From 1cf017c2acec949f95d308ef8250fe9d04534df2 Mon Sep 17 00:00:00 2001
From: Shreya Malviya <shreya.malviya@gmail.com>
Date: Thu, 6 Oct 2022 16:25:47 +0530
Subject: [PATCH] Agent: Remove publishing exploitation attempts in zerologon's
 vuln assessment

---
 .../zerologon_utils/vuln_assessment.py        | 20 +++----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/monkey/infection_monkey/exploit/zerologon_utils/vuln_assessment.py b/monkey/infection_monkey/exploit/zerologon_utils/vuln_assessment.py
index 17f41dec4..9690ce1a8 100644
--- a/monkey/infection_monkey/exploit/zerologon_utils/vuln_assessment.py
+++ b/monkey/infection_monkey/exploit/zerologon_utils/vuln_assessment.py
@@ -5,13 +5,10 @@ import nmb.NetBIOS
 from impacket.dcerpc.v5 import nrpc, rpcrt
 
 from common.common_consts.timeouts import MEDIUM_REQUEST_TIMEOUT
-from common.tags import T1210_ATTACK_TECHNIQUE_TAG
 from common.utils.exceptions import DomainControllerNameFetchError
 from infection_monkey.model import VictimHost
 from infection_monkey.utils.threading import interruptible_iter
 
-from . import ZEROLOGON_EXPLOITER_TAG
-
 logger = logging.getLogger(__name__)
 
 
@@ -46,12 +43,6 @@ def is_exploitable(zerologon_exploiter_object) -> Tuple[bool, Optional[rpcrt.DCE
     except Exception as err:
         error_message = f"Exception occurred while connecting to DC: {err}"
         logger.info(error_message)
-        zerologon_exploiter_object._publish_exploitation_event(
-            target=zerologon_exploiter_object.host.ip_addr,
-            exploitation_success=False,
-            error_message=error_message,
-            tags=(ZEROLOGON_EXPLOITER_TAG, T1210_ATTACK_TECHNIQUE_TAG),
-        )
         return False, None
 
     # Try authenticating.
@@ -63,15 +54,10 @@ def is_exploitable(zerologon_exploiter_object) -> Tuple[bool, Optional[rpcrt.DCE
             if rpc_con_auth_result is not None:
                 return True, rpc_con_auth_result
         except Exception as err:
-            error_message = "Error occured while authenticating to "
-            f"{zerologon_exploiter_object.host}: {err}"
-            logger.info(error_message)
-            zerologon_exploiter_object._publish_exploitation_event(
-                target=zerologon_exploiter_object.host.ip_addr,
-                exploitation_success=False,
-                error_message=error_message,
-                tags=(ZEROLOGON_EXPLOITER_TAG, T1210_ATTACK_TECHNIQUE_TAG),
+            error_message = (
+                f"Error occured while authenticating to {zerologon_exploiter_object.host}: {err}"
             )
+            logger.info(error_message)
             return False, None
 
     return False, None