p41275903
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Move password restoration event publishing in zerologon

This commit is contained in:
Shreya Malviya 2022-10-07 11:13:44 +05:30 committed by Ilija Lazoroski
parent f05d5be32f
commit 050a84d890
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
monkey/infection_monkey/exploit/zerologon.py
View File

@ -107,8 +107,6 @@ class ZerologonExploiter(HostExploiter):
self.exploit_info["password_restored"] = False
logger.info("System exploited but couldn't restore password!")
self._publish_password_restoration_event(success=self.exploit_info["password_restored"])
self.store_extracted_creds_for_exploitation()
else:
logger.info("System was not exploited.")
@ -317,15 +315,6 @@ class ZerologonExploiter(HostExploiter):
"nt_hash": nthash,
}
def _publish_password_restoration_event(self, success: bool):
password_restoration_event = PasswordRestorationEvent(
source=get_agent_id(),
target=self.host.ip_addr,
tags=PASSWORD_RESTORATION_EVENT_TAGS,
success=success,
)
self.agent_event_queue.publish(password_restoration_event)
def store_extracted_creds_for_exploitation(self) -> None:
for user in self._extracted_creds.keys():
self.send_extracted_creds_as_credential_telemetry(
@ -518,11 +507,22 @@ class ZerologonExploiter(HostExploiter):
def assess_restoration_attempt_result(self, restoration_attempt_result) -> bool:
if restoration_attempt_result:
self._publish_password_restoration_event(success=True)
logger.debug("DC machine account password should be restored to its original value.")
return True
self._publish_password_restoration_event(success=False)
return False
def _publish_password_restoration_event(self, success: bool):
password_restoration_event = PasswordRestorationEvent(
source=get_agent_id(),
target=self.host.ip_addr,
tags=PASSWORD_RESTORATION_EVENT_TAGS,
success=success,
)
self.agent_event_queue.publish(password_restoration_event)
class NetrServerPasswordSet(nrpc.NDRCALL):
opnum = 6