Common, Agent: Extract credential encoding related methods

2022-09-16 14:11:17 +03:00 · 2022-09-16 14:11:17 +03:00 · 9577c5569e
parent 004a543310
commit 9577c5569e
10 changed files with 30 additions and 21 deletions
--- a/monkey/common/credentials/init.py
+++ b/monkey/common/credentials/init.py
@ -3,5 +3,6 @@ from .nt_hash import NTHash
 from .password import Password
 from .ssh_keypair import SSHKeypair
 from .username import Username
 from .encoding import get_plaintext, SecretEncodingConfig
 from .credentials import Credentials
--- a/monkey/common/credentials/credentials.py
+++ b/monkey/common/credentials/credentials.py
@ -2,22 +2,14 @@ from __future__ import annotations
 from typing import Optional, Union
 from pydantic import SecretBytes, SecretStr
 from ..base_models import InfectionMonkeyBaseModel, InfectionMonkeyModelConfig
 from . import LMHash, NTHash, Password, SSHKeypair, Username
 from .encoding import SecretEncodingConfig
 Secret = Union[Password, LMHash, NTHash, SSHKeypair]
 Identity = Username
 def get_plaintext(secret: Union[SecretStr, SecretBytes, None, str]) -> Optional[str]:
    if isinstance(secret, (SecretStr, SecretBytes)):
        return secret.get_secret_value()
    else:
        return secret
 class Credentials(InfectionMonkeyBaseModel):
    """Represents a credential pair (an identity and a secret)"""
@ -27,9 +19,5 @@ class Credentials(InfectionMonkeyBaseModel):
    secret: Optional[Secret]
    """Secret part of credentials, like a password or a hash"""
-    class Config(InfectionMonkeyModelConfig):
+    class Config(SecretEncodingConfig, InfectionMonkeyModelConfig):
-        json_encoders = {
+        pass
            # This makes secrets dumpable to json, but not loggable
            SecretStr: get_plaintext,
            SecretBytes: get_plaintext,
        }
--- a/monkey/common/credentials/encoding.py
+++ b/monkey/common/credentials/encoding.py
@ -0,0 +1,20 @@
 from __future__ import annotations
 from typing import Optional, Union
 from pydantic import SecretBytes, SecretStr
 def get_plaintext(secret: Union[SecretStr, SecretBytes, None, str]) -> Optional[str]:
    if isinstance(secret, (SecretStr, SecretBytes)):
        return secret.get_secret_value()
    else:
        return secret
 class SecretEncodingConfig:
    json_encoders = {
        # This makes secrets dumpable to json, but not loggable
        SecretStr: get_plaintext,
        SecretBytes: get_plaintext,
    }
--- a/monkey/infection_monkey/exploit/mssqlexec.py
+++ b/monkey/infection_monkey/exploit/mssqlexec.py
@ -6,7 +6,7 @@ from typing import Sequence, Tuple
 import pymssql
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
-from common.credentials.credentials import get_plaintext
+from common.credentials import get_plaintext
 from common.utils.exceptions import FailedExploitationError
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.tools.helpers import get_agent_dst_path
--- a/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py
+++ b/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py
@ -11,7 +11,7 @@ from pypsrp.powershell import PowerShell, RunspacePool
 from typing_extensions import Protocol
 from urllib3 import connectionpool
-from common.credentials.credentials import get_plaintext
+from common.credentials import get_plaintext
 from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions
 from infection_monkey.exploit.powershell_utils.credentials import Credentials, SecretType
--- a/monkey/infection_monkey/exploit/smbexec.py
+++ b/monkey/infection_monkey/exploit/smbexec.py
@ -4,7 +4,7 @@ from impacket.dcerpc.v5 import scmr, transport
 from impacket.dcerpc.v5.scmr import DCERPCSessionError
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
-from common.credentials.credentials import get_plaintext
+from common.credentials import get_plaintext
 from common.utils.attack_utils import ScanStatus, UsageEnum
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.tools.helpers import get_agent_dst_path
--- a/monkey/infection_monkey/exploit/sshexec.py
+++ b/monkey/infection_monkey/exploit/sshexec.py
@ -6,7 +6,7 @@ import paramiko
 from common import OperatingSystem
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT
-from common.credentials.credentials import get_plaintext
+from common.credentials import get_plaintext
 from common.utils import Timer
 from common.utils.attack_utils import ScanStatus
 from common.utils.exceptions import FailedExploitationError
--- a/monkey/infection_monkey/exploit/tools/smb_tools.py
+++ b/monkey/infection_monkey/exploit/tools/smb_tools.py
@ -10,7 +10,7 @@ from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
 from impacket.smbconnection import SMB_DIALECT, SMBConnection
 from pydantic import SecretStr
-from common.credentials.credentials import get_plaintext
+from common.credentials import get_plaintext
 from common.utils.attack_utils import ScanStatus
 from infection_monkey.network.tools import get_interface_to_target
 from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@ -5,7 +5,7 @@ import traceback
 from impacket.dcerpc.v5.rpcrt import DCERPCException
-from common.credentials.credentials import get_plaintext
+from common.credentials import get_plaintext
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.tools.helpers import get_agent_dst_path
 from infection_monkey.exploit.tools.smb_tools import SmbTools
--- a/monkey/tests/unit_tests/common/events/init.py
+++ b/monkey/tests/unit_tests/common/events/init.py