Agent: Move path to string translation to smb_tools from smbexec

2022-03-23 16:03:13 +00:00 · 2022-03-23 16:03:13 +00:00 · c09428dde9
parent 18e3dd7c91
commit c09428dde9
2 changed files with 12 additions and 6 deletions
--- a/monkey/infection_monkey/exploit/smbexec.py
+++ b/monkey/infection_monkey/exploit/smbexec.py
@ -32,7 +32,7 @@ class SMBExploiter(HostExploiter):

    def _exploit_host(self):
        agent_binary = self.agent_repository.get_agent_binary(self.host.os["type"])
-        dest_path = str(get_agent_dest_path(self.host, self.options))
+        dest_path = get_agent_dest_path(self.host, self.options)
        creds = generate_brute_force_combinations(self.options["credentials"])

        for user, password, lm_hash, ntlm_hash in interruptible_iter(creds, self.interrupt):
--- a/monkey/infection_monkey/exploit/tools/smb_tools.py
+++ b/monkey/infection_monkey/exploit/tools/smb_tools.py
@ -2,6 +2,8 @@ import logging
 import ntpath
 import pprint
 from io import BytesIO
+from pathlib import Path
+from typing import Optional

 from impacket.dcerpc.v5 import srvs, transport
 from impacket.smb3structs import SMB2_DIALECT_002, SMB2_DIALECT_21
@ -20,13 +22,13 @@ class SmbTools(object):
    def copy_file(
        host,
        agent_file: BytesIO,
-        dst_path,
+        dst_path: Path,
        username,
        password,
        lm_hash="",
        ntlm_hash="",
        timeout=60,
-    ):
+    ) -> Optional[str]:
        # TODO assess the 60 second timeout
        creds_for_log = get_credential_string([username, password, lm_hash, ntlm_hash])
        logger.debug(f"Attempting to copy an agent binary to {host} using SMB with {creds_for_log}")
@ -75,7 +77,7 @@ class SmbTools(object):

        high_priority_shares = ()
        low_priority_shares = ()
-        file_name = ntpath.split(dst_path)[-1]
+        file_name = dst_path.name

        for i in range(len(resp)):
            share_name = resp[i]["shi2_netname"].strip("\0 ")
@ -100,14 +102,18 @@ class SmbTools(object):

            share_info = {"share_name": share_name, "share_path": share_path}

-            if dst_path.lower().startswith(share_path.lower()):
-                high_priority_shares += ((ntpath.sep + dst_path[len(share_path) :], share_info),)
+            if str(dst_path).lower().startswith(share_path.lower()):
+                high_priority_shares += (
+                    (ntpath.sep + str(dst_path)[len(share_path):], share_info),
+                )

            low_priority_shares += ((ntpath.sep + file_name, share_info),)

        shares = high_priority_shares + low_priority_shares

        file_uploaded = False
+        remote_full_path = None
+
        for remote_path, share in shares:
            share_name = share["share_name"]
            share_path = share["share_path"]