p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Remove unused functions in PowerShell exploiter

This commit is contained in:
Shreya Malviya 2022-03-23 16:03:10 +05:30 committed by Mike Salvatore
parent 4614e2207d
commit e947f335ff
1 changed files with 1 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
monkey/infection_monkey/exploit/powershell.py
View File

@ -3,19 +3,13 @@ from pathlib import Path
from typing import List, Optional from typing import List, Optional
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.powershell_utils.auth_options import ( from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions, get_auth_options
AUTH_NEGOTIATE,
ENCRYPTION_AUTO,
AuthOptions,
get_auth_options,
)
from infection_monkey.exploit.powershell_utils.credentials import ( from infection_monkey.exploit.powershell_utils.credentials import (
Credentials, Credentials,
SecretType, SecretType,
get_credentials, get_credentials,
) )
from infection_monkey.exploit.powershell_utils.powershell_client import ( from infection_monkey.exploit.powershell_utils.powershell_client import (
AuthenticationError,
IPowerShellClient, IPowerShellClient,
PowerShellClient, PowerShellClient,
) )
@ -90,51 +84,6 @@ class PowerShellExploiter(HostExploiter):
def _is_any_default_port_open(self) -> bool: def _is_any_default_port_open(self) -> bool:
return "tcp-5985" in self.host.services or "tcp-5986" in self.host.services return "tcp-5985" in self.host.services or "tcp-5986" in self.host.services
def _is_client_using_https(self) -> bool:
try:
logger.debug("Checking if powershell remoting is enabled over HTTP.")
self._try_http()
return False
except AuthenticationError:
return False
except Exception as e:
logger.debug(f"Powershell remoting over HTTP seems disabled: {e}")
try:
logger.debug("Checking if powershell remoting is enabled over HTTPS.")
self._try_https()
return True
except AuthenticationError:
return True
except Exception as e:
logger.debug(f"Powershell remoting over HTTPS seems disabled: {e}")
raise PowerShellRemotingDisabledError("Powershell remoting seems to be disabled.")
def _try_http(self):
self._try_ssl_login(use_ssl=False)
def _try_https(self):
self._try_ssl_login(use_ssl=True)
def _try_ssl_login(self, use_ssl: bool):
# '.\' is machine qualifier if the user is in the local domain
# which happens if we try to exploit a machine on second hop
credentials = Credentials(
username=".\\dummy_username",
secret="dummy_password",
secret_type=SecretType.PASSWORD,
)
auth_options = AuthOptions(
auth_type=AUTH_NEGOTIATE,
encryption=ENCRYPTION_AUTO,
ssl=use_ssl,
)
# TODO: Report login attempt or find a better way of detecting if SSL is enabled
client = PowerShellClient(self.host.ip_addr, credentials, auth_options)
client.connect()
def _authenticate_via_brute_force( def _authenticate_via_brute_force(
self, credentials: List[Credentials], auth_options: List[AuthOptions] self, credentials: List[Credentials], auth_options: List[AuthOptions]
) -> Optional[IPowerShellClient]: ) -> Optional[IPowerShellClient]: