Agent: Only use "None" creds in powershell exploiter if host is Windows

This commit is contained in:
Mike Salvatore 2021-08-24 11:43:17 -04:00
parent 79cc82b159
commit fb18c1cbd4
1 changed files with 16 additions and 3 deletions

View File

@ -15,6 +15,7 @@ from infection_monkey.exploit.HostExploiter import HostExploiter
from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey_by_os
from infection_monkey.model import DROPPER_ARG, GET_ARCH_WINDOWS, RUN_MONKEY, VictimHost
from infection_monkey.utils.commands import build_monkey_commandline
from infection_monkey.utils.environment import is_windows_os
LOG = logging.getLogger(__name__)
@ -59,6 +60,10 @@ class PowerShellExploiter(HostExploiter):
return None
def _get_credentials(self) -> List[Tuple[Optional[str], Optional[str]]]:
# When username or password is None, this instructs the powershell client to attempt to use
# The current user's credentials. This is only valid if the client is running from a Windows
# machine.
credentials = []
credentials.extend(self._get_empty_credentials())
credentials.extend(self._get_username_only_credentials())
@ -67,10 +72,18 @@ class PowerShellExploiter(HostExploiter):
return credentials
def _get_empty_credentials(self) -> List[Tuple[None, None]]:
if is_windows_os():
return [(None, None)]
def _get_username_only_credentials(self) -> List[Tuple[str, None]]:
return [(username, None) for username in self._config.exploit_user_list]
return []
def _get_username_only_credentials(self) -> List[Tuple[str, Optional[str]]]:
credentials = [(username, "") for username in self._config.exploit_user_list]
if is_windows_os():
credentials.extend([(username, None) for username in self._config.exploit_user_list])
return credentials
def _get_username_password_credentials(self) -> List[Tuple[str, str]]:
return [credentials for credentials in self._config.get_exploit_user_password_pairs()]