Agent: generate brute force credentials from exploiter options

All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication
2022-03-09 12:22:08 +00:00 · 2022-03-09 12:22:08 +00:00 · 4ce731c769
parent 4e7e4a9eee
commit 4ce731c769
2 changed files with 17 additions and 8 deletions
--- a/monkey/infection_monkey/exploit/wmiexec.py
+++ b/monkey/infection_monkey/exploit/wmiexec.py
@ -12,8 +12,7 @@ from infection_monkey.exploit.tools.wmi_tools import AccessDeniedException, WmiT
 from infection_monkey.i_puppet import ExploiterResultData
 from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
 from infection_monkey.utils.brute_force import (
-    generate_username_password_or_ntlm_hash_combinations,
-    get_credential_string,
+    get_credential_string, generate_brute_force_combinations,
 )
 from infection_monkey.utils.commands import build_monkey_commandline

@ -28,7 +27,7 @@ class WmiExploiter(HostExploiter):
    @WmiTools.dcom_wrap
    def _exploit_host(self) -> ExploiterResultData:

-        creds = generate_username_password_or_ntlm_hash_combinations(self.options["credentials"])
+        creds = generate_brute_force_combinations(self.options)

        for user, password, lm_hash, ntlm_hash in creds:
            creds_for_log = get_credential_string([user, password, lm_hash, ntlm_hash])
--- a/monkey/infection_monkey/utils/brute_force.py
+++ b/monkey/infection_monkey/utils/brute_force.py
@ -3,7 +3,7 @@ from typing import Any, Iterable, List, Tuple


 def generate_identity_secret_pairs(
-    identities: Iterable, secrets: Iterable
+        identities: Iterable, secrets: Iterable
 ) -> Iterable[Tuple[Any, Any]]:
    """
    Generates all possible combinations of identities and secrets (e.g. usernames and passwords).
@ -16,10 +16,10 @@ def generate_identity_secret_pairs(


 def generate_username_password_or_ntlm_hash_combinations(
-    usernames: Iterable[str],
-    passwords: Iterable[str],
-    lm_hashes: Iterable[str],
-    nt_hashes: Iterable[str],
+        usernames: Iterable[str],
+        passwords: Iterable[str],
+        lm_hashes: Iterable[str],
+        nt_hashes: Iterable[str],
 ) -> Iterable[Tuple[str, str, str, str]]:
    """
    Generates all possible combinations of the following: username/password, username/lm_hash,
@ -40,6 +40,16 @@ def generate_username_password_or_ntlm_hash_combinations(
    )


+def generate_brute_force_combinations(options: dict):
+    return generate_username_password_or_ntlm_hash_combinations(usernames=options["credentials"]["exploit_user_list"],
+                                                                passwords=options["credentials"][
+                                                                    "exploit_password_list"],
+                                                                lm_hashes=options["credentials"][
+                                                                    "exploit_lm_hash_list"],
+                                                                nt_hashes=options["credentials"][
+                                                                    "exploit_ntlm_hash_list"])
+
+
 # Expects a list of username, password, lm hash and nt hash in that order
 def get_credential_string(creds: List) -> str:
    cred_strs = [