forked from p15670423/monkey
Refactor powershell client to not perform actions on init and clean up powershell exploiter a bit
This commit is contained in:
parent
d27194c568
commit
e44e8f503e
|
@ -112,8 +112,16 @@ class PowerShellExploiter(HostExploiter):
|
||||||
self, credentials: List[Credentials], auth_options: List[AuthOptions]
|
self, credentials: List[Credentials], auth_options: List[AuthOptions]
|
||||||
) -> Optional[IPowerShellClient]:
|
) -> Optional[IPowerShellClient]:
|
||||||
for (creds, opts) in zip(credentials, auth_options):
|
for (creds, opts) in zip(credentials, auth_options):
|
||||||
try:
|
|
||||||
client = PowerShellClient(self.host.ip_addr, creds, opts)
|
client = PowerShellClient(self.host.ip_addr, creds, opts)
|
||||||
|
if self._is_client_auth_valid(creds, client):
|
||||||
|
return client
|
||||||
|
|
||||||
|
return None
|
||||||
|
|
||||||
|
def _is_client_auth_valid(self, creds: Credentials, client: IPowerShellClient) -> bool:
|
||||||
|
try:
|
||||||
|
# attempt to execute dir command to know if authentication was successful
|
||||||
|
client.execute_cmd("dir")
|
||||||
|
|
||||||
logger.info(
|
logger.info(
|
||||||
f"Successfully logged into {self.host.ip_addr} using Powershell. User: "
|
f"Successfully logged into {self.host.ip_addr} using Powershell. User: "
|
||||||
|
@ -121,15 +129,14 @@ class PowerShellExploiter(HostExploiter):
|
||||||
)
|
)
|
||||||
self._report_login_attempt(True, creds)
|
self._report_login_attempt(True, creds)
|
||||||
|
|
||||||
return client
|
return True
|
||||||
except Exception as ex: # noqa: F841
|
except Exception as ex: # noqa: F841
|
||||||
logger.debug(
|
logger.debug(
|
||||||
f"Error logging into {self.host.ip_addr} using Powershell. User: "
|
f"Error logging into {self.host.ip_addr} using Powershell. User: "
|
||||||
f"{creds.username}, SecretType: {creds.secret_type.name} -- Error: {ex}"
|
f"{creds.username}, SecretType: {creds.secret_type.name} -- Error: {ex}"
|
||||||
)
|
)
|
||||||
self._report_login_attempt(False, creds)
|
self._report_login_attempt(False, creds)
|
||||||
|
return False
|
||||||
return None
|
|
||||||
|
|
||||||
def _report_login_attempt(self, result: bool, credentials: Credentials):
|
def _report_login_attempt(self, result: bool, credentials: Credentials):
|
||||||
if credentials.secret_type in [SecretType.PASSWORD, SecretType.CACHED]:
|
if credentials.secret_type in [SecretType.PASSWORD, SecretType.CACHED]:
|
||||||
|
|
|
@ -77,9 +77,6 @@ class PowerShellClient(IPowerShellClient):
|
||||||
connection_timeout=CONNECTION_TIMEOUT,
|
connection_timeout=CONNECTION_TIMEOUT,
|
||||||
)
|
)
|
||||||
|
|
||||||
# attempt to execute dir command to know if authentication was successful
|
|
||||||
self.execute_cmd("dir")
|
|
||||||
|
|
||||||
def execute_cmd(self, cmd: str) -> str:
|
def execute_cmd(self, cmd: str) -> str:
|
||||||
output, _, _ = self._client.execute_cmd(cmd)
|
output, _, _ = self._client.execute_cmd(cmd)
|
||||||
return output
|
return output
|
||||||
|
|
Loading…
Reference in New Issue