forked from p15670423/monkey
Agent: Pass only ExploitationConfiguration to _exploit_hosts()
This commit is contained in:
Mike Salvatore
parent
55c9b21e28
commit
ddcc689d0f
|
|
@ -50,14 +50,14 @@ class Exploiter:
|
||||||
|
|
||||||
def exploit_hosts(
|
def exploit_hosts(
|
||||||
self,
|
self,
|
||||||
exploiter_config: ExploitationConfiguration,
|
exploitation_config: ExploitationConfiguration,
|
||||||
hosts_to_exploit: Queue,
|
hosts_to_exploit: Queue,
|
||||||
current_depth: int,
|
current_depth: int,
|
||||||
results_callback: Callback,
|
results_callback: Callback,
|
||||||
scan_completed: Event,
|
scan_completed: Event,
|
||||||
stop: Event,
|
stop: Event,
|
||||||
):
|
):
|
||||||
exploiters_to_run = self._process_exploiter_config(exploiter_config)
|
exploiters_to_run = self._process_exploiter_config(exploitation_config)
|
||||||
logger.debug(
|
logger.debug(
|
||||||
"Agent is configured to run the following exploiters in order: "
|
"Agent is configured to run the following exploiters in order: "
|
||||||
f"{', '.join([e.name for e in exploiters_to_run])}"
|
f"{', '.join([e.name for e in exploiters_to_run])}"
|
||||||
|
|
@ -80,18 +80,20 @@ class Exploiter:
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def _process_exploiter_config(
|
def _process_exploiter_config(
|
||||||
exploiter_config: ExploitationConfiguration,
|
exploitation_config: ExploitationConfiguration,
|
||||||
) -> Sequence[PluginConfiguration]:
|
) -> Sequence[PluginConfiguration]:
|
||||||
# Run vulnerability exploiters before brute force exploiters to minimize the effect of
|
# Run vulnerability exploiters before brute force exploiters to minimize the effect of
|
||||||
# account lockout due to invalid credentials
|
# account lockout due to invalid credentials
|
||||||
ordered_exploiters = chain(exploiter_config.vulnerability, exploiter_config.brute_force)
|
ordered_exploiters = chain(
|
||||||
|
exploitation_config.vulnerability, exploitation_config.brute_force
|
||||||
|
)
|
||||||
exploiters_to_run = list(deepcopy(ordered_exploiters))
|
exploiters_to_run = list(deepcopy(ordered_exploiters))
|
||||||
|
|
||||||
extended_exploiters = []
|
extended_exploiters = []
|
||||||
for exploiter in exploiters_to_run:
|
for exploiter in exploiters_to_run:
|
||||||
# This order allows exploiter-specific options to
|
# This order allows exploiter-specific options to
|
||||||
# override general options for all exploiters.
|
# override general options for all exploiters.
|
||||||
options = {**exploiter_config.options.__dict__, **exploiter.options}
|
options = {**exploitation_config.options.__dict__, **exploiter.options}
|
||||||
extended_exploiters.append(PluginConfiguration(exploiter.name, options))
|
extended_exploiters.append(PluginConfiguration(exploiter.name, options))
|
||||||
|
|
||||||
return extended_exploiters
|
return extended_exploiters
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@ from threading import Event
|
||||||
from typing import List
|
from typing import List
|
||||||
|
|
||||||
from common.agent_configuration import (
|
from common.agent_configuration import (
|
||||||
|
ExploitationConfiguration,
|
||||||
NetworkScanConfiguration,
|
NetworkScanConfiguration,
|
||||||
PropagationConfiguration,
|
PropagationConfiguration,
|
||||||
ScanTargetConfiguration,
|
ScanTargetConfiguration,
|
||||||
|
|
@ -60,7 +61,7 @@ class Propagator:
|
||||||
exploit_thread = create_daemon_thread(
|
exploit_thread = create_daemon_thread(
|
||||||
target=self._exploit_hosts,
|
target=self._exploit_hosts,
|
||||||
name="PropagatorExploitThread",
|
name="PropagatorExploitThread",
|
||||||
args=(propagation_config, current_depth, network_scan_completed, stop),
|
args=(propagation_config.exploitation, current_depth, network_scan_completed, stop),
|
||||||
)
|
)
|
||||||
|
|
||||||
scan_thread.start()
|
scan_thread.start()
|
||||||
|
|
@ -142,16 +143,15 @@ class Propagator:
|
||||||
|
|
||||||
def _exploit_hosts(
|
def _exploit_hosts(
|
||||||
self,
|
self,
|
||||||
propagation_config: PropagationConfiguration,
|
exploitation_config: ExploitationConfiguration,
|
||||||
current_depth: int,
|
current_depth: int,
|
||||||
network_scan_completed: Event,
|
network_scan_completed: Event,
|
||||||
stop: Event,
|
stop: Event,
|
||||||
):
|
):
|
||||||
logger.info("Exploiting victims")
|
logger.info("Exploiting victims")
|
||||||
|
|
||||||
exploiter_config = propagation_config.exploitation
|
|
||||||
self._exploiter.exploit_hosts(
|
self._exploiter.exploit_hosts(
|
||||||
exploiter_config,
|
exploitation_config,
|
||||||
self._hosts_to_exploit,
|
self._hosts_to_exploit,
|
||||||
current_depth,
|
current_depth,
|
||||||
self._process_exploit_attempts,
|
self._process_exploit_attempts,
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue