p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Add attack technique tags from WMIExploiter

This commit is contained in:
Ilija Lazoroski 2022-10-07 14:12:52 +02:00
parent ed191bcf61
commit c09c2c2127
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
monkey/infection_monkey/exploit/wmiexec.py
View File

@ -7,6 +7,11 @@ from time import time
from impacket.dcerpc.v5.rpcrt import DCERPCException
from common.credentials import get_plaintext
from common.tags import (
T1021_ATTACK_TECHNIQUE_TAG,
T1105_ATTACK_TECHNIQUE_TAG,
T1110_ATTACK_TECHNIQUE_TAG,
)
from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_agent_dst_path
from infection_monkey.exploit.tools.smb_tools import SmbTools
@ -22,10 +27,15 @@ from infection_monkey.utils.threading import interruptible_iter
logger = logging.getLogger(__name__)
WMI_EXPLOITER_TAG = "wmi-expliter"
class WmiExploiter(HostExploiter):
_EXPLOITED_SERVICE = "WMI (Windows Management Instrumentation)"
_EXPLOITER_TAGS = (WMI_EXPLOITER_TAG, T1021_ATTACK_TECHNIQUE_TAG, T1110_ATTACK_TECHNIQUE_TAG)
_PROPAGATION_TAGS = (WMI_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)
@WmiTools.impacket_user
@WmiTools.dcom_wrap
def _exploit_host(self) -> ExploiterResultData: