From c9e54412c05f9f21e9b4d169e08e19e6ba710491 Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Wed, 1 Sep 2021 13:53:45 -0400
Subject: [PATCH] Agent: Use dummy username and password when testing
 PowerShell HTTP

The exploit_user_list and exploit_password_list are not guaranteed to
have at least one entry. If either list is empty the exploiter will
fail. Use constant strings for the username and password to avoid
potentially crashing the exploiter.
---
 monkey/infection_monkey/exploit/powershell.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/monkey/infection_monkey/exploit/powershell.py b/monkey/infection_monkey/exploit/powershell.py
index 26d01be8e..ab35d71e0 100644
--- a/monkey/infection_monkey/exploit/powershell.py
+++ b/monkey/infection_monkey/exploit/powershell.py
@@ -101,8 +101,8 @@ class PowerShellExploiter(HostExploiter):
 
     def _try_ssl_login(self, use_ssl: bool):
         credentials = Credentials(
-            username=self._config.exploit_user_list[0],
-            password=self._config.exploit_password_list[0],
+            username="dummy_username",
+            password="dummy_password",
         )
 
         auth_options = AuthOptions(