Skip to content

Commit

Permalink
Agent: Don't encrypt ransomware README.txt
Browse files Browse the repository at this point in the history
Fixes #1304
  • Loading branch information
mssalvatore committed Jul 19, 2021
1 parent 3912b85 commit 8879dae
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 0 deletions.
10 changes: 10 additions & 0 deletions monkey/infection_monkey/ransomware/file_selectors.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
from pathlib import Path
from typing import List, Set

from common.utils.file_utils import get_file_sha256_hash
from infection_monkey.ransomware.consts import README_FILE_NAME, README_SHA256_HASH
from infection_monkey.utils.dir_utils import (
file_extension_filter,
filter_files,
Expand All @@ -19,7 +21,15 @@ def __call__(self, target_dir: Path) -> List[Path]:
file_extension_filter(self._targeted_file_extensions),
is_not_shortcut_filter,
is_not_symlink_filter,
_is_not_ransomware_readme_filter,
]

all_files = get_all_regular_files_in_directory(target_dir)
return filter_files(all_files, file_filters)


def _is_not_ransomware_readme_filter(filepath: Path) -> bool:
if filepath.name != README_FILE_NAME:
return True

return get_file_sha256_hash(filepath) != README_SHA256_HASH
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import os
import shutil

import pytest
from tests.unit_tests.infection_monkey.ransomware.ransomware_target_files import (
Expand All @@ -12,6 +13,7 @@
from tests.utils import is_user_admin

from infection_monkey.ransomware.file_selectors import ProductionSafeTargetFileSelector
from infection_monkey.ransomware.ransomware_payload import README_SRC

TARGETED_FILE_EXTENSIONS = [".pdf", ".txt"]

Expand Down Expand Up @@ -53,3 +55,21 @@ def test_directories_not_selected(ransomware_test_data, file_selector):
selected_files = file_selector(ransomware_test_data)

assert (ransomware_test_data / SUBDIR / HELLO_TXT) not in selected_files


def test_ransomware_readme_not_selected(ransomware_target, file_selector):
readme_file = ransomware_target / "README.txt"
shutil.copyfile(README_SRC, readme_file)

selected_files = file_selector(ransomware_target)

assert readme_file not in selected_files


def test_pre_existing_readme_is_selected(ransomware_target, stable_file, file_selector):
readme_file = ransomware_target / "README.txt"
shutil.copyfile(stable_file, readme_file)

selected_files = file_selector(ransomware_target)

assert readme_file in selected_files

0 comments on commit 8879dae

Please sign in to comment.