From e947f335fff41b28bf9734c5de6c0aaad2247531 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Wed, 23 Mar 2022 16:03:10 +0530 Subject: [PATCH] Agent: Remove unused functions in PowerShell exploiter --- monkey/infection_monkey/exploit/powershell.py | 53 +------------------ 1 file changed, 1 insertion(+), 52 deletions(-) diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py index 1a76f4044..588a7566d 100644 --- a/monkey/infection_monkey/exploit/powershell.py +++ b/monkey/infection_monkey/exploit/powershell.py @@ -3,19 +3,13 @@ from pathlib import Path from typing import List, Optional from infection_monkey.exploit.HostExploiter import HostExploiter -from infection_monkey.exploit.powershell_utils.auth_options import ( - AUTH_NEGOTIATE, - ENCRYPTION_AUTO, - AuthOptions, - get_auth_options, -) +from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions, get_auth_options from infection_monkey.exploit.powershell_utils.credentials import ( Credentials, SecretType, get_credentials, ) from infection_monkey.exploit.powershell_utils.powershell_client import ( - AuthenticationError, IPowerShellClient, PowerShellClient, ) @@ -90,51 +84,6 @@ class PowerShellExploiter(HostExploiter): def _is_any_default_port_open(self) -> bool: return "tcp-5985" in self.host.services or "tcp-5986" in self.host.services - def _is_client_using_https(self) -> bool: - try: - logger.debug("Checking if powershell remoting is enabled over HTTP.") - self._try_http() - return False - except AuthenticationError: - return False - except Exception as e: - logger.debug(f"Powershell remoting over HTTP seems disabled: {e}") - - try: - logger.debug("Checking if powershell remoting is enabled over HTTPS.") - self._try_https() - return True - except AuthenticationError: - return True - except Exception as e: - logger.debug(f"Powershell remoting over HTTPS seems disabled: {e}") - raise PowerShellRemotingDisabledError("Powershell remoting seems to be disabled.") - - def _try_http(self): - self._try_ssl_login(use_ssl=False) - - def _try_https(self): - self._try_ssl_login(use_ssl=True) - - def _try_ssl_login(self, use_ssl: bool): - # '.\' is machine qualifier if the user is in the local domain - # which happens if we try to exploit a machine on second hop - credentials = Credentials( - username=".\\dummy_username", - secret="dummy_password", - secret_type=SecretType.PASSWORD, - ) - - auth_options = AuthOptions( - auth_type=AUTH_NEGOTIATE, - encryption=ENCRYPTION_AUTO, - ssl=use_ssl, - ) - - # TODO: Report login attempt or find a better way of detecting if SSL is enabled - client = PowerShellClient(self.host.ip_addr, credentials, auth_options) - client.connect() - def _authenticate_via_brute_force( self, credentials: List[Credentials], auth_options: List[AuthOptions] ) -> Optional[IPowerShellClient]: