diff --git a/monkey/monkey_island/cc/services/config.py b/monkey/monkey_island/cc/services/config.py index 2e587444c..a0af1632c 100644 --- a/monkey/monkey_island/cc/services/config.py +++ b/monkey/monkey_island/cc/services/config.py @@ -475,6 +475,9 @@ class ConfigService: formatted_propagation_config["targets"] = ConfigService._format_targets_from_flat_config( config ) + formatted_propagation_config[ + "exploiters" + ] = ConfigService._format_exploiters_from_flat_config(config) config["propagation"] = formatted_propagation_config @@ -567,3 +570,33 @@ class ConfigService: config.pop(flat_subnet_scan_list_field, None) return formatted_scan_targets_config + + @staticmethod + def _format_exploiters_from_flat_config(config: Dict): + flat_config_exploiter_classes_field = "exploiter_classes" + brute_force_category = "brute_force" + vulnerability_category = "vulnerability" + brute_force_exploiters = { + "MSSQLExploiter", + "PowerShellExploiter", + "SSHExploiter", + "SmbExploiter", + "WmiExploiter", + } + + formatted_exploiters_config = {"brute_force": [], "vulnerability": []} + + for exploiter in sorted(config[flat_config_exploiter_classes_field]): + category = ( + brute_force_category + if exploiter in brute_force_exploiters + else vulnerability_category + ) + + formatted_exploiters_config[category].append( + {"name": exploiter, "propagator": (exploiter != "ZerologonExploiter")} + ) + + config.pop(flat_config_exploiter_classes_field, None) + + return formatted_exploiters_config diff --git a/monkey/tests/data_for_tests/monkey_configs/flat_config.json b/monkey/tests/data_for_tests/monkey_configs/flat_config.json index 977bed817..2840cbbb5 100644 --- a/monkey/tests/data_for_tests/monkey_configs/flat_config.json +++ b/monkey/tests/data_for_tests/monkey_configs/flat_config.json @@ -55,6 +55,7 @@ "ShellShockExploiter", "ElasticGroovyExploiter", "Struts2Exploiter", + "ZerologonExploiter", "WebLogicExploiter", "HadoopExploiter", "MSSQLExploiter", diff --git a/monkey/tests/unit_tests/monkey_island/cc/services/test_config.py b/monkey/tests/unit_tests/monkey_island/cc/services/test_config.py index c5e8226ea..09939b2ed 100644 --- a/monkey/tests/unit_tests/monkey_island/cc/services/test_config.py +++ b/monkey/tests/unit_tests/monkey_island/cc/services/test_config.py @@ -101,8 +101,9 @@ def test_format_config_for_agent__propagation(flat_monkey_config): ConfigService.format_flat_config_for_agent(flat_monkey_config) assert "propagation" in flat_monkey_config - assert "network_scan" in flat_monkey_config["propagation"] assert "targets" in flat_monkey_config["propagation"] + assert "network_scan" in flat_monkey_config["propagation"] + assert "exploiters" in flat_monkey_config["propagation"] def test_format_config_for_agent__propagation_targets(flat_monkey_config): @@ -163,3 +164,31 @@ def test_format_config_for_agent__network_scan(flat_monkey_config): assert "tcp_target_ports" not in flat_monkey_config assert "ping_scan_timeout" not in flat_monkey_config assert "finger_classes" not in flat_monkey_config + + +def test_format_config_for_agent__exploiters(flat_monkey_config): + expected_exploiters_config = { + "brute_force": [ + {"name": "MSSQLExploiter", "propagator": True}, + {"name": "PowerShellExploiter", "propagator": True}, + {"name": "SSHExploiter", "propagator": True}, + {"name": "SmbExploiter", "propagator": True}, + {"name": "WmiExploiter", "propagator": True}, + ], + "vulnerability": [ + {"name": "DrupalExploiter", "propagator": True}, + {"name": "ElasticGroovyExploiter", "propagator": True}, + {"name": "HadoopExploiter", "propagator": True}, + {"name": "ShellShockExploiter", "propagator": True}, + {"name": "Struts2Exploiter", "propagator": True}, + {"name": "WebLogicExploiter", "propagator": True}, + {"name": "ZerologonExploiter", "propagator": False}, + ], + } + ConfigService.format_flat_config_for_agent(flat_monkey_config) + + assert "propagation" in flat_monkey_config + assert "exploiters" in flat_monkey_config["propagation"] + + assert flat_monkey_config["propagation"]["exploiters"] == expected_exploiters_config + assert "exploiter_classes" not in flat_monkey_config