def __init__(self): super(UsersPBA, self).__init__(POST_BREACH_FILE_EXECUTION) self.filename = '' if not is_windows_os(): # Add linux commands to PBA's if WormConfiguration.PBA_linux_filename: if WormConfiguration.custom_PBA_linux_cmd: # Add change dir command, because user will try to access his file self.command = (DIR_CHANGE_LINUX % get_monkey_dir_path() ) + WormConfiguration.custom_PBA_linux_cmd self.filename = WormConfiguration.PBA_linux_filename else: file_path = os.path.join( get_monkey_dir_path(), WormConfiguration.PBA_linux_filename) self.command = DEFAULT_LINUX_COMMAND.format(file_path) self.filename = WormConfiguration.PBA_linux_filename elif WormConfiguration.custom_PBA_linux_cmd: self.command = WormConfiguration.custom_PBA_linux_cmd else: # Add windows commands to PBA's if WormConfiguration.PBA_windows_filename: if WormConfiguration.custom_PBA_windows_cmd: # Add change dir command, because user will try to access his file self.command = (DIR_CHANGE_WINDOWS % get_monkey_dir_path( )) + WormConfiguration.custom_PBA_windows_cmd self.filename = WormConfiguration.PBA_windows_filename else: file_path = os.path.join( get_monkey_dir_path(), WormConfiguration.PBA_windows_filename) self.command = DEFAULT_WINDOWS_COMMAND.format(file_path) self.filename = WormConfiguration.PBA_windows_filename elif WormConfiguration.custom_PBA_windows_cmd: self.command = WormConfiguration.custom_PBA_windows_cmd
def self_delete(): status = ScanStatus.USED if remove_monkey_dir() else ScanStatus.SCANNED T1107Telem(status, get_monkey_dir_path()).send() if WormConfiguration.self_delete_in_cleanup \ and -1 == sys.executable.find('python'): try: status = None if "win32" == sys.platform: from subprocess import (CREATE_NEW_CONSOLE, STARTF_USESHOWWINDOW, SW_HIDE) startupinfo = subprocess.STARTUPINFO() startupinfo.dwFlags = CREATE_NEW_CONSOLE | STARTF_USESHOWWINDOW startupinfo.wShowWindow = SW_HIDE subprocess.Popen(DELAY_DELETE_CMD % {'file_path': sys.executable}, stdin=None, stdout=None, stderr=None, close_fds=True, startupinfo=startupinfo) else: os.remove(sys.executable) status = ScanStatus.USED except Exception as exc: LOG.error("Exception in self delete: %s", exc) status = ScanStatus.SCANNED if status: T1107Telem(status, sys.executable).send()
def _start_ldap_server(self): self._ldap_server = LDAPExploitServer( ldap_server_port=self._ldap_port, http_server_ip=self._class_http_server_ip, http_server_port=self._class_http_server_port, storage_dir=get_monkey_dir_path(), ) self._ldap_server.run()
def __init__(self): super(UsersPBA, self).__init__(POST_BREACH_FILE_EXECUTION) self.filename = "" if not is_windows_os(): # Add linux commands to PBA's if WormConfiguration.PBA_linux_filename: self.filename = WormConfiguration.PBA_linux_filename if WormConfiguration.custom_PBA_linux_cmd: # Add change dir command, because user will try to access his file self.command = (DIR_CHANGE_LINUX % get_monkey_dir_path() ) + WormConfiguration.custom_PBA_linux_cmd elif WormConfiguration.custom_PBA_linux_cmd: self.command = WormConfiguration.custom_PBA_linux_cmd else: # Add windows commands to PBA's if WormConfiguration.PBA_windows_filename: self.filename = WormConfiguration.PBA_windows_filename if WormConfiguration.custom_PBA_windows_cmd: # Add change dir command, because user will try to access his file self.command = (DIR_CHANGE_WINDOWS % get_monkey_dir_path( )) + WormConfiguration.custom_PBA_windows_cmd elif WormConfiguration.custom_PBA_windows_cmd: self.command = WormConfiguration.custom_PBA_windows_cmd
def _execute_default(self): if self.filename: UsersPBA.download_pba_file(get_monkey_dir_path(), self.filename) return super(UsersPBA, self)._execute_default()