Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

1675 remove 32 bit from ssh #1751

Merged
merged 4 commits into from
Feb 28, 2022
Merged

1675 remove 32 bit from ssh #1751

merged 4 commits into from
Feb 28, 2022

Conversation

mssalvatore
Copy link
Collaborator

What does this PR do?

Removes 32-bit logic from SSHExploiter
Fixes bug in monkey download/propagation
Removes PingScanner from BB config templates

Issue #1675.

PR Checklist

  • Have you added an explanation of what your changes do and why you'd like to include them?
  • Is the TravisCI build passing?
  • Was the CHANGELOG.md updated to reflect the changes?
  • Was the documentation framework updated to reflect the changes?

Testing Checklist

  • Added relevant unit tests?
  • Have you successfully tested your changes locally? Elaborate:

    Tested by running SSH blackbox test

  • If applicable, add screenshots or log transcripts of the feature working

@mssalvatore
Agent: Remove attempt to get architecture from target in ssh exploiter
7269bf5 
Since Infection Monkey only supports the x86_64 architecture,there's
little use in collecting the architecture from the destination.
@mssalvatore
Agent: Change agent permissions to 700 in SSH exploiter
20bdc4c 
Changing the permissions to 777 introduces a security risk into the
target host. A malicious attacker with local access can potentially
modify the binary, resulting in code execution and privilege escalation
when the attacking agent launches the agent on the victim.

Issue #1750
@mssalvatore
Agent: Remove agent download optimization from get_target_monkey()
a8f6cad 
This optimization was not functioning properly. This will be refactored
and optimized in the near future, so it's not worth the effort to debug
this at the present time.
@mssalvatore
BB: Remove 'PingScanner' from fingerprinters in config templates
3eb4ca9
ilija-lazoroski
ilija-lazoroski approved these changes Feb 28, 2022
View reviewed changes
Copy link
Contributor

@ilija-lazoroski ilija-lazoroski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a small comment for _make agent_executable . Other then that it looks good!

monkey/infection_monkey/exploit/sshexec.py
@@ -233,3 +214,13 @@ def _exploit_host(self) -> ExploiterResultData:

logger.error(self.exploit_result.error_message)
return self.exploit_result

def _make_agent_executable(self, ftp: paramiko.sftp_client.SFTPClient):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lets leave a comment that this can be a part of HostExploiter as we go further.

@mssalvatore mssalvatore merged commit c075fed into 1675-remove-32-bit-agents Feb 28, 2022
@mssalvatore mssalvatore deleted the 1675-remove-32-bit-from-ssh branch March 1, 2022 19:00
@mssalvatore mssalvatore mentioned this pull request Mar 1, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ilija-lazoroski ilija-lazoroski ilija-lazoroski approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mssalvatore @ilija-lazoroski