Agent: Remove arch checks from PowerShell exploiter

2022-03-11 19:23:00 +05:30 · 2022-03-11 19:23:00 +05:30 · 7d25bf711a
parent 7155896caa
commit 7d25bf711a
2 changed files with 2 additions and 24 deletions
--- a/monkey/infection_monkey/exploit/powershell.py
+++ b/monkey/infection_monkey/exploit/powershell.py
@ -3,7 +3,6 @@ import os
 from typing import List, Optional

 from common.utils.exploit_enum import ExploitType
-from infection_monkey.exploit.consts import WIN_ARCH_32
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.powershell_utils.auth_options import (
    AUTH_NEGOTIATE,
@ -148,15 +147,7 @@ class PowerShellExploiter(HostExploiter):
            raise ValueError(f"Unknown secret type {credentials.secret_type}")

    def _execute_monkey_agent_on_victim(self) -> bool:
-        arch = self._client.get_host_architecture()
-        self.is_32bit = arch == WIN_ARCH_32
-        logger.debug(f"Host architecture is {arch}")
-
-        monkey_path_on_victim = (
-            self._config.dropper_target_path_win_32
-            if self.is_32bit
-            else self.options["dropper_target_path_win_64"]
-        )
+        monkey_path_on_victim = self.options["dropper_target_path_win_64"]

        is_monkey_copy_successful = self._copy_monkey_binary_to_victim(monkey_path_on_victim)
        if is_monkey_copy_successful:
--- a/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py
+++ b/monkey/infection_monkey/exploit/powershell_utils/powershell_client.py
@ -1,6 +1,6 @@
 import abc
 import logging
-from typing import Optional, Union
+from typing import Optional

 import pypsrp
 import spnego
@ -10,10 +10,8 @@ from pypsrp.powershell import PowerShell, RunspacePool
 from typing_extensions import Protocol
 from urllib3 import connectionpool

-from infection_monkey.exploit.consts import WIN_ARCH_32, WIN_ARCH_64
 from infection_monkey.exploit.powershell_utils.auth_options import AuthOptions
 from infection_monkey.exploit.powershell_utils.credentials import Credentials, SecretType
-from infection_monkey.model import GET_ARCH_WINDOWS

 logger = logging.getLogger(__name__)

@ -60,10 +58,6 @@ class IPowerShellClient(Protocol, metaclass=abc.ABCMeta):
    def execute_cmd(self, cmd: str) -> str:
        pass

-    @abc.abstractmethod
-    def get_host_architecture(self) -> Union[WIN_ARCH_32, WIN_ARCH_64]:
-        pass
-
    @abc.abstractmethod
    def copy_file(self, src: str, dest: str) -> bool:
        pass
@ -93,13 +87,6 @@ class PowerShellClient(IPowerShellClient):
        output, _, _ = self._client.execute_cmd(cmd)
        return output

-    def get_host_architecture(self) -> Union[WIN_ARCH_32, WIN_ARCH_64]:
-        stdout, _, _ = self._client.execute_cmd(GET_ARCH_WINDOWS)
-        if "64-bit" in stdout:
-            return WIN_ARCH_64
-
-        return WIN_ARCH_32
-
    def copy_file(self, src: str, dest: str) -> bool:
        try:
            self._client.copy(src, dest)