Merge branch '3557-kill-agent-child-processes' into develop

Issue #3557 PR #3587
guardicore · Aug 15, 2023 · 8c09ee2 · 8c09ee2
2 parents 682c6f4 + 5f4c311
commit 8c09ee2
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -26,6 +26,9 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
   UI. #3393
 - Hard-coded ransomware payload to a plugin. #3391
 
+### Fixed
+- Agent hanging if plugins do not shut down. #3557
+
 ### Removed
 - Island mode configuration. #3400
 

diff --git a/monkey/infection_monkey/main.py b/monkey/infection_monkey/main.py
@@ -18,6 +18,8 @@
 from pathlib import Path
 from typing import Sequence, Tuple, Union
 
+from psutil import Process
+
 # dummy import for pyinstaller
 # noinspection PyUnresolvedReferences
 from common.common_consts import AGENT_OTP_ENVIRONMENT_VARIABLE
@@ -179,6 +181,44 @@ def _run_agent(
         logger.exception(
             "Exception thrown from monkey's cleanup function: More info: {}".format(err)
         )
+    finally:
+        _kill_hung_child_processes(logger)
+
+
+def _kill_hung_child_processes(logger: logging.Logger):
+    for p in Process().children(recursive=True):
+        logger.debug(
+            "Found child process: "
+            f"pid={p.pid}, name={p.name()}, status={p.status()}, cmdline={p.cmdline()}"
+        )
+
+        if _process_is_resource_tracker(p):
+            # This process will clean itself up, but no other processes should be running at
+            # this time.
+            logger.debug(f"Ignoring resource_tracker process: {p.pid}")
+            continue
+
+        if _process_is_windows_self_removal(p):
+            logger.debug(f"Ignoring self removal process: {p.pid}")
+            continue
+
+        logger.warning(f"Killing hung child process: {p.pid}")
+        p.kill()
+
+
+def _process_is_resource_tracker(process: Process) -> bool:
+    for arg in process.cmdline():
+        if "multiprocessing.resource_tracker" in arg:
+            return True
+
+    return False
+
+
+def _process_is_windows_self_removal(process: Process) -> bool:
+    if process.name() in ["cmd.exe", "timeout.exe"]:
+        return True
+
+    return False
 
 
 if "__main__" == __name__:

diff --git a/monkey/infection_monkey/master/automated_master.py b/monkey/infection_monkey/master/automated_master.py
@@ -16,7 +16,7 @@
 
 CHECK_ISLAND_FOR_STOP_COMMAND_INTERVAL_SEC = 5
 CHECK_FOR_TERMINATE_INTERVAL_SEC = CHECK_ISLAND_FOR_STOP_COMMAND_INTERVAL_SEC / 5
-SHUTDOWN_TIMEOUT = 5
+SHUTDOWN_TIMEOUT = 60
 NUM_SCAN_THREADS = 16
 NUM_EXPLOIT_THREADS = 6