forked from p15670423/monkey
Agent: Only use "None" creds in powershell exploiter if host is Windows
This commit is contained in:
parent
79cc82b159
commit
fb18c1cbd4
|
@ -15,6 +15,7 @@ from infection_monkey.exploit.HostExploiter import HostExploiter
|
|||
from infection_monkey.exploit.tools.helpers import get_monkey_depth, get_target_monkey_by_os
|
||||
from infection_monkey.model import DROPPER_ARG, GET_ARCH_WINDOWS, RUN_MONKEY, VictimHost
|
||||
from infection_monkey.utils.commands import build_monkey_commandline
|
||||
from infection_monkey.utils.environment import is_windows_os
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
|
||||
|
@ -59,6 +60,10 @@ class PowerShellExploiter(HostExploiter):
|
|||
return None
|
||||
|
||||
def _get_credentials(self) -> List[Tuple[Optional[str], Optional[str]]]:
|
||||
# When username or password is None, this instructs the powershell client to attempt to use
|
||||
# The current user's credentials. This is only valid if the client is running from a Windows
|
||||
# machine.
|
||||
|
||||
credentials = []
|
||||
credentials.extend(self._get_empty_credentials())
|
||||
credentials.extend(self._get_username_only_credentials())
|
||||
|
@ -67,10 +72,18 @@ class PowerShellExploiter(HostExploiter):
|
|||
return credentials
|
||||
|
||||
def _get_empty_credentials(self) -> List[Tuple[None, None]]:
|
||||
if is_windows_os():
|
||||
return [(None, None)]
|
||||
|
||||
def _get_username_only_credentials(self) -> List[Tuple[str, None]]:
|
||||
return [(username, None) for username in self._config.exploit_user_list]
|
||||
return []
|
||||
|
||||
def _get_username_only_credentials(self) -> List[Tuple[str, Optional[str]]]:
|
||||
credentials = [(username, "") for username in self._config.exploit_user_list]
|
||||
|
||||
if is_windows_os():
|
||||
credentials.extend([(username, None) for username in self._config.exploit_user_list])
|
||||
|
||||
return credentials
|
||||
|
||||
def _get_username_password_credentials(self) -> List[Tuple[str, str]]:
|
||||
return [credentials for credentials in self._config.get_exploit_user_password_pairs()]
|
||||
|
|
Loading…
Reference in New Issue