From 58f23f4fc04a04ed3bd5f476c1ef6719d5dbca26 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 24 Aug 2021 13:13:37 -0400 Subject: [PATCH] Agent: Extract powershell client parameters into powershell_utils --- monkey/infection_monkey/exploit/powershell.py | 4 +--- .../exploit/powershell_utils/utils.py | 13 ++++++++++ .../exploit/powershell_utils/test_utils.py | 24 +++++++++++++++++++ 3 files changed, 38 insertions(+), 3 deletions(-) diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py index 004107c1f..4ad151244 100644 --- a/monkey/infection_monkey/exploit/powershell.py +++ b/monkey/infection_monkey/exploit/powershell.py @@ -74,9 +74,7 @@ class PowerShellExploiter(HostExploiter): return None def _authenticate(self, username: Optional[str], password: Optional[str]) -> Client: - ssl = password != "" - auth = "negotiate" if password != "" else "basic" - encryption = "auto" if password != "" else "never" + (ssl, auth, encryption) = utils.get_powershell_client_params(password) with Client( self.host.ip_addr, diff --git a/monkey/infection_monkey/exploit/powershell_utils/utils.py b/monkey/infection_monkey/exploit/powershell_utils/utils.py index e7143abf3..30aa4bdce 100644 --- a/monkey/infection_monkey/exploit/powershell_utils/utils.py +++ b/monkey/infection_monkey/exploit/powershell_utils/utils.py @@ -1,6 +1,11 @@ from itertools import product from typing import List, Optional, Tuple +AUTH_BASIC = "basic" +AUTH_NEGOTIATE = "negotiate" +ENCRYPTION_AUTO = "auto" +ENCRYPTION_NEVER = "never" + def get_credentials( usernames: List[str], passwords: List[str], is_windows: bool @@ -41,3 +46,11 @@ def _get_username_password_credentials( username_password_pairs = product(usernames, passwords) return [credentials for credentials in username_password_pairs] + + +def get_powershell_client_params(password: str) -> Tuple[bool, str, str]: + ssl = password != "" + auth = AUTH_NEGOTIATE if password != "" else AUTH_BASIC + encryption = ENCRYPTION_AUTO if password != "" else ENCRYPTION_NEVER + + return (ssl, auth, encryption) diff --git a/monkey/tests/unit_tests/infection_monkey/exploit/powershell_utils/test_utils.py b/monkey/tests/unit_tests/infection_monkey/exploit/powershell_utils/test_utils.py index 422a00eae..b426d6bcd 100644 --- a/monkey/tests/unit_tests/infection_monkey/exploit/powershell_utils/test_utils.py +++ b/monkey/tests/unit_tests/infection_monkey/exploit/powershell_utils/test_utils.py @@ -42,3 +42,27 @@ def test_get_credentials__username_password(): for user in TEST_USERS: for password in TEST_PASSWORDS: assert (user, password) in credentials + + +def test_get_powershell_client_params__password_none(): + (ssl, auth, encryption) = utils.get_powershell_client_params(None) + + assert ssl is True + assert auth == utils.AUTH_NEGOTIATE + assert encryption == utils.ENCRYPTION_AUTO + + +def test_get_powershell_client_params__password_str(): + (ssl, auth, encryption) = utils.get_powershell_client_params("1234") + + assert ssl is True + assert auth == utils.AUTH_NEGOTIATE + assert encryption == utils.ENCRYPTION_AUTO + + +def test_get_powershell_client_params__password_empty(): + (ssl, auth, encryption) = utils.get_powershell_client_params("") + + assert ssl is False + assert auth == utils.AUTH_BASIC + assert encryption == utils.ENCRYPTION_NEVER