Agent: generate brute force credentials from exploiter options

All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication
This commit is contained in:
vakaris_zilius 2022-03-09 12:22:08 +00:00 committed by vakarisz
parent 4e7e4a9eee
commit 4ce731c769
2 changed files with 17 additions and 8 deletions

View File

@ -12,8 +12,7 @@ from infection_monkey.exploit.tools.wmi_tools import AccessDeniedException, WmiT
from infection_monkey.i_puppet import ExploiterResultData from infection_monkey.i_puppet import ExploiterResultData
from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS from infection_monkey.model import DROPPER_CMDLINE_WINDOWS, MONKEY_CMDLINE_WINDOWS
from infection_monkey.utils.brute_force import ( from infection_monkey.utils.brute_force import (
generate_username_password_or_ntlm_hash_combinations, get_credential_string, generate_brute_force_combinations,
get_credential_string,
) )
from infection_monkey.utils.commands import build_monkey_commandline from infection_monkey.utils.commands import build_monkey_commandline
@ -28,7 +27,7 @@ class WmiExploiter(HostExploiter):
@WmiTools.dcom_wrap @WmiTools.dcom_wrap
def _exploit_host(self) -> ExploiterResultData: def _exploit_host(self) -> ExploiterResultData:
creds = generate_username_password_or_ntlm_hash_combinations(self.options["credentials"]) creds = generate_brute_force_combinations(self.options)
for user, password, lm_hash, ntlm_hash in creds: for user, password, lm_hash, ntlm_hash in creds:
creds_for_log = get_credential_string([user, password, lm_hash, ntlm_hash]) creds_for_log = get_credential_string([user, password, lm_hash, ntlm_hash])

View File

@ -3,7 +3,7 @@ from typing import Any, Iterable, List, Tuple
def generate_identity_secret_pairs( def generate_identity_secret_pairs(
identities: Iterable, secrets: Iterable identities: Iterable, secrets: Iterable
) -> Iterable[Tuple[Any, Any]]: ) -> Iterable[Tuple[Any, Any]]:
""" """
Generates all possible combinations of identities and secrets (e.g. usernames and passwords). Generates all possible combinations of identities and secrets (e.g. usernames and passwords).
@ -16,10 +16,10 @@ def generate_identity_secret_pairs(
def generate_username_password_or_ntlm_hash_combinations( def generate_username_password_or_ntlm_hash_combinations(
usernames: Iterable[str], usernames: Iterable[str],
passwords: Iterable[str], passwords: Iterable[str],
lm_hashes: Iterable[str], lm_hashes: Iterable[str],
nt_hashes: Iterable[str], nt_hashes: Iterable[str],
) -> Iterable[Tuple[str, str, str, str]]: ) -> Iterable[Tuple[str, str, str, str]]:
""" """
Generates all possible combinations of the following: username/password, username/lm_hash, Generates all possible combinations of the following: username/password, username/lm_hash,
@ -40,6 +40,16 @@ def generate_username_password_or_ntlm_hash_combinations(
) )
def generate_brute_force_combinations(options: dict):
return generate_username_password_or_ntlm_hash_combinations(usernames=options["credentials"]["exploit_user_list"],
passwords=options["credentials"][
"exploit_password_list"],
lm_hashes=options["credentials"][
"exploit_lm_hash_list"],
nt_hashes=options["credentials"][
"exploit_ntlm_hash_list"])
# Expects a list of username, password, lm hash and nt hash in that order # Expects a list of username, password, lm hash and nt hash in that order
def get_credential_string(creds: List) -> str: def get_credential_string(creds: List) -> str:
cred_strs = [ cred_strs = [