From f727e75697d044930bf16b77ad2b40c6459d0690 Mon Sep 17 00:00:00 2001
From: Shreya Malviya <shreya.malviya@gmail.com>
Date: Mon, 30 Aug 2021 14:12:29 +0530
Subject: [PATCH 1/3] agent: Use random password for CommunicateAsNewUser PBA

---
 .../post_breach/actions/communicate_as_new_user.py       | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py
index 161adfb0d..79747a5bf 100644
--- a/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py
+++ b/monkey/infection_monkey/post_breach/actions/communicate_as_new_user.py
@@ -10,6 +10,7 @@ from infection_monkey.telemetry.post_breach_telem import PostBreachTelem
 from infection_monkey.utils.auto_new_user_factory import create_auto_new_user
 from infection_monkey.utils.environment import is_windows_os
 from infection_monkey.utils.new_user_error import NewUserError
+from infection_monkey.utils.random_password_generator import get_random_password
 
 INFECTION_MONKEY_WEBSITE_URL = "https://infectionmonkey.com/"
 
@@ -21,7 +22,6 @@ CREATED_PROCESS_AS_USER_FAILED_FORMAT = (
 )
 
 USERNAME_PREFIX = "somenewuser"
-PASSWORD = "N3WPa55W0rD!1"
 
 logger = logging.getLogger(__name__)
 
@@ -29,8 +29,8 @@ logger = logging.getLogger(__name__)
 class CommunicateAsNewUser(PBA):
     """
     This PBA creates a new user, and then creates HTTPS requests as that user. This is used for a
-    Zero Trust test of the
-    People pillar. See the relevant telemetry processing to see what findings are created.
+    Zero Trust test of the People pillar. See the relevant telemetry processing to see what findings
+    are created.
     """
 
     def __init__(self):
@@ -39,7 +39,8 @@ class CommunicateAsNewUser(PBA):
     def run(self):
         username = CommunicateAsNewUser.get_random_new_user_name()
         try:
-            with create_auto_new_user(username, PASSWORD) as new_user:
+            password = get_random_password()
+            with create_auto_new_user(username, password) as new_user:
                 http_request_commandline = CommunicateAsNewUser.get_commandline_for_http_request(
                     INFECTION_MONKEY_WEBSITE_URL
                 )

From 0f2f39f0a03b1aae763ab73d73f7a01ce933b0f1 Mon Sep 17 00:00:00 2001
From: Shreya Malviya <shreya.malviya@gmail.com>
Date: Mon, 30 Aug 2021 14:54:09 +0530
Subject: [PATCH 2/3] CHANGELOG: Update with entry for random password for
 CommunicateAsNewUser PBA

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1dc95da43..4c6965c8e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,9 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
 - Malfunctioning timestomping PBA. #1405
 - Malfunctioning shell startup script PBA. #1419
 
+### Security
+- Generate a random password when creating a new user for CommunicateAsNewUser PBA. #1434
+
 ## [1.11.0] - 2021-08-13
 ### Added
 - A runtime-configurable option to specify a data directory where runtime

From deb037c6174b8adbf27a3f6b36b2e634bd252951 Mon Sep 17 00:00:00 2001
From: Shreya Malviya <shreya.malviya@gmail.com>
Date: Mon, 30 Aug 2021 16:12:08 +0530
Subject: [PATCH 3/3] tests: Add unit tests for communicate as back door user
 PBA

---
 .../test_communicate_as_backdoor_user.py      | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 monkey/tests/unit_tests/infection_monkey/post_breach/actions/test_communicate_as_backdoor_user.py

diff --git a/monkey/tests/unit_tests/infection_monkey/post_breach/actions/test_communicate_as_backdoor_user.py b/monkey/tests/unit_tests/infection_monkey/post_breach/actions/test_communicate_as_backdoor_user.py
new file mode 100644
index 000000000..2a1bf8f49
--- /dev/null
+++ b/monkey/tests/unit_tests/infection_monkey/post_breach/actions/test_communicate_as_backdoor_user.py
@@ -0,0 +1,38 @@
+from infection_monkey.post_breach.actions.communicate_as_new_user import (
+    USERNAME_PREFIX,
+    CommunicateAsNewUser,
+)
+
+URL = "this-is-where-i-wanna-go"
+
+
+def test_get_random_new_user_name():
+    username = CommunicateAsNewUser.get_random_new_user_name()
+    assert len(username) == len(USERNAME_PREFIX) + 5
+    assert username.islower()
+    assert username.startswith(USERNAME_PREFIX)
+
+
+def test_get_commandline_for_http_request_windows():
+    cmd_line = CommunicateAsNewUser.get_commandline_for_http_request(URL, is_windows=True)
+    assert "powershell.exe" in cmd_line
+    assert URL in cmd_line
+
+
+def test_get_commandline_for_http_request_linux_curl(monkeypatch):
+    monkeypatch.setattr(
+        "infection_monkey.post_breach.actions.communicate_as_new_user.shutil.which",
+        lambda _: "not None",
+    )
+    cmd_line = CommunicateAsNewUser.get_commandline_for_http_request(URL, is_windows=False)
+    assert "curl" in cmd_line
+    assert URL in cmd_line
+
+
+def test_get_commandline_for_http_request_linux_wget(monkeypatch):
+    monkeypatch.setattr(
+        "infection_monkey.post_breach.actions.communicate_as_new_user.shutil.which", lambda _: None
+    )
+    cmd_line = CommunicateAsNewUser.get_commandline_for_http_request(URL, is_windows=False)
+    assert "wget" in cmd_line
+    assert URL in cmd_line