forked from p15670423/monkey
Agent: Remove publishing exploitation attempts in zerologon's vuln assessment
This commit is contained in:
parent
3b60c760e4
commit
1cf017c2ac
|
@ -5,13 +5,10 @@ import nmb.NetBIOS
|
||||||
from impacket.dcerpc.v5 import nrpc, rpcrt
|
from impacket.dcerpc.v5 import nrpc, rpcrt
|
||||||
|
|
||||||
from common.common_consts.timeouts import MEDIUM_REQUEST_TIMEOUT
|
from common.common_consts.timeouts import MEDIUM_REQUEST_TIMEOUT
|
||||||
from common.tags import T1210_ATTACK_TECHNIQUE_TAG
|
|
||||||
from common.utils.exceptions import DomainControllerNameFetchError
|
from common.utils.exceptions import DomainControllerNameFetchError
|
||||||
from infection_monkey.model import VictimHost
|
from infection_monkey.model import VictimHost
|
||||||
from infection_monkey.utils.threading import interruptible_iter
|
from infection_monkey.utils.threading import interruptible_iter
|
||||||
|
|
||||||
from . import ZEROLOGON_EXPLOITER_TAG
|
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
@ -46,12 +43,6 @@ def is_exploitable(zerologon_exploiter_object) -> Tuple[bool, Optional[rpcrt.DCE
|
||||||
except Exception as err:
|
except Exception as err:
|
||||||
error_message = f"Exception occurred while connecting to DC: {err}"
|
error_message = f"Exception occurred while connecting to DC: {err}"
|
||||||
logger.info(error_message)
|
logger.info(error_message)
|
||||||
zerologon_exploiter_object._publish_exploitation_event(
|
|
||||||
target=zerologon_exploiter_object.host.ip_addr,
|
|
||||||
exploitation_success=False,
|
|
||||||
error_message=error_message,
|
|
||||||
tags=(ZEROLOGON_EXPLOITER_TAG, T1210_ATTACK_TECHNIQUE_TAG),
|
|
||||||
)
|
|
||||||
return False, None
|
return False, None
|
||||||
|
|
||||||
# Try authenticating.
|
# Try authenticating.
|
||||||
|
@ -63,15 +54,10 @@ def is_exploitable(zerologon_exploiter_object) -> Tuple[bool, Optional[rpcrt.DCE
|
||||||
if rpc_con_auth_result is not None:
|
if rpc_con_auth_result is not None:
|
||||||
return True, rpc_con_auth_result
|
return True, rpc_con_auth_result
|
||||||
except Exception as err:
|
except Exception as err:
|
||||||
error_message = "Error occured while authenticating to "
|
error_message = (
|
||||||
f"{zerologon_exploiter_object.host}: {err}"
|
f"Error occured while authenticating to {zerologon_exploiter_object.host}: {err}"
|
||||||
logger.info(error_message)
|
|
||||||
zerologon_exploiter_object._publish_exploitation_event(
|
|
||||||
target=zerologon_exploiter_object.host.ip_addr,
|
|
||||||
exploitation_success=False,
|
|
||||||
error_message=error_message,
|
|
||||||
tags=(ZEROLOGON_EXPLOITER_TAG, T1210_ATTACK_TECHNIQUE_TAG),
|
|
||||||
)
|
)
|
||||||
|
logger.info(error_message)
|
||||||
return False, None
|
return False, None
|
||||||
|
|
||||||
return False, None
|
return False, None
|
||||||
|
|
Loading…
Reference in New Issue