diff --git a/monkey/infection_monkey/exploit/sambacry.py b/monkey/infection_monkey/exploit/sambacry.py index ec3f41a7a30..4e1d71fd972 100644 --- a/monkey/infection_monkey/exploit/sambacry.py +++ b/monkey/infection_monkey/exploit/sambacry.py @@ -20,7 +20,7 @@ from infection_monkey.model import DROPPER_ARG from infection_monkey.network.smbfinger import SMB_SERVICE from infection_monkey.exploit.tools.helpers import build_monkey_commandline, get_target_monkey_by_os, get_monkey_depth -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.pyinstaller_utils import get_binary_file_path from common.utils.attack_utils import ScanStatus from infection_monkey.telemetry.attack.t1105_telem import T1105Telem diff --git a/monkey/infection_monkey/exploit/sshexec.py b/monkey/infection_monkey/exploit/sshexec.py index 4a88c459302..a7e9571b562 100644 --- a/monkey/infection_monkey/exploit/sshexec.py +++ b/monkey/infection_monkey/exploit/sshexec.py @@ -7,10 +7,9 @@ import infection_monkey.monkeyfs as monkeyfs from infection_monkey.exploit import HostExploiter from infection_monkey.exploit.tools.helpers import get_target_monkey, get_monkey_depth, build_monkey_commandline -from infection_monkey.exploit.tools.helpers import get_interface_to_target from infection_monkey.model import MONKEY_ARG +from infection_monkey.network.tools import check_tcp_port, get_interface_to_target from infection_monkey.exploit.tools.exceptions import FailedExploitationError -from infection_monkey.network.tools import check_tcp_port from common.utils.exploit_enum import ExploitType from common.utils.attack_utils import ScanStatus from infection_monkey.telemetry.attack.t1105_telem import T1105Telem diff --git a/monkey/infection_monkey/exploit/tools/helpers.py b/monkey/infection_monkey/exploit/tools/helpers.py index 5e4b43b201f..1fc2fc4f180 100644 --- a/monkey/infection_monkey/exploit/tools/helpers.py +++ b/monkey/infection_monkey/exploit/tools/helpers.py @@ -1,52 +1,8 @@ import logging -import socket -import struct -import sys - -from infection_monkey.network.info import get_routes LOG = logging.getLogger(__name__) -def get_interface_to_target(dst): - """ - :param dst: destination IP address string without port. E.G. '192.168.1.1.' - :return: IP address string of an interface that can connect to the target. E.G. '192.168.1.4.' - """ - if sys.platform == "win32": - s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - try: - s.connect((dst, 1)) - ip_to_dst = s.getsockname()[0] - except KeyError: - LOG.debug("Couldn't get an interface to the target, presuming that target is localhost.") - ip_to_dst = '127.0.0.1' - finally: - s.close() - return ip_to_dst - else: - # based on scapy implementation - - def atol(x): - ip = socket.inet_aton(x) - return struct.unpack("!I", ip)[0] - - routes = get_routes() - dst = atol(dst) - paths = [] - for d, m, gw, i, a in routes: - aa = atol(a) - if aa == dst: - paths.append((0xffffffff, ("lo", a, "0.0.0.0"))) - if (dst & m) == (d & m): - paths.append((m, (i, a, gw))) - if not paths: - return None - paths.sort() - ret = paths[-1][1] - return ret[1] - - def try_get_target_monkey(host): src_path = get_target_monkey(host) if not src_path: diff --git a/monkey/infection_monkey/exploit/tools/http_tools.py b/monkey/infection_monkey/exploit/tools/http_tools.py index b31e67137f6..bfdeb68c803 100644 --- a/monkey/infection_monkey/exploit/tools/http_tools.py +++ b/monkey/infection_monkey/exploit/tools/http_tools.py @@ -6,11 +6,12 @@ import urllib.request from threading import Lock -from infection_monkey.exploit.tools.helpers import try_get_target_monkey, get_interface_to_target from infection_monkey.model import DOWNLOAD_TIMEOUT from infection_monkey.network.firewall import app as firewall from infection_monkey.network.info import get_free_tcp_port from infection_monkey.transport import HTTPServer, LockedHTTPServer +from infection_monkey.exploit.tools.helpers import try_get_target_monkey +from infection_monkey.network.tools import get_interface_to_target __author__ = 'itamar' diff --git a/monkey/infection_monkey/exploit/tools/smb_tools.py b/monkey/infection_monkey/exploit/tools/smb_tools.py index 2507cff6604..80d9c73f7b3 100644 --- a/monkey/infection_monkey/exploit/tools/smb_tools.py +++ b/monkey/infection_monkey/exploit/tools/smb_tools.py @@ -10,7 +10,7 @@ import infection_monkey.monkeyfs as monkeyfs from common.utils.attack_utils import ScanStatus from infection_monkey.telemetry.attack.t1105_telem import T1105Telem -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.config import Configuration __author__ = 'itamar' diff --git a/monkey/infection_monkey/exploit/weblogic.py b/monkey/infection_monkey/exploit/weblogic.py index daccb4cfb9a..08b6429428d 100644 --- a/monkey/infection_monkey/exploit/weblogic.py +++ b/monkey/infection_monkey/exploit/weblogic.py @@ -8,7 +8,7 @@ from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.exploit import HostExploiter -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.network.info import get_free_tcp_port from http.server import BaseHTTPRequestHandler, HTTPServer diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py index 18edfbe8238..23792881297 100644 --- a/monkey/infection_monkey/monkey.py +++ b/monkey/infection_monkey/monkey.py @@ -25,7 +25,7 @@ from infection_monkey.telemetry.tunnel_telem import TunnelTelem from infection_monkey.windows_upgrader import WindowsUpgrader from infection_monkey.post_breach.post_breach_handler import PostBreach -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target from infection_monkey.exploit.tools.exceptions import ExploitingVulnerableMachineError, FailedExploitationError from infection_monkey.telemetry.attack.t1106_telem import T1106Telem from common.utils.attack_utils import ScanStatus, UsageEnum diff --git a/monkey/infection_monkey/network/tools.py b/monkey/infection_monkey/network/tools.py index 0cac7b62737..0c8d0417b03 100644 --- a/monkey/infection_monkey/network/tools.py +++ b/monkey/infection_monkey/network/tools.py @@ -7,6 +7,7 @@ import time import re +from infection_monkey.network.info import get_routes from infection_monkey.pyinstaller_utils import get_binary_file_path from infection_monkey.utils.environment import is_64bit_python @@ -269,3 +270,42 @@ def _traceroute_linux(target_ip, ttl): lines = [x[1:-1] if x else None # Removes parenthesis for x in lines] return lines + + +def get_interface_to_target(dst): + """ + :param dst: destination IP address string without port. E.G. '192.168.1.1.' + :return: IP address string of an interface that can connect to the target. E.G. '192.168.1.4.' + """ + if sys.platform == "win32": + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + try: + s.connect((dst, 1)) + ip_to_dst = s.getsockname()[0] + except KeyError: + LOG.debug("Couldn't get an interface to the target, presuming that target is localhost.") + ip_to_dst = '127.0.0.1' + finally: + s.close() + return ip_to_dst + else: + # based on scapy implementation + + def atol(x): + ip = socket.inet_aton(x) + return struct.unpack("!I", ip)[0] + + routes = get_routes() + dst = atol(dst) + paths = [] + for d, m, gw, i, a in routes: + aa = atol(a) + if aa == dst: + paths.append((0xffffffff, ("lo", a, "0.0.0.0"))) + if (dst & m) == (d & m): + paths.append((m, (i, a, gw))) + if not paths: + return None + paths.sort() + ret = paths[-1][1] + return ret[1] \ No newline at end of file diff --git a/monkey/infection_monkey/post_breach/actions/users_custom_pba.py b/monkey/infection_monkey/post_breach/actions/users_custom_pba.py index 3438eccda53..7a024da3fef 100644 --- a/monkey/infection_monkey/post_breach/actions/users_custom_pba.py +++ b/monkey/infection_monkey/post_breach/actions/users_custom_pba.py @@ -9,7 +9,7 @@ from infection_monkey.utils.monkey_dir import get_monkey_dir_path from infection_monkey.telemetry.attack.t1105_telem import T1105Telem from common.utils.attack_utils import ScanStatus -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target LOG = logging.getLogger(__name__) diff --git a/monkey/infection_monkey/transport/http.py b/monkey/infection_monkey/transport/http.py index 7650cb22909..ae7a6934c30 100644 --- a/monkey/infection_monkey/transport/http.py +++ b/monkey/infection_monkey/transport/http.py @@ -9,7 +9,7 @@ import infection_monkey.monkeyfs as monkeyfs from infection_monkey.transport.base import TransportProxyBase, update_last_serve_time -from infection_monkey.exploit.tools.helpers import get_interface_to_target +from infection_monkey.network.tools import get_interface_to_target __author__ = 'hoffer' diff --git a/monkey/infection_monkey/tunnel.py b/monkey/infection_monkey/tunnel.py index f2124f9fc55..3544f46f352 100644 --- a/monkey/infection_monkey/tunnel.py +++ b/monkey/infection_monkey/tunnel.py @@ -7,9 +7,8 @@ from infection_monkey.model import VictimHost from infection_monkey.network.firewall import app as firewall from infection_monkey.network.info import local_ips, get_free_tcp_port -from infection_monkey.network.tools import check_tcp_port +from infection_monkey.network.tools import check_tcp_port, get_interface_to_target from infection_monkey.transport.base import get_last_serve_time -from infection_monkey.exploit.tools.helpers import get_interface_to_target __author__ = 'hoffer'