Refactor powershell client to not perform actions on init and clean up powershell exploiter a bit

This commit is contained in:
VakarisZ 2021-09-07 12:17:32 +03:00
parent d27194c568
commit e44e8f503e
2 changed files with 22 additions and 18 deletions

View File

@ -112,8 +112,16 @@ class PowerShellExploiter(HostExploiter):
self, credentials: List[Credentials], auth_options: List[AuthOptions] self, credentials: List[Credentials], auth_options: List[AuthOptions]
) -> Optional[IPowerShellClient]: ) -> Optional[IPowerShellClient]:
for (creds, opts) in zip(credentials, auth_options): for (creds, opts) in zip(credentials, auth_options):
try:
client = PowerShellClient(self.host.ip_addr, creds, opts) client = PowerShellClient(self.host.ip_addr, creds, opts)
if self._is_client_auth_valid(creds, client):
return client
return None
def _is_client_auth_valid(self, creds: Credentials, client: IPowerShellClient) -> bool:
try:
# attempt to execute dir command to know if authentication was successful
client.execute_cmd("dir")
logger.info( logger.info(
f"Successfully logged into {self.host.ip_addr} using Powershell. User: " f"Successfully logged into {self.host.ip_addr} using Powershell. User: "
@ -121,15 +129,14 @@ class PowerShellExploiter(HostExploiter):
) )
self._report_login_attempt(True, creds) self._report_login_attempt(True, creds)
return client return True
except Exception as ex: # noqa: F841 except Exception as ex: # noqa: F841
logger.debug( logger.debug(
f"Error logging into {self.host.ip_addr} using Powershell. User: " f"Error logging into {self.host.ip_addr} using Powershell. User: "
f"{creds.username}, SecretType: {creds.secret_type.name} -- Error: {ex}" f"{creds.username}, SecretType: {creds.secret_type.name} -- Error: {ex}"
) )
self._report_login_attempt(False, creds) self._report_login_attempt(False, creds)
return False
return None
def _report_login_attempt(self, result: bool, credentials: Credentials): def _report_login_attempt(self, result: bool, credentials: Credentials):
if credentials.secret_type in [SecretType.PASSWORD, SecretType.CACHED]: if credentials.secret_type in [SecretType.PASSWORD, SecretType.CACHED]:

View File

@ -77,9 +77,6 @@ class PowerShellClient(IPowerShellClient):
connection_timeout=CONNECTION_TIMEOUT, connection_timeout=CONNECTION_TIMEOUT,
) )
# attempt to execute dir command to know if authentication was successful
self.execute_cmd("dir")
def execute_cmd(self, cmd: str) -> str: def execute_cmd(self, cmd: str) -> str:
output, _, _ = self._client.execute_cmd(cmd) output, _, _ = self._client.execute_cmd(cmd)
return output return output