2019-08-28 23:21:14 +08:00
|
|
|
{
|
|
|
|
|
"basic": {
|
|
|
|
|
"credentials": {
|
|
|
|
|
"exploit_password_list": [
|
2020-07-30 20:48:17 +08:00
|
|
|
"root",
|
|
|
|
|
"123456",
|
2019-08-28 23:21:14 +08:00
|
|
|
"password",
|
2020-07-30 20:48:17 +08:00
|
|
|
"123456789",
|
|
|
|
|
"qwerty",
|
|
|
|
|
"111111",
|
|
|
|
|
"iloveyou"
|
2019-08-28 23:21:14 +08:00
|
|
|
],
|
|
|
|
|
"exploit_user_list": [
|
|
|
|
|
"Administrator",
|
|
|
|
|
"root",
|
|
|
|
|
"user"
|
|
|
|
|
]
|
|
|
|
|
},
|
2020-07-30 20:48:17 +08:00
|
|
|
"exploiters": {
|
|
|
|
|
"exploiter_classes": [
|
|
|
|
|
"HadoopExploiter"
|
|
|
|
|
]
|
2019-08-28 23:21:14 +08:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"basic_network": {
|
2020-07-30 20:48:17 +08:00
|
|
|
"network_analysis": {
|
|
|
|
|
"inaccessible_subnets": []
|
|
|
|
|
},
|
|
|
|
|
"scope": {
|
2019-08-28 23:21:14 +08:00
|
|
|
"blocked_ips": [],
|
|
|
|
|
"depth": 2,
|
|
|
|
|
"local_network_scan": false,
|
|
|
|
|
"subnet_scan_list": [
|
|
|
|
|
"10.2.2.3",
|
2019-10-11 22:08:15 +08:00
|
|
|
"10.2.2.2"
|
2019-08-28 23:21:14 +08:00
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"internal": {
|
|
|
|
|
"classes": {
|
|
|
|
|
"finger_classes": [
|
|
|
|
|
"SMBFinger",
|
|
|
|
|
"SSHFinger",
|
|
|
|
|
"PingScanner",
|
|
|
|
|
"HTTPFinger",
|
|
|
|
|
"MySQLFinger",
|
|
|
|
|
"MSSQLFinger",
|
|
|
|
|
"ElasticFinger"
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"dropper": {
|
|
|
|
|
"dropper_date_reference_path_linux": "/bin/sh",
|
|
|
|
|
"dropper_date_reference_path_windows": "%windir%\\system32\\kernel32.dll",
|
|
|
|
|
"dropper_set_date": true,
|
|
|
|
|
"dropper_target_path_linux": "/tmp/monkey",
|
|
|
|
|
"dropper_target_path_win_32": "C:\\Windows\\temp\\monkey32.exe",
|
|
|
|
|
"dropper_target_path_win_64": "C:\\Windows\\temp\\monkey64.exe",
|
|
|
|
|
"dropper_try_move_first": true
|
|
|
|
|
},
|
|
|
|
|
"exploits": {
|
|
|
|
|
"exploit_lm_hash_list": [],
|
2020-07-30 20:48:17 +08:00
|
|
|
"exploit_ntlm_hash_list": [],
|
2020-08-03 17:23:17 +08:00
|
|
|
"exploit_ssh_keys": [],
|
|
|
|
|
"general": {
|
|
|
|
|
"skip_exploit_if_file_exist": false
|
|
|
|
|
},
|
|
|
|
|
"ms08_067": {
|
|
|
|
|
"ms08_067_exploit_attempts": 5,
|
|
|
|
|
"user_to_add": "Monkey_IUSER_SUPPORT",
|
|
|
|
|
"remote_user_pass": "Password1!"
|
|
|
|
|
},
|
|
|
|
|
"sambacry": {
|
|
|
|
|
"sambacry_trigger_timeout": 5,
|
|
|
|
|
"sambacry_folder_paths_to_guess": [
|
|
|
|
|
"/",
|
|
|
|
|
"/mnt",
|
|
|
|
|
"/tmp",
|
|
|
|
|
"/storage",
|
|
|
|
|
"/export",
|
|
|
|
|
"/share",
|
|
|
|
|
"/shares",
|
|
|
|
|
"/home"
|
|
|
|
|
],
|
|
|
|
|
"sambacry_shares_not_to_check": [
|
|
|
|
|
"IPC$",
|
|
|
|
|
"print$"
|
|
|
|
|
]
|
|
|
|
|
}
|
2019-08-28 23:21:14 +08:00
|
|
|
},
|
|
|
|
|
"general": {
|
2020-07-30 20:48:17 +08:00
|
|
|
"keep_tunnel_open_time": 60,
|
2019-08-28 23:21:14 +08:00
|
|
|
"monkey_dir_name": "monkey_dir",
|
2020-07-30 20:48:17 +08:00
|
|
|
"singleton_mutex_name": "{2384ec59-0df8-4ab9-918c-843740924a28}",
|
|
|
|
|
"started_on_island": false
|
|
|
|
|
},
|
|
|
|
|
"island_server": {
|
|
|
|
|
"command_servers": [
|
|
|
|
|
"10.2.2.251:5000"
|
|
|
|
|
],
|
|
|
|
|
"current_server": "10.2.2.251:5000"
|
2019-08-28 23:21:14 +08:00
|
|
|
},
|
|
|
|
|
"kill_file": {
|
|
|
|
|
"kill_file_path_linux": "/var/run/monkey.not",
|
|
|
|
|
"kill_file_path_windows": "%windir%\\monkey.not"
|
|
|
|
|
},
|
|
|
|
|
"logging": {
|
|
|
|
|
"dropper_log_path_linux": "/tmp/user-1562",
|
|
|
|
|
"dropper_log_path_windows": "%temp%\\~df1562.tmp",
|
|
|
|
|
"monkey_log_path_linux": "/tmp/user-1563",
|
|
|
|
|
"monkey_log_path_windows": "%temp%\\~df1563.tmp",
|
|
|
|
|
"send_log_to_server": true
|
2020-07-30 20:48:17 +08:00
|
|
|
},
|
|
|
|
|
"monkey": {
|
|
|
|
|
"alive": true,
|
|
|
|
|
"internet_services": [
|
|
|
|
|
"monkey.guardicore.com",
|
|
|
|
|
"www.google.com"
|
|
|
|
|
],
|
|
|
|
|
"self_delete_in_cleanup": true,
|
|
|
|
|
"serialize_config": false,
|
|
|
|
|
"use_file_logging": true,
|
|
|
|
|
"victims_max_exploit": 100,
|
|
|
|
|
"victims_max_find": 100
|
|
|
|
|
},
|
2020-08-03 17:23:17 +08:00
|
|
|
"network": {
|
|
|
|
|
"tcp_scanner": {
|
|
|
|
|
"HTTP_PORTS": [
|
|
|
|
|
80,
|
|
|
|
|
8080,
|
|
|
|
|
443,
|
|
|
|
|
8008,
|
|
|
|
|
7001
|
|
|
|
|
],
|
|
|
|
|
"tcp_target_ports": [
|
|
|
|
|
22,
|
|
|
|
|
2222,
|
|
|
|
|
445,
|
|
|
|
|
135,
|
|
|
|
|
3389,
|
|
|
|
|
80,
|
|
|
|
|
8080,
|
|
|
|
|
443,
|
|
|
|
|
8008,
|
|
|
|
|
3306,
|
|
|
|
|
9200,
|
|
|
|
|
7001,
|
|
|
|
|
8088
|
|
|
|
|
],
|
|
|
|
|
"tcp_scan_interval": 0,
|
|
|
|
|
"tcp_scan_timeout": 3000,
|
|
|
|
|
"tcp_scan_get_banner": true
|
|
|
|
|
},
|
|
|
|
|
"ping_scanner": {
|
|
|
|
|
"ping_scan_timeout": 1000
|
|
|
|
|
}
|
|
|
|
|
},
|
2020-07-30 20:48:17 +08:00
|
|
|
"testing": {
|
|
|
|
|
"export_monkey_telems": false
|
2019-08-28 23:21:14 +08:00
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"monkey": {
|
2020-07-30 20:48:17 +08:00
|
|
|
"persistent_scanning": {
|
|
|
|
|
"max_iterations": 1,
|
|
|
|
|
"retry_failed_explotation": true,
|
|
|
|
|
"timeout_between_iterations": 100
|
|
|
|
|
},
|
|
|
|
|
"post_breach": {
|
2019-08-28 23:21:14 +08:00
|
|
|
"PBA_linux_filename": "",
|
|
|
|
|
"PBA_windows_filename": "",
|
|
|
|
|
"custom_PBA_linux_cmd": "",
|
|
|
|
|
"custom_PBA_windows_cmd": "",
|
2020-07-30 20:48:17 +08:00
|
|
|
"post_breach_actions": [
|
|
|
|
|
]
|
2019-08-28 23:21:14 +08:00
|
|
|
},
|
|
|
|
|
"system_info": {
|
2020-07-30 20:48:17 +08:00
|
|
|
"system_info_collector_classes": [
|
|
|
|
|
"EnvironmentCollector",
|
|
|
|
|
"AwsCollector",
|
|
|
|
|
"HostnameCollector",
|
|
|
|
|
"ProcessListCollector",
|
|
|
|
|
"MimikatzCollector",
|
|
|
|
|
"AzureCollector"
|
2019-08-28 23:21:14 +08:00
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-09-11 17:39:28 +08:00
|
|
|
}
|
