From e44e8f503e7035b0bb8f2220fca4583625d39a55 Mon Sep 17 00:00:00 2001 From: VakarisZ Date: Tue, 7 Sep 2021 12:17:32 +0300 Subject: [PATCH] Refactor powershell client to not perform actions on init and clean up powershell exploiter a bit --- monkey/infection_monkey/exploit/powershell.py | 37 +++++++++++-------- .../powershell_utils/powershell_client.py | 3 -- 2 files changed, 22 insertions(+), 18 deletions(-) diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py index 6d6520080..7b4aaec66 100644 --- a/monkey/infection_monkey/exploit/powershell.py +++ b/monkey/infection_monkey/exploit/powershell.py @@ -112,25 +112,32 @@ class PowerShellExploiter(HostExploiter): self, credentials: List[Credentials], auth_options: List[AuthOptions] ) -> Optional[IPowerShellClient]: for (creds, opts) in zip(credentials, auth_options): - try: - client = PowerShellClient(self.host.ip_addr, creds, opts) - - logger.info( - f"Successfully logged into {self.host.ip_addr} using Powershell. User: " - f"{creds.username}, Secret Type: {creds.secret_type.name}" - ) - self._report_login_attempt(True, creds) - + client = PowerShellClient(self.host.ip_addr, creds, opts) + if self._is_client_auth_valid(creds, client): return client - except Exception as ex: # noqa: F841 - logger.debug( - f"Error logging into {self.host.ip_addr} using Powershell. User: " - f"{creds.username}, SecretType: {creds.secret_type.name} -- Error: {ex}" - ) - self._report_login_attempt(False, creds) return None + def _is_client_auth_valid(self, creds: Credentials, client: IPowerShellClient) -> bool: + try: + # attempt to execute dir command to know if authentication was successful + client.execute_cmd("dir") + + logger.info( + f"Successfully logged into {self.host.ip_addr} using Powershell. User: " + f"{creds.username}, Secret Type: {creds.secret_type.name}" + ) + self._report_login_attempt(True, creds) + + return True + except Exception as ex: # noqa: F841 + logger.debug( + f"Error logging into {self.host.ip_addr} using Powershell. User: " + f"{creds.username}, SecretType: {creds.secret_type.name} -- Error: {ex}" + ) + self._report_login_attempt(False, creds) + return False + def _report_login_attempt(self, result: bool, credentials: Credentials): if credentials.secret_type in [SecretType.PASSWORD, SecretType.CACHED]: self.report_login_attempt(result, credentials.username, password=credentials.secret) diff --git a/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py b/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py index ad5854d4a..55ccd477a 100644 --- a/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py +++ b/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py @@ -77,9 +77,6 @@ class PowerShellClient(IPowerShellClient): connection_timeout=CONNECTION_TIMEOUT, ) - # attempt to execute dir command to know if authentication was successful - self.execute_cmd("dir") - def execute_cmd(self, cmd: str) -> str: output, _, _ = self._client.execute_cmd(cmd) return output