From 8eb3c94a94a1f9912ab7ca57c9e3259124d14ea2 Mon Sep 17 00:00:00 2001
From: Kekoa Kaaikala <kekoa.kaaikala@gmail.com>
Date: Fri, 7 Oct 2022 20:14:04 +0000
Subject: [PATCH] Agent: Report failed login attempts

---
 monkey/infection_monkey/exploit/zerologon.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/monkey/infection_monkey/exploit/zerologon.py b/monkey/infection_monkey/exploit/zerologon.py
index 0b518a50a..6c870773a 100644
--- a/monkey/infection_monkey/exploit/zerologon.py
+++ b/monkey/infection_monkey/exploit/zerologon.py
@@ -9,6 +9,7 @@ import os
 import re
 import tempfile
 from binascii import unhexlify
+from time import time
 from typing import Dict, List, Optional, Sequence, Tuple
 
 import impacket
@@ -130,13 +131,18 @@ class ZerologonExploiter(HostExploiter):
 
         # Try authenticating.
         for _ in interruptible_iter(range(0, self.MAX_ATTEMPTS), self.interrupt):
+            timestamp = time()
             try:
                 rpc_con_auth_result = self._try_zero_authenticate(rpc_con)
                 if rpc_con_auth_result is not None:
                     return True, rpc_con_auth_result
+
+                error_message = "Failed to authenticate with domain controller"
+                self._publish_exploitation_event(timestamp, False, error_message=error_message)
             except Exception as err:
                 error_message = f"Error occured while authenticating to {self.host}: {err}"
                 logger.info(error_message)
+                self._publish_exploitation_event(timestamp, False, error_message=error_message)
                 return False, None
 
         return False, None