forked from p15670423/monkey
Agent: Use NTLM specifically for PowerShell if using pass-the-hash
This commit is contained in:
parent
79aacf3dcb
commit
844d244d67
|
@ -1,9 +1,10 @@
|
||||||
from dataclasses import dataclass
|
from dataclasses import dataclass
|
||||||
|
|
||||||
from infection_monkey.exploit.powershell_utils.credentials import Credentials
|
from infection_monkey.exploit.powershell_utils.credentials import Credentials, SecretType
|
||||||
|
|
||||||
AUTH_BASIC = "basic"
|
AUTH_BASIC = "basic"
|
||||||
AUTH_NEGOTIATE = "negotiate"
|
AUTH_NEGOTIATE = "negotiate"
|
||||||
|
AUTH_NTLM = "ntlm"
|
||||||
ENCRYPTION_AUTO = "auto"
|
ENCRYPTION_AUTO = "auto"
|
||||||
ENCRYPTION_NEVER = "never"
|
ENCRYPTION_NEVER = "never"
|
||||||
|
|
||||||
|
@ -29,7 +30,13 @@ def _get_ssl(credentials: Credentials, use_ssl):
|
||||||
|
|
||||||
|
|
||||||
def _get_auth_type(credentials: Credentials):
|
def _get_auth_type(credentials: Credentials):
|
||||||
return AUTH_BASIC if credentials.secret == "" else AUTH_NEGOTIATE
|
if credentials.secret == "":
|
||||||
|
return AUTH_BASIC
|
||||||
|
|
||||||
|
if credentials.secret_type in {SecretType.LM_HASH, SecretType.NT_HASH}:
|
||||||
|
return AUTH_NTLM
|
||||||
|
|
||||||
|
return AUTH_NEGOTIATE
|
||||||
|
|
||||||
|
|
||||||
def _get_encryption(credentials: Credentials):
|
def _get_encryption(credentials: Credentials):
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
from infection_monkey.exploit.powershell_utils.auth_options import (
|
from infection_monkey.exploit.powershell_utils.auth_options import (
|
||||||
AUTH_BASIC,
|
AUTH_BASIC,
|
||||||
AUTH_NEGOTIATE,
|
AUTH_NEGOTIATE,
|
||||||
|
AUTH_NTLM,
|
||||||
ENCRYPTION_AUTO,
|
ENCRYPTION_AUTO,
|
||||||
ENCRYPTION_NEVER,
|
ENCRYPTION_NEVER,
|
||||||
get_auth_options,
|
get_auth_options,
|
||||||
|
@ -11,6 +12,8 @@ from infection_monkey.exploit.powershell_utils.credentials import Credentials, S
|
||||||
CREDENTIALS_WITH_PASSWORD = Credentials("user1", "password1", SecretType.PASSWORD)
|
CREDENTIALS_WITH_PASSWORD = Credentials("user1", "password1", SecretType.PASSWORD)
|
||||||
CREDENTIALS_EMPTY_PASSWORD = Credentials("user2", "", SecretType.PASSWORD)
|
CREDENTIALS_EMPTY_PASSWORD = Credentials("user2", "", SecretType.PASSWORD)
|
||||||
CREDENTIALS_NONE_PASSWORD = Credentials("user3", None, SecretType.CACHED)
|
CREDENTIALS_NONE_PASSWORD = Credentials("user3", None, SecretType.CACHED)
|
||||||
|
CREDENTIALS_LM_HASH = Credentials("user4", "LM_HASH:NONE", SecretType.LM_HASH)
|
||||||
|
CREDENTIALS_NT_HASH = Credentials("user5", "NONE:NT_HASH", SecretType.NT_HASH)
|
||||||
|
|
||||||
|
|
||||||
def test_get_auth_options__ssl_true_with_password():
|
def test_get_auth_options__ssl_true_with_password():
|
||||||
|
@ -67,6 +70,18 @@ def test_get_auth_options__auth_type_none_password():
|
||||||
assert auth_options.auth_type == AUTH_NEGOTIATE
|
assert auth_options.auth_type == AUTH_NEGOTIATE
|
||||||
|
|
||||||
|
|
||||||
|
def test_get_auth_options__auth_type_with_LM_hash():
|
||||||
|
auth_options = get_auth_options(CREDENTIALS_LM_HASH, use_ssl=False)
|
||||||
|
|
||||||
|
assert auth_options.auth_type == AUTH_NTLM
|
||||||
|
|
||||||
|
|
||||||
|
def test_get_auth_options__auth_type_with_NT_hash():
|
||||||
|
auth_options = get_auth_options(CREDENTIALS_NT_HASH, use_ssl=False)
|
||||||
|
|
||||||
|
assert auth_options.auth_type == AUTH_NTLM
|
||||||
|
|
||||||
|
|
||||||
def test_get_auth_options__encryption_with_password():
|
def test_get_auth_options__encryption_with_password():
|
||||||
auth_options = get_auth_options(CREDENTIALS_WITH_PASSWORD, use_ssl=False)
|
auth_options = get_auth_options(CREDENTIALS_WITH_PASSWORD, use_ssl=False)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue