8000 1742 add wmi exploiter to puppet by VakarisZ · Pull Request #1766 · guardicore/monkey · GitHub

More Web Proxy on the site http://driver.im/

1742 add wmi exploiter to puppet #1766

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

mssalvatore merged 26 commits into agent-refactor from 1742-wmi-exploiter

Mar 9, 2022

Contributor

VakarisZ commented

•

What does this PR do?

Fixes #1742

Testing Checklist

Have you successfully tested your changes locally? Elaborate:

Tested by running 6 wmi threads/machines at a time

mssalvatore reviewed

View reviewed changes

monkey/infection_monkey/exploit/smbexec.py Outdated

Comment on lines 55 to 56

		# TODO extract the method in wmiexec.py
		creds = self._config.get_exploit_user_password_or_hash_product()

Collaborator

mssalvatore

Use infectionmonkey.utils.brute_force

mssalvatore reviewed

View reviewed changes

monkey/infection_monkey/exploit/wmiexec.py Outdated Show resolved Hide resolved

mssalvatore reviewed

View reviewed changes

monkey/infection_monkey/exploit/wmiexec.py Outdated Show resolved Hide resolved

mssalvatore reviewed

View reviewed changes

monkey/infection_monkey/exploit/tools/wmi_tools.py Show resolved Hide resolved

mssalvatore reviewed

View reviewed changes

Collaborator

mssalvatore left a comment

From wmi_tools.py

Is this thread-safe?

Collaborator

mssalvatore commented

From wmi_tools.py

Is this thread-safe?

mssalvatore force-pushed the 1742-wmi-exploiter branch from 44dfc51 to 7a47689 Compare

March 8, 2022 19:43

mssalvatore reviewed

View reviewed changes

monkey/infection_monkey/exploit/wmiexec.py Outdated Show resolved Hide resolved

Contributor Author

VakarisZ commented

•

VakarisZ force-pushed the 1742-wmi-exploiter branch from 0d70d8e to e779feb Compare

March 9, 2022 13:37

VakarisZ marked this pull request as ready for review

March 9, 2022 13:39

VakarisZ and others added 19 commits

March 9, 2022 16:38


          Agent: fix a bug in wmi_tools

afc43ae

Fix a bug in wmi connection cleanup where incorrect keys were being used on a dictionary


          Agent: added a todo to assess smb connection timeout

af9736a


          Agent: improve logging in wmiexec.py

d7e222c


          Agent: decouple wmiexec.py from WormConfig object

c932a19


          Agent: modify wmiexec.py to return ExploitResultData

aa5220b


          Agent: Load WMIExploiter into puppet

6862ef3


          Island: Add smb_download_timeout to SMB and WMI exploiter options

e76b46c


          Agent: Fix malformed WMI query in WMIExploiter

98f8a5b


          Agent: Add missing return to WmiExploiter

f57977d


          Agent: Remove monkeyfs references in smb_tools.py

77f58b9


          Agent: move brute-force input generation from wmiexec to brute_force

dc1a2ab


          Agent: replace get_monkey_depth with self.current_depth

4e7e4a9


          Agent: generate brute force credentials from exploiter options

4ce731c

All brute force exploiters will have the same structure of options, so instead of calling the generate_username_password_or_ntlm_hash_combinations() and manually unpacking the required arguments from options, we simplify the call and remove duplication


          Agent: fix a bug in WMI exploiter related to depth

16535e0


          Agent: add lock to wmi tools

3dc8ef6

impacket libraries used for WMI are not designed for multithreading


          Agent: Log thread name instead of thread ID

b34c287


          Agent: Add optional name to create_daemon_thread and run_worker_threads

f9a7672


          Agent: Add human-readable thread name to MonkeyTunnel

87dbe20


          Agent: Add human-readable thread name to aws_environment_check

847c7fb

mssalvatore and others added 3 commits

March 9, 2022 16:38


          Agent: Add human-readable thread names to AutomatedMaster

66d9549


          Agent: Fix formatting in utils/brute_force.py with Black

e5acdf4


          Agent: add a wrapper for wmi_tools users

130c62a

Add a dedicated wrapper to make sure that wmi_tools users don't run into race conditions

VakarisZ force-pushed the 1742-wmi-exploiter branch from 71ffbcf to 130c62a Compare

March 9, 2022 14:39

VakarisZ and others added 4 commits

March 9, 2022 16:51


          Agent: Refactor generate_brute_force_combinations

83c25c6


          Agent: Make thread name mandatory for creating daemon threads

7e6f1df


          Agent: Reduce smb_download_timeout to 30 seconds

0a6ced4


          Changelog: Add changelog entry for human-readable thread names

03145a1

mssalvatore approved these changes

View reviewed changes

mssalvatore merged commit cbaa325 into agent-refactor

mssalvatore deleted the 1742-wmi-exploiter branch

March 9, 2022 15:17

mssalvatore restored the 1742-wmi-exploiter branch

March 9, 2022 15:18

VakarisZ deleted the 1742-wmi-exploiter branch

March 14, 2022 07:59

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

0