Improved zero logon exploiter to fail on failed domain controller name fetch.

monkey/common/utils/exceptions.py

@@ -48,3 +48,7 @@ class VersionServerConnectionError(Exception):
 
 class FindingWithoutDetailsError(Exception):
     """ Raise when pulling events for a finding, but get none """
+
+
+class DomainControllerNameFetchError(FailedExploitationError):
+    """ Raise on failed attemt to extract domain controller's name """

monkey/infection_monkey/exploit/zerologon_utils/vuln_assessment.py

@@ -4,6 +4,9 @@ from typing import Optional
 import nmb.NetBIOS
 from impacket.dcerpc.v5 import nrpc, rpcrt
 
+from common.common_consts.timeouts import SHORT_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT
+from common.utils.exceptions import DomainControllerNameFetchError
+
 LOG = logging.getLogger(__name__)
 
 
@@ -18,14 +21,16 @@ def _get_dc_name(dc_ip: str) -> str:
     """
     Gets NetBIOS name of the Domain Controller (DC).
     """
-    try:
+    nb = nmb.NetBIOS.NetBIOS()
-        nb = nmb.NetBIOS.NetBIOS()
+    name = nb.queryIPForName(
-        name = nb.queryIPForName(
+        ip=dc_ip,
-            ip=dc_ip
+        timeout=MEDIUM_REQUEST_TIMEOUT
-        )  # returns either a list of NetBIOS names or None
+    )  # returns either a list of NetBIOS names or None
-        return name[0] if name else ""
+
-    except BaseException as ex:
+    if name:
-        LOG.info(f"Exception: {ex}")
+        return name[0]
+    else:
+        raise DomainControllerNameFetchError("Couldn't get domain controller's name, maybe it's on external network?")
 
 
 def is_exploitable(zerologon_exploiter_object) -> (bool, Optional[rpcrt.DCERPC_v5]):