forked from p15670423/monkey
Hashing passwords to make sure we don't log passwords plaintext
This commit is contained in:
parent
bc9b994cba
commit
6fc37cef07
|
@ -11,7 +11,7 @@ import infection_monkey.monkeyfs as monkeyfs
|
|||
from common.utils.attack_utils import ScanStatus
|
||||
from infection_monkey.telemetry.attack.t1105_telem import T1105Telem
|
||||
from infection_monkey.exploit.tools.helpers import get_interface_to_target
|
||||
|
||||
from infection_monkey.config import Configuration
|
||||
__author__ = 'itamar'
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
@ -31,9 +31,9 @@ class SmbTools(object):
|
|||
|
||||
# skip guest users
|
||||
if smb.isGuestSession() > 0:
|
||||
LOG.debug("Connection to %r granted guest privileges with user: %s, password: '%s',"
|
||||
LOG.debug("Connection to %r granted guest privileges with user: %s, password (SHA-512): '%s',"
|
||||
" LM hash: %s, NTLM hash: %s",
|
||||
host, username, password, lm_hash, ntlm_hash)
|
||||
host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)
|
||||
|
||||
try:
|
||||
smb.logoff()
|
||||
|
@ -165,8 +165,8 @@ class SmbTools(object):
|
|||
|
||||
if not file_uploaded:
|
||||
LOG.debug("Couldn't find a writable share for exploiting"
|
||||
" victim %r with username: %s, password: '%s', LM hash: %s, NTLM hash: %s",
|
||||
host, username, password, lm_hash, ntlm_hash)
|
||||
" victim %r with username: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s",
|
||||
host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash)
|
||||
return None
|
||||
|
||||
return remote_full_path
|
||||
|
@ -194,8 +194,9 @@ class SmbTools(object):
|
|||
try:
|
||||
smb.login(username, password, '', lm_hash, ntlm_hash)
|
||||
except Exception as exc:
|
||||
LOG.debug("Error while logging into %r using user: %s, password: '%s', LM hash: %s, NTLM hash: %s: %s",
|
||||
host, username, password, lm_hash, ntlm_hash, exc)
|
||||
LOG.debug(
|
||||
"Error while logging into %r using user: %s, password (SHA-512): '%s', LM hash: %s, NTLM hash: %s: %s",
|
||||
host, username, Configuration.hash_sensitive_data(password), lm_hash, ntlm_hash, exc)
|
||||
return None, dialect
|
||||
|
||||
smb.setTimeout(timeout)
|
||||
|
|
|
@ -48,23 +48,23 @@ class WmiExploiter(HostExploiter):
|
|||
except AccessDeniedException:
|
||||
self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
|
||||
LOG.debug("Failed connecting to %r using WMI with "
|
||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
||||
continue
|
||||
except DCERPCException:
|
||||
self.report_login_attempt(False, user, password, lm_hash, ntlm_hash)
|
||||
LOG.debug("Failed connecting to %r using WMI with "
|
||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
||||
continue
|
||||
except socket.error:
|
||||
LOG.debug("Network error in WMI connection to %r with "
|
||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s')",
|
||||
self.host, user, password_hashed, lm_hash, ntlm_hash)
|
||||
return False
|
||||
except Exception as exc:
|
||||
LOG.debug("Unknown WMI connection error to %r with "
|
||||
"user,password,lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
|
||||
"user,password (SHA-512),lm hash,ntlm hash: ('%s','%s','%s','%s') (%s):\n%s",
|
||||
self.host, user, password_hashed, lm_hash, ntlm_hash, exc, traceback.format_exc())
|
||||
return False
|
||||
|
||||
|
|
Loading…
Reference in New Issue