Agent: Remove publishing exploitation attempts in zerologon's vuln assessment

This commit is contained in:
Shreya Malviya 2022-10-06 16:25:47 +05:30 committed by Ilija Lazoroski
parent 3b60c760e4
commit 1cf017c2ac
1 changed files with 3 additions and 17 deletions

View File

@ -5,13 +5,10 @@ import nmb.NetBIOS
from impacket.dcerpc.v5 import nrpc, rpcrt
from common.common_consts.timeouts import MEDIUM_REQUEST_TIMEOUT
from common.tags import T1210_ATTACK_TECHNIQUE_TAG
from common.utils.exceptions import DomainControllerNameFetchError
from infection_monkey.model import VictimHost
from infection_monkey.utils.threading import interruptible_iter
from . import ZEROLOGON_EXPLOITER_TAG
logger = logging.getLogger(__name__)
@ -46,12 +43,6 @@ def is_exploitable(zerologon_exploiter_object) -> Tuple[bool, Optional[rpcrt.DCE
except Exception as err:
error_message = f"Exception occurred while connecting to DC: {err}"
logger.info(error_message)
zerologon_exploiter_object._publish_exploitation_event(
target=zerologon_exploiter_object.host.ip_addr,
exploitation_success=False,
error_message=error_message,
tags=(ZEROLOGON_EXPLOITER_TAG, T1210_ATTACK_TECHNIQUE_TAG),
)
return False, None
# Try authenticating.
@ -63,15 +54,10 @@ def is_exploitable(zerologon_exploiter_object) -> Tuple[bool, Optional[rpcrt.DCE
if rpc_con_auth_result is not None:
return True, rpc_con_auth_result
except Exception as err:
error_message = "Error occured while authenticating to "
f"{zerologon_exploiter_object.host}: {err}"
logger.info(error_message)
zerologon_exploiter_object._publish_exploitation_event(
target=zerologon_exploiter_object.host.ip_addr,
exploitation_success=False,
error_message=error_message,
tags=(ZEROLOGON_EXPLOITER_TAG, T1210_ATTACK_TECHNIQUE_TAG),
error_message = (
f"Error occured while authenticating to {zerologon_exploiter_object.host}: {err}"
)
logger.info(error_message)
return False, None
return False, None