From 04125e5e14caef0f9efd8e88b034bb594b2c9683 Mon Sep 17 00:00:00 2001
From: Shreya Malviya <shreya.malviya@gmail.com>
Date: Fri, 20 Aug 2021 23:44:12 +0530
Subject: [PATCH] agent: Add separate function to set log levels for sensitive
 packages in powershell exploiter

---
 monkey/infection_monkey/exploit/powershell.py | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py
index c4cd1f459..0ce03b880 100644
--- a/monkey/infection_monkey/exploit/powershell.py
+++ b/monkey/infection_monkey/exploit/powershell.py
@@ -31,14 +31,18 @@ class PowershellExploiter(HostExploiter):
     _EXPLOITED_SERVICE = "PowerShell Remoting (WinRM)"
 
     def __init__(self, host: VictimHost):
-        # If pypsrp will inherit root logger, it will log extensive and potentially sensitive info
-        logging.getLogger("pypsrp").setLevel(logging.ERROR)
-        logging.getLogger(spnego.__name__).setLevel(logging.ERROR)
-        logging.getLogger(connectionpool.__name__).setLevel(logging.ERROR)
+        PowershellExploiter._set_sensitive_packages_log_level_to_error()
 
         super().__init__(host)
         self.client = None
 
+    @staticmethod
+    def _set_sensitive_packages_log_level_to_error():
+        # If root logger is inherited, extensive and potentially sensitive info could be logged
+        sensitive_packages = [pypsrp, spnego, connectionpool]
+        for package in sensitive_packages:
+            logging.getLogger(package.__name__).setLevel(logging.ERROR)
+
     def _exploit_host(self):
         try:
             self.client = self.exploit_without_credentials()