Common, Agent: Extract credential encoding related methods

This commit is contained in:
vakarisz 2022-09-16 14:11:17 +03:00
parent 004a543310
commit 9577c5569e
10 changed files with 30 additions and 21 deletions

View File

@ -3,5 +3,6 @@ from .nt_hash import NTHash
from .password import Password from .password import Password
from .ssh_keypair import SSHKeypair from .ssh_keypair import SSHKeypair
from .username import Username from .username import Username
from .encoding import get_plaintext, SecretEncodingConfig
from .credentials import Credentials from .credentials import Credentials

View File

@ -2,22 +2,14 @@ from __future__ import annotations
from typing import Optional, Union from typing import Optional, Union
from pydantic import SecretBytes, SecretStr
from ..base_models import InfectionMonkeyBaseModel, InfectionMonkeyModelConfig from ..base_models import InfectionMonkeyBaseModel, InfectionMonkeyModelConfig
from . import LMHash, NTHash, Password, SSHKeypair, Username from . import LMHash, NTHash, Password, SSHKeypair, Username
from .encoding import SecretEncodingConfig
Secret = Union[Password, LMHash, NTHash, SSHKeypair] Secret = Union[Password, LMHash, NTHash, SSHKeypair]
Identity = Username Identity = Username
def get_plaintext(secret: Union[SecretStr, SecretBytes, None, str]) -> Optional[str]:
if isinstance(secret, (SecretStr, SecretBytes)):
return secret.get_secret_value()
else:
return secret
class Credentials(InfectionMonkeyBaseModel): class Credentials(InfectionMonkeyBaseModel):
"""Represents a credential pair (an identity and a secret)""" """Represents a credential pair (an identity and a secret)"""
@ -27,9 +19,5 @@ class Credentials(InfectionMonkeyBaseModel):
secret: Optional[Secret] secret: Optional[Secret]
"""Secret part of credentials, like a password or a hash""" """Secret part of credentials, like a password or a hash"""
class Config(InfectionMonkeyModelConfig): class Config(SecretEncodingConfig, InfectionMonkeyModelConfig):
json_encoders = { pass
# This makes secrets dumpable to json, but not loggable
SecretStr: get_plaintext,
SecretBytes: get_plaintext,
}

View File

@ -0,0 +1,20 @@
from __future__ import annotations
from typing import Optional, Union
from pydantic import SecretBytes, SecretStr
def get_plaintext(secret: Union[SecretStr, SecretBytes, None, str]) -> Optional[str]:
if isinstance(secret, (SecretStr, SecretBytes)):
return secret.get_secret_value()
else:
return secret
class SecretEncodingConfig:
json_encoders = {
# This makes secrets dumpable to json, but not loggable
SecretStr: get_plaintext,
SecretBytes: get_plaintext,
}

View File

@ -6,7 +6,7 @@ from typing import Sequence, Tuple
import pymssql import pymssql
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
from common.credentials.credentials import get_plaintext from common.credentials import get_plaintext
from common.utils.exceptions import FailedExploitationError from common.utils.exceptions import FailedExploitationError
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_agent_dst_path from infection_monkey.exploit.tools.helpers import get_agent_dst_path

View File

@ -11,7 +11,7 @@ from pypsrp.powershell import PowerShell, RunspacePool
from typing_extensions import Protocol from typing_extensions import Protocol
from urllib3 import connectionpool from urllib3 import connectionpool
from common.credentials.credentials import get_plaintext from common.credentials import get_plaintext
from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions
from infection_monkey.exploit.powershell_utils.credentials import Credentials, SecretType from infection_monkey.exploit.powershell_utils.credentials import Credentials, SecretType

View File

@ -4,7 +4,7 @@ from impacket.dcerpc.v5 import scmr, transport
from impacket.dcerpc.v5.scmr import DCERPCSessionError from impacket.dcerpc.v5.scmr import DCERPCSessionError
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
from common.credentials.credentials import get_plaintext from common.credentials import get_plaintext
from common.utils.attack_utils import ScanStatus, UsageEnum from common.utils.attack_utils import ScanStatus, UsageEnum
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_agent_dst_path from infection_monkey.exploit.tools.helpers import get_agent_dst_path

View File

@ -6,7 +6,7 @@ import paramiko
from common import OperatingSystem from common import OperatingSystem
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT
from common.credentials.credentials import get_plaintext from common.credentials import get_plaintext
from common.utils import Timer from common.utils import Timer
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from common.utils.exceptions import FailedExploitationError from common.utils.exceptions import FailedExploitationError

View File

@ -10,7 +10,7 @@ from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
from impacket.smbconnection import SMB_DIALECT, SMBConnection from impacket.smbconnection import SMB_DIALECT, SMBConnection
from pydantic import SecretStr from pydantic import SecretStr
from common.credentials.credentials import get_plaintext from common.credentials import get_plaintext
from common.utils.attack_utils import ScanStatus from common.utils.attack_utils import ScanStatus
from infection_monkey.network.tools import get_interface_to_target from infection_monkey.network.tools import get_interface_to_target
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from infection_monkey.telemetry.attack.t1105_telem import T1105Telem

View File

@ -5,7 +5,7 @@ import traceback
from impacket.dcerpc.v5.rpcrt import DCERPCException from impacket.dcerpc.v5.rpcrt import DCERPCException
from common.credentials.credentials import get_plaintext from common.credentials import get_plaintext
from infection_monkey.exploit.HostExploiter import HostExploiter from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_agent_dst_path from infection_monkey.exploit.tools.helpers import get_agent_dst_path
from infection_monkey.exploit.tools.smb_tools import SmbTools from infection_monkey.exploit.tools.smb_tools import SmbTools