diff --git a/monkey/common/credentials/__init__.py b/monkey/common/credentials/__init__.py index 66b91971d..175ec1481 100644 --- a/monkey/common/credentials/__init__.py +++ b/monkey/common/credentials/__init__.py @@ -3,5 +3,6 @@ from .nt_hash import NTHash from .password import Password from .ssh_keypair import SSHKeypair from .username import Username +from .encoding import get_plaintext, SecretEncodingConfig from .credentials import Credentials diff --git a/monkey/common/credentials/credentials.py b/monkey/common/credentials/credentials.py index 834e16ac3..744de5b2b 100644 --- a/monkey/common/credentials/credentials.py +++ b/monkey/common/credentials/credentials.py @@ -2,22 +2,14 @@ from __future__ import annotations from typing import Optional, Union -from pydantic import SecretBytes, SecretStr - from ..base_models import InfectionMonkeyBaseModel, InfectionMonkeyModelConfig from . import LMHash, NTHash, Password, SSHKeypair, Username +from .encoding import SecretEncodingConfig Secret = Union[Password, LMHash, NTHash, SSHKeypair] Identity = Username -def get_plaintext(secret: Union[SecretStr, SecretBytes, None, str]) -> Optional[str]: - if isinstance(secret, (SecretStr, SecretBytes)): - return secret.get_secret_value() - else: - return secret - - class Credentials(InfectionMonkeyBaseModel): """Represents a credential pair (an identity and a secret)""" @@ -27,9 +19,5 @@ class Credentials(InfectionMonkeyBaseModel): secret: Optional[Secret] """Secret part of credentials, like a password or a hash""" - class Config(InfectionMonkeyModelConfig): - json_encoders = { - # This makes secrets dumpable to json, but not loggable - SecretStr: get_plaintext, - SecretBytes: get_plaintext, - } + class Config(SecretEncodingConfig, InfectionMonkeyModelConfig): + pass diff --git a/monkey/common/credentials/encoding.py b/monkey/common/credentials/encoding.py new file mode 100644 index 000000000..e76ff8599 --- /dev/null +++ b/monkey/common/credentials/encoding.py @@ -0,0 +1,20 @@ +from __future__ import annotations + +from typing import Optional, Union + +from pydantic import SecretBytes, SecretStr + + +def get_plaintext(secret: Union[SecretStr, SecretBytes, None, str]) -> Optional[str]: + if isinstance(secret, (SecretStr, SecretBytes)): + return secret.get_secret_value() + else: + return secret + + +class SecretEncodingConfig: + json_encoders = { + # This makes secrets dumpable to json, but not loggable + SecretStr: get_plaintext, + SecretBytes: get_plaintext, + } diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index 6fd8e27cb..a2a63eec8 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -6,7 +6,7 @@ from typing import Sequence, Tuple import pymssql from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT -from common.credentials.credentials import get_plaintext +from common.credentials import get_plaintext from common.utils.exceptions import FailedExploitationError from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.tools.helpers import get_agent_dst_path diff --git a/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py b/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py index 0ea71c6f1..cb8eec010 100644 --- a/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py +++ b/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py @@ -11,7 +11,7 @@ from pypsrp.powershell import PowerShell, RunspacePool from typing_extensions import Protocol from urllib3 import connectionpool -from common.credentials.credentials import get_plaintext +from common.credentials import get_plaintext from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions from infection_monkey.exploit.powershell_utils.credentials import Credentials, SecretType diff --git a/monkey/infection_monkey/exploit/smbexec.py b/monkey/infection_monkey/exploit/smbexec.py index abf8b4f47..0facecc9f 100644 --- a/monkey/infection_monkey/exploit/smbexec.py +++ b/monkey/infection_monkey/exploit/smbexec.py @@ -4,7 +4,7 @@ from impacket.dcerpc.v5 import scmr, transport from impacket.dcerpc.v5.scmr import DCERPCSessionError from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT -from common.credentials.credentials import get_plaintext +from common.credentials import get_plaintext from common.utils.attack_utils import ScanStatus, UsageEnum from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.tools.helpers import get_agent_dst_path diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py index 1b317b2ac..b7edda56e 100644 --- a/monkey/infection_monkey/exploit/sshexec.py +++ b/monkey/infection_monkey/exploit/sshexec.py @@ -6,7 +6,7 @@ import paramiko from common import OperatingSystem from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT -from common.credentials.credentials import get_plaintext +from common.credentials import get_plaintext from common.utils import Timer from common.utils.attack_utils import ScanStatus from common.utils.exceptions import FailedExploitationError diff --git a/monkey/infection_monkey/exploit/tools/smb_tools.py b/monkey/infection_monkey/exploit/tools/smb_tools.py index c9ac254e1..5a4ab5042 100644 --- a/monkey/infection_monkey/exploit/tools/smb_tools.py +++ b/monkey/infection_monkey/exploit/tools/smb_tools.py @@ -10,7 +10,7 @@ from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21 from impacket.smbconnection import SMB_DIALECT, SMBConnection from pydantic import SecretStr -from common.credentials.credentials import get_plaintext +from common.credentials import get_plaintext from common.utils.attack_utils import ScanStatus from infection_monkey.network.tools import get_interface_to_target from infection_monkey.telemetry.attack.t1105_telem import T1105Telem diff --git a/monkey/infection_monkey/exploit/wmiexec.py b/monkey/infection_monkey/exploit/wmiexec.py index 8cfd27a3d..0788ff813 100644 --- a/monkey/infection_monkey/exploit/wmiexec.py +++ b/monkey/infection_monkey/exploit/wmiexec.py @@ -5,7 +5,7 @@ import traceback from impacket.dcerpc.v5.rpcrt import DCERPCException -from common.credentials.credentials import get_plaintext +from common.credentials import get_plaintext from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.tools.helpers import get_agent_dst_path from infection_monkey.exploit.tools.smb_tools import SmbTools diff --git a/monkey/tests/unit_tests/common/events/__init__.py b/monkey/tests/unit_tests/common/events/__init__.py new file mode 100644 index 000000000..e69de29bb