Modify ExploiterResultData #1728
Conversation
| import pwd | ||
|
|
||
| try: # can't import on Windows | ||
| import pwd |
There was a problem hiding this comment.
This is solved by Vakaris in parsing credential telemetry. Check this commit
There was a problem hiding this comment.
I'm going to leave this in since this'll most likely get merged before that.
There was a problem hiding this comment.
If we move this import to line 37, then we don't need to try/except the import, since _get_home_dirs() only runs if the check on line 24 passes.
| ( | ||
| exploitation_result, | ||
| propagation_result, | ||
| os, | ||
| info, | ||
| attempts, | ||
| error_message, | ||
| ) = self._puppet.exploit_host("PowerShellExploiter", "10.0.0.1", {}, None) |
There was a problem hiding this comment.
Instead of unpacking this, let's modify ExploitTelem to accept an ExploiterResultsData object.
|
We may have missed this in planning, but do we need any changes on the Island side to process the propagated and exploited booleans differently? |
I think we need to change it ( |
Let's do it here. These changes effectively change the interface between the Island and the Agent, so we need the Island to properly handle the new cases. |
| :param result: The result from the 'exploit_host' method | ||
| :param info: Information about the exploiter | ||
| :param attempts: Information about the exploiter's attempts | ||
| :param result: Data about the exploitation attempt (success status, info, attempts, etc) |
There was a problem hiding this comment.
We're using the word "attempt" in this comment to mean two different things.
What does this PR do?
Fixes a part of #1605.
PR Checklist
Is the TravisCI build passing?Was the CHANGELOG.md updated to reflect the changes?Was the documentation framework updated to reflect the changes?Testing Checklist
Added relevant unit tests?Have you successfully tested your changes locally? Elaborate:If applicable, add screenshots or log transcripts of the feature working