- Updated dynamic payload file creation

monkey/infection_monkey/exploit/mssqlexec.py

@@ -1,3 +1,5 @@
+import os
+import platform
 from os import path
 import logging
 
@@ -15,15 +17,14 @@ class MSSQLExploiter(HostExploiter):
     _TARGET_OS_TYPE = ['windows']
     LOGIN_TIMEOUT = 15
     SQL_DEFAULT_TCP_PORT = '1433'
-    DEFAULT_PAYLOAD_PATH = path.abspath(r'.monkey_utils\payloads\mssqlexec_payload.bat')
+    DEFAULT_PAYLOAD_PATH = os.path.expandvars(r'%TEMP%\~PLD123.bat') if platform.system() else '/tmp/~PLD123.bat'
 
     def __init__(self, host):
         super(MSSQLExploiter, self).__init__(host)
         self._config = __import__('config').WormConfiguration
         self.attacks_list = [mssqlexec_utils.CmdShellAttack]
 
-    @staticmethod
-    def create_payload_file(payload_path=DEFAULT_PAYLOAD_PATH):
+    def create_payload_file(self, payload_path=DEFAULT_PAYLOAD_PATH):
         """
         This function creates dynamically the payload file to be transported and ran on the exploited machine.
         :param payload_path: A path to the create the payload file in
@@ -34,7 +35,7 @@ class MSSQLExploiter(HostExploiter):
                 payload_file.write('dir C:\\')
             return True
         except Exception as e:
-            LOG.error("Payload file couldn't be created", exec_info=True)
+            LOG.error("Payload file couldn't be created", exc_info=True)
             return False
 
     def exploit_host(self):
@@ -45,7 +46,7 @@ class MSSQLExploiter(HostExploiter):
             """
         username_passwords_pairs_list = self._config.get_exploit_user_password_pairs()
 
-        if not MSSQLExploiter.create_payload_file():
+        if not self.create_payload_file():
             return False
         if self.brute_force_begin(self.host.ip_addr, self.SQL_DEFAULT_TCP_PORT, username_passwords_pairs_list,
                                   self.DEFAULT_PAYLOAD_PATH):