From 1896323f4e2dd0bd12fba7afab75ad5e67068efb Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 14 Mar 2023 17:07:44 +0530 Subject: [PATCH 1/5] Agent: Add IOTPProvider --- .../infection_monkey/exploit/i_otp_provider.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 monkey/infection_monkey/exploit/i_otp_provider.py diff --git a/monkey/infection_monkey/exploit/i_otp_provider.py b/monkey/infection_monkey/exploit/i_otp_provider.py new file mode 100644 index 00000000000..bda60ec67eb --- /dev/null +++ b/monkey/infection_monkey/exploit/i_otp_provider.py @@ -0,0 +1,18 @@ +import abc + + +class IOTPProvider(metaclass=abc.ABCMeta): + """ + IOTPProvider provides an interface for other components to get one-time passwords (OTPs). + Notably, this is used by exploiters during propagation to get OTPs for running new + Agents on exploited machines, so that they can authenticate with the Island. + """ + + @abc.abstractmethod + def get_otp(self) -> str: + """ + Gets a one-time password (OTP) + + :return: An OTP + """ + pass From ef15746aff406b8e2ff283cf85f1858c3659aa12 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 14 Mar 2023 17:08:45 +0530 Subject: [PATCH 2/5] Project: Add Vulture allowlist entry for IOTPProvider --- vulture_allowlist.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vulture_allowlist.py b/vulture_allowlist.py index a42275d9a23..a5b600df755 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -8,6 +8,7 @@ from common.base_models import InfectionMonkeyModelConfig, MutableInfectionMonkeyModelConfig from common.credentials import LMHash, NTHash, SecretEncodingConfig from common.types import Lock, NetworkPort, PluginName +from infection_monkey.exploit.i_otp_provider import IOTPProvider from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory from infection_monkey.exploit.tools import generate_brute_force_credentials, secret_type_filter from infection_monkey.exploit.zerologon import NetrServerPasswordSet, NetrServerPasswordSetResponse @@ -143,3 +144,4 @@ # Remove after #3077 http_island_api_client.get_otp +IOTPProvider From 6555273020c040e42b2468ea2ea4ebd91269a752 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 14 Mar 2023 18:02:54 +0530 Subject: [PATCH 3/5] Agent: Rename IOTPProvider to IAgentOTPProvider --- .../exploit/{i_otp_provider.py => i_agent_otp_provider.py} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename monkey/infection_monkey/exploit/{i_otp_provider.py => i_agent_otp_provider.py} (70%) diff --git a/monkey/infection_monkey/exploit/i_otp_provider.py b/monkey/infection_monkey/exploit/i_agent_otp_provider.py similarity index 70% rename from monkey/infection_monkey/exploit/i_otp_provider.py rename to monkey/infection_monkey/exploit/i_agent_otp_provider.py index bda60ec67eb..01d9a0128c4 100644 --- a/monkey/infection_monkey/exploit/i_otp_provider.py +++ b/monkey/infection_monkey/exploit/i_agent_otp_provider.py @@ -1,9 +1,9 @@ import abc -class IOTPProvider(metaclass=abc.ABCMeta): +class IAgentOTPProvider(metaclass=abc.ABCMeta): """ - IOTPProvider provides an interface for other components to get one-time passwords (OTPs). + IAgentOTPProvider provides an interface for other components to get one-time passwords (OTPs). Notably, this is used by exploiters during propagation to get OTPs for running new Agents on exploited machines, so that they can authenticate with the Island. """ From dfc94185e0748aa45f56c24ba72c585bb09a94b4 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 14 Mar 2023 18:03:12 +0530 Subject: [PATCH 4/5] Project: Update Vulture allowlist (IOTPProvider -> IAgentOTPProvider) --- vulture_allowlist.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vulture_allowlist.py b/vulture_allowlist.py index a5b600df755..f89cd9fa7f1 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -8,7 +8,7 @@ from common.base_models import InfectionMonkeyModelConfig, MutableInfectionMonkeyModelConfig from common.credentials import LMHash, NTHash, SecretEncodingConfig from common.types import Lock, NetworkPort, PluginName -from infection_monkey.exploit.i_otp_provider import IOTPProvider +from infection_monkey.exploit.i_otp_provider import IAgentOTPProvider from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory from infection_monkey.exploit.tools import generate_brute_force_credentials, secret_type_filter from infection_monkey.exploit.zerologon import NetrServerPasswordSet, NetrServerPasswordSetResponse @@ -144,4 +144,4 @@ # Remove after #3077 http_island_api_client.get_otp -IOTPProvider +IAgentOTPProvider From ce0f256b310c91b18f8b738eabf041c2a349e8a4 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Tue, 14 Mar 2023 18:03:51 +0530 Subject: [PATCH 5/5] Agent: Fix IAgentOTPProvider.get_otp()'s docstring's grammar --- monkey/infection_monkey/exploit/i_agent_otp_provider.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/monkey/infection_monkey/exploit/i_agent_otp_provider.py b/monkey/infection_monkey/exploit/i_agent_otp_provider.py index 01d9a0128c4..1a3a45f4075 100644 --- a/monkey/infection_monkey/exploit/i_agent_otp_provider.py +++ b/monkey/infection_monkey/exploit/i_agent_otp_provider.py @@ -11,7 +11,7 @@ class IAgentOTPProvider(metaclass=abc.ABCMeta): @abc.abstractmethod def get_otp(self) -> str: """ - Gets a one-time password (OTP) + Get a one-time password (OTP) :return: An OTP """