")
     except ConnectionError:  # Someone doesn't like us
@@ -76,5 +80,5 @@ def _get_server_from_headers(url: str) -> Optional[str]:
 def _get_open_http_ports(
     allowed_http_ports: Set, port_scan_data: Dict[int, PortScanData]
 ) -> Iterable[int]:
-    open_ports = (psd.port for psd in port_scan_data.values() if psd.status == PortStatus.Open)
+    open_ports = (psd.port for psd in port_scan_data.values() if psd.status == PortStatus.OPEN)
     return (port for port in open_ports if port in allowed_http_ports)

monkey/infection_monkey/puppet/puppet.py

@@ -49,7 +49,8 @@ class Puppet(IPuppet):
         port_scan_data: Dict[int, PortScanData],
         options: Dict,
     ) -> FingerprintData:
-        return self._mock_puppet.fingerprint(name, host, ping_scan_data, port_scan_data, options)
+        fingerprinter = self._plugin_registry.get_plugin(name, PluginType.FINGERPRINTER)
+        return fingerprinter.get_host_fingerprint(host, ping_scan_data, port_scan_data, options)
 
     def exploit_host(
         self, name: str, host: str, options: Dict, interrupt: threading.Event