search

guardicore / monkey

Infection Monkey - An open-source adversary emulation platform
https://www.guardicore.com/infectionmonkey/
GNU General Public License v3.0
6.58k stars 767 forks source link

SSH key pair is treated as string in sshexploiter #896

Closed VakarisZ closed 1 year ago

VakarisZ commented 3 years ago

Describe the bug

SSH exploiter gets a string instead of keypair object in ssh exploiter somehow

2020-12-07 16:59:52,910 [1854:140715504974720:INFO] monkey.try_exploiting.336: Trying to exploit VictimHost('1.1.2.1') with exploiter SSHExploiter...
2020-12-07 16:59:52,912 [1854:140715504974720:ERROR] monkey.try_exploiting.355: Exception while attacking Victim Host 1.1.2.1: OS - [type-linux version-Ubuntu-4ubuntu0.3 ] Services - [tcp-22-{'display_name': 'SSH', 'port': 22, 'banner': 'SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3\r\n', 'name': 'ssh'} ] target monkey: None using SSHExploiter: string indices must be integers
Traceback (most recent call last):
 File "src/infection_monkey/monkey.py", line 340, in try_exploiting
 File "src/infection_monkey/exploit/HostExploiter.py", line 70, in exploit_host
 File "src/infection_monkey/exploit/sshexec.py", line 117, in _exploit_host
 File "src/infection_monkey/exploit/sshexec.py", line 48, in exploit_with_ssh_keys
TypeError: string indices must be integers
2020-12-07 16:59:52,912 [1854:140715504974720:DEBUG] base_telem.send.29: Sending exploit telemetry. Data: {"result": false, "machine": {"ip_addr": "1.1.2.1", "domain_name": "", "os": {"type": "linux", "version": "Ubuntu-4ubuntu0.3"}, "services": {"tcp-22": {"display_name": "SSH", "port": 22, "banner": "SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3\r\n", "name": "ssh"}}, "monkey_exe": null, "default_tunnel": "1.1.2.1:39891", "default_server": "1.1.2.1:5000"}, "exploiter": "SSHExploiter", "info": {"display_name": "SSH", "started": "2020-12-07T16:59:52.911087", "finished": "2020-12-07T16:59:52.912169", "vulnerable_urls": [], "vulnerable_ports": [], "executed_cmds": []}, "attempts": []}
2020-12-07 16:59:52,913 [1854:140715504974720:DEBUG] connectionpool._new_conn.943: Starting new HTTPS connection (1): 1.1.2.1:5000
2020-12-07 16:59:53,064 [1854:140715504974720:DEBUG] connectionpool._make_request.442: https://1.1.2.1:5000 "POST /api/telemetry HTTP/1.1" 200 816
2020-12-07 16:59:53,066 [1854:140715504974720:INFO] monkey.try_exploiting.333: Skipping exploiter WmiExploiter host:VictimHost('1.1.2.1'), os is not supported
2020-12-07 16:59:53,066 [1854:140715504974720:DEBUG] base_telem.send.29: Sending attack telemetry. Data: {"status": 1, "technique": "T1210", "machine": {"domain_name": "", "ip_addr": "1.1.2.1"}}

To Reproduce

TBD (probably steal SSH key)

Expected behavior

Shouldn't get errors.

Screenshots

If applicable, add screenshots to help explain your problem.

Machine version (please complete the following information):

mssalvatore commented 2 years ago

@VakarisZ have you seen this recently?